ads

yes, by sliding it out of my laptop

however if someone came to my door I'd never know, basement master race

nope

Thermite

Hypothetically speaking, what authority would he be demanding my computer under?

>>22614675
This

I have four HDDs, along with one sitting around in a box already. I'd hand him that one.

Now mine. If OP was a faggot, would he still post?

If he didn't kick down your door then you don't have to talk to him.

put my hard drive in the microwave

>>22614629
looking official isn't enough for most people to hand out their personal belongings.
Assuming he really is from the police, destroying or hiding my 18 HDDs would be rather hard to do in less than a minute.

>>22614675
Lets say Fed for sake of argument.

>>22614737
Gonna need to see a warrant, chief.

>>22614711
Would that really work? I mean i know it would certainly destroy alot of the information... but wouldn't there still be some? I suppose recovering that information would be extremely difficult but it is possible isn't it?

If it was in the next couple minutes, I'd hand him my harddrive from my dead PS3. I use a laptop, so if I took the housing off it'd look passable. If its in a couple months, I'd just hand him the computer. My garage is right next to my entrance way, separated by only a tiny bit of drywall and insulation at one part. Im going to make an electromagnet there, just in case. The second the HDD leaves the house it will be erased, along with the bastard's phone.

If he has a warrant to search my computer he will have a hell of a time doing it when my HDD bay is full of bullet holes from my AR-15.

>>22614779
Yes it is possible.
>>22614792
>Magnets
real pro here, hu?

>>22614779

not at all. the platters would be completely intact and you'd be charged with attempting to destroy evidence

The beauty of a RAID 0 is that I only need to destroy/remove 1 drive to prevent him from doing shit.

I don't have anything criminally illegal on my computer

>>22614792
Lol, that's a good idea, but the magnet has to be fairly powerful to corrupt drive from a distance.

>>22614831
Yes dude. Fuckin' magnets. How do they work?

Cool story sis, where's your search warrant? Oh don't have one? Get the fuck out. Kthanks.

>>22614779
Unless you stole some highly classified information or attempted to assassinate some politician, nobody is going to bother recovering such data, for it's both lengthy and expensive process. If they're at your door, they probably have enough evidence.

Not really... but I'd be going to jail either way.

>>22614919
Ya, its probably not going to work, if I ever get around to it. Probably would need two or more on each side. Also, would have to be in a pulse, with some massive capacitors, like they use for coil guns. So some remote activation and seriously good timing would be needed.

>>22614863
I am a computer forensics/security major, and I can tell you you're wrong. Unless you put your HDD into a vat of acid to rapidly degrade it, the data can be recovered.

So far... we have magnets, the microwave, and the old switcharoo, oh not to mention thermite which is a great idea but a little hard to come by since they stopped selling it at walmart.

>>22614942

it's a always one of two options: very very easy or impossible

a microwaved hdd is very very easy

>>22614975
Now imagine if the dude that takes your computer with him has a pacemaker.

>>22614629
> demands my computer
> computer

Sure, hol' on. Don't mind if I do.

[spoiler] A computer =/= a laptop [/spoiler]

a movie pirate wouldnt have this fear of the FEDs coming to take their hard drive.

OP confirmed pedophile

I think DBAN is the quickest method. Look it up

>there's a knock on my door
>look through peephole
>oh shit oh shit it's a cop or something fuck
>run to hit the panic button to start dban and thermite
>open door
>realise he's just some lame community police/security faggot and not a real cop, he doesn't even have a gun
>he asks "Hi, are you David?"
>"No"
>I'm really not David and I don't know anyone named David
>Show him my ID as proof
>"Oh ok, well you have a nice day sir"
>He leaves
>That feel when all of my data was lost for nothing

>>22615028
Apparently you've been living under a rock for the past month.

>>22615016
He's probably not a fed anyway. Probably some criminal or templar or something.

Now imagine if the guy who came to the door was augmented.

>>22615031
>DBAN
>quick
WAT

>Get rid of all evidence

>Get arrested anyway
>go to court because police state
>"He's a pedophile!"
>"How do we know he's a pedophile?"
>"We have no proof that he ISN'T a pedophile!"
>"You're right, we better put him in prison just in case."
>Works every time.

I do have a truecrypt file, but there's nothing illegal on it. Just some various porns and TOR.

That said. I have an old CRT with no degaussing coil in my computer room. I would break open its thin plastic side, rip off the flyback cable and ground it to the hard drive through me. It would hurt like hell but 10,000 volts will take care of that hard drive all right.

>unplug drives (don't take them out)
>leave only C:\ connected
>bet on their laziness

*hands over iPad*
*Feds laugh and hand it back*
*Get out of jail free card*

>>22614648

What do you mean? How would that prevent them from reading the data?

How bout this for an idea:

Electromagnets around the HDD's (assuming PC) connected to the panic button.

Don't know what for a lap top.. Don't keep illegal shit on it?

>>22615129
I think you die at 1800 volts. If I remember correctly, the AED we used at the ski hill only used 200-300 volts per shock, and that left burn marks on the chests of some of the people.

>>22615129
>I do have a truecrypt file, but there's nothing illegal on it. Just some various porns and TOR.
There's been multiple cases of people in court where their Truecrypt files couldn't be cracked, and they were set free. I think your greentext is simply false due to my knowledge of court cases.

>>22615087
I said the quickEST method, never said it is actually a quick method.
It takes about 2 hours to dban a 60 gig hd so yeah it takes some time indeed.

>>22615187

In the UK, you can be sent to prison for not giving them the password. In the States, it's slowly becoming the same.

I have a bunch of liquid nitrogen in tiny cans, for removing moles and warts and such. Spray harddrive, throw against wall, hope it shatters.

>>22615129
Jesus Christ, i suppose that is one way to do it, but i kinda don't like getting shocked, my friend had me pull one of those fake gum shocking toys, think i went into a panic attack, opened eyes on floor a minute later.

>>22615184

Voltage leaves burns, but its the current that kills you by screwing up your heart's rhythm.

One of my teachers made a joke about why it was called a flyback transformer because he was working on a crt, touched it, and proceeded to, what else, fly back.

You only need .1 amp to kill something though.

>>22615207
but tossing a hammer on it is safer (still not safe at all though) and around 5000 times faster.

yeah, that hard drive filled with thermite holes and surrounded by electromagnets totally won't look suspicious at all rite guys?
You'll get at least 5 years for evidence tampering alone.

>>22615237
Meh, I'm sure that'll be the standard here soon.

Good thing that most people don't seem to realize - Truecrypt has a plausible deniability method implemented into it to prevent this.

There is the ability to make "hidden partitions" with truecrypt, so if the cops asked for the password, and not giving it to them was against the law, you could give them the password to a fake partition that would contain nothing but predefined fake files which would not land you in more trouble, and they would not be able to tell if there was a different partition (which would contain your encrypted information)

All of this can be found on the Truecrypt website. I suggest you thoroughly read every single page if you use Truecrypt.

>>22614629
questionable material goes on another HDD, everyone knows this.

>everything on a truecrypt volume
>run infront of bus
>survive
>claim amnesia
moving on

>>22615285
No one can guarantee that your hd will be 'purged' if you smash it with a hammer for a minute. I don't think it'll be enough.
btw, dban isn't the solution to op's question either.

>>22615281
Oh ya, its amps. Im pretty sure 10 thousand volts would leave you pretty charred, though. The wall outlets where I live are 125V, 15A, and back when I was in elementary school, the power company would send a guy over to tell us about what that power could do. All these horrifying pictures of babies who chewed on cables... shudder.

>>22615345

It's genius.

>>22614990
I'm gonna call B.S. i don't see how information can be recovered from a shattered and burned HDD, it would first have to be reassembled piece by piece, if it can't spin up... it can't be read.

>>22614629
if they didnt have a valid search warrant, I would shut the door in their face, and walk away. If they did, you cannot walk back into your house, so, your fucked.

>>22615345
>run infront of bus

you dont even have to do this, just say "i forgot" and there is nothing they can do about it. They cant force you to do something you cannot do.

>>22615363

Its certainly not something I would want to do for funsies but if its prison or toasted hands, I take toasted hands.

That said, since there's nothing illegal on my computer (excluding about 450 gigs of anime), I would just let them see my computer since trying to blow up a hard drive would be pretty suspicious.

>>22615345
Or better yet, leave clues all over the city eventually leading to the password [spoiler]to the wrong partition[/spoiler]

>>22615417
Use Google to find cases of information being recovered from "destroyed" HDDs. It's everywhere if you do and look at the court cases.

>>22615304
no, because they cannot prove there was anything there, you would get nothing, because it occured before the search warrant was executed, thus, it per-cludes the warrant, and is legal. If you see them thru a peep hole, and do it, too bad for them, its legal.

>some whatever hard drive forensics guy claiming otherwise
>some people pretending you couldn't

look faggots, in case you want to find out we can ask for people who have already had to wake up by the feds at night, they're called fucking hackers, and they manage to do it plenty of times, they've burned their warez

so deal with it

>>22615457
Also, in the demonstration from the electrical company, he touched a knife to a plate of metal with 125V going through it. The sparks shot four meters into the air. Hanging onto that would probably blow your hands off.

>>22615457
>That said, since there's nothing illegal on my computer (excluding about 450 gigs of anime), I would just let them see my computer since trying to blow up a hard drive would be pretty suspicious.

What is the point of having rights if you dont exercise them? Never do this, never for a second give your rights up, even if you have nothing to hide. You must respect your own rights, and they will too. You understand that they are doing a job, and they understand that you are exercising your rights, and they will not look down on you for doing so.

>>22615502
>>some whatever hard drive forensics guy claiming otherwise
I'm this guy, and my side can be easily defended if you would only take the time to use Google. I will not do your own forensics homework for you. I was done doing my research in college.

>>22615174
Perhaps by making it so that the drive isn't connected to anything

Anyway, I just wouldn't give it to them. Liberty or death and all that jazz.

I think thermite would be a reasonable option for quick drive destruction.

>>22615525
>they will not look down on you for doing so
They might not look down on you, but they will send you to jail if they can. And being looked down on is the least of your worries in jail.

Keep all your stuff on a SSD. Buy a penny sized rare earth magnet from some science/hobby shop and run that over it a few times.

>>22615559
In jail, no one can hear you scream.

>>22615535
not the retard who doesnt believe this, but I can tell you, that they have hardware that can recover data from smashed HDD platters(they simply put them in it, and it spins it at slow speeds, but the data is about 90% accurate, since the cracks become faulty, the rest can be read). Same with broken CDs. Even single pass overwrites can be recovered from, and are, every day. Actually, you wont find any of that listed in the case files, since the US law enforcement agencies have it redacted to keep their methods secret so that they are not circumvented, but having worked with the police on data recovery, I can tell you that it happens all the time.

i would just rip it out of the case and put it in the room next door.

the law here just allows them to search my room. not my mums lololo

>>22615502
I ummm... i don't understand. It is like your speaking in a cryptic ghetto english. Where you only attended 2 years of English in school instead of the 12 the curriculum required. Is this what truecrypt is?

>>22615035
lol start dban and thermite

>>22615559
if you have nothing to hide, and they search you, and then they find nothing, there is nothing they can send you to jail with. What is the point of having rights of you dont use them? what was the point of the bill of rights, if you are just going to let someone trample on your rights at the first sign of authority? If you have nothing to hide, they will find that out very soon, and then you will get your stuff back with a "were sorry, please dont sue", and life will go on. at least you know that you did not compromise your rights.

>>22615184
no, you can take a million volts, its the amperage that kills you. 1/8th of an amp is all it takes to stop your heart.

>not having all your files on a handful of microSD cards

I can fit ~50 movies (avi) on 1 32gb. if cops come, they are going into hydrochloric acid that I have in the garage for the pool

isn't there a program you can install where upon boot, if you don't enter the correct password within 30 seconds it wipes the drive? that would work.

WHY DO YOU ALL IMAGINE THE FEDS WILL WAIT AROUND WHILE YOU DESTROY EVIDENCE GOD DAMNIT /G/ YOU DO THIS EVERY TIME.

You will not be given the opportunity to destroy or disconnect anything, truecrypt is the only way to keep them from your data.

>>22615722
Hard drive nukers usually take a bit if they're actually good.

>>22615722
Imagine turning on your computer, getting diarrhea, and having to run to the bathroom. All that data gone. For shits and giggles.

>>22615722

>Countdown from 30
>Pullout power cable.

Crisis adverted.

They will force the password out of you. It would be useless. Tough it could work against theft, tough if there is an organization after you, they can still kidnap and torture you.

Plausible deniability is the only way against non-torture methods.

>>22615756
This.

It's KNOCK KNOCK OPEN UP WE HAVE A WARRANT!!

2 seconds later the door busts down!

Cops run in!!!

You get on the floor because if you don't you'll be thrown hard on the floor with a knee digging into your back!

Next thing you know you're being walked out to the cop car, and you see the computer forensics nerds walking into your house, and your beloved declawed indoor cats are running out the door... Never to be seen again.

Take it from someone who's been through it.

>>22615756
if they have a no-knock warrant, you have no time, but most of the time, for CP and stuff like that, they will not get a no-knock warrant, and thus, they must wait at the door while you quietly destroy your stuff, and since they have not served the warrant till you answer the door(under technicalities), you are in the clear. Also, they do a RAM dump, and then unplug your computer to "preserve" evidence. This usually destroys any chance they have of getting into a true-crypted, or generally encrypted volume. Their own ways to preserve evidence destroys more than it preserves.

>>22615813
elaborate please?

>>22615813
>Knock knock we have a warrant!
>Automatic rifle.
>Kill them all.
>Destroy data at leisure.
>Retire to Cuba.

>>22615813
Story time?

>>22615813
>>22615813
they only get a no knock warrant, or authorization to kick down a door, when they suspect there will be armed, or potentially armed people there. NEVER have I seen a CP warrant get a "no-knock status" or "door kick" status.

>Door breaks down
>You are busy fending off fucking attack dogs and men with guns

Yeah I can work in a few minutes of evidence destruction inthere

>>22615861
I have a tripwire with explosives placed right after crossing the door, good luck with that.

>Having computer near front door.
>Not having a "kick bar" in place

>>22615861
set up cameras so that you see outside your lair, so that when they are on the approach, you know already. Also, again, no-knock warrants generally will not be given out for CP searches unless they have a very good reason to believe someone there will be armed.

>>22615760
give him the whole machine. when he gets where he is going and plugs it in the magic begins.

piracy and lolicon are both legal in my country so fuck that, check all you want officer.

>>22615903
I have 2 kickbars on my door, with a metal door, and a metal frame that is tied into the buildings concrete structure. Its not gonna open for anyone any time soon, but still, as I said before, they generally dont get kick status, and no knock status for CP warrants, and its usually 2 to 3 officers, at most. They just do a RAM dump, and unplug it. I work with police on data recovery, and bitch about the dump and plug policy, because it destroys more evidence than it saves. it unmounts encrypted volumes, and if they leave it on, I can see and copy whats in it if its mounted, but NOOOOOOOOOOO, we have to unplug. every god damn time.

>keep all CP on work computer
>6 passwords to log in
>3 before it even posts

oh IBM.

>>22615903
'Kick bar'?

>>22615932
They dont ever plug the machine into power while its kept as evidence. They take the HDDs out, and put them in a special thing that is READ only. standards of the evidence are very strict, in that even if 1 bit is written to the drive, its considered compromised. They put it in a read only device, make a copy, and then play with the copy, only powering on the original to make more copies, but never altering it in any ways.

>>22615967
how do they perform the ram dump?

>Not having 10' sata cables and hiding HDD's in the wall

>>22616008
This, and what is a kick bar and where can I get one.

ITT: Internet tough guys, in reality none of you would do anything. You'd say 'ok here u go sorry for taking so long officer' then you'd blow him

>>22616025
This

>>22616025
i lol'd

>>22615973
also called a door security bar, basically a bar that prevents the door from being opened while its there. Think old castle doors and those huge wood boards they used to prevent them from opening, but smaller. They are effective, but only when you are home, since you cannot put them in when you leave.

>>22616028
Its this angled bar that you pro up against the door handle
As far as I know anyways, have not seen one since I was 12

>>22616061
>not leaving it on all the time
>not leaving your house through the chimney

feels good to be santa

>>22616079
>be jolly saint nick
>having doors

>>22616061
Cool, I think I'll get one the way the world is going.

>>22616079
I lol'd.

>>22614629
Massive fucking electromagnet - don't you have one, OP?

i am pretty sure i read that in europe they started using some usb-dongles which simulate mouse movements to keep the computer "active" (i.e. not suspend),
and a portable power supply.

they can get your pc at the station without even the screensaver kicking in

1) Create VM
2) Encrypt VM
3) Engage in activities of questionable legality in VM
4) If someone comes to confiscate your shit, delete VM (takes what, 5 seconds?)
5) If they try to recover deleted data from the HDD it shouldn't be able to pick up the deleted VM, should just show up as random data since it was encrypted. And since you were doing everything in the VM you don't have to worry about any traces of illegal activity (thumbnail files, for example) being on your main OS
6) Profit

>>22616138
That makes no sense, you have to unplug it from the wall or whatever in order to put it to the portable Power Supply...

>>22616008
a MS provided software if the computer is running windows(basically the same thing that happens during a crash, but its a little auto-exe on a flash drive that they have).

If its linux, any version, there is a command for it, and if they cant get to it in time, so be it.

If its OSx, same deal as Microsoft, Apple has provided the police a tool to dump the active RAM with, and it only takes about a minute for the dump to be complete(it dumps it to the flashdrive that has the program on it, same as windows, so that the computers HDD is not "tampered with". Dont know the name of the OSx one, but the MS one I think is called I386kd.exe(if thats wrong, sue me, I dont actually see the programs at work, I only get to deal with their mess after we get it.

I the only one with underground shelter in back yard that No one knows about? search my house kind sir. anyway ttyl making tinfoil hat for dog.

>>22616161
How do you encrypt a VM? I have tried but couldn't into it. Do you just mean make a TC container and place the VM files in there?

slam door, lock door, open hot swap bays, bury HDDs in garden, cats will defend property.

>>22615424
>>22615525
>>22615629
>>22615756

>>22616172
Untrue with the right tools and know-how

Nope, but I have nothing to hide, so who cares.

They can go through all my furry porn if they want to...

>>22616189

I suppose you could do it like that. Or just install TrueCrypt on the VM and use full disk encryption to encrypt the entire partition from within the VM.

>>22616182
> and if they cant get to it in time, so be it.
what does it mean?

>>22616061
there are bars that you can put in when not there. you need a key from outside to open them

>>22616200
3/4 were me, not the 4th. you fail hard.

>>22616231
if you shut it off on them before they come in, the RAM will clear itself in a matter of minutes, thats why the do the RAM dump if its on, and then unplug it, because RAM is volitile, it needs to be dumped before it gets "forgotten".

>tc container

>not entire partition

>>22614629
have hd encrypted
when knocks, turn off computer (power cable)
30 sec later, hd can not be recovered without key
>they can force you to give key
have hidden volumes or
live in a constitutional state

>have a custom massive PSU in a fulltower
>Hid an SSD inside

>>22615805
>They will force the password out of you

can't be done, at least not here in the States, that would violate the 5th amendment. it would be like handing the keys to your safe to the cops, or telling them the combination. protip: cops are allowed to try to enter the safe using their own means, but they can NEVER force you to give up the password w/o knowing whats inside

inb4 news article about the guy having to give up his password after agents saw the CP on his drive and then he locked it

Is a RAM dump fast? if I didn't care would snapping the ram in half do the trick?

>>22616265
i know about the ram.

i didn't understand that sentence.
was it like

"if they get to it in time, they do the dump, else (e.g. the pc is off) they can't?"

because that's what i think

>>22616182

How's the computer forensics business?

>>22616279
>put hard drive inside electromagnet

>>22616234
I will have to look into that. I live in a shitty neighborhood, and even tho I do computer forensics for the local and sometimes state PD, it does not pay very well, and they hate to hear: The files that you were looking for did not exist on that system". In layman terms: you were wrong, nothing was there. This usually results in me looking for something else, somewhere else, and those investigators that are computer illiterate, yea, they cant understand that if its not there, its not there, and they would have me look endlessly if I didnt stop them with a call to their supervisor.

>>22616290
I got so many hd's and secret stashes in my apartment I'd be able to take out hd's with illegal content and hide them before they could even get in... then I'd just hand over a perfectly legal hd.

I mainly torrent to external drivers.. I just got them plugged in when I use them, otherwise they're hidden in a secret cut-out hatch in the bottom of one of my wardrobes.

Feels good to live in a shit country, where no one cares what i do on the internet, and no one knows of cp or gives a fuck about warez or pirating.

also only solution is sd cards or flash cards, and a reader, store them somewhere safe, they are easily hidden, easily destroyed.

i also doubt any of you fags has enough cp to fill a hard drive.

and leet hackers use live cds and usb sticks, and unplug the pc when the cops show up.

>Hide a server in the wall somewhere
>Boot off of server via wifi for horrible CP and scat fetish images

>>22616228
I tried that however TC threw up an error.
Using VMware player 8

>>22614629
Magnets

>>22616309
for 8GB system, with 50% active, it usually takes only a few minutes. and during that time, the computer gets "suspended" like the way that the user generated crash dumps cause. that way, nothing works, nothing runs, but only the RAM gets dumped, and then right away after, they unplug it. Look up how to cause a user caused crash dump. Same methodology.

>>22616315
the pay is shit for what work I do. Long hours in a dusty basement office(yea, not kidding, thats all they had available for me), and lots of computer illiterate cops to deal with. Im looking for another job, but very few come with benefits, sick pay, PTO, shit like that, so the pickings are slim when you have a wife to support.

>Raspberry pi is released
>entire new realms of CP storage/handling solutions is opened

>>22615895

I lol'd.

>>22616356

Works for me in VirtualBox FWIW

>>22616336
>helping the po po gather evidence on your bros

No.

When they come.. how good do they search? I store pirated movies on an external disk... I got a book with pages cut out to fit my disk, I put it there when I'm away from home and I got it open when I'm at home for easy access.. I mean, what are the odds that they'll find it?

>>22616447
>implying he just doesn't put up CP stuff and say "i found them" when there is nothing on the HDD and/or truecrypt

>>22616344
they would search the place for anything suspicious like that(have seen places like that myself on site, found a server in a wall, just like you said). If they find anything weird on a warrant, they just have me come and look, and I am looking for that kind of stuff. When a warrant is executed, you are usually cuffed and escorted from the property, and then not let back on for 48 hours while they complete the search. If they feel that the walls need to come down, they can, and will pull them down, and there is nothing you can do about it. If they have wifi, they look at the logs to see what devices are connected, and then link every device MAC to a physical device, and if there are more that are on the list that are not in their hands, then they will not let you back inside until they find them, you can explain their lack of a presence, and where they can go to find it.

>>22616356
ubuntu alternate installer can do full disk encryption natively.

>>22614629
Nice try feds.

ANYWAY. Why would I need to destroy them if they are encrypted? You don't have to give up encryption keys, because that can be self-incrimination (at least in Murrika).

>>22616466
>hide hd in a book
>instead of using encryption

>>22616466

If you think the police give a shit about pirated movies (unless your name is Kim Dotcom)... lol. They don't arrest people for shit like that, copyright infringement isn't even a criminal matter in most situations.

>>22615722

The very first thing the cops do is clone your drive and then seal it in a bag.

>>22616508
And you can't prove it just because someone has a file on a disk. If you buy a CD you from then on have the legal right to own a digital version of the song.

>>22616508
so let's say there was something else there.. would they search EVERYTHING?.. I mean like my freezer, behind/under my refrigerator, in my kitchen fan, inside the vacuum cleaner etc...

>>22616317
>SSD

You may wish to go to KidzWorld to learn a little more about technology before coming here.

I'd tell him to come in and sit down before going to my laptop and swiping it with a magnet.

and when i give it to him i'll just say:

>lol i duno it broke yesterday

>>22616533
>i don't have any dead bodies im just curious on where they would search so i know where to hide my "cds"

>>22616533
in my country (not murrika)
if they come with a warrant which says

"seize computer"

and i promptly give them the computer, they have to be content and leave.

no matter my refrigerator is a 64core server

I could not and would not if I could. Instead, I’d ask them for a warrant and, upon and assuming their failure to procure one, kindly to fuck off before I call the police.

>>22616447
paying work is better than no pay at all. I think my wife is preggers too, so, can you really blame me for trying to support my family. Also, 9 times out of 10, there is no evidence on the computer, and they try and scare you with "logs" that would not stand up in court.

>>22616466
They look for wires and cables, and stuff like that that looks out of place. They open books because we have had suspects hide CDs and stuff thats think within its pages, so that does not work. They try to correlate every device that your computers logs say were connected, with some physical device, and those that are not present need to be explained or accounted for. This usually happens withing the first 24 hours, while the warrant is still valid(did you know: most warrants expire 24 hours after they are served, meaning that unless they get an extension, they can only keep you out of your property for 24 hours, and once thats up, anything left needs to be left, unless you "consent" to them taking it. never consent to anything, just my tip).

>>22616533

Depends on the scope of the search warrant I guess. I'd imagine generally a warrant would cover any open places in a house (i.e. not drawers and stuff like that, but anything left out in the open would be fair game) unless they had reason to suspect you're stashing a bunch of stuff in a closet or whatever and had the warrant include that as well. But I'm not a lawyer or cop or whatever so I don't really know.

>>22616483
I would imagine laptops and people saying "it was a friends" is a headache.

Someone having a non passworded network and calming everything wasn't mine also

I saw a guy on Law and Order or something who had super powered electro magnets implanted into his door frame. When the cops carried his stuff out it got destroyed when they passed through. I want to get one of those installed.

>>22616575

I’ll take “Ways to get yourself indicted for tampering with evidence” for $400, Alex.

>>22616573

> search warrant
> can't open drawers

Sounds useful.

>>22616546

You would need a hell of a magnet for that to actually do anything.

>>22615479
Would you care to provide an example of data being recovered from a DBAN'd HDD?

>>22616599

Not like obstruction of justice is a serious crime or anything.

>>22616575

>>22616575
That's a pretty good thought, if it wasn't also illegal and would probably cause some health problems.

http://www.who.int/peh-emf/about/WhatisEMF/en/index1.html

>>22616599
Less of two evils if you are really hiding something

>>22616531
no, as a computer forensic recovery agent(my exact title), they dump the RAM, and then shut it off. we make the clones at the office.

>>22616532
we dont give two shits about pirated material unless thats what we are investigating. civil and criminal matters are separated.

>>22616573
the warrants are usually pretty thorough about where they can search, since the warrants need to state the time, place, room, stuff they are looking for, and potentially related stuff. If they feel that you are concealing something in the walls, the walls will come down(seen it).

>>22616574
it is, but we can reasonably prove whose it is by what outside IP address it was using, what wireless and wired networks it was using most of the time, and fingerprints on the keyboard(yes, we do do that, quite often), and rest of the laptop. If you say its a friends, we can tell if you are lying or not by the fingerprints on and around the laptop or CD/external media. if it truly was a friends, your fingerprints would be few and far between compared to your "friends" prints. It does happen, thus, you know how we deal with it.

>>22616638
Probably in the long term, yeah, but I'm sure it wouldn't be hard to hook it up to an easy-access switch and just flip it on when the cops knock or when you expect them or whatever

>>22616638
Do you have any idea how strong a magnet should be to wipe an hdd?, or if the data is corrupted with one swipe?, or even how much power and wiring it'd take to make such a strong magnet that can wipe an hdd while it's still in the case a meter away?

>>22616575
in the real world, when a warrant is executed, this could happen, but chances are that they would see something is up when their phones quit working on the way in and go all fucked up, and thus, they would call me with a working phone(at least in my PD).

>>22616674
Do you actually have the legal right to force someone to give up encryption keys? Or is it something that people are not compelled to give up?

>>22616674
given the ram dump,

if there was a TC partition/container mounted, can you get to the key?

>Connect to computer across the street via a homemade IR laser connection and only send/receive visual information about the screen and mouse movement

Super reasonable precautions

>>22616674
how much do you get out of the memory dump? cause theoretically you could extract the key to a TC volume if it was mounted at the time of dump.

>>22616702
no, as of now, we cannot force them to, not even their password to windows. Honestly, im all for rights, and I hope that retard judge in whereever the fuck he is gets whats coming for saying someone needs to decrypt the drive. I dont think they have any legal right to do so.

>>22616704
If its in the ram dump, its possible that we could find it. Given that RAM dumps are messy, uncoordinated amounts of raw data, chances are pretty slim unless its all stored in 1 series. Have you ever seen a ram dumps raw data. its called random access for a reason, and its not pretty. Its usually to save things like images, and short term stuff that is stored in series, or sequence, that can be recovered. otherwise, its a lot of garbled data.

>>22616704
>>22616768
answer please

>2012
>not using truecrypt hidden operating system stacked Twofish, AES & Serpent encryption; Gentoo installed as the decoy OS with an unencrypted Dynamic ext3 filesystem
>not using chicken voodoo Gutmann 35 passes CCleaner
>not owning a large magnet

>>22615184
>>22615281
>>22615645

Goddammit /g/
V=I*Z
The impedance of your body is pretty close to constant therefore MORE VOLTAGE = MORE CURRENT.

>>22616768
see
>>22616779
Dont get me wrong, its possible, but the chances are pretty slim unless we just get lucky. Do a RAM dump yourself, and try and read the raw data. its a freaking nightmare.

This is an excellent thread.

10/10

>>22616796
Pfffffft

Ohms "law" was invented my the liberal media

>>22616740

> first door-frame magnets, and then hidden IR links

Fuck yeah I loved Cryptonomicon.

Inb4 caps lock light and tempest, although I guess those aren't relevant to stored data.

>>22616779
what program do you use to visualize/save images and stuff from ram? it'd be kinda awesome to have.

>>22616674
on the laptop ting,
isn't it pretty easy to spoof mac addresses nowadays?
Can you prove if they were using a spoofed mac?

>>22616804

I am/would be surprised that the NT kernel at least is not designed in such a way that law enforcement can’t re-create memory allocation information from a halfway decent RAM dump.

>>22616740
they would see the IR reciever connected to your computer, and then get a verbal warrant from the judge that signed the original warrant to search the property that has the reciever. Seen this with cases where a neighbor downloaded CP on a wifi that wasnt his, and then they figured out where the computer was with some distance related wifi sniffing.

>>22616804

How do you do the RAM dump? Is it a custom PCI card or something?

I FUCKING GOT IT /g/

Install a D14 and Claim you put a bomb in the computer just in case of this

Bomb squad will take care of the evidence for you

>>22614629
>could you purge your hard drive in less than a minute? and how?

12 ga. 00 buckshot.
One, maybe two shots at most.

>>22616874
Fucking
Genious.

>>22616847
Thats that a problem solved my hiding the equipment. I can think of a few solutions off my head.

>>22616847
so.... hacking neighbours' wifi isn't a plausible deniability?

i mean.... won't they smash my neighbour's door instead of mine?

>>22616874

The fuck is a D14?

>>22616920
Im glad you asked

>>22616840
>isn't it pretty easy to spoof mac addresses nowadays?
yes
>Can you prove if they were using a spoofed mac?
yes, we can, with reasonable accuracy, prove that someone was using a spoofed MAC.

>>22616846
you can, but its not as clean as you think. If its not re-created on the computer that the dump came from, it gets messy. Like I said, its called random access for a reason, and to another computer, especially with ASLR, it sometimes ends up looking like garbage, and usually isnt used for anything.

>>22616833
I dont remember, nor do I care. I can look when I go back to work in a week(took some paid vacation). I really quit paying attetion to that after about a week, because I am too busy to notice what program it is. Also, I am under an NDA not to say, but I can sure has hell say so here, because this thread will die and be purged long before they can execute a warrant on a server somewhere in another country or state.

>>22616933

Wouldn't you get charged with terrorism or someshit? How would the bomb squad destroy the evidence whilst they try to disarm the alleged bomb?

>>22616955
I don't think you quite understand what the bomb squad does.

>>22616969

Not really, unfortunately. Care to elaborate?

>>22616969
Water cannons?

>>22616910
Police have seen it all, and learned to follow the wires and signals.
>>22616911
it is, only to a certain point. They would kick in your neighbors door, and then see that its not your neighbors computer, and then try and sniff out where the offending device is. my advice, IF you do that, and see your neighbors door get a knock, grab your stuff and get out. if its not on site when the warrant was executed, they cannot search or seize it without your consent.

>>22616910

The only solution that doesn't involve an easily-traced wire running from your computer is to hide it in your walls and connect it wirelessly.

If you use custom software on your router and disable logging they won't get it that way, but they could still bring a spectrum scanner and see that it was transmitting.

Your best bet would be to have it listen for a specific signal and then shut off its radio permanently.

>>22616977
Pretty sure when there is a "bomb" they put explosives on it and blow it up themselves in a controlled explosion before it goes off.

>>22616940
by this I don't mean can you prove that it is a spoofed mac, but rather, can you prove that a particular machine was using a spoofed mac?

Also important to remember is that if he/she has nothing terribly illegal to hide from the authorities, your neighbor will probably be more than willing to comply with their polite request to take a look at their computer and possibly figure out why they’ve been having so many problems with it lately.

>>22616984
thanks.

btw, i am not on my neighbours' wifi, i just live in $shitty_non_US_country,

so i am quite relaxed

>>22617012
yes, we can.

>>22616940
>yes, we can, with reasonable accuracy, prove that someone was using a spoofed MAC.
Why, would you, write with so many, so many, commas?

The server that could potentially get me in trouble has its rootfs on an SD card. I can send it down the garbage disposal and ruin it forever in the time it takes me to walk back to the door and ask to see a warrant.

If they have a warrant, can they feel you up? Because you would just store sensitive stuff on an external tiny encrypted plausible deniable harddrive and put it in your underpants and leave the house and let them search the place.

>>22617043
Please just for speculation I am interested in HOW?

>>22617048
because, I can, and I want to? problem?

>>22617048

Because that, my dear Watson, is how the English language works.

>>22617091
just eat that microsd already

>>22617128
then pass data

>>22617059
that has happened before, nothing we could do about it.
>>22617091
search warrants for a property usually include the right to search the people that are found on site for evidence.

>>22617099
there are logs of that kept, by windows, inadvertently. Also, if we seize a computer, you are usually not going to have time to change the MAC address before you get knocked to the ground and hit with a tazer for tampering with evidence.

>>22616871

I'm still curious how you take the memory dumps.

>>22616992
Back to the IR idea

the only ideas I can think of involve me being a electrical engineer. I think the police have all the consumer product related ideas figured out
Im liking this bomb squad idea, Seem the most likely but 50% at best of working unless you really dressed something up as a bomb

>>22617128
if we felt that you ate something, so some officer saw you do that, your stomach would get pumped within 10 minutes, or less, depending on how long it takes to get your ass to a hospital ER. You would also get hit with a "attempting to destroy evidence" charge, because you ate it. its also not smart, because it will give you bad gas and the shits for about a week.

>>22617163
>windows

do really people involved with illegal activities, use that OS?

i mean, really?

>>22617196
if the microsd is by then unreadable, i am content

>>22617204

Of course. In fact, I’d wager that the majority of those who get *caught* in such illegal acts are Windows users.

I understand that they CAN find anything but how does a search work? cops bust in and start packing up computers? if nothing makes them suspect anything is hidden how hard to they look?

>>22617196
Wouldn't someone that was that paranoid about it eat it before they open the door?

There's nothing you can do right? He destroyed the evidence before the warrant was carried out.

/g/ - paranoid people

>>22617171
its a built in dump tool that exists in every version of windows, but you can separate it, and then run it on a flash drive that makes the dump come to the flash drive. I dont usually go on site for the initial warrant, and only if they have some weird situation, otherwise, thats all done on site by an officer. Its a MS dump tool, and since linux has the command for it built in, they know that, and Apple provides a dump too that works with nearly every version of OSx and MacOS to date.

>>22617163
Oh good, I feel safer now, the answer is no you can't, in my case you were assuming too much!

>>22617230
this is the best thread on /g/ in months

>>22617235
yes but, i assume the linux command requires root privileges.

they can't force me the passwd

And what if you just put a hole in your shoes so you can fit SD-cards in it and stuff the entrance so it's hard to see? Maybe stitch a tiny pocket underneath a button on your jean, they won't feel the SD. Or do they really search the clothes you are wearing that well?
Because, I'm fine with deleting my data, but I would rather keep it.

I actually have a setup for this exact situation.
>The gray thing in the picture is like a giant steel bowl, think of a thick safe layed on it's back.
>Found this in a skip one day.
>Have it sitting beside computer.
>Always get asked what's it for.
>It's to contain the thermite as to not burn my house down.

What would actually happen.
>Cops bust in.
>I'm upstairs.
>Enough time to put HDD in the steel bowl.
>Thermite in.
>Baggie lit.
>HDD melted.

It be quite suspect in court having burned your HDD's, but it's reputation for me.
I have ALOT of CP, and if my family found out it would kill me.
I'd rather have burnt HDD and a reputation.
Shit's bad bro, because I know the will come one day.

>>22617276
>they can't force me the passwd
>don't be so trusting of your law enforcement agency, it's not uncommon to stray somewhat from the "law"

>>22617276
Without drive encryption, it's pretty simple to gain root access from a live distro or some such.

Worst Idea on TV I ever say was a guy made a punji pit next to the door he bared. just inside the window

did nothing and he got charged with attempted murder

>>22617349
>live-cd

to reboot into a live-cd, ram gets altered and TC unmounted

>>22617248
Seriously?, a "how to hide my cp" thread?, you don't come here often, do you?

>>22614629
Panic button that triggers a thermite charge above your hdd. Only way to secure complete destruction within a couple seconds.

Ill just run furmark on my tri SLI fermi's

No survivors

>>22617229
if we dont see you do it, we have no suspicion to believe you did. Just keep your mouth shut, and you will be fine(just be polite and ask for your lawyer, no need to be rude or obnoxious).

>>22617204
90% of the worlds computers run windows, so, its statistics. I have only seen 1 linux machine in 3 years of doing this. OSx is more common than linux

>>22617216
you would get 5 years for evidence tampering and destruction if we saw it, and recovered all or part of the sdcard. most first time offenders on CP only get a slap on the wrists, and sometimes dont even have to register as a sex offender, and only very rarely do prison time(only if they created content).

>>22617228
well, they usually have you caught downloading something from them, in all or in part(honeypots are legal, as long as the files are fake, they can infer that if you were trying to download something with the obvious name that clearly made it CP, that you were downloading something else too, which this will get them a search warrant). The other way is that they see your IP listed as a peer that has a file they know is CP(hash checking negates any name change), and they download its hash. that will also get them a warrant. These alone would not stand in court, so they rely on people actually having stuff on their computers to get a conviction or bargain. Also, we get driven pretty hard to find stuff. We start with the obvious(looking for hidden pictures and files), then we look for pictures hidden within pictures, then we look for hidden volumes on the disk(pretty easy to ID after a few tries), and then we try to see whats in that hidden volume. If its encrypted, we will know what software did it, by way of what software was run historically(portable versions leave many traces), and what was installed. Data recovery also is quite common. Even with 1 pass overwrites, we can still get some stuff back.

>>22617432
One more question, TrueCrypt how safe is it?

>>22617276
no, it doesnt. Try looking it up.

>>22617349
>>22617375
we cannot tamper with evidence in this manner. If we cant do it on site, so be it(the RAM dump). We unplug the computer, and bring it to the "lab"(really just a room in a basement, filled with wall to wall computers, and an HDD copy station that only reads the drive you are copying). We make a copy of the drive, and play with the copy. Any alterations to the original drive are considered tampering with evidence, and can(and have) get the evidence gained tossed out as inadmissible. We go to very great lengths to ensure that the HDDs are not written, ever, and they are kept in cold dry storage(read: freezer) to sustain them(the originals) for a much longer period.

>>22617432
nice, so using gnu+linux gives me 90% more chanches to "puzzle" the police

also, i don't live in a common law country, so i'll read about fines for evidence tampering vs CP

finally
>If its encrypted, we will know what software did it, by way of what software was run historically(portable versions leave many traces), and what was installed.

this is useless. even if you recognize there's an hidden partition, and even if you recognize it is encripted with TC (by portable version you mean TC running off a usbkey?), you STILL don't have access (key) to it.

btw, not sure if you are spreading misinformation on purpose, or really helpful

>>22617512

http://www.theregister.co.uk/2010/06/28/brazil_banker_crypto_lock_out/

I hope >>22617432 isn't the same guy as >>22616572
since
>Even with 1 pass overwrites, we can still get some stuff back.
makes it clear this person is lying out of his teeth.

>>22617590
What I got from that was
>failed 18 months of brute force attacks
Jesus Christ

>>22617512
I have gotten lucky with a couple of truecrypt volumes that we didnt have a passkey for, but those passphrases were really short(6 characters, can be bruteforced in about 3 weeks, which is what it took for one, and the other was a 5 character, which we got lucky early). I have yet to see any of my 2 co-workers or I get into an encrypted volume that was protected by a passphrase longer than 7 or 8 characters. we can infer that 7 could be gotten in about 6 weeks, but, again, if you are smart, you force their hand and request a "speedy" trial, which most CP lawyers do, and thus, time is really limited, so, we usually wont have the time to bruteforce it if its longer than 6. also, as an FYI: most CP cases run their course from warrant to charges filed with evidence in about 4 weeks, and then from there, they can take a lot longer, but we usually only have 3 or 4 weeks to come up with the evidence they are looking for to charge them with the crime they are looking for.

My usual password is alternating numbers and letters and its 11 characters long.
So am I immune to modern password cracking technology?

>>22617653
>mfw even my gmail password is 23 charachters

>>22617697

My long-ass password is 40+ letters long, and isn't immediately available or memorable. The FBI's not going to crack that anytime soon.

http://www.wolframalpha.com/input/?i=password+strength

This provides some nice estimations.

>>22617629
older and smaller drives are not as accurate on their heads, and if you read a sector 50 times, you can infer what was written there by the off track write. Its not 100% of the time, its more like 20% of the time, but you can recover stuff, and we have, from 1 pass overwrites.

>>22617579
>this is useless. even if you recognize there's an hidden partition, and even if you recognize it is encripted with TC (by portable version you mean TC running off a usbkey?), you STILL don't have access (key) to it.

no, it does not give us access, but we can ASK you about it, and we can prove its there. Most people give up the passwords and keys right away when asked. Thats the reason for finding it to see if its there.

>>22617645
if its long, it takes an exponentially longer time to break. 1-5, and even 6 character long passwords dont take that long, if you are getting 1000 hits per minute, but once you get longer than that, it becomes nearly impossible, except for that 1 lucky strike every once in a great while.

>Putting illegal shit on an internal HDD and not an external SSD.
>Not taking said SSD and putting it into your garbage disposal.
ISHYGDDT

>>22617653
>>22617653
this is my actual password:

0R^47<o:R-n1

how fucked am i?

>>22617792

Very fucked, since you just posted it online. Grats.

>>22617748

Just to clarify, I meant 40+ characters, not just letters. Herp.

>>22617748
>weak password

>estimated: 1.97 x 10^23 years @ 100.000 try per second

what the fuck.

>>22617850
see
>>22617759
if its longer than 5 or 6 characters, probably not a snowballs chance in hell that we are getting into it, unless you give it to us.

>>22617792
this whole thread is a sting op to associate passwords and crypto techniques with ip:s. pic related.

>>22617897
too bad you took them off tumblr instead of the source (xkcd.com)

btw, my long-ass password is based on that, rather than on pseudo-random charachters

>very weak
>32 years

i can live with that, besides, who the fuck would want to crack it?

>>22617870
sadly, police equipment cant get 100000 tries per second, we have been able to, at most, get about 2500 per minute. budgets are a bitch, and they think we can do our jobs on machines way the fuck older than what we seize. Also, as a side note, we do end up with lots of siezed hardware, that is usually just destroyed, because its cheaper than trying to auction it off, and the offending HDDs must be destroyed. thank police for higher prices. sometimes I hate my job, and seeing them throw out a few 580s just about made me cry, and before you ask, no I cannot go dumpster diving, because a truck comes by every day to haul that shit away.

>>22616061
Or, you could just move to Europe where door can't be kicked in.

>>22617936

The popo will probably be able to brute force faster as technology advances. Best to make your keys long, man.

>>22617962
see
>>22617962
Higher ups feel that we are sufficiently able to work on outdated computers, and because of budgets, that will always be so, at least in america.

>>22617962
you clearly never studied complexity, or P != NP problems

>>22617957

Tell that to the house opposite me in Nottingham, which just had the door kicked in before several burly (and some armed) police officers entered.

>>22618000
meant to say

>>22617962
see
>>22617956
wow, that was a fuck up. I think I need some sleep.

to the agent:

so, do you know a 99% safe way to do stuff and get away with it?

like a 5 points guide

What would be an example of a good password cracking computer?

>>22617235
Are there any security flaws in OSX's Filevault? What security/encryption measures can I take with an OS like this?

>>22618077

Supercomputers, obviously. But as the sekr3t agent has stated, the local police probably doesn't have access to thsoe.

>>22618077
6 ATI's on crossfire

serious.

>>22618091

See this:
http://en.wikipedia.org/wiki/FileVault

I wouldn't trust Apple to keep your data safe.

>>22618112
>7 580's
Im told this what someone might use for password recovery

>>22618131
i was thinking of that actual picture when i wrote
>>22618112

>>22618091
there is an apple made back door. comeon, its apple we are talking about here. As much as apple would publicly claim it does not exist, they have given us tools that can get into them without the password. its not really encrypted, its just locked.

>>22618077
my computer at work as a core2duo and a GT210, its all the budget would provide for me. maybe the FBI labs have better stuff, but budgets can shit on anyones parade.

>>22618148
here is the speccy
the tripfag named "Dems" owns it I think

most pirated stuff is on external drives.
i could just unplug them and throw them out of my window (7th floor) onto the roof of a very small building behind my house, close the window, open the door and give them my computer. i doubt they'd find the drives, or even try to read the remains of them, because that's expensive.

>>22618199
I think the data might actually survive in that situation...

>>22618199
they usually have people outside the building looking for that kind of stuff, and YES, they would try and read the remains, we have tools for that. we bought them once, and we can use them over and over, thus, their cost goes down the more we use them.

>>22618194
He has a custom trip, his name is "Dem" I think followed by the trip !580GTXsomething

>>22618224
He's not questioning if i'd survive, he's saying it's out of sight.
They can't see it.
They might miss it.

>>22618259
they would see it, im pretty positive about it. we have had people do that kind of stuff before, and it was really obvious. Also, just because you write it to the external drive, does not mean that its not written to the internal drives first, and then moved over.

If this was TV you would get a gun and and a very dark office with glass walls

quick question, but can files on an external hd be identified as pirated? i mean if you change all of the suspicious looking file names.

>>22615237
That feel when losing Fifth Amendment

So about this ram dump business:
1) does a password-locked screensaver provide any obstacle to obtaining a ram dump?
2) if the computer has full disc encryption, how often is a RAM dump able to successfully provide the decryption key?
3) is there anything that can be done (other than turning off the computer...) to thwart a ram dump?
4) have you ever heard of anyone doing a successful cold boot attack (turn off the computer, physically plug in the RAM sticks to a specialized device to record their contents)?

Wondering if I should turn off my computer when I leave the house.

>>22618355

>find keygen
>high chance that everything else is pirated
>it should be fairly obvious

>>22615237
you're supposed to make it a hidden volume, am i right?

>>22618423

Flush the RAM. Y u no common sensing?

>>22618480
Out of curiosity, how does one "flush" the RAM? I mean besides unplugging it (I assume that RAM, being volatile, will lose all traces of data when powered off).

But there's nothing on my computer that I have to hide.

>1) does a password-locked screensaver provide any obstacle to obtaining a ram dump?
no, the program simulates a crash, and dumps the RAM to the flashdrive that it ran from

>2) if the computer has full disc encryption, how often is a RAM dump able to successfully provide the decryption key?
about 1/5 times. Its not every time, but it has and does happen.

>3) is there anything that can be done (other than turning off the computer...) to thwart a ram dump?

not really. the RAM dump simulates a crash of windows, so, it kind of ignores everything.

>4) have you ever heard of anyone doing a successful cold boot attack (turn off the computer, physically plug in the RAM sticks to a specialized device to record their contents)?

no, not sucessfully. There are devices that we could get to do that, but a RAM dump is easier. even with full disk encryption, if its running when we get there, we can make a copy on site, while we have access(if im there to start), otherwise, idiot police officers just follow the protocol and unplug it. makes me rage every time.

>>22618512
30 sec to 3min AFTER power off

>>22618424

what if they are all movie files, such as .avi?

>>22618355
>>22618457
As I said before: if we are there on criminal matters, we dont give two shits about pirated stuff. Its a civil matter, and its not on our agenda, and thus, we dont care, or even look.

>>22618424
we can easily find hidden volumes

>movies, music, TV shows, etc.
``I ripped them from legitimate CDs and DVDs."

>pirated software
``I bought a CD/DVD at a garage sale that supposedly sold the legitimate software. How could I know that I was scammed?"

Just disable all USB access/auto-mounting while computer is locked and you're safe.

>>22618512
you just need wait, as >>22618545 says. it usually takes less than 2 to 3 minutes before its all gone.

>>22618580
again, we dont care about civil matters when we are there on criminal matters. if we are looking for CP, we are NOT going to look for anything else, nor care about what else is on there.
>>22618585
easier said than done, especially to most people that we catch. The smart ones take months to catch, the dumb ones get caught really fast.

>>22618634
Are you a copper?

>>22618576
How do you go about finding a hidden volume? Truecrypts page touts it as being rather hard because it just looks like random data.

http://www.truecrypt.org/hiddenvolume
>Even when the outer volume is mounted, it should be impossible to prove whether there is a hidden volume within it or not*, because free space on any TrueCrypt volume is always filled with random data when the volume is created** and no part of the (dismounted) hidden volume can be distinguished from random data. Note that TrueCrypt does not modify the file system (information about free space, etc.) within the outer volume in any way.

>>22618673
no, my actual title is " computer forensics specialist", but i do work for the police, and various law enforcement agencies.

>>22618544
So the moral of the story is "turn off your computer when you are not around"?

>>22618678
it does not look like random data when there is a big chunk of data that is organised and when there is space that is marked as "unwritten" by windows, that "hidden volume" shows up as written. its pretty easy to spot, try it yourself if you dont believe me. after doing it a few times, it really easy to see where they are.

>>22618742
pretty much.

>>22618718

That'd be an interesting job.

Do you save porn for private use?

>>22618761
Well. Better get an SSD for my next build...

>>22618777
no, I am not allowed to bring any electronic devices into or out of the lab. I have to leave my phone in my office, and work in another room. This is to preserve evidence, and chain of custody. Im sure I could get away with it, but im not risking my job over it. Also, I have very little need for porn, as I am married.

>>22618778
umm, that makes it easier for us to recover stuff, except overwritten stuff(because of the way SSDs work, overwrites or true deletes on an SSD are unrecoverable).

itruecrypt installation directory is a micro SD
have giant true crypt volume
call it random.txt
have a phd in stochastic mathematics
store 100's of .pdf files about stochastic maths outside the volume
deny that it's a truecrypt volume in the first place. but rather a study on fractal operations within stochastic maths
micro SD up the pooper before they seize your stuff

>>22618777
its not interesting, its boring as fuck. look at hundreds of pictures all day long, and videos too, and then get bitched at because thats not what they were looking for, and then have to go back and look at the same shit again because some people just dont understand how computers work. no, it does have its interesting points(when I have to testify), but otherwise, i treat it just as a job, and its usually boring as fuck. Cant do anything but watch when recovery tools are running on the HDD copy, because we are not allowed to bring anything in to preserve the court worthiness of the evidence, so many of my days I end up sitting for an hour at a time doing nothing but staring at a screen.

http://chanarchive.org/4chan/g/34921

I like digging through hard drives, doing data recovery - and I'm obviously pretty content doing nothing but looking at random bullshit pictures all day, I think I'd enjoy it, personally.

>>22618848
no my point was that if I am going to use full disc encryption and turn my computer off when I am not around, I should get a SSD so the boot time is faster.

Why are SSDs easier to recover from than HDDs?

>>22618917
also, no internet access in the "lab", and the lab is a Faraday cage, so that no wifi gets down there, and its an electronically secure room, with a freezer built into it. I can only work on 1 case at a time. The chain of custody is a bitch.

>>22618917
What's the most fucked-up thing you've found on a computer?

>>22618983
SSDs don't overwrite until they're fully written once.

>>22618915
>have a phd in stochastic mathematics

that'd just about do it

>>22618983
think sequential writes. even if its full disk encryption, at worst, you wouldnt get your stuff back. Also, remember, that if you dont ask, they will not give. There has been many a time that we never filed charges on cases(im kept up to date on if I am going to have to testify or not), but the people never asked for their stuff back, and thus, we never gave it. we would see its full disk encryption, and you would probably not get it back, on the grounds that you would destroy evidence as soon as you got it back. Just because we are pressing charges now does not me we cant in 1 year. Most states have no statute of limitations after the search warrant has been served. I know the 2 states that I work for dont.

>>22618999
a picture series of some guy(turned out to be their step dad, found out at trial) taken in the self Point of view, of him torturing his 2 step daughters and their friends(4 girls in all, sexually and non-sexually). it was disgusting, and it made me really sad. He killed their mother, and kept them locked in a basement, and would make their friends come because he would threaten to kill the two step daughters(sitting in the trial). This went on for about 3 years(according to my findings, because he had at least 3 years worth of pictures). its disgusting that people can do that. the shit I see kind of makes me lose faith in humanity.

>>22619163
the most disturbing part was that he got one of his stepdaughters pregnant, and then recorded a video of him doing a coat hanger abortion. You wanna see something that breaks your heart and soul, that will. I have been desensitised, but that just about had me crying. The step dad will never get out of jails or institutions.

well, forensics guy is off to get some dinner. later.

>>22619163
>>22619239
POST PICS OR IT DIDN'T HAPPEN

>>22619239

I've kind of wanted to get into data recovery because it seems an interesting job; thanks for crushing that dream what the actual fuck.

>>22619163
oh come now, you're on 4chan. you know better than to have faith in humanity.

>>22619077
Fine, the pigs can keep my shit. Better than going to the slammer for some cached thumbnails from /b/ because they want to throw the books at me.

>>22619266

Thanks for informing the paranoid section of how data forensics works.

>>22619400

Disable disk cache and let it only cache to RAM.