GigglyFox

GigglyFox Anti Forensics

recommendations

This is a page of recommendations I make, I have no vested interest in any of the companies, software or hardware I recommend

This is a page of recommendations I make, I have no vested interest in any of the companies, software or hardware I recommend

Encryption software

I did a lot of research about encryption and I came to the conclusion that Germany was one of the countries I felt happiest with using for encryption software, I choose Germany because there are no laws or legislation surrounding encryption and backdoors etc., this may change in the future as Germany seems to be swinging towards anti encryption.

Germany

General right to encryption

No known legislation or policies.

Mandatory minimum or maximum encryption strength

No known legislation or policies.

Licensing/registration requirements

No known legislation or policies.

Import/export controls

No known legislation or policies.

Obligations on providers to assist authorities

The Ordinance on the Technical and Organisational Implementation of Telecommunications Surveillance Measures obliges telecommunications service providers to be able to surveil communications. Section 8, paragraph 3, provides that it the service provider uses technical measures to protect telecommunications, or “cooperates in the production or exchange of keys”, it must ensure that it is able to decode any telecommunications that are ultimately surveilled. This does not, however, require telecommunication service providers to decrypt any encryption which is used by other parties, such as their users.

A copy of the Ordinance (in German) can be found here.

Obligations on individuals to assist authorities

No known legislation or policies.

Other restrictions

No known legislation or policies.

We have tested Steganos https://www.steganos.com/en/steganos-privacy-suite-20 and the Authorities in UK could not access encrypted data encrypted by Steganos, who can only talk from experience if you want to be paranoid the best setup is to use an encrypted flash drive or hard drive, then when Steganos or similar software we recommend using drives that has tamper evident epoxy seal or resin.

We would never trust the weak encryption made by Crucial or Samsung ssd drives or as this was in the headlines (Crucial and Samsung SSDs’ Encryption Is Easily Bypassed. Researchers from Radboud University in The Netherlands reported today their discovery that hackers could easily bypass the encryption on Crucial and Samsung SSDs without the user’s passwords)

The only time we would use such ssd drive is if we used the secure erase function to erase all data after scrubbing them with secure deletion software.

Wiping software

https://www.r-wipe.com/

R-wipe has been tested and proven to securely erase history and again has been tested against the man so that is why we have come to trust r-wipe as its kept us safe over the years, if you use a ssd it has the feature to wipe the ssd trim area which is where all the trash files can be found.

We also use Privazer https://privazer.com/en/ as again this has been tried and tested and we recommend the donors version as its pricing is reasonable but you do need to pay attention to the settings you chose and the wiping methods as there are different methods for ssd and normal hard disks, but has an auto detect feature to detect which type of hard disk you are using, there is a basic mode and a expert mode for those with more technical skill

We no longer recommend Dban https://dban.org/ they were taken over by a greedy company who sell licenses, you get a few licenses to wipe a whole disk and once you run out you have to buy more and its greedy and possibly out of date.

this page will change and be updated to provide more software both free and paid to aid anti forensics