Privacy under Windows platform.

user7

New Member
Having the fact that Eraser is after all a privacy tool, i think that this is the wright place for the next thing:
Because, as many of us already know, Windows platforms are a privacy nightmare and because there are few places were we can find valuable informations and easy to apply and not at the end, because if you are here, then you are interested in having a high privacy; i think that we should start a Windows advices thread for achieving high privacy.
Practically, all of us who know some tweak for Windows related to privacy, to post it here, and I will take the responsibility to gather all when it will be enough and to make a proper guide and to post it here for the benefit of all of us.
I'm considering myself a beginner in privacy/computer stuff, but I've already used Windows Xp for more than 7 years, so I know a trick or two :)

So, for breaking the ice, I will start:

Windows is collecting high amount of data about what are you doing all the time it has the chance! :)
Some of it's ways are:

Recent documents - a list of recently accessed files on your computer (basically, a link to those files).
This list usually is found here : C:\Documents and Settings\"user"\Recent
Solutions: I, personally, just go there, select the folder and erase it using ERASER.
There is also the option to disable this function. Here you can see how this is done:
1.Type regedit in the Start/Run window.
2. Navigate to HCU\Software\Microsoft\Windows\ CurrentVersion\Policies\Explorer.
3. Create a new DWORD value, or modify the existing value of NoRecentDocsHistory by double clicking.
4. Set the Data Value to 1. Save the value and close the registry editor.
The next time you start Windows, your recent documents folder would remain empty and won't track your open documents.
From my previous experience, this sometime is not working and the recent files are still created (as i told you, I'm not a experienced computer user). Here there will be great some advices from other forum members.
Another way to deal with this, is to use a program that is cleaning "all" the sensitive data at once, like CCleaner. I personally, don't trust that program from various reasons.

PS1. All the time when someone with better experience has something to add or to modify, he's more than welcomed to do it and to add arguments.
PS2. All the time when some of you are not understanding something or think that is not explained enough clearly, please feel free to ask, because, after all, this is wanted to become a privacy guide for all of us.
PS3. Admin, if you think that this thread is not suited for this place, please move it, or contact me and i will use another forum.

Thank you all, and i hope that this idea will help you all. :)
 
I strongly support this idea. In fact, it might be worth having a separate forum. There is a distinction between dealing with queries as to why the program is not behaving as users intend (which is support), and discussing the best techniques for maintaining privacy and security on the very insecure platform which is Windows.

Thanks too for the information about the Recent documents list. Hopefully, the new forum might provide an opportunity for collecting such info in a form which could be posted as a 'sticky'.

David

PS I notice that the thread has already been made sticky, which is a good start. Thanks to Joel or whoever.
 
I personally think CCleaner is a very good utility for cleaning histories of various applications and temporary files. It even offers secure wiping if you look at the advanced options. Could you explain your reasons for not liking it?

Here's a couple of security issues that CCleaner misses with Windows that I've noticed:

Windows Pagefile: Not erasable by normal means. Disable altogether or modify registry to delete on each shutdown by following the steps here: http://forum.thewindowsclub.com/windows ... tdown.html or encrypt the pagefile using this method (untested by me) http://www.technipages.com/vista-encryp ... efile.html

NOD32 temp files building up in \Windows\Temp\HTT*.tmp: http://www.wilderssecurity.com/showthread.php?t=253904 (applies only if you use NOD32 AntiVirus, obviously.)

Here's a couple of security issues that can catch you out and force you to wipe free space to ensure privacy (unless you encrypt entire partition(s)):

WinRAR (and possibly other compression applications) archive contents being sent to the temp folder when double-clicked directly within the archive browser or "dragged & dropped" are deleted automatically after closing WinRAR, but not securely wiped. Solution: Use the Extract To button before securely erasing archive files if necessary, or encrypt entire OS partition.

FireFox (and possibly other browsers) downloaded files selected to Open rather than Save File are put in user's temp directory and deleted automatically when the browser is closed, but not erased. Solution: Use Save File rather than clicking the Open button and preferably use Portable FireFox in an encrypted container, or encrypt entire OS partition.
 
Hi DavidHB.
In fact, i will take your suggestion in consideration,because i though at this too, and form next week (depending on how much time i will have available) i will provide a separate forum on this topic :D

Hi Undesirable.
Concerning
It even offers secure wiping if you look at the advanced options
, well, this should be as standard in any privacy program, so is not a plus..
The advices related to Winrar and Firefox are very good, and i thank you for posting them (i burned myself is the past with those ones, so i know now that are some basics that everyone who is concerned about his privacy must know.)
Related to pagefiles, the best way in my opinion is to disable that function on all your disks. It's quite cheap to buy 2GB or more of RAM to not need to use that function.
I invite you to make some proper posts related to Mozilla Firefox and Winrar on the new forum i will provide next week :)

Thanks.
 
Hello back!
Sorry for taking so long, but i was very busy lately.
So, as i promised, i made a forum on a free domain with this taboo subject: Privacy under Windows platform.
It's only basic settled so i need people with the same concerns as me in achieving high privacy to help with the settings and I invite you all to contribute with info and ideas.
So, for now a moderator account is available :D
More details on the forum.
The address of the forum is :http://windowsprivacy.niceboard.net
I wait you all beginners and advanced users to achieve something great!
 
robesasu said:
I would worry more about eraser itself...
With the issue of 6.0.7., previous worries are reduced significantly. What you really need to worry about is how to identify what you should erase ...

David
 
I recently rebuilt my system (XP, SP3 plus subsequent maintenance). Today I was doing some clean up work and realized that I had forgotten to turn OFF the Windows indexing "feature" on the hard drive where the OS is installed.

I turned it off and then ran a free space wipe to ensure that references to all deleted/erased files were gone.

Q1. Are the references now erased?

Q2. Is the indexing "feature" a privacy exposure?

Thanks
 
EraserForum@yahoo said:
Q1. Are the references now erased?
Assuming the free space wipe completed normally, references to deleted files in the MFT are overwritten. Eraser does this at the end of the wiping process. So any deleted files referred to in the index are gone. But you do have to delete the index file itself; I think that, for XP, it's something like C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb. If you didn't do this before the wipe, try erasing it; as your installation is new, it shouldn't be that big.

EraserForum@yahoo said:
Q2. Is the indexing "feature" a privacy exposure?
As the index contains (fragmentary) user data, inevitably. But in practice it's less of a problem than backup copies, application caches and logs, System Restore, shadow copies, the page file, and anything else that squirrels copies of your data all over the system without you knowing it ...

David
 
Hey there. I read that you all were talking about Mozilla Firefox and it peaked my interest as Firefox is one of the least privacy friendly browsers around. If you are interested take just a (brief) look at their (frighteningly long) privacy policy. The darn thing comes installed with two major privacy leaks enabled and a privacy policy that compliments data collection. They even goes so far in the privacy policy as to define in vague and notably inconcrete terms what "personal information", "non-personal information", and "semi personal information" (you IP address for example) are.


I personally use Opera, it's very fast (arguably the fastest), experiences the least slowdown on my system, and most importantly has a succint data collection and privacy policy that Opera will not collect or share any data from your computer for any reason... The Opera EULA and Privacy Policy are simple and concrete.


All the other browsers have long, legalistic privacy policies and EULA's, giving them permission to collect your data, monitor your internet usage, take the life of your firstborn, etc...
 
IMO CCleaner is a great tool to have in a Privacy package. Especially with CCleaner Enhancer.

I also use System Ninja that get a lot of files CCleaner does not delete.
http://thewebatom.net/programs/system-ninja/

I don't really use the CCleaner secure deletion, for one thing if I have anything I want to delete in a secure way I will use Eraser or Dban. The second thing I dislike about CCleaner secure deletion is that it writes A to Z on every pass even if you use a standard like DoD all it does is overwrite with A to Z for 3 pass which isn't what the DoD standard is. Finally, once CCleaner is done, if you use a data recovery software, like Recuva, while you won't be able to get the files back, in the result, if you do a deep scan, you will have a large number of file named: ZZZZZZZ.ZZZZ To me that isn't good enough but, worst it prove that you have used a secure deletion software.
 
The renaming behaviour is that of SDelete, one of the precursors to Eraser. Eraser 6 has dropped that behaviour in favour of completely random filenames.
 
for privacy under windows you should encrypt your whole disk, this way all the information on the hdd is protected to unwanted acces

Truecrypt is a very good program for FDE (and it's opensource!!)
 
I think FDE can never fully prevent data compromise, especially when the key used is weak (and most people have weak keys). Once the key has been compromised (either by brute force (!!) or dictionary attack or other key-compromise attacks), reading the disk would be simple and data recovery as easy as an unencrypted disk.
 
nothing can fully prevent data compromise in case we keep it on paper or on any other storage media.
so encryption would be adviceable when you want to store data as a hard or softcopy.
it will provide an extra challenge to those who want to intercept some of your information
 
Isnt there something called Windows System File which logs everything you do, ostensibly to allow windows to "learn" frequent tasks.
I understand it records day,hr,min,seg, the drive and folder you access, the doc, wma, jpeg etc you open and what you do with it, and just goes on recording and is never cleaned.
How much of this is true?
Is there any way to access and delete it?
 
I don't think that this feature exists... that I know of.

The only thing heuristically learning what is used would be Prefetching, which checks the DLLs loaded within the first 10 secs or so by program to aid defragmentation.
 
Hmm, surprised by your reply.
How about if you remove the part that says "ostensibly to allow windows to "learn" frequent tasks" - does this help?

I was told by a number of people that Windows logs absolutely everything - and that this log file is used by "authorities" to prove that files existed, or were altered, or whatever, on that computer, regardless of whether the files were later deleted or erased.
The file might not be there but a log of its access or use is.
I may very well have the name of the Windows feature wrong.
 
No, not that I know of, sorry. There may be features which log, yes, as part of any operating system; however I don't think they do so at the extent which you have described them. Have a look at your Event logs, notably the Security logs which contains logon/logoff times and audit events. Those don't really leak much information, however.
 
Thanks for your replies. I guess my general paranoia is getting the better of me and its good to know that Msoft intrusion is not as pervasive as I had heard.
 
Back
Top