Evidence Eliminator.

[Grrr]

I keep seeing pop-ups or getting emails talking about “Your computer is spying on you, anyone can tell what you’ve been up to on the computer even if you delete the history cache.” The advertisment goes on to say buy our product and it will eliminate all this stuff for you.

Now what I want to know is what is this program doing that I couldn’t do myself? Secondly how would I do what said product does?

And yes i’m sure you’ve probably guessed by now I’ve been bad; some friends have been sending me emails to my work address (jokes) that I shouldn’t have read. Now I’m paranoid I’m going to get busted. I was always under the impression that if I deleted it as soon as I read it I would be ok.

[Crusoe]

Short version: deleting files and emails doesn’t actually delete them (in Windows at least), it just marks that portion of memory as free to be overwritten. The file isn’t ‘removed’ at all. These kinds of software attempt to guarantee file removal by overwriting the space with random characters.

There’s another thread currently looking at freeware or shareware alternatives and actions you can take. Read it here.

[Boyo_Jim]

If the claim is that the program will more thoroughly erase files you want kept private, then it is what Crusoe says. I think Norton Utilities has a somwthing that will do this. The files are vulnerable because the operating system does not erase a file when you tell it to. Instead, it erases the reference to the file in its “index”, called the File Allocation Table (FAT). The computer then treats the file’s location on the hard disk as empty and available to write to. The file doesn’t get really erased until another file(s) actually writes over the old space – unless you use a utility that randomizes the magnetic domains in the old location. That’s why, even with the old MS DOS, you could Unerase a file if there hadn’t been much writing to the disk since you erased it.

However, if nobody can GET TO your hard disk to run whatever evil spy program, you also don’t have to worry about it. So you may be seeing ads for a “firewall” security program.

As to what it can do that you can’t… well, EVERYTHING that it does, unless you can write your own programs for these purposes. You need SOME kind of software for security (sometimes it’s provided by an ISP, for instance many of them scan attachments sent through their network for viruses, for their own, and your, protection).

McAfee and Norton are the best known antiviral security programs, and most home security programs operate on the premise that data theft will occur by a virus that reads and sends your data back to the hacker, maybe destrying stuff as well. It is also possible, but far less likely in the home, that a hacker will try to gain live real-time access to your computer if it’s running and connected to a modem, and is programmed to answer the phone or is already online. This is a much more serious problem for sites like the Defense Department, where people visit and try to get as far as they can just for the hell of it.

What can you do without ANY security software? Unplug your phone line when you’re not going online, don’t open any e-mail attachments, don’t use your computer as an phone answering machine, don’t store financial information on it, don’t do electronic funds transfers using it, etc. Basically, if you use your computer as you would have BEFORE modems were available, and you have a secure house to put it in, it is safe.

[douglips]

I’ve you’ve been receiving email at work, the company may have a monitor set up that will notice these things no matter what. When you receive email, the company mail server computer has to get the email first, and that gives them a chance to monitor it.

Furthermore, some newer mail systems do not store the mail on your computer but keep them on the server. See for example Microsoft Exchange Server. In that case, when you “delete” a message, the server pretends to delete it but really doesn’t. The person who configures the server can determine how long deleted messages are kept, but it is possible to keep them forever given a large enough database. So, deleting an email may a) be too late and b) not even help.

If you then on a link in a funky email, and it takes you to http://www.nekkidgrrrlz.com, then your computer has to communicate through the company’s computer network, and again they may have a monitor set up that would notice this.

In other words, it’s probably too late to worry about it. If someone notices, just plead that you didn’t solicit the message and that you’ve asked your friends to stop sending you such things at work. Throw in some obsequious natter about wanting to foster workplace diversity and not creating a hostile work environment for any of your cow-orkers and you’re doing about the best you can.

[Qadgop_the_Mercotan]

douglips, I’m at work, so I’m afraid to try your link. Where does it lead to?

QtM

[Crusoe]

douglips is absolutely spot on. If you’re at work, chances are all attachments or URLs are logged at the firewall, so deleting evidence from your own PC is useless. I’ve seen places that have ‘flesh tone’ software scanning image files for potential nudity and keyword filters for dodgy terms. Keep doing that and the friendly IT director would be paying a visit.

The URL is a made-up one. It doesn’t lead to any dodgy site. I assume the vB code automatically changed text to a URL rather than it being deliberately entered.

[IMightBeGiant]

Here are some things you can do to cover your tracks…
I’ve never used Evidence Eliminator, but I imagine it does most of this.
(Incidentally, I first used this to cover shopping from my SO, but, sure, I’ve used it for other things. >:)

Delete your browser’s history, or at least edit them.

Look in the Windows\Cookies directory and delete suspicious ones.

Go to your browser’s cache directory, and just go ahead and delete everything in that directory.

Look in Windows\Recent to see if anything needs to go. These files will show up under Start, Documents.

Granted, if your IT guy is really on the ball, AND the company is serious about investigating things like this, you’re probably already caught. If you don’t receive a warning, don’t stress about it, though. (Typically, the IT guys are the worst culprits!)

A friend of mine was hired to do monitoring for an unnamed (to me) software company and discovered that 50% of the company’s bandwidth was being used to download porn.

[Cerowyn]

*Originally posted by Qadgop the Mercotan *
douglips, I’m at work, so I’m afraid to try your link. Where does it lead to?

Network Solutions says that the domain doesn’t exist, so I suspect douglips was pulling your leg.

'Course that means you can register it if you want to start a business.