Join Us!

Tor browser in linu...
 
Notifications
Clear all

Tor browser in linux  

  RSS
Jmundy
(@jmundy)
New Member

TBB is designed to 'avoid the disk' but I`ve read that this isn't always the case. If a suspect had downloaded TBB onto a Linux OS and ran it a few times, would it be possible to recover any helpful artefacts about their usage of TBB? Thanks

Quote
Posted : 09/11/2019 10:57 am
sovietpecker
(@sovietpecker)
Junior Member

I would love to do the write up to answer your question, bit someone already beat me to it. Here's a very nice article covering Forensic examination of Tor on Linux. https://blog.torproject.org/forensic-analysis-tor-linux

ReplyQuote
Posted : 10/11/2019 9:45 pm
Jmundy
(@jmundy)
New Member

Thanks Soviet. That work is interesting but from 6 years ago. The more recent papers I've read seem to say very little is written to disk although RAM can offer more of note. Do you have any hands on experience in relation to my query?

ReplyQuote
Posted : 10/11/2019 10:17 pm
Share: