What measures should be taken if LE are about to seize your PC??

tl;dr; The sourceforce download is the offical download for dban from the projects website. SOurceforge took over abandonded projects whereas DBAN is an active project. SOurceforge malvertising works by bundling an adware installer onto projects something thatis trivially done to binaries and exes which DBAN is not. DBAN works at a level beneath the filesystem so it doesn't know about files on the drive and can't find ones matching a signature as another user suggested. It doesn't load wifi/ethernet drivers so it can't connect out. So basically its pretty likely that DBAN on sourceforge is safe, and if it is not then there are no alterantives that would be more trustable.

I'm curious, are you aware of how dban works? and how the adware binding sourceforge has been doing works?

I mean I completely understand your PoV on sourceforge given the controversy however understanding the controversy is also importantant. They are not merely just hijacking random accounts, or even targeted ones. They are taking over abondaned projects. GIMP forexample had been abandoned since 2013 and has switched to a different distribution method(torrents + own server)

As for NMAP the original nmap account is still valid its just that there is a nmap.mirror now(2011). The claims of sourceforge removing content are bullshit, https://web.archive.org/web/20030701000000*/http://sourceforge.net/projects/nmap/ it never had any connect unless sourceforge also altered archive.org.

All this said, DBAN is still an active project on sourceforce. The offical download from dban.org itself is the sourceforce download.

But okay lets assume you're right and sourceforce has modified DBAN. Now what sourceforce has been doing isn't so much modifying the applications but wrapping them in their own adware installer. This works great if you've got a binary or executable its trivial to automatically wrap one program in an 'installer' as sourceforge has done. This doesn't exactly work with something like DBAN.

DBAN unlike GIMP or NMAP is not a program you install so no installer, no droppers, no binding can be done to it. Unlike WIndows or Linux its not an operating system you can modify with backdoors to call-home or what have you. NOw ofc Windows and Linux can both be backdoored its not as trivial as what sourceforce has been doing however but its possible. This would be done by preinstalling certain programs to the image, or backdooring/replacing an existing program.

DBAN is like some Linux distros however in that it is a bootable disk. In this case a bootable program that simply overwrites the entire harddrive with a certain pattern of numbers. So the question is what type backdoor or malware could be added to this. They could replace the images/display with some advertisments but there is no ability for internet so no knowledge of views and no clickthroughs, it would also be immediately obvious to anyone of the 21k downloads/week the project has been getting since June(latest update).

So perhaps they are doing something more subtle as another user suggested, its sending any interesting files off to another server. The problem with this is DBAN doesn't know about filesystems. It works at a lower level than w/e filesystem you have installed on the drive to begin with. So without knowledge of the filesystem it also lacks knowledge of a file. So you might think well it can just look for certain bytes to exist to be the file, but your files are not stored next to each other so any set of bytes larger than the blocksize would necessarily be unfound, or if the break between blocks is different than expected the bytes would be unfound unless it knew about block headers...and the file system. Additionally, what about internet, when dban boots it doesn't startup the wifi or ethernet it doesn't load any drivers for that. They are not needed so it can't send anything.

The only thing it practically could be doing is the one thing DBAN does do, overwrites your complete harddrive without caring about the existing files. It just writes a bunch of numbers until the end of the drive.

/r/DarkNetMarkets Thread Parent