A handy trio of tools for protecting your privacy

Using Tor on SELinux

If you are using SELinux, you will need to do some extra configuration. The most common addition is to change your "targeted" file. Change to the following directory:

/etc/selinux/targeted

Then, using touch or another command, create a file named booleans.local. Then, all you need to do is open a text editor (e.g., vi, pico, or gedit), and edit the targeted file so that it contains the following:

"allow_ypbind=1"

You will need to restart networking so that Tor recognizes your change.

Cleaning Up: BleachBit

Cleaning up unnecessary files and application histories eliminates clues that an attacker could uncover to learn about what you've been doing.

Several tools are available for cleaning up your deleted files, including BleachBit, GtkOrphan, and Gconf-Cleaner. I have found that BleachBit is the best overall tool, because it scours the entire hard disk. Although tools such as GtkOrphan and Gconf-Cleaner were created by people who wanted to focus on specific operating system elements, such as GTK and GConf, BleachBit does as well or better at cleaning these environments.

BleachBit, as its name implies, has the ability to cleanse your disks of extraneous and "temporary" files that, well, aren't really all that temporary. It's the most popular application out there for data destruction. I run BleachBit from a standard terminal or from a standard menu. Figure 6 shows the initial BleachBit startup screen.

Figure 6: Launching BleachBit.

With BleachBit, you can:

  • Delete browser cache and temp files.
  • Eliminate Bash history traces.
  • Remove all trace of files left behind by applications, runtime engines, and login environments such as Google Earth, Java, X11, KDE, and Gnome.
  • Remove email temporary files.
  • Delete all traces of video and voice calls, such as those with Skype.
  • Eliminate cache files from text and word processing applications such as vi, OpenOffice and LibreOffice
  • Remove caches from video applications such as xine, Vuze, and VLC.
  • Conduct deep scans.

Using BleachBit is fairly simple. Figure 7 shows BleachBit configured to delete files related to Firefox. Like most people, I'm becoming a big Google Chrome fan, and BleachBit also has options for scouring all Chrome-related files. I'm not much of an Opera user, but BleachBit is there when I do use Opera.

Figure 7: Deleting Firefox files with BleachBit.

The Preferences Window shown in Figure 7 is open by default once you install BleachBit. This window allows you to specify the drives you wish to target.

The whitelist feature is particularly useful. Whitelists allow you to exclude specific directories and partitions on your disk. To use this feature, go to Edit | Preferences, and then select Whitelist. From there, simply click Add File or Add Folder and follow the friendly GUI. I've used this feature to exclude directories where I store files that I will never really need to delete.

In the General tab, I always keep the Hide irrelevant cleaners checkbox selected, because unselecting it causes the application to show me options that are more for legacy operating systems than for anything else. I select the Overwrite files to hide contents and Start BleachBit with computer options so I know it is always ready to use.

System and Deep Scans in BleachBit

For those who are not faint of heart and have lots of time on their hands, consider conducting a System scan and a Deep scan. A System scan focuses on deleting temporary system files that you no longer need. These system files are located in a Linux (or Windows or Mac) system directory, such as /var/, or in the /tmp/ directory.

A Deep scan goes even deeper than a System scan, searching the hard disk for files that are found outside of the normal system directories. The Deep scan goes hither, thither, and yon and searches for files such as the thumbs.db and DS_Store files in Windows systems. These files are not necessarily harmful. The thumbs.db file is simply a file that helps a system show "thumbnail" images of documents as you browse them. However, they can be used by applications to determine your document viewing and browsing habits. They are essentially metadata documents and, if left undeleted, can help individuals invade your privacy.

To conduct a System scan, scroll down to System and select the option. You will receive two warnings. The first tells you that the scan will take a long time. I don't conduct system and deep scans unless my system can sit idle for at least an hour or two; often I conduct them overnight.

The second warning informs you to select localizations in the Preferences section. This is BleachBit's fairly obscure way of saying you should consider omitting certain files and directories. Do this by, once again, going to Edit | Preferences and selecting the Whitelist tab. For example, I use a lot of custom settings for my calendaring application that I don't ever want deleted. So, I specify the location of these files, which happens to be the /usr/share/calendar/ directory before I run a system or deep scan.

The Memory portion of a Deep or System scan is experimental. Only once have I had a problem. My login environment started acting strangely, and I had to reboot. I didn't lose any data or functionality. The first time I ran these scans, I freed up almost a half a gigabyte of space. More importantly, I knew that these extraneous files had been deleted securely. Once I set up BleachBit to my liking, I'll run it once a week, or whenever there is something I need securely deleted.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • VeraCrypt

    Protect your data and operating system from prying eyes with VeraCrypt.

  • TruPax 9

    The TruPax tool specializes in encrypting small datasets to safeguard your data from prying eyes.

  • Encrypting Block Devices

    The recent revelations about NSA spying have sparked renewed interest in data encryption. Encrypting at the file level is quick and easy, but if you're looking for an extra dose of protection, try encrypting the whole block device.

  • Keep Your System Clean with BleachBit
  • Workspace: Laptop Tools

    Pack your Linux laptop with the right set of tools. We take a closer look at Adblock Plus, woof, Conky, TrueCrypt, rsync, and Grsync.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News