Securing Your Notebook Against US Customs

Nethemas the Great points out a piece from Bruce Schneier running in the UK's Guardian newspaper with some tips for international travelers on securing notebook computers for border crossings. A taste of the brief article: "Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. ... Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won't work here. The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."

Dual Boot

[Rycross]

Set up a Windows partition and a Linux partition, set it to boot to Windows by default, keep all your data on the Linux partition. How well would that work, I wonder.

Re:Dual Boot

[lorenzino]

How well ? Good enough. They don't have any clue what linux is. They don't have any IT degree right ? Actually, if they even *SEE* linux they might think you are a terrorist/communist/american_favourite_evil. So yeah, I like your idea. Also, I suggest truecrypt with the drive within the drive .. that gives you deniability, doesn't it ?

Fading memory

[Anonymous Coward]

I can't recall the name right now but one of the disk encryption utilities creates a dummy encrypted zone for just such a purpose. You make two passwords. The real one gets you your real encrypted data. And another one for entering under "duress" gets you your dummy files. They're both stored in the same encrypted space, one looks like random noise to the other, and supposedly nobody can tell they're both there. Anybody know which utility that was?

Refuse you entry to the contry

[imuffin]

Can customs officials refuse entry to an American Citizen? Can they banish me for refusing to divulge my password?

Corporation Lawyers

[Johnny Mnemonic]

You can bet that before I type my password for a customs agent, I'm going to talk to my company's legal department. And I'll wait in the customs office as long as it takes. Or simply forfeit the laptop and put it in the trash.

The IP on my laptop is easily worth 10x more than the value of the laptop itself.

Grabbing your data isn't the worst they could do

[lowsinon]

No doubt they just install a rootkit/keylogger on your box after ripping your HD so after you leave their rootkit calls back and gives them your truecrypt passwords. Don't use a laptop you've lost sight of.

Go ahead search my Laptop officer....

[old dr omr]

My Mobile phone has a 4Gb flash card the size of my little fingernail. If I had any files that I didn't want customs to see I'd keep them on there and hide it somewhere they'd never find it. Come to think of it I'd probably never find it once I got there. :)

Re:Problem?

[GottMitUns]

Your comment implies that the government and its representatives are infinitely kind and benevolent. That is not so. There is but one step from arbitrary airport search to Guantanamo. This is Slashdot. Government is evil.

Re:Not enitrely true...

[Anonymous Coward]

"Any sovereign nation has the right to control who and what enters the country."

That is one view.

There is also the question of what consitutes 'what'. While I would agree that they have the right to ensure that my laptop is a laptop, and not a container for contraband (tangible 'what'), I would not agree that it includes the right to search the information stored upon it (intangible 'what'). If I have a letter on my person, while they should be allowed to ensure that it's a letter, they shouldn't be allowed to read it. And while they should be allowed to check that I'm not carrying contraband, they shouldn't be allowed to probe my mind (if such technology existed) to find out what information I'm 'carrying'.

Of course, what they should do, and what they do do, are two different things because in most countries customs take the position that you do, and so are a law unto themselves.

Single Boot

[rgmoore]

An even better approach would be to have just a Windows partition. Then do your real work under Linux by booting from a memory stick. If you want to get really paranoid, you could keep all of your sensitive data on a separate, encrypted memory stick, camera memory card ("hidden" in your camera), phone memory card ("hidden" in your phone), etc.

Of course, you should go ahead and do some unimportant work under Windows. Play games, surf the net (safe, unimportant web sites, only, of course), keep your golf scores, etc. That way, if somebody ever does search your laptop, it won't look like a system that's just been wiped to avoid generating any evidence.

Re:but without being dishonest.

[Dare nMc]

Then swap laptops with a co-worker 1) without them knowing the password 2) make sure he takes the secured data through security after you, here's why:

Then they'd have to ask you to...

that is where the ultimate question comes, if you can access the data, and it is their, then are you willing to commit a felony (lie to a federal agent) to protect the privacy of that data. (most likely my company's data.)
Thats clearly a big NO for myself.
IE if I true crypt a partition, I know it will be (within all reason) safe from "offline attack" like a imaged drive. So if the agent doesn't ask, and just snoops or copies this is not helpful to them. If the agent simply asks, do you have any encrypted data, and show me all of it. Assuming your not willing to commit a felony (granted a nearly impossible felony to prove), the you have limited options not really helped by true-crypt, over just a encrypted file. IE you can either say No, in a nice way like, "I have to talk to my company lawyer for permission" or give it up.

swapping laptops helps the second person the most, cause their not telling a lie when they state either, "not that I know of" or "it's my company's equipment not mine, I cannot access anything more than..." Since the guy with the password is "in the clear" since challenges to him have to fall under the full US constitution. If the guy with the password is standing behind you, well...

Re:Problem?

[Wog]

Your losses are horrible, but they don't make you an authority on either security or my rights.

Please explain to me how searching hard drives is "securing the border" when we live in the age of the internet. I don't mind a customs agent making sure that my laptop is, in fact, a laptop, but asking a marginally-trained TSA employee to examine all the data on a computer within the few minutes is like asking someone from your lawn service to do a five-minute inspection of a 2" square patch of vinyl siding to determine whether you have a mold problem in your basement.

In both cases you're asking the wrong guy to look at the wrong things, giving him no time or tools to do his "search", and then wondering why it didn't do anything to actually improve the situation.

If it's illegal, then the problem is totally different and you have no right to complain about it.

We have every right to complain. Since when have law and morality been linked in this country?

I suspsect FUD

[Bobb Sledd]

I suspect this is a bunch of FUD. I visited the Ukraine last November and when I came back I wasn't even asked to power on my laptop. And yet they might copy all your files off for examination later? Suuure. Rated "possible but unlikely."

Do you have ANY idea how much data storage would be required just to capture that? Not to mention the amount of time sifting through all that crap? And for what? It's too easy to cleverly disguise it or encrypt your data. I just don't buy it.

I think it's more likely that if you are suspected of smuggling something, THEN they might start looking at your junk on your computer, and only keep the data if they really suspect something. But otherwise, I don't believe they have the resources to store and analyze too much or too deeply on a cursory search level.

Re:Not enitrely true...

[Bill_the_Engineer]

IANAL.

Maybe someone can explain why the act of entering the country nullifies my constitutional rights.

Because technically it doesn't. You said it yourself:

Not according to the Fourth Amendment to the US constitution: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated...

I changed the emphasis, but as you can see the 4th amendment only protects you from unreasonable searches. Most people believe that searching a person's belongings before granting entry into a country is a reasonable search.

Re:Dual Boot

[hazem]

The problem is, this isn't the security check to get on a plane, it's the customs people when you enter the country. When you fly into the US, and assuming you are flying on to another destination, you get off the plane, get your bags, and go through customs. These people have an incredible amount of power over you and you probably have little legal recourse, even if you're an American citizen.

I find the contrast sad... when I recently flew into Amsterdam, I grabbed my bag, the guy stamped my passport, and I walked through a door out into the real world. No questions, no forms, no inspections, no going through my bags. And this while I'm coming from the "land of the free" to one of those wacky socialist European countries.

Re:TrueCrypt

[trifish]

Schneier actually mentions TrueCrypt in his article too. However, strangely, he ignored the single most important feature of TrueCrypt regarding this topic, the plausible deniability. The hidden volume [truecrypt.org] feature is exactly designed to prevent Big Brothers from breaching your privacy.

the last time this happened to me...

[Cookie3]

Customs agents (US and Japanese) stopped me several times over the years to inspect my laptop. In every case that I can remember I was able to dodge "inspection" by simply saying that I couldn't turn my laptop on because no battery was installed (which was the truth). I would only carry a power cord in my laptop case, no batteries.

My battery was actually located in a separate carry-on; a backpack or a suitcase or some such.

I guess if they were really interested in the laptop they could've plugged it in to a wall outlet and gotten into it that way.. but they never asked to do that.

Re:Dual Boot

[bberens]

Do you really want to find out the limits of where your theoretical rights end and where your abridged, post 9-11 rights end?

Yes

Re:TrueCrypt

[netsharc]

Or, write the real first few seconds (maybe 15) of the trailer to the beginning of the file, et voila, it plays in Windows Media Player!

I think TrueCrypt needs to have an offset for its containers, so that it expects the data to begin at that offset, and ignore whatever is before that..

For the fifty thousandth time

[SuperBanana]

Hidden volume

Only on Windows. On MacOS X and Linux, this is not available, for unstated reasons.

Re:Dual Boot

[the_bard17]

Add me to the list. The Grandparent poster and the rest of the country can sit back and watch their rights drain away if they want to sit in the corner with their security blanket, but I won't.

I'll be the guy raising a fuss and throwing a fit. It'll happen at the border, then in court. And if someone wants to slap one of those "letters of security" on me, they may as well send me right to jail... 'cause that letter won't keep me quiet regarding any injustice placed upon me.

If standing up for my rights "ruins" my life, then that "life" wasn't worth jack to begin with.

I suppose it helps that I'm religious, too... those religious fanatics got that right, at least. When you're looking forward to a long eternity, the time spent here isn't worth getting your rights trampled over.

That being said, I don't imagine it'll be too long before the black suit guys show up for me ;o).

Re:Dual Boot

[dgatwood]

You joke, but I've actually contemplated keeping a spare hard drive and sticking it in coming into the U.S. just for the entertainment value of watching the border security folks see a completely blank hard drive and watching how they react. Maybe get it on camera. That and the last thing I want is for border security to be poking through the confidential materials on my hard drive. My employer is pretty anal about not letting anyone get access to that stuff. Of course, it is encrypted, but again... "Please enter your password" comes to mind, and then I'm out of a job.

Re:This is why you make sure...

[Cajun Hell]

I'd suggest against the horse porn, it "is" technically illegal in the US.

Actually, that raises an interesting question. I suspect horse porn is not a violation of any federal laws, but probably a violation of some state laws. Does U.S. customs have a legitimate interest in that? Maybe anti-liberty states (e.g. Texas) need to put up their own state-customs on their highways and airports. Your international flight lands in Dallas, and a man says, "Congratulations, you have passed U.S. customs. Now stand in line for Texas' thoughtcrime filter."

Re:Dual Boot

[Anonymous Coward]

There has been a Canadian citizen in Sudan who has (had?) been trapped there because, while he had never been charged with anything, he had been suspected of doing something. He got trapped, and could come home due to being on the no-fly list. Basically, years in legal limbo.

He is not in legal limbo at all.

All Canadian citizens have the right to enter, remain & leave Canada. This right is recognized in the Canadian Charter of Rights and Freedoms and cannot be abrogated by the government.

A known terrorist who happened to be a Canadian citizen recently sued the government of Canada (and won) when the government tried to restrict his ability to enter & leave Canada.

However, you do not have a right to ride a plane. There are nasty people in the world, and some of them are a danger to aviation.

This man in Sudan just needs to find another way to return to Canada. His options are to go by sea or by land.

Re:Dual Boot

[vidarh]

Or have something that would plausibly be worth protecting. I'm sure you could find plenty of specs or requirements documents that aren't sensitive at all, for example, but that you could believably claim are terribly valuable trade secrets.

That's the beauty of it... and the pitfall...

[Animaether]

...you can't prove there isn't one. Neither can they prove that there is. They may argue that it's likely, but whatever.

However, it's also one of the pitfalls. They're not 100% stupid and I wouldn't put it past them to say "okay, then you won't mind if I zero out all the stuff that you claim doesn't have any data". That wouldn't take particularly long, so what is your defense going to be?

However, I don't know if they can actually write data to your machine; I think the current provisions are read-only? whatever.

Re:Dual Boot

[Hatta]

While all of that is true, nowadays being put on the "naughty list", or having a name like someone on the naughty list, or being brown-skinned is enough to effectively punish you as much as if you'd been convicted.

Good, then you'll have standing to challenge the unconstitutional punishment without trial in court.

Pussies

[PingXao]

Anyone who does NOT refuse a border agent's request to "type your password" is a coward and not worthy to call themselves an American IMO. It may seem like a small thing, a way to avoid being detained and hassled all day, but it's the little things like this that define the boundary of where our freedoms are being slowly stripped away.

The old Ben Franklin statement about those who would trade liberty for security comes to mind. It's a shame when people say, "It's all about the benjamins," that it's not THAT sentiment they're talking about. Stand up for your rights NOW - no matter how "inconvenient" it may be - or soon you won't have any to worry about. Sheeple, indeed. Pussies is more like it.

Re:Dual Boot

[Anonymous Coward]

"if your under suspicion for who you are then you are pretty well fucked."

If only that were the case! I know somebody who is constantly under suspicion every time he travels for who _someone else_ is. He happens to have the same initials (not even same full name), and the government happens to have crappy systems, and border crossings tend not to use logic or reason or really any form of independent thought. So he ends up on no-fly lists, watch lists, and the like through no fault of his own. The best part is he travels regularly as part of his job and after two years of trying to address the issue it still happens.

So, I guess what I'm saying is everyone is under suspicion and we're all fucked.

Re:This probably won't work, but:

[Two9A]

No, they'll take you away for disturbing the peace, and you won't see the light of day for a long, long time.

Mind you, I didn't even have to do that last time I flew into Newark. Looking brown and having a Pakistani name is enough to hold you for 6 hours.

Re:Dual Boot

[harrkev]

Another option might be to take a spare 512MB memory module and accidentally apply 120V to a couple of random pins, thereby frying the module. If you insert that, your computer won't boot. Leave your good RAM at home, travel with the dummy RAM. "Gee, officer. My computer is dead. A friend of mine at the destination knows how to fix them." Buy new RAM at your destination. Sell the RAM to a friend or pawn shop before you leave, and put your original RAM back in when you get back home.

How about steganography MPG cheap hack?

[naz404]

Video files are expected to be large and thus won't arouse too much suspicion if you hide your data in them.

Just append bigg-ish data in binary format to highly compressed mpeg files.

That'll keep allow 'em to play in media players, thus avoiding suspicion.

Just remember at what index/byte point you appened it so you can snip out the "header" mpeg file.

Re:Dual Boot

[fbartho]

OSX... single key press to boot to cd/dvd or firewire or to get a boot selection menu which scans sources and lets you select via mouse or keys where to boot from.

Re:Suspiciously unsuspicious

[Anonymous Coward]

Why would someone call in the Federal Marshals if you are just sitting there playing with your laptop / camera menu settings? Did you otherwise look like a suspicious character? There had to have been something that put you in the "uncanny valley" of "not just a regular hotel guest".

I'm asking because I'd like to know what the security guys are thinking -- most of the time they are pretty much overreacting.

Re:Not enitrely true...

[ceoyoyo]

Well, if you're not on US territory then yes, you can shoot the border agent and not be prosecuted under American laws. If you're in international territory that means you can be prosecuted (and not by lawyers) under international law, which doesn't really have a whole lot to say about individual murderers.

Re:Dual Boot

[Anonymous Coward]

The problem is, this isn't the security check to get on a plane, it's the customs people when you enter the country. When you fly into the US, and assuming you are flying on to another destination, you get off the plane, get your bags, and go through customs. These people have an incredible amount of power over you and you probably have little legal recourse, even if you're an American citizen.

I find the contrast sad... when I recently flew into Amsterdam, I grabbed my bag, the guy stamped my passport, and I walked through a door out into the real world. No questions, no forms, no inspections, no going through my bags. And this while I'm coming from the "land of the free" to one of those wacky socialist European countries.

hazem ... I hear your... Look, from my central European point of view your so called "land of the free" is almost a facist state.

If not mistaken, your country treats foreigners legally different from citizens, and cherishes concentration camps like at Cuba's coast in Guantanamo.

In opposition, the Netherlands appears to be a free, democratic, and liberal country. A core member of the EU, part of the Schengen States building EU's joint border.

Much appreciate that you have found EU immigration convenient, sad to see that "the land of the free" tends to become "the major bully" country on this planet. Taking all possible means to erode privacy, even stealing your data from your electronic devices, or widely wiretaping its major telecoms data into secret government databases.

By the way, I was once a huge admirer of the prior 9/11 free kind of US society. Now I can only say ... I pity the US for the time being ruled by "secretive, nosy, merciless bullies" of your current government.

Cheers,
Mike

Re:Dual Boot

[Grizzled Old Scout]

Preach on, brother, to the notion that many of us aren't willing to sacrifice in the name of protecting our liberties, but there is a difference between fighting the good fight and slamming your head against walls. Remember that the TSA/Customs agents are, in general, doing only what they are told to do, and their incentive structures bias them to be more restrictive and confiscatory, not less.

A better option, as TFA mentioned, is making sure your congressdroids are aware of your displeasure with the erosion of you rights and that you are willing to make protection of your freedoms the primary issue on which you base your vote. Then commence shouting from the rooftops. If data or hardware are confiscated, call the ACLU, write letters to the editor. Post on well-populated political blogs.

But don't think that you're effectively advancing the cause by letting the TSAers detain you (or, far worse, challenging them to do so). That just wastes time that you aren't going to get back.

Privacy and freedom of movement are worth fighting for, and anything important enough to be worth fighting for important enough to be worth fighting effectively.

Re:Dual Boot

[rengav]

This isn't about liberty; it's about the arbitrary and warrantless invasion of privacy. Email, pictures, video's and even 'hacking' tools do not blow up airplanes.

But they're checking you at customs as you ENTER the US, after your plane is already on the ground. The Customs inspectors should be looking for contraband, such as drugs, or "undeclared" items. I really can't think of what they'd be looking for on my laptop after the plane has landed. Why is customs searching for data, it's not taxable as far as I know.

Network and fresh install.

[Erris]

One of the nicest things about free software is that it only takes about 15 minutes to wipe and reload everything with a fresh install. Then you can get the date you need and care about by sftp when you are past customs and wipe it out before you go home.