Securing Your Notebook Against US Customs 1021
Nethemas the Great points out a piece from Bruce Schneier running in the UK's Guardian newspaper with some tips for international travelers on securing notebook computers for border crossings. A taste of the brief article:
"Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. ... Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won't work here. The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."
Dual Boot (Score:4, Interesting)
Re:Dual Boot (Score:2, Interesting)
Fading memory (Score:2, Interesting)
Refuse you entry to the contry (Score:5, Interesting)
Corporation Lawyers (Score:5, Interesting)
The IP on my laptop is easily worth 10x more than the value of the laptop itself.
Grabbing your data isn't the worst they could do (Score:4, Interesting)
Go ahead search my Laptop officer.... (Score:3, Interesting)
Re:Problem? (Score:2, Interesting)
Re:Not enitrely true... (Score:2, Interesting)
There is also the question of what consitutes 'what'. While I would agree that they have the right to ensure that my laptop is a laptop, and not a container for contraband (tangible 'what'), I would not agree that it includes the right to search the information stored upon it (intangible 'what'). If I have a letter on my person, while they should be allowed to ensure that it's a letter, they shouldn't be allowed to read it. And while they should be allowed to check that I'm not carrying contraband, they shouldn't be allowed to probe my mind (if such technology existed) to find out what information I'm 'carrying'.
Of course, what they should do, and what they do do, are two different things because in most countries customs take the position that you do, and so are a law unto themselves.
Single Boot (Score:4, Interesting)
An even better approach would be to have just a Windows partition. Then do your real work under Linux by booting from a memory stick. If you want to get really paranoid, you could keep all of your sensitive data on a separate, encrypted memory stick, camera memory card ("hidden" in your camera), phone memory card ("hidden" in your phone), etc.
Of course, you should go ahead and do some unimportant work under Windows. Play games, surf the net (safe, unimportant web sites, only, of course), keep your golf scores, etc. That way, if somebody ever does search your laptop, it won't look like a system that's just been wiped to avoid generating any evidence.
Re:but without being dishonest. (Score:3, Interesting)
Thats clearly a big NO for myself.
IE if I true crypt a partition, I know it will be (within all reason) safe from "offline attack" like a imaged drive. So if the agent doesn't ask, and just snoops or copies this is not helpful to them. If the agent simply asks, do you have any encrypted data, and show me all of it. Assuming your not willing to commit a felony (granted a nearly impossible felony to prove), the you have limited options not really helped by true-crypt, over just a encrypted file. IE you can either say No, in a nice way like, "I have to talk to my company lawyer for permission" or give it up.
swapping laptops helps the second person the most, cause their not telling a lie when they state either, "not that I know of" or "it's my company's equipment not mine, I cannot access anything more than..." Since the guy with the password is "in the clear" since challenges to him have to fall under the full US constitution. If the guy with the password is standing behind you, well...
Re:Problem? (Score:2, Interesting)
Please explain to me how searching hard drives is "securing the border" when we live in the age of the internet. I don't mind a customs agent making sure that my laptop is, in fact, a laptop, but asking a marginally-trained TSA employee to examine all the data on a computer within the few minutes is like asking someone from your lawn service to do a five-minute inspection of a 2" square patch of vinyl siding to determine whether you have a mold problem in your basement.
In both cases you're asking the wrong guy to look at the wrong things, giving him no time or tools to do his "search", and then wondering why it didn't do anything to actually improve the situation.
I suspsect FUD (Score:2, Interesting)
Do you have ANY idea how much data storage would be required just to capture that? Not to mention the amount of time sifting through all that crap? And for what? It's too easy to cleverly disguise it or encrypt your data. I just don't buy it.
I think it's more likely that if you are suspected of smuggling something, THEN they might start looking at your junk on your computer, and only keep the data if they really suspect something. But otherwise, I don't believe they have the resources to store and analyze too much or too deeply on a cursory search level.
Re:Not enitrely true... (Score:5, Interesting)
IANAL.
Because technically it doesn't. You said it yourself:
I changed the emphasis, but as you can see the 4th amendment only protects you from unreasonable searches. Most people believe that searching a person's belongings before granting entry into a country is a reasonable search.
Re:Dual Boot (Score:5, Interesting)
I find the contrast sad... when I recently flew into Amsterdam, I grabbed my bag, the guy stamped my passport, and I walked through a door out into the real world. No questions, no forms, no inspections, no going through my bags. And this while I'm coming from the "land of the free" to one of those wacky socialist European countries.
Re:TrueCrypt (Score:5, Interesting)
the last time this happened to me... (Score:3, Interesting)
My battery was actually located in a separate carry-on; a backpack or a suitcase or some such.
I guess if they were really interested in the laptop they could've plugged it in to a wall outlet and gotten into it that way.. but they never asked to do that.
Re:Dual Boot (Score:5, Interesting)
Re:TrueCrypt (Score:5, Interesting)
I think TrueCrypt needs to have an offset for its containers, so that it expects the data to begin at that offset, and ignore whatever is before that..
For the fifty thousandth time (Score:3, Interesting)
Hidden volume
Only on Windows. On MacOS X and Linux, this is not available, for unstated reasons.
Re:Dual Boot (Score:5, Interesting)
I'll be the guy raising a fuss and throwing a fit. It'll happen at the border, then in court. And if someone wants to slap one of those "letters of security" on me, they may as well send me right to jail... 'cause that letter won't keep me quiet regarding any injustice placed upon me.
If standing up for my rights "ruins" my life, then that "life" wasn't worth jack to begin with.
I suppose it helps that I'm religious, too... those religious fanatics got that right, at least. When you're looking forward to a long eternity, the time spent here isn't worth getting your rights trampled over.
That being said, I don't imagine it'll be too long before the black suit guys show up for me
Re:Dual Boot (Score:4, Interesting)
You joke, but I've actually contemplated keeping a spare hard drive and sticking it in coming into the U.S. just for the entertainment value of watching the border security folks see a completely blank hard drive and watching how they react. Maybe get it on camera. That and the last thing I want is for border security to be poking through the confidential materials on my hard drive. My employer is pretty anal about not letting anyone get access to that stuff. Of course, it is encrypted, but again... "Please enter your password" comes to mind, and then I'm out of a job.
Re:This is why you make sure... (Score:3, Interesting)
Actually, that raises an interesting question. I suspect horse porn is not a violation of any federal laws, but probably a violation of some state laws. Does U.S. customs have a legitimate interest in that? Maybe anti-liberty states (e.g. Texas) need to put up their own state-customs on their highways and airports. Your international flight lands in Dallas, and a man says, "Congratulations, you have passed U.S. customs. Now stand in line for Texas' thoughtcrime filter."
Re:Dual Boot (Score:1, Interesting)
He is not in legal limbo at all.
All Canadian citizens have the right to enter, remain & leave Canada. This right is recognized in the Canadian Charter of Rights and Freedoms and cannot be abrogated by the government.
A known terrorist who happened to be a Canadian citizen recently sued the government of Canada (and won) when the government tried to restrict his ability to enter & leave Canada.
However, you do not have a right to ride a plane. There are nasty people in the world, and some of them are a danger to aviation.
This man in Sudan just needs to find another way to return to Canada. His options are to go by sea or by land.
Re:Dual Boot (Score:3, Interesting)
That's the beauty of it... and the pitfall... (Score:3, Interesting)
However, it's also one of the pitfalls. They're not 100% stupid and I wouldn't put it past them to say "okay, then you won't mind if I zero out all the stuff that you claim doesn't have any data". That wouldn't take particularly long, so what is your defense going to be?
However, I don't know if they can actually write data to your machine; I think the current provisions are read-only? whatever.
Re:Dual Boot (Score:4, Interesting)
While all of that is true, nowadays being put on the "naughty list", or having a name like someone on the naughty list, or being brown-skinned is enough to effectively punish you as much as if you'd been convicted.
Good, then you'll have standing to challenge the unconstitutional punishment without trial in court.
Pussies (Score:3, Interesting)
The old Ben Franklin statement about those who would trade liberty for security comes to mind. It's a shame when people say, "It's all about the benjamins," that it's not THAT sentiment they're talking about. Stand up for your rights NOW - no matter how "inconvenient" it may be - or soon you won't have any to worry about. Sheeple, indeed. Pussies is more like it.
Re:Dual Boot (Score:2, Interesting)
If only that were the case! I know somebody who is constantly under suspicion every time he travels for who _someone else_ is. He happens to have the same initials (not even same full name), and the government happens to have crappy systems, and border crossings tend not to use logic or reason or really any form of independent thought. So he ends up on no-fly lists, watch lists, and the like through no fault of his own. The best part is he travels regularly as part of his job and after two years of trying to address the issue it still happens.
So, I guess what I'm saying is everyone is under suspicion and we're all fucked.
Re:This probably won't work, but: (Score:2, Interesting)
Mind you, I didn't even have to do that last time I flew into Newark. Looking brown and having a Pakistani name is enough to hold you for 6 hours.
Re:Dual Boot (Score:3, Interesting)
How about steganography MPG cheap hack? (Score:2, Interesting)
Video files are expected to be large and thus won't arouse too much suspicion if you hide your data in them.
Just append bigg-ish data in binary format to highly compressed mpeg files.
That'll keep allow 'em to play in media players, thus avoiding suspicion.
Just remember at what index/byte point you appened it so you can snip out the "header" mpeg file.
Re:Dual Boot (Score:2, Interesting)
Re:Suspiciously unsuspicious (Score:1, Interesting)
I'm asking because I'd like to know what the security guys are thinking -- most of the time they are pretty much overreacting.
Re:Not enitrely true... (Score:3, Interesting)
Re:Dual Boot (Score:2, Interesting)
I find the contrast sad... when I recently flew into Amsterdam, I grabbed my bag, the guy stamped my passport, and I walked through a door out into the real world. No questions, no forms, no inspections, no going through my bags. And this while I'm coming from the "land of the free" to one of those wacky socialist European countries.
If not mistaken, your country treats foreigners legally different from citizens, and cherishes concentration camps like at Cuba's coast in Guantanamo.
In opposition, the Netherlands appears to be a free, democratic, and liberal country. A core member of the EU, part of the Schengen States building EU's joint border.
Much appreciate that you have found EU immigration convenient, sad to see that "the land of the free" tends to become "the major bully" country on this planet. Taking all possible means to erode privacy, even stealing your data from your electronic devices, or widely wiretaping its major telecoms data into secret government databases.
By the way, I was once a huge admirer of the prior 9/11 free kind of US society. Now I can only say
Cheers,
Mike
Re:Dual Boot (Score:2, Interesting)
A better option, as TFA mentioned, is making sure your congressdroids are aware of your displeasure with the erosion of you rights and that you are willing to make protection of your freedoms the primary issue on which you base your vote. Then commence shouting from the rooftops. If data or hardware are confiscated, call the ACLU, write letters to the editor. Post on well-populated political blogs.
But don't think that you're effectively advancing the cause by letting the TSAers detain you (or, far worse, challenging them to do so). That just wastes time that you aren't going to get back.
Privacy and freedom of movement are worth fighting for, and anything important enough to be worth fighting for important enough to be worth fighting effectively.
Re:Dual Boot (Score:3, Interesting)
Network and fresh install. (Score:0, Interesting)
One of the nicest things about free software is that it only takes about 15 minutes to wipe and reload everything with a fresh install. Then you can get the date you need and care about by sftp when you are past customs and wipe it out before you go home.