Whitehat Hacker Moxie Marlinspike's Laptop, Cellphones Seized 484
Orome1 writes "The well-known whitehat hacker and security researcher who goes by the handle Moxie Marlinspike has recently experienced firsthand the electronic device search that travelers are sometimes submitted to by border agents when entering the country. He was returning from the Dominican Republic by plane, and when he landed at JFK airport, he was greeted by two US Customs officials and taken to a detention room where they kept him for almost five hours, took his laptop and two cell phones and asked for the passwords needed to access the encrypted material on them."
Re:First Post (Score:2, Interesting)
uhh, customs and TSA have nothing in common. Customs is a legitimate part of the federal government. TSA is neither legitimate nor competent.
Time for him to invoke the china visit policy... (Score:3, Interesting)
I worked through this policy myself as an intellectual exercise [blogspot.com] (A protocol for China. Or Defcon. Take your pick).
Basically, take a laptop with an easy to swap hard drive. Swap in a new drive, with a clean image, and no access credentials except to a temporary dropbox account for emergency mail and/or working set.
Now if you are intercepted, there is no data TO capture, and you can remove all but hardware/bios trojans by a wipe and reinstall.
As a bonus, you can just take out the drive, hand it to customs, and let them have fun with it.
Re:4th (Score:3, Interesting)
Re:Hidden volumes? (Score:2, Interesting)
If it's on the hard drive, and it's not encrypted, one should not expect it to be secret unless you can limit who touches that data. There's tools like those put out Access Data, and some other ones I can't remember cuz I haven't used them in class.. but they make the process of carving data out of a hard drive pretty darn easy.
FTK (or is it PRTK? I ain't no expert, dawgs) even goes through the hard drive, looks at phrases and words on the disk in some fashion, and creates a dictionary you can use to try to start cracking at any encryption there is :D Lots of money to be made if you want to be a Forensic Investigator, though I'm looking more towards playing with servers in the future..
Re:The constitution is pretty vague. (Score:5, Interesting)
Travel Tip (Score:5, Interesting)
I travel to the US a lot for business. What I do is Fedex my "real" hdd to the hotel I'm planning on staying at, usually 1 day before travel to the US is enough for it to be there waiting for me when I arrive at check-in (obviously its an encrypted disk).
I travel with my laptop, with a small capacity hdd that has a clean install, some common oss apps installed, some bogus documents downloaded from scribed, some fake e-mail accounts with credentials saved in firefox and some typical surfing history. The aim is to make them feel like they've found the stuff they're looking for and that there isn't anything worth pursuing - rather than trying to be a smart-ass that makes them even more intent on performing those unwanted rectal examinations. I've had my laptop taken twice in the last 3 years, and on both occasions after providing access details, I was given the laptop back within 5-10mins, other people i know that tried to screw over the TSA/customs by not providing all the access details they wanted, ended up never seeing their machines again.
Though now with the new scanners at play in the airports, I'm trying to reduce my travel to the US to a minimum. If I have to travel, I charge a premium for the various inconveniences endured, most clients are sympathetic and pay without much fuss.
Re:4th (Score:5, Interesting)
The courts, in point of fact, allow warrentless searches anywhere within 100 miles of the border, regardless of if you are, were, or ever planned to traverse the border. 190 million US citizens live within this region. Also, it is worth noting that the "4th amendment border exclusion" principle appears nowhere in the constitution. It's invented, unauthorized law. If they wanted it, the legitimate path to it was through article V. Consequently, it represents (yet another) usurped power.
Re:4th (Score:3, Interesting)
A *LITTLE* bit inside the border? Think again.
I believe that it's anywhere within 200 miles of either the border or of an airport at which international flights land. (Or, of course, a port at which international shipping docks.)
That covers most of the population.
Re:First Post (Score:5, Interesting)
Re:The constitution is pretty vague. (Score:3, Interesting)
I believe it's a fundamental human right...
Question is if the US respects these ? or if they're just going to waterboard you...
Re:4th (Score:5, Interesting)
The problem is not that computers are somehow different to papers.. if you were carrying papers across the border they'd be searched too. The problem is that, for some stupid reason, there's an exception to the 4th amendment around borders.. and that got extended into airports as being "effectively borders".. even when you're not flying international..
And what did people expect to happen? You exempt the government from honoring the 4th amendment in some "special" places that most people regularly visit.. you didn't expect them to apply common sense and decency did you?
Ends justifying means? (Score:5, Interesting)
So...
Whatever happened to him in the mean time is OK so long as it reaches a satisfactory conclusion?
Most^H^H^H^H Some Slashdotters are smart enough to understand that the ends never justify the means, that this person was picked on, detained for 5 hours and subjected to an invasive search was _not_ all well and good because he got his laptop back.
In the end, I'd put good money on this person being picked up because he was coming in from the Dom Rep rather then because he was Moxie Marlinspike. The TSA likes to pick on single males coming in from potential sex tourism destinations, perhaps because it's the low hanging fruit. Bust a few guys coming back from the Philippines with some home made porn (a pic of a naked Pinay is not hard to get) and make it look like you're doing a great job, after all who would defend these dirty sex pests (they are probably all pedo's anyway). Incompetence rather then malice, but the end result is the same.
We already know the solution to this. (Score:3, Interesting)
When traveling out-of-country, do not:
Bring your best laptop with you. Bring a cheapie that you don't mind losing. This way you don't have any real qualms about abandoning it when these ass-wipes pull this.
Keep anything important on the machine, encrypted or otherwise. Have an internet dead-drop you can push things to before crossing borders.
Leave anything important on the machine. Use a decent file shredder to eliminate it.
Re:4th (Score:4, Interesting)
If the government had to build giant platforms 10 miles out to sea and require all people entering to stop there before coming into the country so their stuff could be inspected, they would. The courts give them some leeway as a nod to the fact that would be ridiculous for people trying to come in.
There is no rational justification for extending that "platform" to one hundred miles inland from the actual border.
As to "leeway", how about the recent case of a citizen of New Zealand who was flying direct to Canada. A mechanical emergency on the plane required it to land in Hawaii. All occupants were herded out into an open area in full sun, where they were required to stand for up to two hours while being interrogated, The citizen in question was, with all others, required to fill out a questionnaire including "Why do you want to enter the United States?", to which he responded, "I don't".
When he finally was allowed to have the questionnaire read, the TSA bitch gave him a hard time about his answer. He said, "I had no intention of entering the US -- the plane made a forced landing for reasons outside my control."
The bitch finally let him go.
Can anyone answer any of the following questions:
Why is not the "smartest nation on earth" not able to anticipate that a plane might have to make an emergency landing in the US?
Why were these people not simply sequestered outside of customs and allowed to reboard whatever plane was supplied for the rest of the trip?
Why were they treated worse than animals, with no shade or water? Even animals are protected by laws regarding reasonable maintenance. I know this because I have a relative who sends racing pigeons in crates to Hawaii, where they are released to race back to the mainland.
Why are passengers required to fill out all the bullshit when there is no intention to land in the US, just to perhaps fly OVER the tip of Maine.
What are the odds of a passenger on such a flight busting out of the plane and parachuting onto our glorious countryside?
Hilarious -- the captcha is "atrocity".
Re:4th (Score:2, Interesting)
I agree that the security theater is stupid. However, if you for the sake of the argument assume that a pat-down is neccessary, you'd have to do a thorough pat-down. If you ignore parts of the body, it's pretty simple to carry weapons there.
In a training situation (army) I once was asked to pat-down my instructor. 2 seconds after I was finished, I had a knife pointed at my throat. After that, the instructor pulled out 5 different weapons I've had missed. If you do a pat-down, do it properly, or skip the procedure entirely.
Re:First Post (Score:4, Interesting)
When they figure out the truth, they could pretend to take you way more seriously than you ever want. And you would have given them the paperwork to cover their asses for it.
Perhaps you can do what you propose, then the rest of us can discuss the resulting story on Slashdot.
Re:First Post (Score:1, Interesting)
I have a 4GB SSD that I replaced from my Netbook. It would be cool to take the platters from a 3.5 in. HDD, put that inside and use the extra space to smuggle small objects across the border. When they hook it up to examine it, it would function. Maybe put the portable apps collection on it to make it seem convincing to carry around.
Re:First Post (Score:3, Interesting)
Call me paranoid, but either U.S. Customs/DHS is totally stupid, or smuggling data into the country physically is the only way to get it in without being noticed nowadays. Has anyone looked into the possibility that Echelon and it's progeny might be active after all? Maybe the NSA can, to a high degree of confidence, wade though all online data traveling across the U.S. backbones. If they can't, and it's really that easy to get data into the U.S. via the 'Net, then the searches of the laptops are either A) only a good way to catch the two people too dumb not to keep their drug kingpin boss's accounts in quickbooks, or B) so incredibly daft that it's mind-blowing. Or, to take it to the next level of crazy paranoia, they want us to think that we have to send data over the interwebs to get it "past customs" so they can slurp it all up into their giant multi-petaflop interweb analyzer.
I'd love to see statistics on how many prosecutions have resulted from border-laptop-searches. Unfortunately, I think the dumb answer is probably correct.
DON"T GIVE THEM ANY IDEAS!!! (Score:2, Interesting)
Sending all your Data onto one of those $10 per month multi-gigabyte file hosting companies sounds like US Customs just itching to install a middle-man to Regulate you.
I briefly remember how US Customs didn't like seeing that I sent broken computer hardware back and forth to Ireland as declared to be usually $10 and sometimes $0, to be repaired and then re-imported at a restored value; eventually US Customs looked at my broken dismembered assemblies for part numbers and started cataloguing them at full retail value and taxed me as retail and then when a finished product was imported they would tax me again. It's completely absurd, no different than someone exporting their raw steel and being taxed as though they were exporting a finished Lambourghini and then importing the same to be taxed again.
US Customs, and all the related alphabet Gangs of the federal Government, are nothing more than a revenue-generating bunch of scam artists that would sell-out their own hosting countries they are parasitically attaching theirselves onto by Federation. That's why most of them are secretly privateers trying to move monopoly powers to companies they have Shares or Interest in, and then everyone working under them are always the Felons that do whatever necessary without hesitation to bring the plans in motion. Just one corporation I know of is a perfect example of complete power-grab having nothing to do with helping the people but making them more dependent and feeble-minded: Bureau of Alchol, Tobacco, Firearms, Explosives...what next to add for B.A.T.F.E.ces?
Re:First Post (Score:4, Interesting)
Re:The constitution is pretty vague. (Score:3, Interesting)
"They could see it wasn't a bomb from the xray and by me powering it up, "
Think it's annoying now, wait until some enterprising Jihadist figures out that the only barrier to making explosives that look like battery cells under x-ray inspection is bit of trial and error and some machine shop time to fab the tooling for fake cells. You don't need all the cells to power up a notebook for testing.
Re:First Post (Score:3, Interesting)
I would suggest entering (or exiting the US), have nothing on your HD/SSD but an OS with a few games/media player and a phone that empty and can be used once for a short time. In that case, why carry a computer and phone at all?
To complete the ritual. No one hides daggers in sleeves any more, but we still shake hands as a greeting.
Re:4th (Score:3, Interesting)
That is a far more serious and permanent deprivation of liberty than the temporary loss of physical access to your laptop.
Uh, no. You can't just take someones property away. Not even temporarily. Again, the fourth amendment. They can't just make this stuff up (well, they can and they do, but it's not constitutional).
One might reasonably be deprived of one's laptop for a few minutes or even hours in service of some important public purpose
Important in this sense must mean whatever the government decides is important, because I certainly don't think this is important. I actually would like to follow the fourth amendment.
This is not reasonable at all.
It *is* in the era of electronic data.
Unless you were going around telling everyone about the data on your laptop, there is no reason they should be able to take it away to 'search' it, and the fourth amendment agrees.
Re:First Post (Score:3, Interesting)
What makes you think that something presented at Blackhat isn't after 90 days notice to the developer? That's often the case - the threat of revelation after some fixed time provides some minor incentive to care about the vulnerability.
But even if not, it merely starts a race between the app developer and the exploit developer. In the case of some popular open-source app, the app developers would win the race (because they care, and know the code better). Not the best approach, but far nicer than selling the vulnerability to organized crime and staying quiet about it!
Re:4th (Score:5, Interesting)
I have to say that after my last trip (on business) to the USA, I would never consider it a suitable tourist destination for myself or my family.
From the moment I debarked the plane at LAX I very much felt that I (and everyone else) was being treated like a criminal.
How dare we (foreigners) enter the glorious US of A -- the most wonderful nation in all the world?
The gentleman who walked the very long queue of people waiting to clear immigration repeatedly threatened (not warned -- *threatened*) all those present with severe penalties if we didn't correctly fill out the forms he was handing out.
The official who inspected my passport didn't welcome me to the USA and invite me to enjoy my stay -- the treated me (and everyone else) with massive suspicion and contempt -- making it very clear that *they* had all the power and that I was a someone who ought to be eternally grateful for being allowed to enter the country.
Is that really the way to treat visitors?
And as for the latest usurping of citizens rights in respect to searches -- well I feel very sorry for the USA.
It is (although perhaps somewhat less-so these days) truly a great nation, built on principles of integrity and freedom. Unfortunately (as they say) "Power Corrupts" and it would appear that those in power have seized the opportunity to use terrorism as justification for unreasonably extending the degree of power they now exert over the people who elected them to *serve*.
Every day that the sacred provisions and protections of The Constitution are ignored by the US Government is another day on which the Islamic fundamentalists can claim another victory.
Instead of fighting on their feet, the citizens of the USA are now living on their knees -- having compromised the very principles (The Constitution) that made their nation so great.
Of course it *is* a democracy so perhaps those of you who are US citizens might want to think about exercising those democratic rights (before they too are taken from you in the name of "the war against terror" and installing a government who appreciates that the principles of The Constitution are still worth fighting for and that no bunch of Islamic fundamentalists should be allowed to usurp them by way of a campaign of terror.
Perhaps it's time for a referendum to allow the US people to decide whether the constitution should be abolished because right now, it appears that such an abolition is happening by stealth -- and by the time the people wake up to that fact, it may well be too late. The very rights this document bestows on citizens will be lost and thus even the power to protect those rights will have gone forever.
Just my 0010 cent's worth.
Re:Travel Tip (Score:1, Interesting)
That's true, they do have the right to check packages, however the location I come from, plus the fact that the package is secure checked and insured prior to packaging at the source FedEx location and that it is listed as important business documents means it gets through without much of a look.
In short the probability for a search of my package compared to packages coming from other destinations is far less likely, its a numbers game...
I'm essentially gaming the racist/redneck/hillbilly profiling techniques screeners at US customs use. To date I've been very successful, furthermore I don't see it changing anytime soon.
Did you SAVE that hard drive? (Score:3, Interesting)
I brought a just an internal sata hard drive to Canada from the US, while in Canada I wiped it clean. On the way back into the US they stopped me for a few hours.. When I got home there were large files all over the drive..
Sounds like one of three things:
1) They installed some spyware on it.
2) Their machine was virus-infested and infested your drive.
3) Your "wipe" was a remove rather than a reformat-with-surface-analysis and they ran an undelete utility. (Were those files your previous content?)
I hope you held on to that drive - and kept it separate from any machine you're continuing to trust. If it's door number 1) you've got a pristine sample of their latest spyware tools without extraneous files for distraction. B-)
Re:Not really (Score:3, Interesting)
Domestic only and foreign only agencies routinely track people for the other agencies.
Sorry but I just can't support this massive ego complex so many geeks have of thinking they are so important that the government will go to extremely difficult, nefarious, lengths just to try and monitor them, all while doing it in an extremely incompetent fashion. No, they won't. You are not that important, nor that sneaky. If there's a real problem they'll get a warrant to monitor and/or search for the evidence needed.
I don't buy it either. It's likely simple procedural incompetence and inter-departmental miscommunication. He's known for actively and successfully engineering systems to crack computer security. That makes him important enough to be put onto a watch list. Or maybe he just dropped his business card into the bucket at the NSA booth at a security conference. Somehow his name got added to the TSA's watch list (probably by some eager beaver at homeland security thinking "let's get the watchlists of all government agencies together into one big list, and we can find out when these people cross the border). Customs gets flagged that this guy is on a watch list, so he gets the treatment. They don't know WHY he's on the watch list. It just says computer security. So they confiscate his laptop and cell phones.
Re:4th (Score:2, Interesting)
Some Americans tried to do this at the recent midterm elections. The Tea Party was originally a loose non-partisan coalition of citizens who were fed up of the obvious corruption on all sides of the political spectrum.
Unfortunately, it was quickly co-opted by partisan extremists such as Sarah Palin and Glenn Beck, and twisted into a more or less controllable branch of the Republican party that they exploited to further their own political goals.
Perhaps next time citizens should reject the bipartisan system more explicitly. Instead of weak slogans like "Taxed Enough Already" and "Don't Tread On Me", might I respectfully propose "A Plague On Both Your Houses"? Kind of harder to subvert.
Re:First Post (Score:4, Interesting)
It is _trivial_ to transmit data undetected into the US (nice to meet you, internet. how long have you been there?); what justification is there for searching laptops in the first place?
But you have to transmit the data to something. One of the things they look for when searching a laptop are clues as to which server systems you've been logging into. If they see by your browser history, for example, that you regularly visit hotmail.com, you'll probably be asked to log into your e-mail account so they can look for things there. If they don't find too many documents on your computer, they'll ask where you store them and have you log in there, as well. So, while the laptop might not contain the illegal data, it might contain clues as to where the Customs officers may find them.