Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Securing Your Notebook Against US Customs

Posted by timothy on Thu May 15, 2008 12:21 PM
from the best-interests-at-heart dept.
Privacy Data Storage Portables Security United States Hardware
Nethemas the Great points out a piece from Bruce Schneier running in the UK's Guardian newspaper with some tips for international travelers on securing notebook computers for border crossings. A taste of the brief article: "Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. ... Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won't work here. The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."
+ -
story

Related Stories

[+] IT: Inside The Twisted Mind of Bruce Schneier 208 comments
I Don't Believe in Imaginary Property writes "Bruce Schneier has an essay on the mind of security professionals like himself, and why it's something that can't easily be taught. Many people simply don't see security threats or the potential ways in which things can be abused because they don't intend to abuse them. But security pros, even those who don't abuse what they find, have a different way of looking at things. They always try to figure out all the angles or how someone could beat the system. In one of his examples, Bruce talks about how, after buying one of Uncle Milton's Ant Farms, he was enamored with the idea that they would mail a tube of live ants to anyone you asked them to. Schneier's article was inspired by a University of Washington course in which the professor is attempting to teach the 'security mindset.' Students taking the course have been encouraged to post security reviews on a class blog."
Firehose:Securing your notebook against US Customs by Nethemas the Great (909900)
[+] Hardware: US District Ct. Says Defendant Must Provide Decrypted Data 767 comments
An anonymous reader writes "If you're planning on traveling internationally with a laptop, consider the following: District Court Overturns Magistrate Judge in Fifth Amendment Encryption Case. Laptop searches at the border have been discussed many times previously. This is the case where a man entered the country allegedly carrying pornographic material in an encrypted file on his laptop. He initially cooperated with border agents during the search of the laptop then later decided not to cooperate citing the Fifth Amendment. Last year a magistrate judge ruled that compelling the man to enter his password would violate his Fifth Amendment right against self-incrimination. Now in a narrow ruling, US District Judge William K. Sessions III said the man had waived his right against self-incrimination when he initially cooperated with border agents." sohp notes that "the order is not that he produce the key — just that he provide an unencrypted copy."
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Securing Your Notebook Against US Customs 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • This is why you make sure... (Score:5, Funny)

    by The Ultimate Fartkno (756456) on Thursday May 15 2008, @12:24PM (#23419302)
    ...that your desktop is the Goatse guy and you have 14 videos of horse porn set to auto-play the moment your laptop gets opened. If you're going to snoop through my stuff in public, then the whole terminal is gonna get their money's worth, you fascist bully-boys.

  • Mess with them (Score:5, Funny)

    by loafula (1080631) on Thursday May 15 2008, @12:27PM (#23419348) Journal
    Make a folder called "Terror Plans" and fill it with images of cute, cuddly kittens.

  • Yup (Score:5, Insightful)

    by alexborges (313924) on Thursday May 15 2008, @12:28PM (#23419370)
    I got it in my biweekly dose of Cryptogram and found it disheartening. The GOD of security says: all you can do is make sure they wont find anything that will mess you up.

    The sad thing is that citizens think this idiotic idea of checking laptops at airports serve any kind of law enforcement objective other than generalized panic and further diminishment of democratic values such as the right to privacy.

    This is your government fucking people up (and "people" can be foreigners or locals entering the country), attempting to find in informations traces of delincuent activity that, if youre a two bit moron you know you can save it anyhow, in a mostly anonymous fashion on google's, yahoo's or microsoft's servers for free, and any number of services that are available today.

    True criminals simply have huge botnets and hidden servers behind the huge pr0n/spam nets and they DO NOT carry incriminating evidence with them and EVEN IF THEY DID, how in hell is a custom's agent going to find them?

    I mean, i have a better solution than that of bruce: change your initab so initdefault is 3, make sure that that level does NOT turn on the wifi card or any networking at all, change your shell to ASH (hopefully temporarilly) and let them have the root password, who cares.... good luck, mister customs agent.

  • A naive suggestion (Score:5, Insightful)

    by rumith (983060) on Thursday May 15 2008, @12:29PM (#23419378)
    1. Upload all of your data on a web host with SFTP support and lots of bandwidth.
    2. Purge your hard drive.
    3. Be politeness incarnate to the customs officer and get through fast.
    4. Once inside, use any available network at your disposal to download all of your data back.

    The downsides? You probably won't be able to work in the airplane, but is it worth it now that the Customs are being so much trouble?

  • My laptop (Score:5, Funny)

    by Z00L00K (682162) on Thursday May 15 2008, @12:29PM (#23419380) Homepage
    Is set to boot MS-DOS by default.

    It's actually because I need to load a device management driver that overrides the BIOS data for the hard disk, but it may actually be worth it for them to try to fiddle around at the MS-DOS prompt...

  • Yes it will work. (Score:5, Informative)

    by Bobb Sledd (307434) on Thursday May 15 2008, @12:31PM (#23419416) Homepage
    That is what TrueCrypt is for (but don't encrypt the entire drive). Just encrypt what needs encryptin'. Set up an encrypted volume with a shadow volume inside a regular file. Call it something that looks like a system file like MSDOS.SYS or DBLSPACE.BIN or something. (That would explain the unusually large size of the file.)

    So first, they would have to know you even have something encrypted (which is just a guess if they see TrueCrypt installed). Then they'd have to know what/which files was/were encrypted (which can't be determined by examining the file). Then they'd have to ask you to mount the volume and provide the password (at which time you then provide the shadow volume password, which only contains innocuous files).

    I can't be the only dummy to figure that out.

  • Refuse you entry to the contry (Score:5, Interesting)

    by imuffin (196159) on Thursday May 15 2008, @12:31PM (#23419428) Homepage
    Can customs officials refuse entry to an American Citizen? Can they banish me for refusing to divulge my password?

    • Re:Refuse you entry to the contry (Score:5, Informative)

      by Anonymous Coward on Thursday May 15 2008, @12:41PM (#23419578)

      Can customs officials refuse entry to an American Citizen? Can they banish me for refusing to divulge my password?
      They cannot. They can only detain you "for a reasonable period of time" while they investigate what you may be carrying, but they have to justify the length of detention by some reasonable suspicion. i.e. we suspect he swallowed drugs and so can take 3 days to see what comes out the other end. But they need to back that up with why they suspect that.

      Or another example is detain you and/or the computer until they can image the drive.
      And they can confiscate contraband (your definition may vary).
      Ultimately, you have the right to enter the country.
  • You can bet that before I type my password for a customs agent, I'm going to talk to my company's legal department. And I'll wait in the customs office as long as it takes. Or simply forfeit the laptop and put it in the trash.

    The IP on my laptop is easily worth 10x more than the value of the laptop itself.

  • US Customs has always been like this (Score:5, Informative)

    by querist (97166) on Thursday May 15 2008, @12:39PM (#23419540) Homepage
    Having returned from my second trip to China, I still find it amazing that it is easier for me, as a foreigner, to enter China than it is for me, as a US citizen (born a US citizen to parents who were US citizens, etc.) to enter the US after a trip abroad.

    I just pretty much walked right through in China - I handed them the entry form (one half of the two part form - the other half you give them when you leave) and they waved me through. Customs in China did not even ask to see my laptop, never mind read files or anything like that.

    On returning to the US at Detroit International, I was given the 3rd degree by US Customs agents, and I'm a US Citizen. "How long were you in China?" (as if he couldn't tell by the side-by side entry/departure stamps in my passport) "What were you doing there?" (visiting friends) "What do these friends do for a living?" (A couple of college professors and a financial analyst)

    This happened on both of my trips.

    And I noticed that they were doing this to EVERYONE, not just me. (The plane had several hundred people on it.) I'd hate to see what they were doing to Chinese citizens entering the US.

    I hope they realize that they are going to scare businesses away from the US if they keep this up.

    I find it somewhat ironic that the captcha for this post is "undergo".

  • Simplest solution. Canada (Score:5, Insightful)

    by arthurpaliden (939626) on Thursday May 15 2008, @12:50PM (#23419728)
    Have all your US and overseas clients meet each other in Toronto, Vancouver or anywhere in Canada for that matter.

  • Truecrypt + Thumbdrive = Hidden OS (Score:5, Informative)

    by Gregoyle (122532) on Thursday May 15 2008, @12:53PM (#23419794)
    There are a couple of ways to hide your data; one is to have two Truecrypt volumes, one hidden and one standard. This is easy, but it still lets the customs agent know you are using Truecrypt. This may not be a problem in the US (right now) but what about other countries where simply knowing about a program like Truecrypt could look suspicious?

    This post [truecrypt.org] on the Truecrypt forums describes a way to install two OSes, one for show, and one hidden. Unless there is a Truecrypt rescue CD or bootable USB thumbdrive inserted the system will boot to a normal Windows desktop. This method would hold up to any casual sort of inspection, such as those customs agents carry out dozens of times per day. There are a couple of traces that would need to be removed in order to actually have "plausible deniability", but to me not having the questions asked in the first place is preferable to being able to deny one of the potential answers.

    It's sad that you might need to do things like this, but there are often technological solutions to social problems.

    • Re:Dual Boot (Score:5, Informative)

      by blueg3 (192743) on Thursday May 15 2008, @12:29PM (#23419374)
      If they choose to store the contents of your hard drive for later analysis, not at all. Nor will it protect you against minimally-clever forensics tools.

      It depends on what, in particular, you're concerned about. As far as I know, they don't currently routinely search laptops, so it'd be speculation to guess at what a routine search they don't do would miss.

      • Re:Dual Boot (Score:5, Insightful)

        by Altus (1034) on Thursday May 15 2008, @12:41PM (#23419570) Homepage
        if your under suspicion for who you are then you are pretty well fucked. But if your just worried about a random security search and wanting to keep certain data private you only need to get past that first step because they will not spend the money to dig deeper even if they do copy your hard drive.

        if you are a known individual (person of interest) and you expect to be stopped at the border, don't carry sensitive material with you. Hell, just mail a flash drive.

    • Re:Dual Boot (Score:5, Insightful)

      by ColdWetDog (752185) * on Thursday May 15 2008, @12:30PM (#23419408) Homepage
      Likely "pretty good". It all depends on how nosy the Customs Agents want to be. The vast majority of the time, they just stare at the laptop, maybe make you boot it (but that's TSA's responsibility, really) and let you wander off. The issue is that you don't know when the Agent 1) had a bad night 2) thinks you're a smartass / druggie / on The List or 3) anything else (no probable cause here).

      If they want to clone your hard drive and disassemble it later, your secondary boot OS is going to stick out. Not that it is unusual for anyone to have more than one OS on a hard drive, but it won't be hidden. Remember, they essentially have physical control of the computer. "They" win. Unfortunately, it comes down to 1) security by obscurity or 2) nothing to hide.

      Roll up your sleeves and bend over.

    • Depends upon how proficient they are. (Score:5, Informative)

      by khasim (1285) <brandioch.conner@gmail.com> on Thursday May 15 2008, @12:32PM (#23419436)
      They can also image your drive. As Bruce says, the easiest way to avoid this is to not have your data on your laptop. Put it on something else.

    • Re:Dual Boot (Score:5, Informative)

      by Anonymous Coward on Thursday May 15 2008, @12:38PM (#23419532)
      Works very well. I had to set this up due to being detained at the border for several hours because they didn't know linux. They keep the laptop, computer plus some external drives and let me go. Still working on getting them back, hence anonymously. Bought a new laptop after that, set up the dual-boot with short times to select something other then windows and no log-in required. Been inspected several times after that with no problems.

    • Set up a Windows partition and a Linux partition, set it to boot to Windows by default, keep all your data on the Linux partition. How well would that work, I wonder.
      Probably pretty well unless they're doing full-disk imaging, in which case the Linux partition is still in their hands when you walk away. Best thing to do is not to take a *computer* with you when you travel, but rather take a *terminal* with you (or find one), and use a secure connection to your computer, safely still at home, and then access your data, accounts, apps, etc. over that secure connection.

      • Re:Dual Boot (Score:5, Insightful)

        by electrictroy (912290) on Thursday May 15 2008, @12:49PM (#23419706)
        >>>"The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."

        Sounds like a small price to pay in order to protect my right to liberty. Just because the government demands access does not mean I have to comply.

        Other people have paid a far higher price for liberty ("the full measure of devotion" aka death).

    • Re:TrueCrypt (Score:5, Insightful)

      by Frosty Piss (770223) on Thursday May 15 2008, @12:47PM (#23419682)
      People here keep talking about encrypting your files. Fine, but the second the Customs Guy figures out you have encrypted content on your laptop, you can kiss it good bye. They *will* keep it. You may not see it again for several years.

      If you're going to carry stuff over the border you don't wan't The Man to look at, put it on a thumb drive and attach it to your keys.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.