Securing Your Notebook Against US Customs

Nethemas the Great points out a piece from Bruce Schneier running in the UK's Guardian newspaper with some tips for international travelers on securing notebook computers for border crossings. A taste of the brief article: "Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. ... Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won't work here. The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."

Dual Boot

[Rycross]

Set up a Windows partition and a Linux partition, set it to boot to Windows by default, keep all your data on the Linux partition. How well would that work, I wonder.

Re:Dual Boot

[blueg3]

If they choose to store the contents of your hard drive for later analysis, not at all. Nor will it protect you against minimally-clever forensics tools.

It depends on what, in particular, you're concerned about. As far as I know, they don't currently routinely search laptops, so it'd be speculation to guess at what a routine search they don't do would miss.

Re:Dual Boot

[Altus]

if your under suspicion for who you are then you are pretty well fucked. But if your just worried about a random security search and wanting to keep certain data private you only need to get past that first step because they will not spend the money to dig deeper even if they do copy your hard drive.

if you are a known individual (person of interest) and you expect to be stopped at the border, don't carry sensitive material with you. Hell, just mail a flash drive.

Re:Dual Boot

[Frymaster]

If they choose to store the contents of your hard drive for later analysis, not at all. Nor will it protect you against minimally-clever forensics tools.

of course there's always deniable encryption, ie rubberhose [iq.org].

Re:Dual Boot

[dgatwood]

You joke, but I've actually contemplated keeping a spare hard drive and sticking it in coming into the U.S. just for the entertainment value of watching the border security folks see a completely blank hard drive and watching how they react. Maybe get it on camera. That and the last thing I want is for border security to be poking through the confidential materials on my hard drive. My employer is pretty anal about not letting anyone get access to that stuff. Of course, it is encrypted, but again... "Please enter your password" comes to mind, and then I'm out of a job.

Re:

[Cajun Hell]

If they choose to store the contents of your hard drive for later analysis, not at all.

Well, it's a question of whether or not "later analysis" is something you wait in line for, or something that happens later when you're already through. As long as you get through relatively unmolested, and with your machine, it's not too bad if they later want to spend their time detecting that personal secrets might have been present, and then try to crack AES -- all on their own time while you're not waiting and mis

Re:Dual Boot

[ColdWetDog]

Likely "pretty good". It all depends on how nosy the Customs Agents want to be. The vast majority of the time, they just stare at the laptop, maybe make you boot it (but that's TSA's responsibility, really) and let you wander off. The issue is that you don't know when the Agent 1) had a bad night 2) thinks you're a smartass / druggie / on The List or 3) anything else (no probable cause here).

If they want to clone your hard drive and disassemble it later, your secondary boot OS is going to stick out. Not that it is unusual for anyone to have more than one OS on a hard drive, but it won't be hidden. Remember, they essentially have physical control of the computer. "They" win. Unfortunately, it comes down to 1) security by obscurity or 2) nothing to hide.

Roll up your sleeves and bend over.

Re:Dual Boot

[hazem]

The problem is, this isn't the security check to get on a plane, it's the customs people when you enter the country. When you fly into the US, and assuming you are flying on to another destination, you get off the plane, get your bags, and go through customs. These people have an incredible amount of power over you and you probably have little legal recourse, even if you're an American citizen.

I find the contrast sad... when I recently flew into Amsterdam, I grabbed my bag, the guy stamped my passport, and I walked through a door out into the real world. No questions, no forms, no inspections, no going through my bags. And this while I'm coming from the "land of the free" to one of those wacky socialist European countries.

Re:Dual Boot

[Kadin2048]

I find the contrast sad... when I recently flew into Amsterdam, I grabbed my bag, the guy stamped my passport, and I walked through a door out into the real world. No questions, no forms, no inspections, no going through my bags. And this while I'm coming from the "land of the free" to one of those wacky socialist European countries.

Well, to be fair, this is the exact same treatment I've had every time I've re-entered the U.S. (as a U.S. citizen). It's usually always via Boston Logan, and a few times when I arrived in the evening there weren't even any Customs officers working the Citizen's lane. You could have walked through there with a 2,000-pound bomb on a hand truck and I don't think anyone would have noticed. (Which was good, because I was pretty sure I was over my liquor quota...)

There usually is someone working Immigration (which is distinct from Customs -- Immigration is where you get your passport checked, Customs is the luggage business) but even that was just a bored, cursory lookover.

I'm not minimizing the seriousness of these inspections (I can't get my mind around how they're possibly constitutional, at least when applied to Citizens), but in practice I think you have to be doing something that attracts attention before you become a target. U.S. Customs is still largely a joke, at least if you make a modicum of effort to look like an upstanding citizen. Which is ironic, because I assume smugglers/terrorists would at least bother to do that.

Re:Dual Boot

[W1BMW]

Returning from numerous business trips to Mexico over the years, I've received extra scrutiny twice. Once because I had declared liquor on a prior trip and I was over my limit. I actually got to keep the booze and was told to 'watch it' next time. The next time, I came back with some medication for dysentery and looked pretty rough (my next stop was a hospital for a week long stay) The customs guy asked, "Where did you get this strange Mexican medicine?" I answered, "From a strange Mexican doctor. Where is the bathroom?" The guy laughed and sent me on my way before I shat on his floor.

Re:Dual Boot

[Fred_A]

As if the customs in Amsterdam were worried about you smuggling drugs or porn...

I infer it was your first visit...

Re:Dual Boot

[MBGMorden]

That and I know some decent degree of people encrypt their porn anyways (on their home computers - most people stupid enough to download porn at work aren't going to be smart enough to hide it). For the married guys, it keeps the wife from seeing it or the kids from stumbling across it if they're playing on the computer.

In my own case, I encrypt it (using Truecrypt - awesomest OSS program I've found in a long time) because while my family knows I keep porn on my computer, if I ever have a random car accident or something I don't want them to see exactly HOW MUCH I have on the system once they start looking through my files ;). Heck Truecrypt can even store an encrypted volume on an unformatted unpartitioned chunk of hard drive. There's little way they can prove that that's anything other than some space you haven't allocated yet.

Re:Dual Boot

[hoggoth]

> Truecrypt can even store an encrypted volume on an unformatted unpartitioned chunk of hard drive. There's little way they can prove that that's anything other than some space you haven't allocated yet.

sorta.
Unallocated space wouldn't be filled with high-entropy random bytes. That's a tip-off that it has encrypted data.
Of course, you certainly have deniable plausibility there.

Depends upon how proficient they are.

[khasim]

They can also image your drive. As Bruce says, the easiest way to avoid this is to not have your data on your laptop. Put it on something else.

Re:Dual Boot

[Anonymous Coward]

Works very well. I had to set this up due to being detained at the border for several hours because they didn't know linux. They keep the laptop, computer plus some external drives and let me go. Still working on getting them back, hence anonymously. Bought a new laptop after that, set up the dual-boot with short times to select something other then windows and no log-in required. Been inspected several times after that with no problems.

Re:Dual Boot

[Ollabelle]

I heard they shipped it back to you already, through Terminal 5 of Heathrow Airport.

Security through Obscurity requires Good Camo

[gobbo]

[theory, of course]
What is this, people? Waving flags screaming "I'm hiding something!"

If I actually had something to hide, say, key NDA-restricted docs, and I HAD to carry them on me, I wouldn't put up red flags like obvious encryption or a partition with some weird-ass hippiecommie suspicious linux install. If you want to fly below radar, you need stealth.

First: a vanilla install of windows or macOS. Standard business apps, standard documents folder with typical usage, such as correspondence, presentations, expenses, etc.

Second: family photos. Friends on vacation, etc. Make them more than typical: lots of them, and innocuous. If you're too straightlaced to keep personal stuff on your computer, that's suspicious too.

Third: on a different computer, encrypt your files with decent encryption, AES or something, using strong password. Make sure the file name isn't interesting. Doesn't matter, if a professional gets the files, they'll be cracked; the point is to keep them unobserved, so this part's kind of optional.

Fourth: mask them inside innocuous files like the photos. Transfer them to your laptop. Now you're camouflaged. Smile, respect, make eye contact, be naturally a tiny bit nervous but with nothing to hide.

The secret to security? don't get caught.

[/theory]

Not dual boot; the network IS the computer

[Junior J. Junior III]

Set up a Windows partition and a Linux partition, set it to boot to Windows by default, keep all your data on the Linux partition. How well would that work, I wonder.

Probably pretty well unless they're doing full-disk imaging, in which case the Linux partition is still in their hands when you walk away. Best thing to do is not to take a *computer* with you when you travel, but rather take a *terminal* with you (or find one), and use a secure connection to your computer, safely still at home, and then access your data, accounts, apps, etc. over that secure connection.

Re:

[quentin_quayle]

Set up a Windows partition and a Linux partition, set it to boot to Windows by default, keep all your data on the Linux partition. How well would that work, I wonder.

Better: set up dual boot, and hide lilo or grub. Have it wait for a moment between BIOS and default OS, and if you press a certain F key combination it shows the choice; otherwise it goes right into innocent, typical-seeming Windows installation.

You'd still be subject to either having to unencrypt your real data or having the notebook confi

Re:Dual Boot

[compro01]

Set grub timeout to 0 with default to windows. When you want to go into Linux, bypass the timeout by holding escape.

Single Boot

[rgmoore]

An even better approach would be to have just a Windows partition. Then do your real work under Linux by booting from a memory stick. If you want to get really paranoid, you could keep all of your sensitive data on a separate, encrypted memory stick, camera memory card ("hidden" in your camera), phone memory card ("hidden" in your phone), etc.

Of course, you should go ahead and do some unimportant work under Windows. Play games, surf the net (safe, unimportant web sites, only, of course), keep your golf scores, etc. That way, if somebody ever does search your laptop, it won't look like a system that's just been wiped to avoid generating any evidence.

Re:Dual Boot

[krog]

Of course not. The Department of Homeland Security doesn't hire any lower than a Master's degree.

Re:Dual Boot

[Anonymous Coward]

Yup. Set the GRUB timeout to 0; you can only boot Linux iff you hold escape.

Re:Dual Boot

[electrictroy]

>>>"The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."

Sounds like a small price to pay in order to protect my right to liberty. Just because the government demands access does not mean I have to comply.

Other people have paid a far higher price for liberty ("the full measure of devotion" aka death).

Re:Dual Boot

[Anonymous Coward]

trucrypt [truecrypt.org] has a dual password feature with a hidden encryption sector in the main sector. Give the border inquisitor the primary password that unlocks your grandmothers receipe collection - truecrypt claims it's impossible to determine if a second password to a hidden volume exists - the hidden volume is stored in seemingly random data.

or wear more tinfoil, i hear that protects against multiple vectors.

Re:

[xtracto]

Sounds like a small price to pay in order to protect my right to liberty. Just because the government demands access does not mean I have to comply.

Except that you do not have such liberty while going through customs. And that is not a special thing of the USA customs. Almost every country usually has this rule where some of your basic privacy rights get removed while you are entering a country.

Remember, it was *your* choice to enter such country (either by booking a flight directly or a flight with a stop

Re:Dual Boot

[belmolis]

Being detained by customs does not give you a criminal record. If you're a non-citizen, it may indeed cause trouble in entering the country again. To get a criminal record, you must be tried and convicted of a crime.

Re:Dual Boot

[gstoddart]

Being detained by customs does not give you a criminal record. If you're a non-citizen, it may indeed cause trouble in entering the country again. To get a criminal record, you must be tried and convicted of a crime.

While all of that is true, nowadays being put on the "naughty list", or having a name like someone on the naughty list, or being brown-skinned is enough to effectively punish you as much as if you'd been convicted.

There has been a Canadian citizen in Sudan [www.ctv.ca] who has (had?) been trapped there because, while he had never been charged with anything, he had been suspected of doing something. He got trapped, and could come home due to being on the no-fly list. Basically, years in legal limbo.

I wouldn't assume getting detained by customs wouldn't necessarily cause you problems. When your name ends up on the unpublished, unfixable, or secret lists of people they don't want to fly ... it's as good as if you'd been convicted.

Do you really want to find out the limits of where your theoretical rights end and where your abridged, post 9-11 rights end?

Cheers

Re:Dual Boot

[bberens]

Do you really want to find out the limits of where your theoretical rights end and where your abridged, post 9-11 rights end?

Yes

Re:Dual Boot

[the_bard17]

Add me to the list. The Grandparent poster and the rest of the country can sit back and watch their rights drain away if they want to sit in the corner with their security blanket, but I won't.

I'll be the guy raising a fuss and throwing a fit. It'll happen at the border, then in court. And if someone wants to slap one of those "letters of security" on me, they may as well send me right to jail... 'cause that letter won't keep me quiet regarding any injustice placed upon me.

If standing up for my rights "ruins" my life, then that "life" wasn't worth jack to begin with.

I suppose it helps that I'm religious, too... those religious fanatics got that right, at least. When you're looking forward to a long eternity, the time spent here isn't worth getting your rights trampled over.

That being said, I don't imagine it'll be too long before the black suit guys show up for me ;o).

Re:Dual Boot

[gordyf]

Even as an atheist, my time here is important enough not to waste it with trampled rights.

But otherwise, yes, you're right.

Re:Dual Boot

[Hatta]

While all of that is true, nowadays being put on the "naughty list", or having a name like someone on the naughty list, or being brown-skinned is enough to effectively punish you as much as if you'd been convicted.

Good, then you'll have standing to challenge the unconstitutional punishment without trial in court.

Re:Dual Boot

[mrchaotica]

Ah, not an American. So I DON'T have the right to US due process.

Actually, you do:

U.S. Constitution, Amendment V:

No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a grand jury, except in cases arising in the land or naval forces, or in the militia, when in actual service in time of war or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.

Note that the bolded word is not "citizen!"

This is why you make sure...

[The Ultimate Fartkno]

...that your desktop is the Goatse guy and you have 14 videos of horse porn set to auto-play the moment your laptop gets opened. If you're going to snoop through my stuff in public, then the whole terminal is gonna get their money's worth, you fascist bully-boys.

Re:This is why you make sure...

[Z00L00K]

And in addition the sound must be played at maximum volume. Including the "TaDa [bedug.com]" in Windows or some other classic clip; "Computer Standing By... [bedug.com]"

But I think that "1 minute to auto-destruct [bedug.com]" can be a bit too bad.

Re:This is why you make sure...

[Meriahven]

Security by obscenity?

Re:This is why you make sure...

[CogDissident]

I'd suggest against the horse porn, it "is" technically illegal in the US.

I personally would use the tubgirl "taste the rainbow" picture as a desktop icon. You need to use both a disturbing visual, and a (semi-common) catchphrase that will trigger that visual to further torment them.

Re:This is why you make sure...

[Cairnarvon]

Whenever someone talks about standing up to whatever injustice in some way, someone always comes along to point out the people they're standing up to won't like that.
No shit, Sherlock. That's sort of the point.

If nobody ever stands up to this kind of bullshit, even in these kinds of small ways, it's only going to get worse and we're *all* going to spend a lot more time in tiny cold waiting rooms whenever we try to get anything done.

Re:This is why you make sure...

[jandrese]

Standing up for something only works if you can inconvenience the other guy somehow. Border agents aren't paid by how many people they pass through the border, they're more than happy to let you rot out in the waiting room for hours if you try to make their job difficult. They're not even under any obligation to let you in the country unless you're a citizen returning from a trip. If you give them too much hassle they can (and will) just turn you away.

TrueCrypt

[Anonymous Coward]

http://www.truecrypt.org/

        * Creates a virtual encrypted disk within a file and mounts it as a real disk.

        * Encrypts an entire partition or storage device such as USB flash drive or hard drive.

        * Encrypts a partition or drive where Windows is installed (pre-boot authentication).

        * Encryption is automatic, real-time (on-the-fly) and transparent.

        * Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:

            1) Hidden volume (steganography â" more information may be found here).

            2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).

        * Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.

Re:TrueCrypt

[Frosty Piss]

People here keep talking about encrypting your files. Fine, but the second the Customs Guy figures out you have encrypted content on your laptop, you can kiss it good bye. They *will* keep it. You may not see it again for several years.

If you're going to carry stuff over the border you don't wan't The Man to look at, put it on a thumb drive and attach it to your keys.

Re:TrueCrypt

[netsharc]

Or, write the real first few seconds (maybe 15) of the trailer to the beginning of the file, et voila, it plays in Windows Media Player!

I think TrueCrypt needs to have an offset for its containers, so that it expects the data to begin at that offset, and ignore whatever is before that..

Re:TrueCrypt

[trifish]

Schneier actually mentions TrueCrypt in his article too. However, strangely, he ignored the single most important feature of TrueCrypt regarding this topic, the plausible deniability. The hidden volume [truecrypt.org] feature is exactly designed to prevent Big Brothers from breaching your privacy.

Suspiciously unsuspicious

[dazedNconfuzed]

(volumes cannot be distinguished from random data)

Aye, there's the rub.

Most files CAN be distinguished from random data. If not outright human-readable (text, XML, etc.), they start with header data which can be visually recognized with a little experience. File sizes are predictably reflective of the directory context. Browsing the rest of a file's content usually reveals non-random components.

TrueCrypt claiming to be indistinguishable from "random data" is kinda like the hotel security guy who was checkin

For the fifty thousandth time

[SuperBanana]

Hidden volume

Only on Windows. On MacOS X and Linux, this is not available, for unstated reasons.

Mess with them

[loafula]

Make a folder called "Terror Plans" and fill it with images of cute, cuddly kittens.

Re:

[Anonymous Coward]

oh hai

i bomd ur bildings

Re:

[Phroggy]

Reference [mit.edu]

Note that this study fails to consider whether the shiny side goes on the outside or the inside, and also does not explore the use of true tin foil as opposed to aluminum foil.

Yup

[alexborges]

I got it in my biweekly dose of Cryptogram and found it disheartening. The GOD of security says: all you can do is make sure they wont find anything that will mess you up.

The sad thing is that citizens think this idiotic idea of checking laptops at airports serve any kind of law enforcement objective other than generalized panic and further diminishment of democratic values such as the right to privacy.

This is your government fucking people up (and "people" can be foreigners or locals entering the country), attempting to find in informations traces of delincuent activity that, if youre a two bit moron you know you can save it anyhow, in a mostly anonymous fashion on google's, yahoo's or microsoft's servers for free, and any number of services that are available today.

True criminals simply have huge botnets and hidden servers behind the huge pr0n/spam nets and they DO NOT carry incriminating evidence with them and EVEN IF THEY DID, how in hell is a custom's agent going to find them?

I mean, i have a better solution than that of bruce: change your initab so initdefault is 3, make sure that that level does NOT turn on the wifi card or any networking at all, change your shell to ASH (hopefully temporarilly) and let them have the root password, who cares.... good luck, mister customs agent.

Re:

[squidfood]

further diminishment of democratic values such as the right to privacy.

I'm as libertarian free-rights paranoid as the next slashdotter (while not quite), but a healthy dose of history here. Customs, border crossings, etc. have never had anything to do with democratic values, check out all your local 17th century smuggling legends sometime. There's never been anything there to diminish.

Picking battles, I'd concentrate on what happens internally, domestic flights, internal travel, etc. and not worry about this one so much (cue "thin end of the wedge" argument).

A naive suggestion

[rumith]

1. Upload all of your data on a web host with SFTP support and lots of bandwidth.
2. Purge your hard drive.
3. Be politeness incarnate to the customs officer and get through fast.
4. Once inside, use any available network at your disposal to download all of your data back.

The downsides? You probably won't be able to work in the airplane, but is it worth it now that the Customs are being so much trouble?

Re:A naive suggestion

[q-the-impaler]

This is a job for Johnny Mnemonic [imdb.com]!

My laptop

[Z00L00K]

Is set to boot MS-DOS by default.

It's actually because I need to load a device management driver that overrides the BIOS data for the hard disk, but it may actually be worth it for them to try to fiddle around at the MS-DOS prompt...

One more reason not to fly.

[AmazingRuss]

I quit flying a couple years ago after being repeatedly hassled by TSA troglodytes. Looks like I may never get to fly again. Maybe if enough of us stop flying, the airline industry will set its lobbyists to get this fixed. Chances are slim though. Why lobby to get your customers back when you can just lobby for handouts?

Re:One more reason not to fly.

[Jah-Wren Ryel]

I quit flying a couple years ago after being repeatedly hassled by TSA troglodytes.

Like this? [youtube.com]

Re:One more reason not to fly.

[goaliemn]

This isn't the TSA.. its customs. A huge difference.. They can do this if you're crossing in a car, on a bus, on a horse, on foot, etc... They've had this "right" since the country was formed, and older countries have had it for much longer.

Yes it will work.

[Bobb Sledd]

That is what TrueCrypt is for (but don't encrypt the entire drive). Just encrypt what needs encryptin'. Set up an encrypted volume with a shadow volume inside a regular file. Call it something that looks like a system file like MSDOS.SYS or DBLSPACE.BIN or something. (That would explain the unusually large size of the file.)

So first, they would have to know you even have something encrypted (which is just a guess if they see TrueCrypt installed). Then they'd have to know what/which files was/were encrypted (which can't be determined by examining the file). Then they'd have to ask you to mount the volume and provide the password (at which time you then provide the shadow volume password, which only contains innocuous files).

I can't be the only dummy to figure that out.

Re:

[rsborg]

So first, they would have to know you even have something encrypted (which is just a guess if they see TrueCrypt installed).

On OSX, disk utility will create encrypted disk images for you, so every mac user potentially has encrypted content (apparently Vista also has something similar).

Furthermore, you could also make TrueCrypt portable on XP, putting it, and possibly even your encrypted volume on a USB Key. Include this with a simple file rename and extension change and you'll have hidden encrypted content.

Re:but without being dishonest.

[Dare nMc]

Then swap laptops with a co-worker 1) without them knowing the password 2) make sure he takes the secured data through security after you, here's why:

Then they'd have to ask you to...

that is where the ultimate question comes, if you can access the data, and it is their, then are you willing to commit a felony (lie to a federal agent) to protect the privacy of that data. (most likely my company's data.)
Thats clearly a big NO for myself.
IE if I true crypt a partition, I know it will be (within all reason) saf

Re:

[Hoplite3]

I've suggested this before, but I think it should be repeated.

You should also put something mildly embarrassing in the shadow drive. Something so that when the customs dude sees it, he can construct a plausible narrative of why you encrypted it. Naked pictures of a girl who could be your girlfriend (but definitely looks over the age of majority in the country you're flying to), steamy love letters that aren't over the top, evidence of a fake affair. Nothing illegal, just "improper." Bonus points if you

Refuse you entry to the contry

[imuffin]

Can customs officials refuse entry to an American Citizen? Can they banish me for refusing to divulge my password?

Re:Refuse you entry to the contry

[Anonymous Coward]

Can customs officials refuse entry to an American Citizen? Can they banish me for refusing to divulge my password?

They cannot. They can only detain you "for a reasonable period of time" while they investigate what you may be carrying, but they have to justify the length of detention by some reasonable suspicion. i.e. we suspect he swallowed drugs and so can take 3 days to see what comes out the other end. But they need to back that up with why they suspect that.

Or another example is detain you and/or the computer until they can image the drive.
And they can confiscate contraband (your definition may vary).
Ultimately, you have the right to enter the country.

Re:Refuse you entry to the contry

[King_TJ]

I don't think the issue is whether or not an American citizen might be "banished from the country" upon making a return trip. I'd say, no, they're NOT able to do that.

The problem is, they could confiscate your expensive computer gear, and there's no guarantee you'd ever get it back. (There seems to be no real statute of limitations on the time these people are allowed to take to "examine" your property, if they claim a potential "security risk".)

CF/SD cards?

[future assassin]

Maybe depending on the amount of data you have you could store it onto a CF/SD card and put it into your camera? There has to some way of storing the data on the memory card so that the camera will not see those files but still leave enough space to take a few shots of the customs agents.

Corporation Lawyers

[Johnny Mnemonic]

You can bet that before I type my password for a customs agent, I'm going to talk to my company's legal department. And I'll wait in the customs office as long as it takes. Or simply forfeit the laptop and put it in the trash.

The IP on my laptop is easily worth 10x more than the value of the laptop itself.

Re:Corporation Lawyers

[goaliemn]

Unfortunately, you won't have that luxury. No matter what country you're going into, they can do this and you don't get a phone call. They'll sieze your laptop and you'll have no other options. If you smash it, you'll probably get arrested for interfering with an investigation, or the work of an officer. IF you throw it in the trash, they'll collect it and get what they want.

If the IP on your laptop is worth that much, you shouldn't be carrying it outside of the country on a laptop. I worked at a company that prohibited us from carrying certain information on our laptops to some middle eastern countries, as they were known for seizing/replicating hard drives from employees in certain industries.

If anything, you may face legal issues from your employer if you're taking that valuable of information out of the country.

Imagine the pre-computer days...

[Boron55]

Imagine the pre-computer days, when the customs could stop you, do a naked search and go through all your papers without any passwords. What could you do at that time? Just do not take the sensitive papers with you or mail them with certified mail.

I think there is no difference now. Email your files and do not put them on your laptop. That is what TFA is basically saying too.

So, IMHO, complains here won't work. The only problem that travelers have with laptop/cellphone search is inconvenience (since everybody is used to store all your files on your hard drive), but otherwise it is not any bit less legal than it was before the laptop era. And inconvenience is not any concern for authorities at all. So consider your laptop to be your briefcase and just not put any documents there that you don't want custom officers to see. End of story.

US Customs has always been like this

[querist]

Having returned from my second trip to China, I still find it amazing that it is easier for me, as a foreigner, to enter China than it is for me, as a US citizen (born a US citizen to parents who were US citizens, etc.) to enter the US after a trip abroad.

I just pretty much walked right through in China - I handed them the entry form (one half of the two part form - the other half you give them when you leave) and they waved me through. Customs in China did not even ask to see my laptop, never mind read files or anything like that.

On returning to the US at Detroit International, I was given the 3rd degree by US Customs agents, and I'm a US Citizen. "How long were you in China?" (as if he couldn't tell by the side-by side entry/departure stamps in my passport) "What were you doing there?" (visiting friends) "What do these friends do for a living?" (A couple of college professors and a financial analyst)

This happened on both of my trips.

And I noticed that they were doing this to EVERYONE, not just me. (The plane had several hundred people on it.) I'd hate to see what they were doing to Chinese citizens entering the US.

I hope they realize that they are going to scare businesses away from the US if they keep this up.

I find it somewhat ironic that the captcha for this post is "undergo".

Addendum:US Customs has always been like this

[querist]

Just to spare the speculation, etc: I'm caucasian, of Western European descent, so no, I don't look "Middleastern" or "Asian" or anything else. Just your typical "white male".

Two Drives

[Archangel Michael]

Some of today's higher end laptops have easily removable Hard Drives (some multiple drives). It shouldn't take more than a minute or two to replace a functional secondary HD for Customs, and have the other drive tucked into your bag.

Though, they'll probably protest the phillips driver you'll have to carry to accomplish this, because you know that is a dangerous weapon.

Grabbing your data isn't the worst they could do

[lowsinon]

No doubt they just install a rootkit/keylogger on your box after ripping your HD so after you leave their rootkit calls back and gives them your truecrypt passwords. Don't use a laptop you've lost sight of.

Simplest solution. Canada

[arthurpaliden]

Have all your US and overseas clients meet each other in Toronto, Vancouver or anywhere in Canada for that matter.

Go ahead search my Laptop officer....

[old dr omr]

My Mobile phone has a 4Gb flash card the size of my little fingernail. If I had any files that I didn't want customs to see I'd keep them on there and hide it somewhere they'd never find it. Come to think of it I'd probably never find it once I got there. :)

Truecrypt + Thumbdrive = Hidden OS

[Gregoyle]

There are a couple of ways to hide your data; one is to have two Truecrypt volumes, one hidden and one standard. This is easy, but it still lets the customs agent know you are using Truecrypt. This may not be a problem in the US (right now) but what about other countries where simply knowing about a program like Truecrypt could look suspicious?

This post [truecrypt.org] on the Truecrypt forums describes a way to install two OSes, one for show, and one hidden. Unless there is a Truecrypt rescue CD or bootable USB thumbdrive inserted the system will boot to a normal Windows desktop. This method would hold up to any casual sort of inspection, such as those customs agents carry out dozens of times per day. There are a couple of traces that would need to be removed in order to actually have "plausible deniability", but to me not having the questions asked in the first place is preferable to being able to deny one of the potential answers.

It's sad that you might need to do things like this, but there are often technological solutions to social problems.

We have arrived!

[erroneus]

Some would say we have arrived long ago, but this is certainly a telling mark.

We are discussing "hiding legal and unincriminating" stuff so that we don't get hassled by government police. We have gone far beyond the "if you don't have anything to hide, you have nothing to fear" argument where now, even when you don't you have plenty to fear... in this case, potential loss of ability to work!!

They have been going too far for a while, but this is a point at which even the most common person can appreciate and understand the problem with this.

If the EFF were buying "public awareness" ad time on TV, radio and print (I haven't seen any if they already are) I'd donate $100 each month from now until "we've won" whatever that means. I'm sick of this.

Re:We have arrived!

[erroneus]

Encrypting data or not is not the issue. It's that they can and will seize your devices. They can and will copy your data. And if, on principle alone, you resist, they can and will make your life even more miserable.

The TSA is not the government police doing the searches and seizures -- that would be Customs. TSA does not carry guns... Customs does.

Paranoia is fear without basis in evidence of common practice. I would say there is ample evidence of common practice. Unless, of course, you call it paranoia that a speeder would be afraid he might get a ticket for speeding. In this case, the fear is based on previous examples of such unreasonable searches and seizure. In all other areas of law, this would be warrantless and identified as a fishing expedition. It is amazing that this practice has passed a court ruling in its favor.

I'm going to leave the country in a couple of months and let me tell you, I plan on installing a new hard drive in my laptop with only the bare essentials installed on it leaving everything else at home. That's really not enough, though. If I were to be targeted by either my own government or a foreign one, I am hopeful that I can convince them to just take my hard drive and leave my expensive computer in my custody. I can't just buy new machines when some jerk decides to hold onto it for an undetermined amount of time. We're talking about expensive gear being taken without cause of suspicion and no accountability.

I'll grant that I've never actually even been hassled by Customs before. In fact, my last three trips out of the country and my last three returns have been completely hassle-free and neither the US TSA or the foreign country's security screeners even opened my luggage or checked my carry-ons beyond an ordinary scan. But with what's going on, can anyone really count on not being hassled or having your gear taken?

And I sure as hell don't want to have to resort to cloak-n-dagger crap just to appease screeners who have never seen Linux before.

 

This probably won't work, but:

[Ralph Spoilsport]

it would be funny.

Using Director or some similar app, make a "movie" that looks and acts like a BSOD or a "Sad Mac with chimes of Death" play on start up. They start it up, it seems to boot fine, then suddenly it "BSOD's" or the Sad Mac comes out and DING DING DONG" and goes black.

Then you get to yell at then for fucking up your laptop, and demand they buy you a new one RIGHT NOW GOD DAMN IT. And make 'em feel guilty. "LOOK - MY COMPUTER - THEY KILLED MY COMPUTER!!!" Start to cry about how much work you just lost because those numbskulls broke your computer.

They'll close it, right quick, and give it back to you and put you on your plane and hope you shut up.

Maybe?

RS

Obvious solution

[Sir_Lewk]

ipods. I mean, come on, they're nothing more than several dozen GB thumbdrives, you can easily put all your stuff on there and carry it with you without suspicion.

the last time this happened to me...

[Cookie3]

Customs agents (US and Japanese) stopped me several times over the years to inspect my laptop. In every case that I can remember I was able to dodge "inspection" by simply saying that I couldn't turn my laptop on because no battery was installed (which was the truth). I would only carry a power cord in my laptop case, no batteries.

My battery was actually located in a separate carry-on; a backpack or a suitcase or some such.

I guess if they were really interested in the laptop they could've plugged it in to a wall outlet and gotten into it that way.. but they never asked to do that.

Need One of These

[Jah-Wren Ryel]

Put all your important data on one of these [uneasysilence.com] - or better yet, don't rip the cable up - leave it alone so it looks like any other cable.

get free tech support

[TRRosen]

Next time your laptop breaks down leave the country and come back in and let the TSA figure out whats wrong. Better yet just to screw with them every time you go out of the country buy a cheap busted laptop and carry in though customs.

Very BAD advice...

[Bazman]

He gives one piece of very bad advice, on the subject of keeping your data on a big memory card and keeping it in your wallet. He says:

'If someone does discover it, you can try saying: "I don't know what's on there. My boss told me to give it to the head of the New York office."'

  Never ever lie to customs guys. If they ring your boss and he denies it, or if you later change your story and say "oh yes, that's really all my files", or if you can't instantly give the address of the fictional 'New York office', then you better start relaxing in preparation for them gloving up to see if you are hiding any other memory cards.

  Same with hidden partitions. If, by sheer bad luck, you do encounter a tech-savvy customs guy and he says 'have you got any hidden partitions on here?', say 'Yes'. Better than saying 'No' and having them find out later.

  I'm not saying roll over and give them everything - you have rights - just don't lie.

Re:

[Tim C]

But if they have the right to search it and you refuse to cooperate, then what choices do they have other than to seize the laptop (arguably you've given them cause by refusing to cooperate) or refuse you entry?

Otherwise what you're saying is that they have the right to search it, you have the right to refuse, and they have no legal powers to try to enforce their right - in other words, they don't have the right at all.

Re:Not enitrely true...

[Altus]

I have been denied access to countries for less than not providing a password. They can pretty much turn you away because they feel like it.

Re:Not enitrely true...

[Pros_n_Cons]

This is exactly it.
America is just now doing this? I was returned from Canada and they searched my luggage, laptop, read private conversations, opened letters all cause i was going to be staying 2 months which was too long of a vacation/job for them apparently. The guy was just a prick and didn't want anyone taking jobs. Canada is terrible for this but on Slashdot everything is the big bad USA. I'm so sick of the slant on slashdot. All countries do this its their right to refuse what type of people in their country. Some agents turn away illegal Mexicans cause they're scared of them taking jobs, some customs agents dont like the idea of a foreigner getting paid more than them.

Re:Not enitrely true...

[adsl]

You are certainly right that entering any country can be an interesting experience. Some years ago as a Brit I re-entered the UK and was waived on, by a male customs officer, thru the green passage. A female voice from behind me called out "Stop". I complied and asked why she was giving contrary intructions to another officer? She simply told me "I am in charge". Cut the story short, this female customs officer tore all my baggage and suitcases apart for 1 1/2 hours in a desperate attempt to justify her "suspicions" to her lower ranks. Eventually she decided I owed TWO POUNDS duty, on a minor gift. As I was attempting to put my belongings in order, which were by now strewn over a wide area, she demanded payment. I pulled out a 50 pound note from my wallet and handed it to her apologizing for my lack of small change. She turend and walked towards a door with the money. I called out "Stop" and she turned with a very annoyed look on her face. I said "Excuse me, but your lack of trust of me has been very evident, so you will foregive me if I have similar reservations towards yourself. Please sign this piece of paper saying you hold my 50 pound note and will return with 48 pds change". She turned red with anger, but complied. Meantime the rank and file officers just about fell apart and all ran away rather than laugh out loud. Yeah I know I pushed my luck. But I had retained my cool for 1 1/2 hours while being treated as if I were the worst form of low life..... I also knew I had nothing to hide. Trust is a two way thing anyway. The moral of all this is that when entering ANY country you are and can be subject to officials who have "god" like powers. And there is little one can do but smaile and be responsive and stay cool for as lonmg as possible.

Re:Not enitrely true...

[thestuckmud]

Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. As they should be able to. Any sovereign nation has the right to control who and what enters the country.

Not according to the Fourth Amendment to the US constitution: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated...

This amendment exists to protect citizens from a government that may object to the content they create or possess. Maybe someone can explain why the act of entering the country nullifies my constitutional rights.

Re:Not enitrely true...

[LynnwoodRooster]

Maybe someone can explain why the act of entering the country nullifies my constitutional rights.

Because legally you have not entered the country until you pass through customs. Up until that point you are in international waters, so to speak.

If you're not here, you're not under the jurisdiction of our laws.

Re:Not enitrely true...

[rthille]

Does that mean I can shoot the border agent and not be prosecuted under American laws?

Try not to confuse 'legal fictions' with reality :-)

Re:Not enitrely true...

[Bill_the_Engineer]

IANAL.

Maybe someone can explain why the act of entering the country nullifies my constitutional rights.

Because technically it doesn't. You said it yourself:

Not according to the Fourth Amendment to the US constitution: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated...

I changed the emphasis, but as you can see the 4th amendment only protects you from unreasonable searches. Most people believe that searching a person's belongings before granting entry into a country is a reasonable search.

Re:Not enitrely true...

[LargeMythicalReptile]

Maybe someone can explain why the act of entering the country nullifies my constitutional rights.

It's called the border search exception [wikipedia.org]. Like it or not, it's been upheld by the Supreme and federal courts.

Re:

[tinkerghost]

They can ... keep it for several days.

No, that would be seizing it. They need a reason to seize it. Customs can search without cause, but they cannot seize things without cause.

Actually, they can 'detain' the laptop without cause/warrant/etc. If you would like to wait with it that's your option ---- going on 2 years for some of the people who've filed the suits that resulted in the ruling so you might want to make sure you have some vacation time stored up.

Re:Not enitrely true...

[Deadplant]

Any sovereign nation has the right to control who and what enters the country.

Well, that's one opinion.

I would say that most sovereign nations have the power, not the right, to control who and what enters the country.

Fixed

[HalAtWork]

No, that would be seizing it. They need an excuse to seize it. Customs can search without cause, and they can seize things by giving an excuse.

There, fixed that for you.

Re:

[shentino]

Yes it's wrong to buck the system and cause trouble for other people.

However, I advocate cooperation simply because conniption causes more porblems than it solves. I would protest this however I could, legally, by picketing or voting or radio station callins.

Just because it's wrong to buck a system doesn't make the system right.

We have a bill of rights for a reason, and getting all panicky and security crazed is just going to let someone powerful step in and take over.

If you give up your freedom, you invit

Principles

[pryoplasm]

Things like privacy are sacred to some people, and unimportant to others. People who advocate that they have nothing to hide is all well for them, however it does not apply to every single person in the world.

And it does not necessarily have to be work related, or something proprietary that can be stolen and sold for cash. Perhaps it is embarassing information on the person, private pictures of family, or something else that is legal and legitimate to keep private. If you have no problem forceing big brothe

Re:Problem?

[ledow]

My own opinions on your blinkeredness shall remain unsaid. I'm sure you can guess them.

First, I'm not American. I have visited but these incidents literally remove the country from the list of viable or "safe" foreign countries I could travel to.

"I carry corporate source, designs and some customer data on my laptop. Yes, it would be a problem if it were made public. I encrypt it, but do not hide it. I see no reason that a border guard, a TSA guard or even the (whisper) NSA would choose to give it to a competitor if they had it."

-Several thousand dollars.
- Industrial espionage.
Even in the UK, some staff at airports have been caught selling on items stolen from baggage, there's nothing to stop a corrupt official doing so. By giving them to ability and "legitimate" reason to search ANY laptop for ANY reason, it's inviting problems.

- A letter from Microsoft offering a reward for non-licensed or pirate software.
- Anything that could accidentally tag you as a terrorist.
Customs officer browsing through my web history: You read wikileaks lately? We'll have that as evidence of, in your own words, being an anarchist.
- THIS POST. Say I took a laptop with a copy of my posting history to slashdot to the US... they could EASILY use this very post against me. Evidence of "wanting to avoid customs" or some such rubbish.

"What's the problem here? Is this a matter of principle or is there something to hide?"

Neither. It's my data. You have no right to go through it without reasonable suspicion FIRST. And then in a certified, supervised way to ensure you keep within your stated use of the data. No other civilised country in the world currently does this and the UK has been dealing with terrorism for FAR, FAR longer than the US has (a UK airport security expert was told that he was "being paranoid" before 9/11 when he visited a US airport and complained about their lax security - within days he was on BBC News recounting the tale because 9/11 happened).

My workplace cannot even throw a hard drive out with having it professionally destroyed, whether it's been exposed to confidential data or not. What makes you think I can let a customs officer copy it without MASSIVE assurances of everywhere the data could end up? The chances are I'd be in a questioning room while all the copying was going on.

"Consider how important your data is to a customs official. News flash: I'd bet a lot that they don't give a rat's ass what you've got, as long as it's not illegal. If it's illegal, then the problem is totally different and you have no right to complain about it."

Define illegal. I think you'll find it depends on jurisdiction, for a start, and includes such things as data protection laws. This is the problem.

As a business, I would be required to NOT TAKE SOME DATA into the US because of this - UK and EU data protection laws means that I *can't* let anyone see it, whether or not it's "secret". If your salesman is going to have to break British law to make a sale in the US, then he's not going to GO to the US. Or he'll have to take the steps mentioned in this article.

Say my office gave me a laptop with copy of Windows that was installed from a pirate key... that's "illegal". I could get detained *without reasonable suspicion* and possibly convicted because of that. Say I *don't know* the password to an "encrypted-looking" file on the laptop (like, I don't know, say a database contained within a business program accessed only by Word macros or company-created utilities - I have seen many such systems loaded on laptops for employee use). I'm detained until I release it.

It's not that I have anything illegal under US law - the US is not the world, though. Things that the US does are considered illegal in other countries. Let's not go too far down that avenue because it's just too easy to get into country-bashing.

It's that the US customs have no reason to demand inspections without reasonable suspicion. They certainly s

Re:embolden?

[gstoddart]

That's so 15th century, Bruce. How about "encourage"?

Because ... they mean different things? No, seriously.

We have a whole plethora of words at our disposal with which to convey subtly nuanced meaning and/or sound like pompous gits, depending on the gravity and artifice of the situation. Why, the sheer range of verbal and literary shenanigans available to us is both rejuvenating and invigorating -- allowing us to express ourselves through many permutations of linguistic machinations. ;-)

I suppose we could go the 1984 route and strip out all of the words for which people think there is no longer a valid purpose. That way we'd all come down to a nice, easy level of communication, and eventually strip certain kinds of thoughts from people.

In the meantime, some of us will reinforce the veracity of our arguments and interactions with our more polysyllabic linguistic choices to more adequately articulate the lucidity of our positions on topical considerations.

Cheers

Re:

[indifferent children]

That's cromulent.

A steganographic file system? Psssh.

[CatOne]

Dude, Sandra Bullock can crack that.

So can Tom Cruise, and that's without invoking Xenu.

FAIL.