Homeland Security Details New Tools For Extracting Device Data at US Borders

Travelers heading to the US have many reasons to be cautious about their devices when it comes to privacy. A report released Thursday from the Department of Homeland Security provides even more cause for concern about how much data border patrol agents can pull from your phones and computers. From a report: In a Privacy Impact Assessment dated July 30, the DHS detailed its US Border Patrol Digital Forensics program, specifically for its development of tools to collect data from electronic devices. For years, DHS and border agents were allowed to search devices without a warrant, until a court found the practice unconstitutional in November 2019. In 2018, the agency searched more than 33,000 devices, compared to 30,200 searches in 2017 and just 4,764 searches in 2015. Civil rights advocates have argued against this kind of surveillance, saying it violates people's privacy rights.

The report highlights the DHS' capabilities, and shows that agents can create an exact copy of data on devices when travelers cross the border. According to the DHS, extracted data from devices can include: Contacts, call logs/details, IP addresses used by the device, calendar events, GPS locations used by the device, emails, social media information, cell site information, phone numbers, videos and pictures, account information (user names and aliases), text/chat messages, financial accounts and transactions, location history, browser bookmarks, notes, network information, and tasks list. The policy to retain this data for 75 years still remains, according to the report.

No DB is permanently secure

[BigSlowTarget]

When Border Patrol leaks everyone is going to be in a world of hurt.

Re:

[arglebargle_xiv]

When Border Patrol leaks everyone is going to be in a world of hurt.

Naah, only the urinals.

Re:

[K. S. Kyosuke]

orangemanbad

Are you referring to that managed baron?

Re:

[LVSlushdat]

#orangemandoubleplusgood

Not another bunch of incompetents with data

[Proudrooster]

Great.... another bunch of incompetents with large amounts of data, I can't wait for the DHS Leak torrent. Wikipedia better buy some bigger harddrives.

Re: Not another bunch of incompetents with data

[BigSlowTarget]

It gets worse and worse the more you think about it. Anyone with access to that data can probably make a fortune just from untraceable insider trading. Anyone includes ex-DHS employees.

Every cartel in the world would want it to track down possible leaks and cops. Every intelligence organization to figure out what's going on and who might be an operative. Even if it is just by someone NOT having data in it there is an indication of useful information.

Re: Not another bunch of incompetents with data

[imidan]

According to the DHS inspector general, most of the criminals working for DHS aren't anything close to masterminds. It seems like the typical corrupt CBP employee is either accepting or extorting bribes to allow people across the border, often connected with cartel drug smuggling. Most of them are just greedy, dimwitted thugs who see an opportunity to get a little extra cash and don't think twice about it.

Re:

[Mr. Barky]

Perhaps most are not so bright, but it only takes a handful of smart ones. The data only has to leak from one person.

Re:

[RockDoctor]

You know what they say about the stupidity of criminals? The courts are full of criminals who are so fucking stupid that even the cops (morons to several significant figures) can catch them. The occasional intelligent criminal is, like McCavity, not there [allpoetry.com].

The intelligent criminals already have this data, and more, from their underlings in the security services.

Re:

[Mattcelt]

That's some serious confirmation bias you have there.

Remember, these are the ones who have been dumb enough to have been caught.

Re:

[imidan]

I'm just relaying the IG data. Certainly, there may be criminals working for DHS who are masterminds and haven't been caught. I can't provide an estimate of how many of those there are, because they're absent from the data. I'm perfectly willing to believe that there are far more criminals among the border patrol, should the data support that conclusion.

Re:

[AmiMoJo]

The criminals at the NSA and CIA don't even have to wait for the leak.

which is while I leave a high voltage USB killer

[Anonymous Coward]

in my suitcase.

Re:

[ShanghaiBill]

Some of DHS's tools access data in RAM.

So it is a good idea to power-off your phone and laptop before going through customs.

Re:

[AmiMoJo]

It's a good idea to wipe your devices and then restore them from an encrypted backup over a VPN.

That's what I always do. Drive image, secure wipe, restore at destination.

Re:

[arglebargle_xiv]

For the cheap Chinese USB drive I picked up? No idea why your laptop isn't booting any more, have you tried switching it off and on again?

Re:Not another bunch of incompetents with data

[PsychoSlashDot]

Great.... another bunch of incompetents with large amounts of data, I can't wait for the DHS Leak torrent. Wikipedia better buy some bigger harddrives.

Yeah. Plus the angle that they're taking a copy of data which they don't own. I do not grant the US government license to read, store, transfer, or otherwise contact my data. So this is "piracy".

Then there's the joyous third-party data. I may be carrying data that I am entitled to access but am not legally entitled to share with any other party. Copying a phone/laptop violates those license agreements. By doing this, the US government may be violating the rights of data-owners who are US companies or citizens. And when that database gets hacked, they're responsible for uploading that third-party data.

There just isn't a scenario where this is okay.

Re:Not another bunch of incompetents with data

[mschaffer]

Technically, it's buccaneering, because those perpetrating the act are sanctioned by the government. It's only piracy when it's not sanctioned by the government.

Re:Not another bunch of incompetents with data

[burtosis]

When asked how valuable this data is one government employee replied “Two dollars per person, or about a buck an ear”.

Re:

[Anonymous Coward]

Yeah. Plus the angle that they're taking a copy of data which they don't own. I do not grant the US government license to read, store, transfer, or otherwise contact my data. So this is "piracy".

actually you do give them that license, it is part of the conditions of crossing the border.

Re:

[tragedy]

Even though the courts have found it unconstitutional?

Re:

[wwphx]

Constitution? Since when has the Constitution mattered to the current powers that be?

Re:

[tragedy]

While I agree that the constitution and most other laws restraining the federal government have proven to be easily ignored and toothless, the assertion I was replying to was that:

actually you do give them that license, it is part of the conditions of crossing the border.

If they're just doing it to you against the actual law, then it's not part of the conditions of crossing the border and you're not giving them that license, they're just taking it. Arguing otherwise is like saying that you give license to roving bandits to break into your home and rob and murder you by living in a house.

Re:

[Anonymous Coward]

yes it does. The responsibility of you taking that data across the border is entirely on you. personally I have a travel laptop, no data, ESPECIALLY customer or other peoples data is ever on a device of mine when I cross borders in the US (or elsewhere for that matter). So easy to safely store and access it remotely nowadays.

Re:

[AmiMoJo]

Charity workers have had this issue when entering the UK. Laptops with confidential data, legally protected in various jurisdictions including the UK.

The UK border is a somewhat lawless place, normal rights and rules get trampled on. I've never been to the US but I hear it's similar.

Re:

[drinkypoo]

The UK border is a somewhat lawless place, normal rights and rules get trampled on. I've never been to the US but I hear it's similar.

It is. And not only is it the literal border that's like this, but they can fuck with you within 100 miles of any border, which includes ocean coastlines. That means that the vast majority of people living in the USA are subject to arguably unconstitutional search and seizure all the time.

Re:

[RockDoctor]

And not only is it the literal border that's like this, but they can fuck with you within 100 miles of any border, which includes ocean coastlines.

And, as I understand it, any airport which accepts international flights. (Or has accepted in the past, or has said it might accept international flights at some indeterminate point in the future, as part of expansion plans ; that area I'm unclear on.)

The last figures I saw were that something like 90% of the US population lives at risk of the Border Police, an

They aren't incompetent - they are stable geniuses

[raymorris]

These are government employees, ergo they aren't incompetent. They are, by the fact that they took low-paying government jobs, inherently smarter than you and more capable of making all kinds of decisions about your life.

How dare you suggest that government workers and bureaucrats aren't automatically elite - they are, and should be put in charge of EVERYTHING, every part of your life.

Please tune in to MSNBC so they can explain to you why the people working for the federal government are so much smarter th

Re:

[BenBoy]

Don't be such a Negative Nellie. I'm sure they'll treat your data with care [wikipedia.org]; as though it was their own [military.com].

Re:

[CanadianMacFan]

"No, your Honour, I didn't upload the music tracks with the watermark containing my unique ID in question to the pirate site, as you put it. I did however travel to the US last summer and my phone was copied by the DHS. Perhaps their database was hacked and that person put the tracks up on the site. I have noticed that some of my personal details have become available. I've asked DHS about it but they refused to say."

This is not enough

[guacamole]

The border patrol agents should be allowed to execute a Vulcan mind melt, completely bypassing the electronic devices. That's the only certain way the DHS can figure out the real purpose of the traveler's visit.

Re:This is not enough

[gweihir]

Wouldn't it be easier to just shoot everybody at the border instead of melting their minds?

Re:This is not enough

[rtb61]

Do not carry device across international boundaries. YOU are a foreigner, no rights apply to you and you are fucking stupid if you do not think they install software permanently to track when they download your privacy with no charge and no warrant. Buy then at a phone place not far from your port of call, prepaid, cheap and if you lose it meh. Leave you primary device at home when travelling overseas, when they ask for it, say no and tell them if they ask for the password, you will also refuse. If you want you data from you phone when overseas, load it onto you ISPs storage encrypted and download it at the location and then decrypt it. When leaving, delete all contents on the phone and sell it.

Re:

[wierd_w]

Solution:

Create a bootable SD card, and insert it into a hacked chromebook. (After hacking the chromebook, insert solder on the write protect screw hole to permanently set rom write protect.)

Produce a read-only filesystem image that fills the whole card. (We are aiming for the equal of WORM media here. The system will be a live DVD style image.) Set up a repeating DD operation that just continually writes that image onto the card over and over and over again, until the write protection circuitry inside the

Re:

[AmiMoJo]

I wouldn't buy a phone from somewhere near the airport, could easily be pre-bugged.

Re:

[pahles]

Mind melt? Why would you want to melt someone's mind? How are you going to extract any info from a puddle of gray matter?

Re:

[RockDoctor]

I don't think they're saying what you're hearing : https://dictionary.cambridge.o... [cambridge.org]

Borders are non-trustworthy zones.

[Kernel Kurtz]

If I travel to the US I take a phone and/or laptop with minimal apps or info. Anything I need beyond that can be accessed remotely from my destination with much greater security.

Re:

[mschaffer]

Why not? That's what I do when I travel to other countries.

Re:

[Kernel Kurtz]

Don't get me wrong, it is not just the US.

All borders are non-trustworthy zones. Even my own (Canada) is sketchy in this regard.

Re:

[fred911]

''If I travel to the US I take a phone and/or laptop with minimal apps or info''

Even better, even as a citizen I never return home with a device that's not completely wiped. I've never had anything but a ''welcome home'' greeting from border control, but it's trivial to restore my mobile device to the state it was before I wiped it. As a citizen I would refuse to answer any questions about my personal accounts, or my travel activity. Other than providing non-specific information, the words am I under arrest

Re:

[Kernel Kurtz]

Here in Canada our courts have generally held that even non-citizens are protected by our Charter of Rights while they are in this country. I don't believe that to be the case in the US, but perhaps someone can correct me if I am wrong.

Re:

[Kernel Kurtz]

OK good to know. Thanks for that.

Re:

[thegarbz]

Oh someone with "minimal" data on their device? Smells like a terrorist to me!

Re:

[Lynchenstein]

Oh someone with "minimal" data on their device? Smells like a terrorist to me!

Some people travel only for the cavity searches. Who are we to judge their kink?

Re: Borders are non-trustworthy zones.

[slazzy]

You could probably create a script to write a history with a few thousand webpage visits of cat pictures and YouTube videos... Now you look like a normal person if that worries you

Re:

[will_die]

So what do you do with other countries? I have run into more issues with electronics in countries like Sweden and Germany than this.

Re:

[wwphx]

I had to have my Canon lenses swabbed arriving at Frankfurt going in to Germany, but no problems with my Chromebook, wife's MacBook Pro, or either of our iPhones. And the only reason that happened was we screwed up and accidentally left the secure area and had to go back through security. Otherwise, none of our carried possessions would have had a screening entering the EU.

Re:

[will_die]

worst case was sweden where they took apart my laptop, removing the parts they could and checking each part.

Re:

[wwphx]

Ouch! Were you able to get your laptop working again?

These Capabilities Are Far From New

[WankerWeasel]

There have been products sold to them to carry out this extraction since at least 2008 with the release of iOS 2.0. This is far from news.

how?

[kylemonger]

How are they doing this on modern iOS devices when whole drive encryption is supposedly in use?

Comment removed

[account_deleted]

Comment removed based on user account deletion

"DHS and border agents were allowed ...

[schwit1]

Bullshit. Not having a warrant makes it a 4th amendment violation before and after the ruling.

SCOTUS has said that executive agency policies, rules and regulations are the equivalent of laws. Ergo, they should have to be voted on by Congress before ALLOWED.

Congress of the United States, being vested with "all legislative powers" by Article One, Section 1 of the United States Constitution, ALL! What part of ALL does Congress and the Executive not understand?

Re:

[Kernel Kurtz]

Bullshit. Not having a warrant makes it a 4th amendment violation before and after the ruling.

And they ignore it with virtual impunity.

https://www.aclu.org/other/con... [aclu.org]

Re:

[dirk]

While I agree with you on the fourth amendment violation, you are wrong on executive agency policy. They are "equivalent" to laws in that they have the force of law. That in no way means they should be voted on by congress, because they are still not laws. That would put WAY too much power in the hands of congress.

Re:

[Kernel Kurtz]

While I agree with you on the fourth amendment violation, you are wrong on executive agency policy. They are "equivalent" to laws in that they have the force of law. That in no way means they should be voted on by congress, because they are still not laws. That would put WAY too much power in the hands of congress.

All the force of law with even less accountability. What is not to like? /s

Re:"DHS and border agents were allowed ...

[Actually, I do RTFA]

Not having a warrant makes it a 4th amendment violation before and after the ruling.

The word "warrant" never appears.

As for executive agency rules, those are interpretations of congressional rules. And congress changes the rules from time to time. But passing a law like "the area where endangered bald eagles live shall not be polluted by X, Y or Z" and letting some executive agency employees update that map annually seems better than congress hearing from that same expert and voting to update the map.

Re:

[thegarbz]

Bullshit. Not having a warrant makes it a 4th amendment violation before and after the ruling.

What's a 4th amendment and how does it apply to a constitution free zone?

Re:

[HiThere]

The US Constitution does not recognize constitution free zones. That's a government invention.

Re:

[thegarbz]

The US Constitution does not recognize constitution free zones. That's a government invention.

That should tell you everything you need to know about that 250 year old paper you think protects you.

When business travel was still a thing...

[ffkom]

... every colleague unlucky enough to be asked to visit the US knew to bring only a dumb-phone and an empty laptop that would be re-imaged with data only after arriving at the destination. The professional data thieves at the border and their industrial espionage business model have been common knowledge for many years now.

Thanks to Sars-CoV-2 the inconveniences of such business travel are now a thing of the past, and will likely not restart even when that pandemic is over.

Never travel with your phone

[gurps_npc]

80% of the time they do not work in another country anyway.

Just buy a throw away that actually WORKS in the country you are going to.

Re:

[itsme1234]

Is that you Stallman? I thought you didn't have a phone because they're tracking you and anyway it wouldn't be working because of all the tinfoil hat.

Also this thing with the phone not working in other countries is valid only for some weird CDMA providers, if you have a GSM (and above) phone it'll work everywhere (including the US). Maybe not all frequencies everywhere but usually you won't be able to tell, "it just works".

Re:

[Ingenium13]

If you buy your phone unlocked or pay it off, then it works fine with a local SIM in other countries. For US providers, Sprint and T-Mobile both have standard, included unlimited international roaming for free. It's very slow, but it works for messaging and light usage.

You're better of just actually powering off your phone and laptop when entering another countries. They should be encrypted at rest (hopefully your laptop uses full disk encryption), so there's nothing useful they can copy off. In the US at l

border control

[gary s]

Backup phone to cloud factory reset bring up with no restore. go through customers, factory reset restore from backup continue on your way.

Re:

[stephanruby]

SSD memory is super easy to restore. If you care about keeping your data private, I wouldn't recommend it.

Re:

[itsme1234]

On the contrary, SSDs are HARDER to recover than normal hard drives because they'll have TRIM, the OS needs to tell the drive what it doesn't need anymore (for performance reasons). Once it does that the data is pretty much gone, as opposed to sitting there on a normal hard drive until it's overwritten (it can be years until the space is needed). Of course the process isn't guaranteed and depended on a ton of wear leveling algorithms but in any case it's MUCH different from a hard drive where the data just

Re:

[AmiMoJo]

You can take advantage of self encryption on laptops as well. Many have Window's implementation, Bitlocker, enabled by default anyway, but an alternative is sedutil. You can stick it on a bootable USB drive to enter the password at boot.

There are advantages and disadvantages. On the plus side border agents are clueless about it and you can show them your "blank" laptop that only gets as far as a "no bootable disk found" prompt. Tell them you wiped it and will restore it at other other end, because you are w

Re:

[itsme1234]

Sure, you can use encryption (it's another discussion about if you can be forced to provide the key) but the point I was making was that a factory reset phone is not "super easy to restore" as the storage is encrypted and the keys were wiped (and probably will get wiped the second time when somebody unlocks the bootloader to be able to access the raw block device).

Re:

[Anonymous Coward]

Most modern devices use encrypted SSD storage. They don't even bother reformatting the device - they just create a new encryption key and render all the old data inaccessible.

Re:

[Ingenium13]

That's a LOT of effort for the average person unless you really have something you're trying to hide. Basically no one will do it otherwise. Just power off your phone and set an actual password on it instead of a 4 digit PIN. The data is encrypted at rest, and the US courts have ruled that they can't force you to give your password.

What about the other extreme?

[asadodetira]

Bringing multiple devices with gb of junk would be also very impractical to scan

Re:What about the other extreme?

[gweihir]

Bringing multiple devices with gb of junk would be also very impractical to scan

They will just bill you for the time or lock you up for obstruction. Also, enjoy your spot on the "terrorist" watchlist.

Re:

[MooseTick]

They won't bill or detain most people. they will simply keep the hardware for inspection.

Re:

[gweihir]

Well, yes. But do you want to risk it?

Land of the Free(ish)

[youngone]

Why have you Americans accepted the fact that you have an agency called "Homeland Security" like that is completely normal?

If we started calling it "Heimatschutz" would you feel the same way?

I thought you lived in the Home of the Free.

Re:

[fustakrakich]

I thought you lived in the Home of the Free.

No, but we do have everyday low prices. What else is there?

They are not allowed to do this anymore, right?

[ayesnymous]

"For years, DHS and border agents were allowed to search devices without a warrant, until a court found the practice unconstitutional in November 2019."

Re:

[Opportunist]

You mistake them for people who give a fuck about what they are allowed to do.

ok so tell me where this fails...

[roc97007]

User takes hard drive out of laptop

User FedEx's the hard drive to himself inside the country

User crosses the border

User receives hard drive, reinserts into laptop

Alternately:

User sends data to cloud service.

User scrubs hard drive

User goes over border

User restore from cloud

So these border tactics -- are they only for stupid criminals?

Re:

[Kernel Kurtz]

So these border tactics -- are they only for stupid criminals?

Yes. Also a warning to foreigners in general to stay away.

Re:

[roc97007]

So these border tactics -- are they only for stupid criminals?

Yes. Also a warning to foreigners in general to stay away.

But not foreigners who are actually bringing in contraband information. Child porn, for instance. Because shipping it across the border or electronic transfer is absurdly easy. So I'm still not sure what these rules accomplish.

Re:

[MooseTick]

Any package traveling across borders is subject to inspection and/or seizure but whatever nation's customs that package traverses. Its not likely to get analyzed, but neither are devices carried across the border. The way this article suggests is that ALL electronic devices are scanned/imaged. I'd bet its less than 0.0001% for the US.

Re:

[flyingfsck]

---long sanitization process---

It is much less hassle to go somewhere else and skip the Soviet Union of America.

Travel phone

[slazzy]

Always good to have a cheap travel phone with little on it. Not that I have anything to hide, but just for the point of it... If they ask why there's not much on it, it's in case it gets stolen.

Who would take their regular phone over the border

[charlie merritt]

I just don't understand taking a regular phone on a trip. Want all those contacts? Email them or something. Want THEM to have all those contacts? Drag them thru the border on your phone.

Re:

[Opportunist]

You may rest assured, if I travel with a phone, I want them to copy that data.

Remember the story of the Trojan horse? There's a reason a particular kind of malware got that moniker. No attack is as powerful as an inside job.

Re:

[Frederic54]

Something like 80% of Canadians live at less than 100km of the border, it is easy and common to take your car to go to the USA for shopping, camping, hiking, etc. Some Canadians even work in USA and cross border every day, opposite is true too.

Virtualize phone/laptop

[tww-china]

The solution is to virtualize your phone/laptop. Run a hypervisor on the bare metal and perform your work in a VM. Before you leave the country, upload the VM to the cloud and remove it from your device. Do the reverse when you get to your destination. This is already doable on laptops. Less so I think on phones but I would be surprised if the hardware wasn't able to make it technically feasible.

Re:

[infolation]

Provided all the storage (including system) can be removed from the device and replaced, or the device can be securely wiped, or the device is encrypted and the key can be securely deleted.

If they happen to do a forensic clone of the storage they'd have deleted data or traces of data in the OS.

I mention this because that type of cloning is exactly what the UK Border Force (formerly UKBA) has been doing at UK transport hubs.

Limited time

[flyingfsck]

No worries, they only keep the data for a limited time of 75 years.

Any middle aged geek crossing the border with his iPhone, iPad and Macbook, should be pushing up daisies by then.

Going to the US is like going to Iran (or Israel,

[BAReFO0t]

You think there is sometbing wrong if they do NOT fist your anus and put terrorist plans and child porn on your devices if you complain when abused. ;)

Luckily, we don't need to travel there. Ever.
I only feel bad for those that have to live there.

This is gonna be good

[Opportunist]

Well, not for 2020. But as soon as security conferences become a reality again and Antivirus-researchers travel with live samples of current threats again, and these dimwits copy and execute those, this is gonna get colorful and funny.

Large SD card

[gnasher719]

The MacBook that I use for professional development actually only has 256GB SSD, about 150GB used, so a Time Machine backup fits onto a 256GB SD card. And there are bigger ones. So wipe your laptop to have just an empty OS, and bring the SD card with you.

Instead of a backup, you could create a bootable SD card.

Re:

[Canberra1]

The keywords are forensic toolkits, and why modern operating systems DO NOT offer dump and restore services from a minimal bootstrap level. In 1970, all mainframes could. If you have an Android, even a factory reset FAIL's to purge certain information. It is no accident keyboard and trackpad have large, unnecessary non-volatile buffers. Journalists and Barristers -including international ones, have higher legitimate needs. There is also a record of SD card and portable drive connects. That's why 3 inch flo

Bigger Haystack

[bussdriver]

If you expect to be copied at the border, bring a device with as little personal info as needed... but make sure to have the largest HD installed you can spare and FILL IT with tons of junk. mild porn jpg, videos, pdfs, spam email archives (from testing data), maybe make a randomize script to multiply the files... another script to go touch every file on the system. One could use any AI text generating software to make up never ending spam files. Do keep in mind you'll have to wait while they copy it so

at US Borders

[John.Banister]

Just a quick reminder of the 100 mile wide band [aclu.org] that "at US Borders" actually means.

Leave your phone at home

[p51d007]

Buy a burner phone, just before you come back across the border...remove the sim, smash it and the phone.

Border Patrol can do this away from Borders

[darth_borehd]

The Border Patrol is allowed to do this, without warrant, to any person within *100 miles* (160 km) of a land or sea border. You know, where most of the population lives.