Slashdot Mirror
The Failing Right of Laptop Privacy
davidwr writes "Wired has an interesting editorial on laptop searches and seizures. It raises some interesting issues, including employee rights against police searches in the workplace, routine vs. non-routine searches at ports of entry, and police use of unrelated data found in a database search. The article ends saying: 'Of course, there's a chance that the courts will not recognize the different scope of privacy interests at stake in computer searches, or will not be adept at crafting a rule that gives enough leeway and guidance to law enforcement, while also protecting privacy. At that point, the Constitution may fail us, and we will have to turn to Congress to create rules that are better adapted for the information age.'"
So keep your sensitive personal data on a server at home, where the protections against warrantless search and seizure are more clearly defined, and take with you on your laptop only what you need. Also there are all sorts of ways to remotely access your at-home data securely (DNS Forwarder/VPN, etc). That way your data is there when YOU need it and not sitting on your portable when you are crossing borders or sitting in your employer's office.
I have made it quite clear to contractors that their laptops will be subject to scrutiny prior to their being permitted to access our corporate LAN, as well there my be periodic spot-checks, especially if I suspect that a laptop might have become infected with something nasty.
You're using her as bait, Master!
It doesn't matter if you're worried about a snooping government, script kiddies, nosy roommates or family members, or anybody else you don't want looking at your data. In this day and age, there really is no substitute for encryption, and there's also really no excuse to not be using it, given the amount of options (many of them free, as in speech and beer) available today. There's no reason to leave things like tax returns, sensitive work projects, etc. sitting out in the open.
One of the best things that I've done recently is to wipe and randomize a 40-gig partition on one of my drives and set up a 256-bit AES-encrypted ext3 filesystem. Unless I enter my lengthy passphrase, there is no way to mount the volume, much less look at its contents. Barring some unforseen weakness in AES, this is now data that nobody but me will ever see (unless I do something silly like forget to unmount it).
It is, in many ways, a brave new world, but people need to know that there are things they can do to protect themselves. This, of course, is not news to the Slashdot crowd, but it is something that the less-clueful public needs to hear about.
We're going down, in a spiral to the ground
That's what a steganographic filesystem is for: plausible deniability. You have multiple layers of data encryption, none of which know about the lower layers, each of which stores data in the free space left behind by the upper layer. They ask you for the password, you provide the password to financial records at the first encrypted layer. For that matter, you could have an unencrypted layer on top so that there's no proof that any encrypted data even exists. In the unlikely event that they find the crypto tool, though, you have financial records at the first encrypted level. Say that there's nothing else, but under duress, admit to a second level with something a little more embarrassing (e.g. your porn collection). Keep anything that has to be kept secret at the third level.
There are two big problems, though: 1. Writes to the upper layer overwrite data at the lower layers, so the redundancy at the lower layers is pretty crucial to avoid data loss, and even then, beyond a certain point, you'll start losing data. 2. All the implementations I've seen out there are Linux-only (or at best UNIX/Linux), which makes them less than useless for most of the general public.
Check out my sci-fi/humor trilogy at PatriotsBooks.
1 - Separate work and private laptops
I carry mine to work and don't plug it into the network
I don't use the work machine for any internet searches, I use my laptop through cell card
2 - Separate your data sets
Carry your sensitive data on something other than laptop
I carry mine on a CD, they can't call that a bomb
3 - If they want to search it...
Ask "What exactly are you looking for?" and write down the answer!
If they say its just a routine inspection let them look, don't let them open files
If they want to see a file ask for the warrant
If they insist ask (don't) demand to see a supervisor
4 - Be nice, calm, and ask the supervisor to witness
Any search (with understanding you are under protest) as there is no warrant.
Ask the supervisor for a full accounting of all files opened/accessed prior to boot/power on
(this is critical as they cant log all files accessed during boot)
5 - Best of all, don't give them a reason to search it
-- I am the NRA, enough said...
Can you "bear" a main battle tank or a cruise missile? No.
"Arms", in historical context, meant guns that were carried by a soldier. The term was understood to be distinct from "cannon", big-ass guns that were not something a man would "keep and bear".
If a weapon is something that an infantryman would carry into battle, it falls within the rightful scope of the right to keep and bear arms recognized in Amendment II, within the corollary to right of self- and community-defense - the right of access to defensive tools.
If it's a WMD, if its mere presence creates a danger to people nearby (like if my neighbor was keeping anthrax spores or large amounts of TNT in his shed), the RKBA is not infringed by regulating it. Except, for the fact, that a peashooter isn't going to do it these days.
Iraq. Afghanistan (US and USSR experiences). Palestine. Vietnam. Connect the dots and see the picture: groups with "pea shooters" can mount a significant resistance against an vastly better armed occupier.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood