Slashdot Mirror
Securing Your Notebook Against US Customs
Nethemas the Great points out a piece from Bruce Schneier running in the UK's Guardian newspaper with some tips for international travelers on securing notebook computers for border crossings. A taste of the brief article:
"Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. ... Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won't work here. The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."
Set up a Windows partition and a Linux partition, set it to boot to Windows by default, keep all your data on the Linux partition. How well would that work, I wonder.
...that your desktop is the Goatse guy and you have 14 videos of horse porn set to auto-play the moment your laptop gets opened. If you're going to snoop through my stuff in public, then the whole terminal is gonna get their money's worth, you fascist bully-boys.
That's so 15th century, Bruce. How about "encourage"?
http://www.truecrypt.org/
* Creates a virtual encrypted disk within a file and mounts it as a real disk.
* Encrypts an entire partition or storage device such as USB flash drive or hard drive.
* Encrypts a partition or drive where Windows is installed (pre-boot authentication).
* Encryption is automatic, real-time (on-the-fly) and transparent.
* Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
1) Hidden volume (steganography â" more information may be found here).
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
* Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.
Make a folder called "Terror Plans" and fill it with images of cute, cuddly kittens.
FOXTROT UNIFORM CHARLIE KILO
Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country.
... keep it for several days.
As they should be able to. Any sovereign nation has the right to control who and what enters the country.
They can
No, that would be seizing it. They need a reason to seize it. Customs can search without cause, but they cannot seize things without cause.
The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."
Not entering your password is not grounds to refuse you entry into the country. On the other hand, lying to US customs IS grounds to ban you from entering the USA for five years.
I got it in my biweekly dose of Cryptogram and found it disheartening. The GOD of security says: all you can do is make sure they wont find anything that will mess you up.
The sad thing is that citizens think this idiotic idea of checking laptops at airports serve any kind of law enforcement objective other than generalized panic and further diminishment of democratic values such as the right to privacy.
This is your government fucking people up (and "people" can be foreigners or locals entering the country), attempting to find in informations traces of delincuent activity that, if youre a two bit moron you know you can save it anyhow, in a mostly anonymous fashion on google's, yahoo's or microsoft's servers for free, and any number of services that are available today.
True criminals simply have huge botnets and hidden servers behind the huge pr0n/spam nets and they DO NOT carry incriminating evidence with them and EVEN IF THEY DID, how in hell is a custom's agent going to find them?
I mean, i have a better solution than that of bruce: change your initab so initdefault is 3, make sure that that level does NOT turn on the wifi card or any networking at all, change your shell to ASH (hopefully temporarilly) and let them have the root password, who cares.... good luck, mister customs agent.
NO SIG
The downsides? You probably won't be able to work in the airplane, but is it worth it now that the Customs are being so much trouble?
It's actually because I need to load a device management driver that overrides the BIOS data for the hard disk, but it may actually be worth it for them to try to fiddle around at the MS-DOS prompt...
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Why the hell is a security expert using tinyurl links on the web?!? The only use of URL shortening services on web pages is for malware authors and spammers to hide the destination site.
Anything you don't want to find, host it on a remote server that you access with SSHFS or something similar.
Some people swear by services like Amazon's AWS via JungleDisk or something similar, but of course then you have to trust Amazon. My system's pretty clean, but I often keep a port open on my home network with a server (an old G4) running there for just this purpose.
The CB App. What's your 20?
I can't recall the name right now but one of the disk encryption utilities creates a dummy encrypted zone for just such a purpose. You make two passwords. The real one gets you your real encrypted data. And another one for entering under "duress" gets you your dummy files. They're both stored in the same encrypted space, one looks like random noise to the other, and supposedly nobody can tell they're both there. Anybody know which utility that was?
I quit flying a couple years ago after being repeatedly hassled by TSA troglodytes. Looks like I may never get to fly again. Maybe if enough of us stop flying, the airline industry will set its lobbyists to get this fixed. Chances are slim though. Why lobby to get your customers back when you can just lobby for handouts?
That is what TrueCrypt is for (but don't encrypt the entire drive). Just encrypt what needs encryptin'. Set up an encrypted volume with a shadow volume inside a regular file. Call it something that looks like a system file like MSDOS.SYS or DBLSPACE.BIN or something. (That would explain the unusually large size of the file.)
So first, they would have to know you even have something encrypted (which is just a guess if they see TrueCrypt installed). Then they'd have to know what/which files was/were encrypted (which can't be determined by examining the file). Then they'd have to ask you to mount the volume and provide the password (at which time you then provide the shadow volume password, which only contains innocuous files).
I can't be the only dummy to figure that out.
"They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
Can customs officials refuse entry to an American Citizen? Can they banish me for refusing to divulge my password?
Maybe depending on the amount of data you have you could store it onto a CF/SD card and put it into your camera? There has to some way of storing the data on the memory card so that the camera will not see those files but still leave enough space to take a few shots of the customs agents.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
They can also image your drive. As Bruce says, the easiest way to avoid this is to not have your data on your laptop. Put it on something else.
See this is why we should have Wifi harddrive that you can easily access without opening your bags. Think about it the customs won't even have to stop anyone they can just leech all the data and check if you got something illegal.
So no long queues, no waiting, everyone is happy. We just have to wait for EyeFi to release a version slightly larger than 2GB..
My Options:
1: Just pull the HD and keep it on your person
2: Pull some other component so it doesn't boot and say it is a non-working laptop
3: Have it boot to a BSOD. (should be easy in Windows)
Just one more reason why you should stay outside us...
But: the US is becoming more and more a police state. I would have liked to come and see NY, California, Washington and all your nice cities you have over there, but all this bullshit stuff you throw at normal people who would like to come and spend some money in your stores and restaurants an hotels just pisses me off. Really. Just stay all by yourself if you wish so.
I just don't trust anything that bleeds for five days and doesn't die.
Pack light. Take a laptop with NXClient and not much more. Then remote back into your home PC to do the stuff that you don't want customs to see. Another option is to use VMware to do your work and save the VM to a USB key or your cell phone before you leave for the airport.
How on earth did we get to this point? Why are customs officers allowed to search my data? Is this the type of Orwellian dystopia we came to live in? Why can't I have my privacy when travelling abroad? Why is it the state's business what sort of life I choose to live, what sort of porn I choose to enjoy and what sort of nekked pics I choose to take of myself or anybody else? How can a customs officer confiscate a USB thumbdrive or a mini-SD flashcard I carry with me?
If this is not abuse, then what is it.
Simply have no data on your laptop and do all your work remotely via an encrypted internet link!
You can bet that before I type my password for a customs agent, I'm going to talk to my company's legal department. And I'll wait in the customs office as long as it takes. Or simply forfeit the laptop and put it in the trash.
The IP on my laptop is easily worth 10x more than the value of the laptop itself.
--
$tar -xvf
Imagine the pre-computer days, when the customs could stop you, do a naked search and go through all your papers without any passwords. What could you do at that time? Just do not take the sensitive papers with you or mail them with certified mail.
I think there is no difference now. Email your files and do not put them on your laptop. That is what TFA is basically saying too.
So, IMHO, complains here won't work. The only problem that travelers have with laptop/cellphone search is inconvenience (since everybody is used to store all your files on your hard drive), but otherwise it is not any bit less legal than it was before the laptop era. And inconvenience is not any concern for authorities at all. So consider your laptop to be your briefcase and just not put any documents there that you don't want custom officers to see. End of story.
Having returned from my second trip to China, I still find it amazing that it is easier for me, as a foreigner, to enter China than it is for me, as a US citizen (born a US citizen to parents who were US citizens, etc.) to enter the US after a trip abroad.
I just pretty much walked right through in China - I handed them the entry form (one half of the two part form - the other half you give them when you leave) and they waved me through. Customs in China did not even ask to see my laptop, never mind read files or anything like that.
On returning to the US at Detroit International, I was given the 3rd degree by US Customs agents, and I'm a US Citizen. "How long were you in China?" (as if he couldn't tell by the side-by side entry/departure stamps in my passport) "What were you doing there?" (visiting friends) "What do these friends do for a living?" (A couple of college professors and a financial analyst)
This happened on both of my trips.
And I noticed that they were doing this to EVERYONE, not just me. (The plane had several hundred people on it.) I'd hate to see what they were doing to Chinese citizens entering the US.
I hope they realize that they are going to scare businesses away from the US if they keep this up.
I find it somewhat ironic that the captcha for this post is "undergo".
Boss: WTF???
Just add a sysV service that sends a self-destruct command.
Slashdot will disavow any knowledge of your actions.
Don't take any data with you. Separate the Data from yourself
Leave it on your secure server at home, and dial in when you get to america
or If you really need to transport it, post it encrypted inside a DVD box for a game or TV show as a "gift" to a pobox and pick it up once you get in Amercia.
They're easy to outsmart, just don't "act smart." Stupid people hate smart people.
You never expect irony, do you?
Want to be a professional wrestler? Visit www.iyfwrestling.com
@iyfwrestling
Just to spare the speculation, etc: I'm caucasian, of Western European descent, so no, I don't look "Middleastern" or "Asian" or anything else. Just your typical "white male".
Some of today's higher end laptops have easily removable Hard Drives (some multiple drives). It shouldn't take more than a minute or two to replace a functional secondary HD for Customs, and have the other drive tucked into your bag.
Though, they'll probably protest the phillips driver you'll have to carry to accomplish this, because you know that is a dangerous weapon.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
We keep hearing stories of corporate laptops with confidential information being lost in the public. What if our own government loses this data?
You never expect irony, do you?
Want to be a professional wrestler? Visit www.iyfwrestling.com
@iyfwrestling
You see? You see? Your stupid minds! Stupid! Stupid!
No doubt they just install a rootkit/keylogger on your box after ripping your HD so after you leave their rootkit calls back and gives them your truecrypt passwords. Don't use a laptop you've lost sight of.
What is it with layered approaches? Is it because it works from cakes to network security?
That should really confuse this so called "security expert" Quite frankly, I would be one of those guys who refuses to divulge my password. Even if I did, he / she wouldn't know what they were looking at since I don't run Windows. I think most of this is just to demonstrate that the laptop is not an explosive device, and really is a functioning laptop.
"I bow to no man" - Riddick
Yes it's wrong to buck the system and cause trouble for other people.
However, I advocate cooperation simply because conniption causes more porblems than it solves. I would protest this however I could, legally, by picketing or voting or radio station callins.
Just because it's wrong to buck a system doesn't make the system right.
We have a bill of rights for a reason, and getting all panicky and security crazed is just going to let someone powerful step in and take over.
If you give up your freedom, you invite a tyrant. Trusting the government to do everything right only works with saints, which humans most definitely aren't. It's why we have checks and balances.
One way to accomplish this and retain and Windoze data you may have, is to have either a bootable CD of Puppy or Knoppix Linux, or, even better, have Puppy Linux on an SDCard, if your BIOS supports booting from SDCard. Then, they can examine your computer, browse files, including some photos you have in there just for show, and they won't even notice your Windoze content at all. You could even label the CD "Camping Photos" and have some photos on there too, with a multisession ISO burn, and if they remove the CD, Puppy will still run (if already booted) since it does not require the CD to be present, after you have booted.
Have all your US and overseas clients meet each other in Toronto, Vancouver or anywhere in Canada for that matter.
Undetectable Steganography? Yep, there's an app fo
I'm heading off over to Israel in a couple weeks. How well would making OS X boot up into a terminal? It's my primary computer, but I don't have anything that I really need to protect in it (or rather, the only thing it would protect is my privacy; no damning data or anything like that). More then that, does anyone know how to do it? Also, what's the command to start quartz?
My Mobile phone has a 4Gb flash card the size of my little fingernail. If I had any files that I didn't want customs to see I'd keep them on there and hide it somewhere they'd never find it. Come to think of it I'd probably never find it once I got there. :)
The only thing that Schneier says is how . I still don't get WHY? What do I have on my laptop that Customs would be interested in, or would cause them to confiscate it? Emails from my fiance? Jesus, who cares? I'm never going to see that customs guy again, where's the actual harm?
Believe me, noone at US Customs cares that you like gonzo porn. They've seen it a zillion times already. Being insanely private about the uninteresting minutaie of your life is like covering yourself in tinfoil as you walk down the street, so no-one can see what colour shirt I'm wearing. You're just not that interesting.
So what exactly am I supposed to be hiding from the Customs?
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
99.9% of us don't have any data on our laptops that a customs agent is going to care about anyways. They are welcome to read all my emails...lots of private stuff in there sure, but nothing they are going to give a crap about. What is it that makes people assume that information they consider private is inherently information everybody else wants to look at? Oh yeah, it's called paranoia.
While I absolutely understand why people need to try to keep some of their data private, I worry that people trying to do this will land themselves in hot water.
;-)
I mean, if they find out that you are going to great lengths to hide stuff, they're not going to be happy with you. Isn't it a chargeable offense to deliberately try to hide stuff from customs? The presumption will be that only people with something to hide will be trying to conceal their stuff.
The more people try to evade it, the more they'll learn, and then everyone will be subjected to really insane scrutiny. Eventually, they'll just refuse admission with laptops, or just copy all of the hard-drives or something evil like that.
I guess in a business environment, have a couple of laptops which are used for traveling and contain very little information might be an option. For people with their own laptops, I guess that's not a really good choice.
I guess there's no easy solution to traveling with your data and trying to keep it from prying eyes.
Me, I don't think I'd be overly willing to try to directly foil customs. That's why I fly without pants and carrying a teddy bear nowadays, and check everything else -- they'd rather you just moved on than stand there with Mr Bear in your nammies.
Cheers
Lost at C:>. Found at C.
There are a couple of ways to hide your data; one is to have two Truecrypt volumes, one hidden and one standard. This is easy, but it still lets the customs agent know you are using Truecrypt. This may not be a problem in the US (right now) but what about other countries where simply knowing about a program like Truecrypt could look suspicious?
This post on the Truecrypt forums describes a way to install two OSes, one for show, and one hidden. Unless there is a Truecrypt rescue CD or bootable USB thumbdrive inserted the system will boot to a normal Windows desktop. This method would hold up to any casual sort of inspection, such as those customs agents carry out dozens of times per day. There are a couple of traces that would need to be removed in order to actually have "plausible deniability", but to me not having the questions asked in the first place is preferable to being able to deny one of the potential answers.
It's sad that you might need to do things like this, but there are often technological solutions to social problems.
"He's more machine now than man, twisted and evil."
Your comment implies that the government and its representatives are infinitely kind and benevolent. That is not so. There is but one step from arbitrary airport search to Guantanamo. This is Slashdot. Government is evil.
I do not understand why the feds have the right to convict and punish you for possession of tech devices like a laptop at border crossings without due process of the law. If they can seize your tech property, isn't that a constitutional issue? Why are we US citizens if not for protection from unreasonable gov abuse of power? Isn't that why America fought the British for freedom? IS there a lawyer out there who can clarify this mess? And is there anyplace in the constitution that states that you are only protected from unreasonable search and seizure, etc if you are a citizen? I believe it is the gov who is restricted in their behavior, not just against Americans, but everybody?
wake up and hold your nose
The problem is that it is plan and simple grab to take away our rights under the 4th amendment without any probably cause or do process.
Not to mention that it does NOTHING to improve the security of our borders.
And it is seemingly becoming the new standard by which TSA agents get laptops for friends and family members. Confiscate the laptop, telling the poor smuck that it will be returned shortly after the disk is cloned for professional examination. Voila, laptop never comes back.. lots of cases and complaints on file of this particular situation.
Need self-destruct HDs
I guess this means will need hard drives that can be destroyed internally (no "boom" explosion).
Imagine how many 2.5" drives would end up in the garbage in airports...
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
This is kinda silly. If there is junk on your laptop you don't want anyone to see, then don't put it on your laptop. Just store it on your home server and download it via ssh after you've gone through customs if you need faster access to it.
-Matt
Do not make the assumption that CBP agents are very bright.
If you are truly worried about this, consider an encryption suite that offers a "fake" decrypt mode like truecrypt does.
Things like privacy are sacred to some people, and unimportant to others. People who advocate that they have nothing to hide is all well for them, however it does not apply to every single person in the world.
And it does not necessarily have to be work related, or something proprietary that can be stolen and sold for cash. Perhaps it is embarassing information on the person, private pictures of family, or something else that is legal and legitimate to keep private. If you have no problem forceing big brother on yourself, that is ok. That just doesn't work for everybody...
Those who live by the sword, get shot by those who live by the gun...
Live Badger
Just get a big enough bag and keep one of them as your personal electronics guard. Gotta be careful, I lost my left hand (thankfully not my right hand) and my right eye training the lil bastard. On the plus side, when they see a man with a left stump and only one eye, its a great conversation starter and dissuades them from checking. And if they DO check, they usually end up with a left stump and one eye too, so I get another person I can relate to.
"Quote me as saying I was mis-quoted." -Groucho Marx
No sex please, we're British!
Brought to you by the author of such childrens' classics as "Some Kittens can Fly!" and "All Dogs go to Hell."
Do we really need to start pissing off Europe when we're already in deep doodoo with the middle east?
Dude, Sandra Bullock can crack that.
So can Tom Cruise, and that's without invoking Xenu.
FAIL.
An even better approach would be to have just a Windows partition. Then do your real work under Linux by booting from a memory stick. If you want to get really paranoid, you could keep all of your sensitive data on a separate, encrypted memory stick, camera memory card ("hidden" in your camera), phone memory card ("hidden" in your phone), etc.
Of course, you should go ahead and do some unimportant work under Windows. Play games, surf the net (safe, unimportant web sites, only, of course), keep your golf scores, etc. That way, if somebody ever does search your laptop, it won't look like a system that's just been wiped to avoid generating any evidence.
There's no point in questioning authority if you aren't going to listen to the answers.
1. Copyright a piece of work (document, media file, etc.)
2. Wait for the agents to copy your data to their drives.
3. ???
4. Profit!
So doing that on entry into the UK might be a bad idea.
Best Slashdot Co
This HAS to be challenged again in court soon.
On the one hand, I think people can be overly paranoid about things like this. They aren't going to go out of their way to search your laptop unless they have a reason to feel you present a hazard, and if they do- I really doubt they will devote all that much time to decrypting encrypted data unless they REALLY think you are a potential danger.
On the other hand- privacy at least USED to be a big deal in this country, and I don't like the idea of having to give that up if I travel internationally. Also- many people traveling with laptops are doing so on business. How many corporations out there (domestic and international) are going to want the US Government poking around in their laptops?
Also- if it isn't challenged- it's a very small step for DHS to just say- "We need to search EVERYONE'S laptops to protect America!" I have enough problems with TSA every time I travel. I remember a few years ago coming back from a business trip in Germany and being interrogated at the airport. It is almost as bad at several airports here now.
Get a laptop with a built-in flash card reader. Put everything important on the flash card. Before you get off the plane, put the flash card in whatever bag is full of random power adaptors/books/cell phones/other random crap. Put another clean card in the reader. Flash cards are so small these days that it is very unlikely anyone will even notice.
The eee is particular good for this since it can boot off of a removable flash card.
The important thing is that you never lie. Helpfully give them the machine, let them boot it without argument, make general polite conversation. Also, don't overtly hide the flash card. Just drop it in a pile of other crap. Better yet, have five cards in your bag. Make sure that the "clean" card has some random stuff on it. Put your save games here, or whatever. The important thing is to make sure your equipment tells a story like "game machine used to pass time". As long as it does, *you* don't have to lie because they won't ask any questions that would force you to. Just make sure you don't lie, as *that* can get you in massive trouble.
Basically, you want to look innocent enough to avoid anything but a cursory search while making anything you don't want found require more than a cursory search. If they do a real search, you are pretty much doomed.
Or, of course, you could just make sure not to have anything you don't want found on your person. That's what I do.
The cake is a pie
Just don't go to the USA, who needs this fascist crap anyway?
I've put sensitive data on my camera card, and put it back in the camera. But now that this technique is in the article, border guards will be looking for that. Gee, thanks, Bruce.
There's a much easier, lower tech solution -- upload your data to a server on the internet, (how and using what service I'll leave as an exercise for the student) and wipe it off your laptop. Cross the border, and download your stuff on the other side. The advantage of this is that the border guards have no solution -- no amount of analysis, decryption, or intimidation will find content that isn't there.
Don't forget to keep a couple of Page 3 photos so they have something minor to find. This is especially cool for porn searches in Heathrow. "It's from your own NEWSPAPER, monkey boy!"
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
1. Keep the sensitive data on encrypted network storage. Many companies offer such services at very fair prices. Delete local copy, re-sync when you arrive at your destination.
2. FedEx copy of drive ahead. AFAIK, they aren't tampering with physical packages. Yet. Bonus points for sealing the drive in a plastic bag containing a mix of harmless gasses known only to you. If the Nitrogen-argon-oxygen ratio isn't right when you arrive at your destination, you know they tampered. If it is right, you at least have the satisfaction of knowing that they might have had to keep analyzers and gasses around just so they could tamper with your package.
3. Thousands of Britney Spears MP3s re-named to something else.
4. A variation on (1), encrypt all the sensitive data, send the decryption key to your destination.
5. Rot13 twice for extra security.
tm
I live close enough to the Canadian border that I drive into Canada and fly to Japan and Europe out of Canada. It is a much more pleasant experience. Entering Japan and Europe is a much more pleasant experience than entering the US and I'm a white US citizen. Coming through Canadian immigration and customs is a breeze. US customs is the worst. At least the car crossing isn't too onerous. Though one time I was driving into the US with a long time friend from Japan and I was very upset with the way they treated my friend. They were incredibly rude. She doesn't speak English and the immigration officer kept demanding that she had to know English because she traveled so much. US immigration has gotten so bad that I hesitate to invite friends from other countries from even visiting. I'd rather go there and be treated like a human than have my friends endure the berating they get when they come here.
If embiggen is cromulent, embolden is too!
Technology -- No Place For Wimps! Grateful Dead and Jerry Garcia Chatroom -- http://www.wemissjerry.org
So your best defence is to clean up your laptop. A customs agent can't read what you don't have.
Best advice ever. (That's until they devise something that reads human memory)
Thats clearly a big NO for myself.
IE if I true crypt a partition, I know it will be (within all reason) safe from "offline attack" like a imaged drive. So if the agent doesn't ask, and just snoops or copies this is not helpful to them. If the agent simply asks, do you have any encrypted data, and show me all of it. Assuming your not willing to commit a felony (granted a nearly impossible felony to prove), the you have limited options not really helped by true-crypt, over just a encrypted file. IE you can either say No, in a nice way like, "I have to talk to my company lawyer for permission" or give it up.
swapping laptops helps the second person the most, cause their not telling a lie when they state either, "not that I know of" or "it's my company's equipment not mine, I cannot access anything more than..." Since the guy with the password is "in the clear" since challenges to him have to fall under the full US constitution. If the guy with the password is standing behind you, well...
My own opinions on your blinkeredness shall remain unsaid. I'm sure you can guess them.
First, I'm not American. I have visited but these incidents literally remove the country from the list of viable or "safe" foreign countries I could travel to.
"I carry corporate source, designs and some customer data on my laptop. Yes, it would be a problem if it were made public. I encrypt it, but do not hide it. I see no reason that a border guard, a TSA guard or even the (whisper) NSA would choose to give it to a competitor if they had it."
-Several thousand dollars.
- Industrial espionage.
Even in the UK, some staff at airports have been caught selling on items stolen from baggage, there's nothing to stop a corrupt official doing so. By giving them to ability and "legitimate" reason to search ANY laptop for ANY reason, it's inviting problems.
- A letter from Microsoft offering a reward for non-licensed or pirate software.
- Anything that could accidentally tag you as a terrorist.
Customs officer browsing through my web history: You read wikileaks lately? We'll have that as evidence of, in your own words, being an anarchist.
- THIS POST. Say I took a laptop with a copy of my posting history to slashdot to the US... they could EASILY use this very post against me. Evidence of "wanting to avoid customs" or some such rubbish.
"What's the problem here? Is this a matter of principle or is there something to hide?"
Neither. It's my data. You have no right to go through it without reasonable suspicion FIRST. And then in a certified, supervised way to ensure you keep within your stated use of the data. No other civilised country in the world currently does this and the UK has been dealing with terrorism for FAR, FAR longer than the US has (a UK airport security expert was told that he was "being paranoid" before 9/11 when he visited a US airport and complained about their lax security - within days he was on BBC News recounting the tale because 9/11 happened).
My workplace cannot even throw a hard drive out with having it professionally destroyed, whether it's been exposed to confidential data or not. What makes you think I can let a customs officer copy it without MASSIVE assurances of everywhere the data could end up? The chances are I'd be in a questioning room while all the copying was going on.
"Consider how important your data is to a customs official. News flash: I'd bet a lot that they don't give a rat's ass what you've got, as long as it's not illegal. If it's illegal, then the problem is totally different and you have no right to complain about it."
Define illegal. I think you'll find it depends on jurisdiction, for a start, and includes such things as data protection laws. This is the problem.
As a business, I would be required to NOT TAKE SOME DATA into the US because of this - UK and EU data protection laws means that I *can't* let anyone see it, whether or not it's "secret". If your salesman is going to have to break British law to make a sale in the US, then he's not going to GO to the US. Or he'll have to take the steps mentioned in this article.
Say my office gave me a laptop with copy of Windows that was installed from a pirate key... that's "illegal". I could get detained *without reasonable suspicion* and possibly convicted because of that. Say I *don't know* the password to an "encrypted-looking" file on the laptop (like, I don't know, say a database contained within a business program accessed only by Word macros or company-created utilities - I have seen many such systems loaded on laptops for employee use). I'm detained until I release it.
It's not that I have anything illegal under US law - the US is not the world, though. Things that the US does are considered illegal in other countries. Let's not go too far down that avenue because it's just too easy to get into country-bashing.
It's that the US customs have no reason to demand inspections without reasonable suspicion. They certainly s
Wow, nobody else is responding to you, maybe I'm about to secure my place in hell.
"Anarchists" - > Are you really so dumb, that you think someone that is upset with the way our country is slowly slipping down the shitter is an anarchist. Being upset, and standing up for your rights is what this country is founded upon, reasonable or not American citizens (and visitors to our country too) have the right to say they will not stand for something.
The airline industry has become a total fucking mess and our half-assed attempts at scanning and searching people at the airport are pointless.
You want to download my whole harddrive?! Its a 160GB of random bullshit, I'm not mad that they have my bullshit and a slew of 16-image free pr0n sets of random internet whores, what Im mad about is the fact that I have to stand in line for 20 - 40 minutes while the duplicate it.
And here is a golf clap that you survived 9/11:
*pat pat pat pat pat*
Your a very lucky person, seriously, you should be very grateful to whatever got you out of there alive, but its completely appalling to me, that a special person like yourself, one that literally survived such a tragedy, unlike the rest of us that figuratively survived it, would throw your freedom and rights out the window because you believe that an under-trained monkey with the yes/no seal of approval to let you in the country is really doing anything to "stop" terrorism.
People like you and the piss-poor idiots that pass this bullshit legislation are what is making this country suck.
I don't know if anyone even considered that an actual terrorist or "bad" person would even be half as stupid as what the person/persons who came up with the search the computer idea. For a terrorist to actually be stupid enough to have incriminating data, whatever it may be, on the laptop that is coming into the country, then this is the terrorist that is just holding a sign saying "I'm a terrorist, come and shoot me!" There will not be anything beneficial that comes out of the homeland security agent searching the computer of anyone. It is just another waste of time that the agent could be using searching for other more critical materials (ie. bomb materials, nuclear material, biological agents). All the bad guy has to do is go to the nearest UPS type store and have the laptop shipped to an address of his choosing within the US. To the best of my knowledge, the only checks made on the material shipped this way is if it is really what is claimed to be getting shipped and not something else hiding in the package...it is just a "consumer purchase" is all that has to be said to the UPS rep. Furthermore, even it the computer was checked before UPS shipped it, as long as the terrorist gets the computer in the US all that has to be done is for the person to jump online at any of the cyper-cafes or steal someone's wireless access or use the "free" public wireless that is becoming more popular now, get the info that he needs and then where are we (US citizens) now... The bad guy just needs to bypass the check at the border...mail the laptop to him/herself and the just get the data that is needed anywhere access to the internet is provided. So what good does having a customs agent search the computers entering the US do but to waste time, money, energy, and take another person off of doing a needed search or assisting a fellow officer to protect us when it is needed. I mean think about it, all the computer is to the terrorist is a throw away item that they just use to get to their end results with. The would never just "leave" sensitive, condemning data what it could be on a computer that could just be left or thrown at anytime by the person. Gee, they just go the the local best buy and spend $500 for a cheep replacement laptop and they are back in business.
Please explain to me how searching hard drives is "securing the border" when we live in the age of the internet. I don't mind a customs agent making sure that my laptop is, in fact, a laptop, but asking a marginally-trained TSA employee to examine all the data on a computer within the few minutes is like asking someone from your lawn service to do a five-minute inspection of a 2" square patch of vinyl siding to determine whether you have a mold problem in your basement.
In both cases you're asking the wrong guy to look at the wrong things, giving him no time or tools to do his "search", and then wondering why it didn't do anything to actually improve the situation. If it's illegal, then the problem is totally different and you have no right to complain about it. We have every right to complain. Since when have law and morality been linked in this country?
I suspect this is a bunch of FUD. I visited the Ukraine last November and when I came back I wasn't even asked to power on my laptop. And yet they might copy all your files off for examination later? Suuure. Rated "possible but unlikely."
Do you have ANY idea how much data storage would be required just to capture that? Not to mention the amount of time sifting through all that crap? And for what? It's too easy to cleverly disguise it or encrypt your data. I just don't buy it.
I think it's more likely that if you are suspected of smuggling something, THEN they might start looking at your junk on your computer, and only keep the data if they really suspect something. But otherwise, I don't believe they have the resources to store and analyze too much or too deeply on a cursory search level.
"They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
And we don't care that you have downloaded copies of Real Genius and Office Space on your laptop. We'll even let the few pictures of that gril who is 16 and the squirting videos slide.
Nothing to see here really, so we are moving along.
This isn't a TSA issue. In fact, TSA doesn't give a shit if you have "suspicious data" or what not. They just care about "suspicious devices". In which case, if they even ask you to turn on your laptop, it's only to make sure that it's not a bomb. I travel weekly with 2 laptops and have never been hassled about them (except when I didn't put the laptop in its own bin, but I was a n00b at the time). Usually I just get comments like "Wow, two laptops! You must be a very busy guy!" and then I'm on my way. TSA is more likely to hassle you about your liquids than anything. My first week of flying regularly they confiscated all of my toiletries. Man was I pissed. I didn't know how I was going to handle flying for the remainder of my project, but you get to know the ins and outs of getting through security. I only recently was randomly checked, but it was just my liquids for a quick "lab test" and then I was on my way.
So in this discussion, keep in mind this is International travel and only customs you're worrying about. Should keep things in perspective.
"It's not whether you win or lose, it's how drunk you get." -- H. J. Simpson
...and if you travel alone?
"They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
Get yourself a 160Gb iPod, put some music on it, and store your data on there as well. It's not illegal to do so, and if they find it, all you have to say is yes, that's where you keep your data when you travel.
A learning experience is one of those things that say, 'You know that thing you just did? Don't do that.' - D. Adams
Use something like this : http://gentoo-wiki.com/TIP_Bootable_Floppy_with_GRUB and keep this floppy somewhere they won't find it.
I can't call that English
If customs loses / deletes / holds your laptop and causes injury to your or your company, they usually escape liability... So what about simply telling them that your company requires the name and contact information for anyone who accesses your computer, and, further, requires a written and audio recorded statement to the affect of anyone who accesses the computer becomes liable for loss, damages, copyright violations loss of proprietary information etc. Once they give the information and sign the form, then they can have the computer. But, if it was me, I would turn on an audio recorder at the first sign of trouble, and get them to say their name.
Republican leadership = Idiocracy
Ok first off here is the ruling
Link to pdf
Second it is done by the 9th court of appeals the most over turned court in the land.
Third they are stretching the powers of searching they reference a search done in a van where items were in plain view. This required the powering up of a laptop and then looking around a bit of a stretch. Also the agent did not ask to search the laptop thus not having rights to start searching through something not in plain view.
Fourth , but no where near least, the guy is implicated in having kiddie p0rn. Hello! If you are not breaking the law the you really have nothing to fear.
Five at all times during a warrant less search you always.. always! have the right to stop the search. Ya it might mean you will be detained a little bit more but if you have done nothing illegal then it is something to have a little hassle to stand up for your rights. Besides at that point if they really really wanted to get in there they are not under the several of the search clauses and will need to get a warrant to proceed. I don't care what everyone says blah blah blah if you are not breaking the law they you don't have anything to hide period. If you bow up on them they will only suspect you have something to hide, common sense.
So stop with the America bashing if you don't like America leave! If you are not in America and hate it Stay out! Simple as that.. too many people just wanna bash cause they can.
Some would say we have arrived long ago, but this is certainly a telling mark.
We are discussing "hiding legal and unincriminating" stuff so that we don't get hassled by government police. We have gone far beyond the "if you don't have anything to hide, you have nothing to fear" argument where now, even when you don't you have plenty to fear... in this case, potential loss of ability to work!!
They have been going too far for a while, but this is a point at which even the most common person can appreciate and understand the problem with this.
If the EFF were buying "public awareness" ad time on TV, radio and print (I haven't seen any if they already are) I'd donate $100 each month from now until "we've won" whatever that means. I'm sick of this.
Using Director or some similar app, make a "movie" that looks and acts like a BSOD or a "Sad Mac with chimes of Death" play on start up. They start it up, it seems to boot fine, then suddenly it "BSOD's" or the Sad Mac comes out and DING DING DONG" and goes black.
Then you get to yell at then for fucking up your laptop, and demand they buy you a new one RIGHT NOW GOD DAMN IT. And make 'em feel guilty. "LOOK - MY COMPUTER - THEY KILLED MY COMPUTER!!!" Start to cry about how much work you just lost because those numbskulls broke your computer.
They'll close it, right quick, and give it back to you and put you on your plane and hope you shut up.
Maybe?
RS
Shoes for Industry. Shoes for the Dead.
I find it really interesting that noone here seriously objects this procedure. Should not they need a court ruling to search your computer? Probably people will have more important stuff in their computers than their homes.
It appears your have shitty reading comprehension.
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
Read that until you understand it, and no, you don't understand it or you wouldn't have made that last moronic post.
If they download the entire contents of a laptop and said laptop is full of MP3s, wouldn't they be guilty of pirating RIAA material?
As for customs, if they have me boot the system, they will not take long to find a directory, helpfully named "images". When they look in it, they will find a very large collection of high resolution astrophotographs. Some approaching 100 MBytes in size. They are welcome to make copies. After all, the government funded the acquisition of the images.
I hope that this unreasonable approach is rapidly dropped.
If you need access to information that you don't want people accessing, store it on a server in a trusted location / jurisdiction and get at it over an SSL / VPN / IpSec channel.
ipods. I mean, come on, they're nothing more than several dozen GB thumbdrives, you can easily put all your stuff on there and carry it with you without suspicion.
"linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
Thank You
How much is your data worth? Back it up now.
(volumes cannot be distinguished from random data)
Aye, there's the rub.
Most files CAN be distinguished from random data. If not outright human-readable (text, XML, etc.), they start with header data which can be visually recognized with a little experience. File sizes are predictably reflective of the directory context. Browsing the rest of a file's content usually reveals non-random components.
TrueCrypt claiming to be indistinguishable from "random data" is kinda like the hotel security guy who was checking out my activity when I was bored (playing with video camera menu settings, waiting for someone) in a hotel lounge. It was obvious he was hotel security because he didn't have any official-looking paraphanalia AND was dressed in "I'm trying to blend in but don't know how" attire. It was obvious he was checking out my activity because he wandered close, looked around like he was looking for someone, and left - when there was absolutely nobody else in the lounge. And from his "I'm not hotel security, no really" dress & demeanor, I knew something would come of it - manifest a few minutes later when the Federal Marshals showed up.
A TrueCrypt file (or partition) hits the "uncanny valley" realm: it tries so hard to blend in that we become keenly & deeply aware that it doesn't; the deep-seated human mechanism for sensing "something is wrong here" kicks in.
It stands out precisely because it so completely doesn't.
Can we get a "-1 Wrong" moderation option?
That's amazing, you'd better get that info to the 9th circuit (where the decision was made), I can't believe they'd overlook something like that...
Have you read the judgment? That might be a good place to start.
You could store your secret files on amstrad floppy disks. For added security, you could store them where gold watches get stored to not get into the hands of the vietcong. I don't want to go into the details, but the amstrad floppy should provide enough security alone.
Customs agents (US and Japanese) stopped me several times over the years to inspect my laptop. In every case that I can remember I was able to dodge "inspection" by simply saying that I couldn't turn my laptop on because no battery was installed (which was the truth). I would only carry a power cord in my laptop case, no batteries.
My battery was actually located in a separate carry-on; a backpack or a suitcase or some such.
I guess if they were really interested in the laptop they could've plugged it in to a wall outlet and gotten into it that way.. but they never asked to do that.
present day... present time... hahahaha...
Put all your important data on one of these - or better yet, don't rip the cable up - leave it alone so it looks like any other cable.
When information is power, privacy is freedom.
... I refuse to visit the US for anything. I've spent a few years living there pre-Bush, and enjoyed immensely and still have many friends there that I'd like to visit, but the minute some minimum wage mouthbreather touches my laptop is over my cold dead body. The IP on the laptop, along with discussions that I prefer to keep private (even though they're no worse than the occasional rant on stupid users) aren't for them to see.
It's silly though the amount of people that agree to this searching. It's the same kind of people that still think it's a wonderful idea to ask the "Are you now, or have ever been a member of the nazi party" and "Are you part of a terrorist organisation" on an I-94 entry form. I mean, sure, I'll just check the "yes" box on that. How retarded does one have to be to think putting that question on a bit of paper is going to catch anyone.
How retarded does the US government have to be to think that searching laptops, optionally seizing them, and booting people back to country of origin when they don't cooperate, is going to help the "war on terror". All it will do is make sure that business will be conducted outside the US.
Sad to see how a government is so capable of tearing down the country they're supposed to govern.
There is no sig...
...I've just come to understand that a clusterfuck requires participants to continue. I'm not going to participate in this one, and I'm gonna try to talk others out of participating too.
I know it isn't really any of my business, but I abhor the existence of a clusterfuck.
It's right to fight against a corrupt system that you know is wrong. That forces people to change their ways.
Either flood them with border crossing with laptops or don't use them (don't go in and out of the country).
I would recommend that everyone stay away from the US if you value your data and property.
Me: Yeah, the legal dept says I had to according to *applicable law*.
upon the advice of my lawyer, i have no sig at this time
...that can hassle me and steal my possesions and data. I guess I've been lucky to only be mauled by the TSA.
Apparently a lot of this has to do with trying to find kiddie porn. If you go over to flyertalk, you will find plenty of discussion where just about every american who travels to certain asian countries and has a laptop/digital camera is having to let customs go through their stuff.
Bring back the old version of slashdot.
It seems there are these tubes that I can put my likeness and voice in, and have them come out in far away place. Whenever somebody demands I transport my 180 lbs of meat to some distant destination, I recognize them for what they are: cannibals, trying to trick me into the pot.
To give some real word stats, several co-workers of mine have traveled to India and Dubai and back to the US recently, and none have had their laptops searched. One traveled via Syria on the way back, and he was questioned vigorously, but he was not asked to turn his laptop on.
Basically, customs has the right to make your entry a hassle if you are determined to make it so. But it's in their their interest to be as expeditious as possible, and the people in line behind you will appreciate you not being an asshole about opening your computer.
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
My suggestion to you is to get an education. You can either do this via self-study or a formal institution of higher learning. Either way, you're in desperate need of it. Until then, it would be best if you'd just STFU. thx
Are agnostics skeptical of unicorns too?
No, that would be seizing it. They need an excuse to seize it. Customs can search without cause, and they can seize things by giving an excuse.
There, fixed that for you.
Twinstiq, game news
Don't encrypt the whole drive. Set up some loop-back mounts via encfs.
/etc/fstab, and that they are not mounted on boot. Manually mount them when you need to read/write the sensitive data. Manually unmount them when you're done with the data.
Make sure that these mounts do NOT go in
You machine will boot right up on power on, with no indication that there's encryped data on the drive. The drive can be imaged, but they'll just end up with encrypted data. It looks like normal files and directories, but with names that look like gibberish and content that looks like gibberish.
In the course of every project, it will become necessary to shoot the scientists and begin production.
[theory, of course]
What is this, people? Waving flags screaming "I'm hiding something!"
If I actually had something to hide, say, key NDA-restricted docs, and I HAD to carry them on me, I wouldn't put up red flags like obvious encryption or a partition with some weird-ass hippiecommie suspicious linux install. If you want to fly below radar, you need stealth.
First: a vanilla install of windows or macOS. Standard business apps, standard documents folder with typical usage, such as correspondence, presentations, expenses, etc.
Second: family photos. Friends on vacation, etc. Make them more than typical: lots of them, and innocuous. If you're too straightlaced to keep personal stuff on your computer, that's suspicious too.
Third: on a different computer, encrypt your files with decent encryption, AES or something, using strong password. Make sure the file name isn't interesting. Doesn't matter, if a professional gets the files, they'll be cracked; the point is to keep them unobserved, so this part's kind of optional.
Fourth: mask them inside innocuous files like the photos. Transfer them to your laptop. Now you're camouflaged. Smile, respect, make eye contact, be naturally a tiny bit nervous but with nothing to hide.
The secret to security? don't get caught.
[/theory]
Damn those pesky terrorists
I purchased a smaller 20GB hard drive that I physically swap out of my Thinkpad before going to the USA. The drive contains a virgin install of Windows and my work programs. It is physically wiped using a hard drive eraser program and imaged using Acronis TI Home each time I wish to travel outside Canada. My everyday hard drive stays safely at home in my wall safe.
There is no MS Outlook information (emails, account info., address book) or browser bookmarks. There is also no passwords on the machine for any of my programs. This information is stored in a database behind a secure web page on a web sever at work in the first place (using a VPN). Web page scripts can easily archive (zip up on the fly with password protection), FTP and encrypt data into databases without the data being physically stored on your computer at all. I use the web server's web based email client and calendar script to read/send email & keep track of my itinerary. I realize email is sent in plain text anyhow so sending yourself an email with your usernames/passwords in the body of the message is pretty much akin to privacy suicide so I wouldn't recommend you do that unless you send a password protected archive file (RAR, ZIP etc. - even using this offers weak protection but it's better than nothing). Nothing touches the computer's hard drive itself-just the memory state.
Web page scripts are wonderful these days, I mean you can find or build scripts to create/edit content, collaborate on documents, create password encrypted PDF files and store them encrypted in a secure database almost at will. There are web based chat clients and video conferencing scripts too that don't store information on your hard drive also. The only thing you need to worry about is interfacing with the web page in the first place which brings in to play the virgin imaged hard drive I mentioned earlier. As long as you don't store anything on your computer physically it can not be stolen from you. One of the Internet's best attributes is that it is stateless (and one of it's worst too for different reasons), use this to your advantage and you can keep your rights protected.
I realize that hackers and those using network sniffers out there can get my data too so don't think I am oblivious to all the tricks to circumvent what I have mentioned. But at least when I go over the border, if I get stopped by US agents, the only thing they are getting from me is a wild goose chase and a pristine virgin hard drive image.
The "Home of the brave, and the land of the...untrusted?"
Posting anonymously because I am practicing what I preach...
Reason #197237395 why I will never ever travel to or through the US. I even avoid buying products made there where I can.
If they'll sign a non-disclosure agreement I'll let them see my data. If not, they're potentially inviting me to break some other laws.
Hidden volume
Only on Windows. On MacOS X and Linux, this is not available, for unstated reasons.
Please help metamoderate.
Actually, my comment is that government and its representatives are typically inept and apathetic.
Good point. You could avoid that problem by encrypting your root filesystem and booting from trusted media, e.g. a CD or USB stick. That way, the agents can't install a rootkit, since (1) they don't know the root filesystem key, and (2) they can't get the laptop to load extra files during boot. (You could also use TCPA to manage the boot process on some laptops: the TCPA chip could store part of the filesystem key and only provide it if the boot files were unmodified.)
>north
You're an immobile computer, remember?
Thank you for all your suggestions. We shall take these under advisement.
- Your friendly U.S. Customs Agent
In case you didn't notice, the elites in the US ignore peaceable assemblies and everything you learned in high school social studies is bald-faced bullshit. Who needs noblesse oblige when you have Blackwater?
/. -- the Free Republic of technology.
When you entered the US you were examined and sent on your way, while when you entered China, you were sent on your way, then the examination began.
Frankly, you can have "easier to enter" if the end result is you leave me the fuck alone once I'm in.
These are pretty standard questions. Often the answers to each question by itself doesn't matter. They are intended to find inconsistencies with your story.
On a side note, "Are you a citizen" is not a good question. "Where were you born" is much better since it often leads to more questions.
Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
Here is a hint: Never EVER say to a custom's agent, "Someone else give me this package/suitcase/USB Drive/whatever to smuggle into your country. I have no idea what is inside." Saying something like this is a great way to get yourself detained.
They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock
Just because we decide we have the right to do something, doesn't mean it's a good idea. This policy, and many like it, declare to the rest of the world that we don't care what they think or how they feel. And it subtly...or perhaps not so subtly...encourages people not to come here. Even those coming here to do legitimate business now have to take the extra step to cleanse and secure their laptops.
I've traveled the world and every time the part of the trip I dreaded the most was coming back through US Customs.
The other issue is just how much real crime this catches. Certainly no one with any training in actual trade craft is going to carry anything sensitive on a laptop. The bulk of really juicy espionage goes out in diplomatic pouches or over sophisticated communication gear. All this effort to what end? It trains friend and foe how to secure their data, eliminating the risk we'd be able to recover anything from the real trouble makers if they mess up after they're in the country.
So the effect on real crime is minimal, it's one more reason not to come here and it makes data recovery in every criminal investigation more difficult by widely advertising data security tools. Yeah, that sounds like a Homeland Security policy alright.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Next time your laptop breaks down leave the country and come back in and let the TSA figure out whats wrong. Better yet just to screw with them every time you go out of the country buy a cheap busted laptop and carry in though customs.
If you are not breaking the law the you really have nothing to fear.
/. -- the Free Republic of technology.
He gives one piece of very bad advice, on the subject of keeping your data on a big memory card and keeping it in your wallet. He says:
'If someone does discover it, you can try saying: "I don't know what's on there. My boss told me to give it to the head of the New York office."'
Never ever lie to customs guys. If they ring your boss and he denies it, or if you later change your story and say "oh yes, that's really all my files", or if you can't instantly give the address of the fictional 'New York office', then you better start relaxing in preparation for them gloving up to see if you are hiding any other memory cards.
Same with hidden partitions. If, by sheer bad luck, you do encounter a tech-savvy customs guy and he says 'have you got any hidden partitions on here?', say 'Yes'. Better than saying 'No' and having them find out later.
I'm not saying roll over and give them everything - you have rights - just don't lie.
Vive la Resistance !
I was sure that the very sight of Linux would induce fear and panic in the typical customs agent, staring at some strange interface that isn't Windows or MacOS. They might think you're an alien!
The path to enlightenment is truly through homemade drugs!
Law enforcement has "good faith" exceptions to just about every rule in the book. Besides that, the AAs need the lawyers and guns on their side to ensure a predictable market for bubblegum teen music. Would you give that up for one shot at a paltry $222k?
/. -- the Free Republic of technology.
Dear Slashdot Community, Thank you for your input in our continued process improvement. These tactics and been noted and will be evaluated. Sincerely, Somebody Competent Homeland Security
I'm going to install Plan9 on my laptop when I go to the UK this summer. I can't wait to see what happens.
Truecrypt has been mentioned in this thread already - it can create hidden partitions. You can even create an encrypted partition WITH a hidden encrypted partition. This way, they find the encrypted partition, get to browse through your tax returns for a few years... and never find the plans for that EMP bomb you keep promising yourself you'll try to make some day...
Of course if you really have data you want protected - encrypt it using any one of a number of standard encryption technologies... put the private key on a flash disk and send to yourself via mail (or at least make sure it's not on your person)
Then, when they ask you to decrypt it, explain that for security reasons you've locked that file for transit and that not even you will be able to access it until you get home and receive the decryption key. Or just lie and pretend you're Johnny Mnemonic... you know, secure data courier of the future... "That's not mine, that's my clients... see, I don't have any keyring TO unlock to get into it!" and so on...
The story discusses a bit the problem of secure passwords. Here's what I do:
My passwords are all based on short little stories or sentences that I make up. The first step is that you have to set up very clearly defined rules. You can't just use every third word. So I use things like every n^th letter. Then I throw in things like if I can work in a vocalization of a special character, I do that. For instance, at always becomes @ and is included in the password. Star becomes * (or also if I can find a way to work in asterisk). Any numbers I can work in are included in the password as arabic numerals.
I have a few sets of rules based on how secure I want the password to be. The most secure ones follow rules that will make the most complicated passwords. This way, I just need to remember a few sets of rules, and several little stories or whatever. The rules are harder to remember, so I don't change them frequently. But the stories, and thus the passwords are easy to remember, so I can change them easily and frequently. So, lets make our example.
I'll make a new set of rules so I don't give away my important secrets. Let's say the 5th letter of every word is in the password. If a word is shorter than 5 letters, like "the", you just go back to the beginning of the word and keep counting. So "h" would be our letter for the word "the". Also, we'll make the letters from these shorter words capitalized. We'll count the number of letters of any word ending in a vowel, and put that number after the letter from that word. We'll include any and all punctuation. And we'll include words that correspond to special characters. (it may help to clearly define these words to, but we'll skip that). And we'll include any numbers in our story as arabic numerals. We'll include the standard abbreviations of any ordinal numbers too. Like 7th for seventh. A number counts as one word, but of course we don't put a letter.
So, from there, you can either just make up a story, and use that for your password to whatever, or you can try to associate the story with whatever the password is for. So. Say I want to open an account so I don't have to post as AC, and people will read my comment. So. Slashdot... do some free association. Slasher films come to mind. And friday the 13th would be convenient, as it includes a number, albeit a commonly used one, I'm sure. So we just make up a little story or something.
Jason, protagonist of the movie Friday the 13th, is a raving murderer.
So that gives us for our password "n,aO2H3e5aH313th,IA1nE." That's a long one. Also, it gives away relatively obviously where every "the" is. And of course associating the password to slashdot, instead of just doing a random sentence, is less secure. But whatever. It's a pretty secure password otherwise.
Would you try bring a pound of hash from turkey in your backback ? You would mail it and pay the extra charge for insurance.
A lot of the posts above point out that they can do these searches because you haven't technically entered the US yet (not cleared Customs). So, if you haven't entered the US yet US law shouldn't have jurisdiction. So I don't see how lieing to a federal agent outside the US is a felony.
I'm not advocating anything either way but there is a contradiction there. You can't be outside the US so US law doesn't apply and the searches are legal and inside the US so that US law applies at the same time.
If you are traveling for work, consider asking them for a travel-laptop that you can check-out which contains the regular company image and no related information. If your company is doing the right thing, they will be aware of the policies of Customs agents worldwide. It may seem like a pain, but if they are serious about protecting the data on your computer, they will happily purchase a few. Otherwise it means the policies of drive-encryption, etc.. are all just lip-service. If it's your personal machine, it's time to format and reinstall. You can restore from the backup when you get home.... You do have a backup, don't you? :)
You know Sudan's on a whole other continent, right?
DRM: Terminator crops for your mind!
Only remember the passphrase in one of your multiple personalities, preferably 'Angry Steve'. Hey, if they want to mess with angry Steve, well... you did warn them.
Well to be honest what is there to fear so far all you have done in your "discussion" is call me an idiot so I guess we were in the same educated class for debates. You are correct my way or the highway there has to be a set of laws. Now my question to you am I for or against this ? I doubt if you read my entire post. Oh and I do believe I have as much of a right as you to post to tell me to shut the fuck up just shows that you are the one who really needs an education in debate.
...you can't prove there isn't one. Neither can they prove that there is. They may argue that it's likely, but whatever.
However, it's also one of the pitfalls. They're not 100% stupid and I wouldn't put it past them to say "okay, then you won't mind if I zero out all the stuff that you claim doesn't have any data". That wouldn't take particularly long, so what is your defense going to be?
However, I don't know if they can actually write data to your machine; I think the current provisions are read-only? whatever.
Is everybody who enters a country a potential threat? Is everything they may carry potentially dangerous? Can't they obtain material for an explosive device inside? To give citizens a fake sense of safety? To feel that you are a powerful nation and can do whatever you want with people that visit?
No. No. Yes. Yes. Yes.
My blog
And I know a few there. They were TOTAL idiots when I worked them. I have every reason to believe they remain in the same position. In fact, DHS is probably the dept, where the major qualifier for getting in, was belonging to the republican party.
Forget about being deprived. The people with the copy have now OBTAINED something of value.
In the case of the laptop it may be company secrets, business transaction data, or marketing or product plans. It may be account numbers, passwords, and SSNs. It may be self-incriminating like copies of finacial records or tax returns or emails, or embarassing (and potentially blackmailable) personal information, photos, etc..
And once that information has been obtained, it can most certainly be used to DEPRIVE you of your lievelyhood, your savings, your property, and in many not-so extreme cases, your freedom.
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
Anyone who does NOT refuse a border agent's request to "type your password" is a coward and not worthy to call themselves an American IMO. It may seem like a small thing, a way to avoid being detained and hassled all day, but it's the little things like this that define the boundary of where our freedoms are being slowly stripped away.
The old Ben Franklin statement about those who would trade liberty for security comes to mind. It's a shame when people say, "It's all about the benjamins," that it's not THAT sentiment they're talking about. Stand up for your rights NOW - no matter how "inconvenient" it may be - or soon you won't have any to worry about. Sheeple, indeed. Pussies is more like it.
How do you get on the radar in the first place? Be a white male travelling alone, 30 - 50 years old, slightly dorky, and, most importantly, be travelling home from a 'vacation' in a nation that is known for child s3x tourism, packing a digital camera and a laptop. Apparently there's about one tourist a week in his airport that fits the profile and has unencrypted kiddie pr0n on the tourist's 'inspected' laptop.
Wow that is really insightful.
Yes the pure fact of the matter is if they want to crack your data they will. It is the weight of living in a police state that has us convinced that we can win a war against fear by scaring us *witless* So your combo seems to be the most well thought out so far. The BEST security is to not vote these jokers in in the first place.
BUT the strangest thing is that if they really want to get at my data all they would really have to do is take me in the back and beat the crap out of me. I think I can remember just about any password
I think that if they imaged my box, then the best that they would get is a great Jazz + Funk Collection ~Some T&A pr@wn and whatever movie I have to watch on the plane
--Shaddup and support your local PBS station Plan for it
Anybody got any views on what customs would make of a load of (for example) downloaded TV series/films etc? Would they pick you up on that or are they only interested in dodgy porn/bomb plans?
... is not to catch any illegal bits, but to instill the daily dose of fear into subjects*.
Moving any truly illegal bits is so much easier over the internet, with near-zero risk of getting caught.
* plus, the noble cause of removing the retarded from the general public.
Why anyone would bother to port anything other than a 'dumb terminal' is beyond me. Set up your core 'x' files online and connect to the web in one of 100000 hotels across the country. Re-sync your computer if you like that word or use remote desktop or an old fashioned UNIX shell account. Just keep all of the connection data in your head and don't use the terminal to connect to the 'x files' before you go. Oh yea make sure to burn in a valid use time in your terminal so all file creation dates span back a good time. PS free OS's don't need registration and therefore cannot be tied to a passport.
10.5 (and Linux) for that matter allow me to keep my `~/`-home directory on another slice or partition. As a matter of preference when I travel I go lightly, just an iPhone and a Firewire drive. and that drive goes in the luggage right on top. As a professional I act like a professional and get treated as a professional.
If I was carrying some wrong sh*t I would NOT fly with it. As a criminal I would expect to be treated like a perp. Please expect that if you have done something really worth them looking into that they will not break a sweat working you over inside and out.
However, at the worst since I AM innocent, if they took my drive or computer, then it is just a copy of what I have at home. When I get to the remote site everything that I need and all of my preferencess and errata are right there on the remote computer. If they had my box for more than half an hour I would wipe it no questions asked.
The iPhone gives me just about 80 percent of the functionality all of the time and then I am -in and out- swiftly
--Shaddup and support your local PBS station Plan for it
Wait.. this is from the 9th Circuit Court of Appeals??? LOL.. so everyone here who blames the Bush administration for this apparently doesn't realize there isn't a court in this country LESS connected to the Pres than that one. In fact, you couldn't find a court with less in common with the president. They LOVE to legislate from the bench and care very little about the rights of Americans or the constitution. And you are right.. it will get overturned.
Create a large high entropy one time pad, store it on a micro-SD, use it to xor encrypt your compressed files. Clear any unused disk sectors and file padding space.
Tape the micro-SD to your armpit or groin, tell them straight up the files are encrypted and you don't have the key, but feel free to copy the drive.
You could go a step further and leave the one time pad on the drive, but have that encrypted with a memorized passphrase.
They would have to guess the passphrase, guess which file is the one time pad, and then apply that to your files before they could use them.
You could take these steps to whatever level you feel is needed. Multiple files, different passphrases, etc.
I bet it will drive them to distraction that they can't extract your data.
boot up to vanilla windows with a few docs, pics, home movies, games... the real work is done via vmware.
I dunno. I must be terminally boring. The only stuff that is even possibly a problem is my vast collection of Adult Swim. I know that's no problem so I'd have fun showing some poor bored customs guy around my laptop. Now the main machine might get me in a bit of trouble but not the lappy.
... is that scary or what. They'd wander off muttering about the crazy hippie and go on to the next poor fool.
Dig man see google earth and how it runs off my GPS. Lets walk around a bit and make a trail. What's your address man. Woop we there
I'm on OS X on a MacBook Pro. I use FileVault to encrypt my home directory and I use PGP Disk to encrypt two virtual drives (personal drive and my work drive).
This leaves my Shared user unencrypted, as well as all of my Application directories, System, etc. My Shared user is where I keep my music files and my iPhote directories, etc, btw.
I then set up two users and set my preferences so that it doesn't show the list of users at login, but instead makes you type in the login info. I have me, my regular user, but I also have a user with the name 'dev' that I can log into without a password.
With this setup there's a fair bit of my drive that isn't encrypted, and if someone does a file search for pictures or movies or music they will see some results. Hopefully they won't notice the encrypted virtual disks (which don't mount for the dev user) or notice that there's another user on the machine that they can't get into...
Honestly though, I'd probably just ship my laptop to wherever I'm going. If Customs intercepts it they can copy the harddrive for all I care - they won't have access to my work files, etc without some major key cracking powers.
Buy two MicroSD cards.
Put one in a camera. Leave a whole bunch of inane pictures of it.
Use the second one as your main file store. At $20-25 for a 4GB card, they're cheap. They're also 15x11mm, so small you'll "lose" them - oops - in your checked luggage and are never going to be spotted by a bored inspector, that barely graduated highschool, watching hundreds of thousands of large bags going by.
Alternatively, stick it in a GameBoy DS. They have SD readers. Look utterly bored as you wander through, in flight toy in hand. Odds of their bothering to inspect a children's toy and find something that looks like it's supposed to be there anyway, are next to zero.
At customs, look bored, hand over your largely empty laptop and meaningless digital camera.
Let them copy off anything they feel like. Don't fight it. Don't complain. Let them think they've got everything.
Once you're back on the other side, put the other card back in, get access to your files again.
No, it won't stop them if they're utterly convinced you're a terrorist. They'll take everything apart and will eventually find that tiny thing. The abusive copying of anyone's crap, with no grounds for suspicion, is going to leave them copying junk that means nothing to them. There's simply no time to search everyone to the degree they'd find the few people with a MicroSD card. And, even if they do, it's a totally legitimate thing to do so you can claim total ignorance.
4GB should be plenty for most trip type info. Sensitive business docs should easily fit in to that. If you store porn on your laptop, leave it on an external drive at home for when you get back. If you really must have some with you, if you need more than 4GB, it's time to admit you've got issues.
In all seriousness, please take off your tin toils hats and stop being some damn paranoid that the US is somehow going to arrest your at the border. Really, if you have nothing to hide then you have nothing to worry about.
My other advice: What kind of crazy idiot stores important or sensitive data or there laptop anyway? Your laptop is stolen and gets into the wrong hands, you're fucked (just pray your encryption isn't broken!).
Put it somewhere safe that you can get to it remotely. Then there won't be anything there for anyone to find, border patrol or otherwise.
...if you get a chance, try and do the same for somebody else. If it catches, we may eradicate global grouchiness for a time.
Nice try, but go read case history on border searches, your 4th Amendment rights do not apply at the border. The US Supreme Court has ruled on various occasions that provided the search does not a) Cause undue humiliation, or b) result in excessive destruction of property, US Customs Agents can get away with pretty much anything in order to keep the country safe (for varying values of safe). A good starter is the recent case of Arnold vs. the United States of America, and the case history it references.
Silly Americans, you think you still have your rights?
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
I'm coming from the "land of the free" to one of those wacky socialist European countries.
I know it's hard for US residents brainwashed during the cold war, but socialism is not an alternative to freedom or even to democracy . Socialism is an alternative economic system and as such would be an alternative to capitalism .
My comment was mean tot imply that "the government and its representatives" are typically inept and apathetic.
Guys your making this too hard. The plan I plan on using is this. Step 1 make a ghost image of the drive. Step 2 upload image to FTP. Step 3 wipe computer and load a fresh install of whatever os my windows product key says I should have. Step 4 put a copy of ghost on a micro SD card, but the micro sd card in the fold in my pocket watch. Step 5 when I get across the border find an open wi-fi (see hotel I'm staying at) and download image from FTP, then re-ghost drive. I got the idea from an old joke: before the belin wall came down this guy used to cross on his bicycle every day, the border guards KNEW he was smuggling something but could never prove it. when the wall came down a former guard ran into him and asked him what was it he was smuggling the man answered "bicycle parts." I don't have to get the data in, thats easy, I just need the hardware to pass muster.
-Ours is the wisdom of Solomon, the magic of Merlyn, the fall of Icaris.
On either Windows or Mac OS X, encrypt your home folder (or whatever data you don't want seen). Then make a different user with enough customization to be believable (different background, etc. -- bonus points if it's a badly pixellated picture of your kids or girlfriend or something), and if the customs agent makes you log in, use the decoy user instead. That way your data is never decrypted and you never type a password they could use to access it.
If you're really worried, make the real user a different name than yours, so you can claim it's the login of somebody else who might plausibly use your computer, and that you don't know the password.
PhonebookFS provides this functionality for Linux.
http://www.freenet.org.nz/phonebook/manual.html
DRM: Terminator crops for your mind!
4th amendment is trumped by right to enforce sovereign borders. It's been this way for a long time.
Definitely! The only thing someone with no particular interest in computers would know about booting is that it's done with a big strong shoe that is generally waterproof. That "dual booting with hidden OS" setup sounds very good indeed. I used to do a lot of PC repair, I've dealt with a lot of computer users, ranging from very competent users just short of geekdom to idiots who should not be allowed to take a computer online. Even if they do know what a bootloader is and what it does, they probably won't have a good idea what Linux is, although they may try "the other menu option" just out of curiosity.
The chance of a non-geek having the slightest clue about anything that happens before the Windows login is practically nonexistant.
"When information is power, privacy is freedom" - Jah-Wren Ryel
QFT
DRM: Terminator crops for your mind!
When the customs agent disassembles your laptop, pulls the real hard drive, and plugs it into his all-in-one external hard disk enclosure, how does this help again? Or do they extract the data with some sort of quantum entanglement drive?
"When information is power, privacy is freedom" - Jah-Wren Ryel
Video files are expected to be large and thus won't arouse too much suspicion if you hide your data in them.
Just append bigg-ish data in binary format to highly compressed mpeg files.
That'll keep allow 'em to play in media players, thus avoiding suspicion.
Just remember at what index/byte point you appened it so you can snip out the "header" mpeg file.
http://www.object404.com
I would not really be all that bothered if the customs inspectors saw what was on my laptop when I crossed the border. What would bother me is the risk of having the data on it copied, with the copy going somewhere where I have no control at all over it.
Suppose I am travelling to the USA to meet an important customer, potentially to close a multimillion deal with them. For practical purposes I would like to have all relevant data in the laptop, rather than having to download it from internet once I am in the country.
Therefore, I would like to bring the current policy down, from inside. This can be done by, for example, providing a large number of unencrypted files (with content suited to your own area of expertise) that look genuine, but are actually complete rubbish. They could be eg designs of new weapons (for an engineer), a medical report on some high-up official (for a doctor), a contract proposal in which the American counterpart is doing something illegal (for business men or lawyers)... If the customs inspectors make a habit of copying* 'interesting' files, all these will be copied and the effect of it will eventually be observable: your 'business partner' will be raided by police because of the content of your bogus business proposal, some American weapons manufacturer might issue a press release about the same weapon you described in your made-up technical specification...
I realise that one person on his/her own has no power to accomplish anything like this, but if most people did this, eventually the customs officers would have to stop copying files, simply because the signal-to-noise ratio is too low.
And to protect the business traveler from having to lie to the inspectors, the laptop should be prepared by someone else, with lots of bogus files. Enough bogus files to hide the true files without other effort, and the traveler will be told which files to use only when he/she calls the company HQ by phone.
* Copying and giving the copies to the CIA, NSA or any American company with which I happen to be competing. If I happen to have some porn on my laptop and this is copied by the customs inspectors I couldn't care less.
Most of the curmudgeons and apathetic and overworked and tired club-hoppers most likely will be asleep. Not, give me a transport enhancer and a molecular scrambler, and I'd have NO qualms about setting up a defensive perimeter about my premises... .... (ducks and takes cover...)
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Create a partition on your hard drive and encrypt it with Truecypt. Mount the volume to do your work. When the volume is unmount there is NO WAY to tell if the partition holds data or random data.
>>"Any sovereign nation has the right to control who and what enters the country."
That is one view.
Actually, THAT IS THE DEFINITION of sovereignty. "Sovereignty is the exclusive right to have control over an area of governance, people, or oneself."
At its core, sovereignty is the ability to defend territory - which includes allowing people and things in, and more importantly, keeping them out.
If a nation CAN'T control who and what enters the country, then it's not a sovereignty. At least, I would argue it isn't. In that sense, it is one view, but a very well accepted view.
(true, there are few countries that could literally keep the US military from occupying their soil for at least a little while, but I don't count lack of relative military power in the normal course of current semi-peaceful global affairs as showing lack of sovereignty. Now, a lack of strong military in the middle of a continental war zone, where your borders are constantly being overrun by outside forces - that would seem to indicate that the old government no longer has sovereign control over that (ex-) country.)
they would know to LOOK for dual-booting machines. They'd know to ASK. They'd be hip to searching for VirtualBox or VMWare instances hiding partitions. They'd look for signatures of executables, and probably have a kit with all the fingerprints files of all the more 'worrisome' apps and those with crypto modules or dlls.
Then, as with in the 70's and 80' and before and since, when you return from a tech visit or an economic meeting, they'll want to 'debrief' you AND sift through your computer to find out what you know, and what you're hiding, or try to determine to whom you owe or assign your allegiance.
But, i agree with the reply to my earlier post: make EVERYONE a POI (person of interest) so as to cause the deliberate targeting of SO many travelers that it ends up pointing out the the only people getting stung are those not in the profile of dangerous people. Smart and real ter'rists will either memorize their component of a plan, or obtain instructions via other sources, fast or slow.
But, i guess the government agencies have to pull this bullshit hail mary stunt to deflect attention to the REAL story: they're monitoring and back-dooring every computer they can learn about, and most of that starts with the manufacturing process of the hardware and software. BIOS, OS, and other firmware and software are probably firmly in their grip. ISPs, TELCOs, cell companies, cabel providers, libraries, coffee shops, unsecured WIFI and hot spots used by anyone (encrypted or not), and so on. Soon, they'll tap the power grid, since it's a way to send traffic. i wouldn't be surprise if data over electricity is being adopted slowly because the various intel agencies are trying to coordinate government-power-company data routing. Now, THAT would be a REALLY good reason to use solar power and disconnect the home from the grid... Of course, one could probably find a noise generator to pollute ones own (and ONLY own) home to deal with any taps built into commercial products.
(puts tin foil hat back on shelf...)
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
yes, there is no doubt whatsoever.
I added the "whatsoever" to be even more insanely paranoid than you, and thus steal your Insightful mods.
"A National Security Letter..." over 3,000+ (if starting from 9/11)
... well, they're better of tapping me, but don't goddamned give me a letter... But, i suppose they already know there are SOME people not to be trifled with... to avoid at almost all costs when the price of monitoring is vastly cheaper than the cost of fucking with and leaving alive, non-crippled, non-incarcerated. (hold on... someone's knocking the door...)
Number of instances of having received a national security letter: 0
Number of times lied about the above: 0
Anything they want to know about me (outside of what i don't actually utter or write) can be found by tapping my phone, those of my friends, our computers, and by monitoring my DMV, ID, credit, SSA, and payroll information. Oh, and by reading my blogs and posts, elsewhere and here.
i will NEVER quietly accept and not speak about an NSL issued to me. I'll so incensed i might become discombobulated and
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
1. When conferences are being organized, avoid US sites right there in the planning stage. (This is already happening in my field.)
2. When travelling to a US conference, travel with a blank default install Windows or Mac box with no personal or private data on it at all. Do not carry any form of data with you (whether encrypted or not). If it is necessary to access private data, do it over an encrypted connection to the non-US based home server using a terminal session. No data is stored on the portable computer. If the hard drive is seized, there is nothing to get. (This is the solution being used by local doctors and lawyers travelling to the US where there are no privacy laws.)
Anything on your person when travelling to the US can be seized and you can be forced to give any passwords to anything encrypted.
Obama bin Laden must orgasm every single night at how spectacularly successful the 9/11 attacks were. It has to be the greatest success story of any kind thus far in the 21st century. Hate the guy all you want, he got everything he could ever want and then some.
E-tern.... some can't even execute a proper U-Turn...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
If you are not in America and hate it Stay out! Simple as that
Hey, I don't hate *America*.
I hate your *freedom*!!!
oh, wait...
In the free world the media isn't government run; the government is media run.
If you don't want Customs to read the laptop don't take it. Or at least, don't take ANYTHING you mind them reading. Yeah, you'll have a sucky time waiting to get a couple of GB back off gmail but if you don't want uncle sam reading your employer's confidential data it's a small price to pay, no?
Semper en excreta sumus solum profundum
While verbogeny is one of many pleasurettes afforded a creatific thinkerizer, it tends to emboggle hoi polloi when one enlicenses oneself surlibre.
id:3:initdefault:
(Slackware)
none of your personalities are planning to fly to Hawaii in July are they? If so, maybe I don't need a vacation that bad.
it is done by the 9th court of appeals the most over turned court in the land.
Because they HANDLE the most cases in the land. Adjusted for case volume, they are NOT overturned more.
from a Federal 9th Circuit judge: In the calendar year 2001, the Ninth Circuit terminated 10,372 cases, and was reversed in 14, with a correction rate of 1.35 per thousand. The Fourth Circuit, reputedly the most conservative circuit and the circuit with the second-largest number of cases reviewed by the Supreme Court, terminated 5,078 cases and was reversed in 7, making a correction rate of 1.38 per thousand.
---
at all times during a warrant less search you always.. always! have the right to stop the search
What??? YOU DO NOT - that's precisely what the court addressed - a border search doesn't require a warrant, so you can't claim they can't search without one. A traveler says "I agree to you searching me" when he presents himself at the U.S. border, and in addition BCP has the right to search you without a warrant. If you refuse, they will search you anyway before denying entry and sending you back to where you came from. I suppose you might count that as 'saying no', but not me.
I agree - stand up for your rights. However, in this case, you don't have any to stand up for. You can protest and say that you should, but that's not the same thing.
h/t: this prior /. posting
I wonder how they handle situations where an individual working for the US government has to travel with classified data on a laptop, and can therefore not allow any uncleared persons access to the information without it being considered a breach of security? I can see something like that happening to me someday if I ever have to travel for work. Maybe they have special travel "papers" for those carrying sensitive data? Why does that give me images of gestapo saying, "Vee have vays of making you talk!"
"You could bring a dead badger, but they'll get you for importing unauthorized meat."
And yes, it even runs Linux!!!
How to install Linux on a dead badger:
http://www.strangehorizons.com/2004/20040405/badger.shtml
Down With Slashdot BETA!!! I've been around the corner and seen the oliphant; you can only abuse me from your perspecti
How does it differ from Great Wall in China. Real time network monitoring vs. imaging your hard drive???
A few people mentioned directly booting into a fresh install of windows with a bunch of browser history and photographs/documents.
;)
The problem with this is that a fresh windows install runs quite well (for a few weeks anyways), so before you fly, fill the SOB with spyware, and I mean FILL. Make that sucker take 5 minutes to boot up, then BSOD 5 minutes later, just as he gets the start menu open!
If it looks like you can't even keep a machine running, they sure as hell won't think you can hide anything.
Why is that so hard? These are laptops, they are almost always installed on a small tray removable with a single screw.
Pop the drive out. Give it to someone else you are traveling with to put in their purse.
Also, on cell phones: on Windows Mobile phones run SPB Backup. Back up the entire phone to a memory card. Clear the memory, put the memory card in your pocket (or your camera if it fits). Take out your SIM.
Tada, dead phone, dead laptop. Both will turn on, neither has any data for customs to try and extract.
I told you to STFU because what you say represents a dangerous attitude that ultimately results in the loss of rights if people actually start to believe it. You need to study history to understand why what you said is horribly wrong. Your arguments have been used to promote ideas like fascism.
Are agnostics skeptical of unicorns too?
unbelievable. or otherwise, very believable.
This (sizing up laptop
Is it the case?
This is another reason heavy travelers should move away from the laptop.
You can either set up a flash drive (or even an MP3 player), giving you data portability and even applications and file security if you set it up. But the best solution is to use a mobile device, like a Blackberry (I refuse to recommend the iPhone until the device has SOME form of security on it, obscurity is not security). You could also try Palm or Windows Mobile, but those seem to be more trouble than they are worth.
The TSA drones are lucky they can figure out how to tie their shoes, so I'm sure telling them it's "just a phone" won't be much of an issue.
... lots of cases and complaints on file of this particular situation.
Any cites for this? I'm not being snarky, but if this is happening I would love to see it documented.
It is illegal under the UK Data Protection Act to disclose personal data to a third party without the permission of the data subject. It is also Illegal to obtain or attempt to obtain personal data without authorisation of the data subject.
Therefore the Customs officer/boarder is breaking the law and attempting to force the traveller to break the law. The traveller has an obligation reason to say NO.
How about deleting the incriminating stuff just before departure and use an undelete tool when you're cleared customs, being careful not to use the computer in the meantime. Would that work?
To use your analogy, it's not as if someone approached you in an otherwise unoccupied room and cased you. It's as if nothing appeared to be there at all. That part of the disk is free space. The room was empty except for you, because the thing in question was hidden entirely from your detection. The Federal Marshals would come from the blue in your perspective, just as your data would be hidden from the perspective of the uninformed "observing" a TrueCrypt file.
So though the uncanny valley is a good metaphysical point, it does not apply here because there's nothing to look "uncanny" in the first place.
Boss: Okay, so you're going to stay up until 2AM finishing it though right?
Just move all your data that may be questionable to another box with online capabilities, then once you have gotten past security connect to the internet and grab it over ssh.
Call your Facility Security Officer and ask him or her to call the FBI ASAP -- even if the material is not classified, if it involves any sensitive technology, the FBI should be notified of adverse attempts to acquire it by any customs agents.
Just dont go to the US.
they'll have to 'act fast' though..
I have not yet been out of the USA with a laptop, but if/when I have to, I already have my paranoid plan in place:
- Make an image file of the laptop's hard drive on an external hard drive; keep that in the USA in a safe place.
- Prepare two CDs to take with you: Darik's Boot and Nuke (http://dban.sourceforge.net/) and Windows 98.
- Before returning to the USA, save all modified documents to an online directory. Use DBAN to cleanse the hard drive, then install Windows 98. Throw out the CDs, since a hard-drive-cleansing CD might be "suspicious".
- When you get back home, copy that image file back to your hard drive. Back to work.
I figure this is the "safest" thing to do. If you run Linux, they might detain you/take the laptop because they "don't know Linux". If you simply keep the hard drive cleansed, that could look suspicious too. If they detain you or take the laptop anyway, they won't find anything. Don't worry about looking suspicious running Windows 98; they probably don't know the difference between 95 and XP.
I used to work for a school district that required cleaning old computers before auctioning, and we had a Windows 98 "exit image", which was basically a way to prove to auction-goers that the computer works--and that the hard drive is cleansed.
The only problem here is that your laptop is dead weight on your trip back home. If you need a working laptop, you could install Windows XP SP2, Firefox, and all the drivers you need.
If I were a business that sent employees out of the USA on a regular basis, I'd be tempted to buy a fleet of $400 "disposable laptops", on the realization that it's likely the laptops will be stolen on re-entry. I thought that was just something that happened in third-world countries.
Its came to this with the North Atlantic Union and the Patriot Act, most dumb down Americans never heard of this.
You get my vote, dude.
Brilliant response.
"We found a file on the suspect's desktop called OsamaBinLaden_20010911.avi. Our analysts have determined that he's never gonna give you up; and he's never gonna let you down..."
(AC: posting from work)
Great... So I'll make sure to have lots of "legal" music and movies on my laptop, so when they image my HD, I'll call the RIAA/MPAA and tell them the border folks just illegally copied a hundred gigs of their copyrighted works....
I for one plan on setting my wallpaper to a certain well-known picture of a man's distended anus.
"Of course, I'd be happy to enter my password!"
It would be nice for compusec to support plausible deniability. FDE should come with that as a default.
I would just as soon use truecrypt to turn my entire OS partition in to a shadow file and reinstall windows on a fresh partion.
Name the innocent shadow file RNGoutputtest, and gloss their eye's over explaining your math hobby.
Unfuck things after I've been through customs. Fuck those nosy bastards.
The last thing you do before getting off the plane is to delete the Truecrypt file.
Later, at home, use an undelete program (such as from www.undelete-plus.com) to undelete it. I tried it and it works. Undelete_plus copies the selected file to another drive and it's free. It's probably a very good idea to defrag the hard drive after creating the TC file so it's in one unit. Also, it might be a good idea to delete a few other large unimportant files so that, when you later power up, there is space available for any temp stuff; this should reduce the likelihood that the TC file would be partly overwritten before you do the undelete. And you can always copy the TC volume to another folder, defrag, then delete them both.
Another idea is to create a large AVI file on your camera's SD card. Use it for the TC volume. TC will not change the timestamp. The thumbnail shows up normally when browsing and it's unlikely that agents would want to view the video. It might be a good idea to have a few other boring videos as well.
If you're really paranoid, undelete the AVI file (and thumbnail) from the SC card. Undelete at leisure.
http://www.boingboing.net/2008/02/07/tsaconfiscating-lap.html
http://fanpotai.wordpress.com/2008/02/07/us-customs-confiscating-laptops/
http://www.daniweb.com/blogs/entry993.html
http://usefularts.us/2008/02/17/unreasonable-search-and-seizure-on-the-borders/
Explain to me why being refused entry into the USA is a bad thing? (Well, except for those that call it home, that could be a little bit bad.)
Or take an easier suggestion: don't go to the US. 10 year ago you had to go, if you were into business or technology. Now the country does not even manufacture or export (except fear). Sure there are sentimental reasons to go, but that won't cut it for business or research. You go to where the money and knowledge are, and that is nowadays spread around Europe and Asia, thanks to George and Bill.
...and it'll just keep getting worse.
I would think twice about making the US a middle or final destination if travelling (say to central/south America or Canada). I would have to copy to DVDs and post all the contents of my camera cards, prior to the border crossing, or risk losing the lot.
Falun Gong is assumed by the Chinese government to be a terrorist group.
Participation in Falun Gong, according to Manfred Nowak, the United Nations Special Rapporteur on Torture, is enough to get your organs harvested for transplant use, and your remains cremated to prevent your family from being able to prove the manner of your ending.
Would you continue to prefer this method of dealing with terrorism?
This article can be summed up in one simple sentence.
Remove your hard drive from your laptop while traveling and store it in another location.
simple answer short version : have the absolute minimum information possible on that laptop. Long answer? If it's a company laptop, get the I.T. dept* to perform a fresh ghost to it, and memorize your email passwords, don't use the email client to memorize them for you. Likewise with any passwords you need to access the company servers remotely via VPN or SSH. If you need files for that big business meeting, leave them on the company servers* until you get there and then download them when you arrive, they don't check your computer when you are *leaving* do they? (Even though the idea of software and algorithms being considered important to national security is older than this current BS, so it would make sense to check outbound traffic to make sure there is no high tech secrets on that laptop**) Saving important files while there? Upload them via that same VPN or SSH and then use a secure eraser program to wipe the local copy after you confirmed the successful transfer. Incidentally, I'm always a little disgusted when I hear about people losing or having stolen laptops which contain valuable or sensitive information on it. I know it's a PITA for your average bean counter who just needs to run some spread sheets over the weekend, but Government tax records, hospital patient records? Come on, given how sensitive these things are, the protection of my proposal makes so much sense I think it would be hard to explain to an auditor later why your I.T. department *didn't* enforce it. *Or do it yourself. I've seen many people posting here about dual booting on a laptop and how to hide that. In this example, I assume that any geek/nerd who is willing to dual boot a laptop probably has either a home server, a job in technology where VPN's are common or both. ** I know, I know, don't give the DHS any ideas right? As a card carrying pessimist, I assume that this is already in the works. I've already read about how the NSA is already probably reading the vast majority of Internet traffic***. ***Hence the suggestion of an encrypted protocol to transfer your data, oh sure the NSA can break any encryption you could install on a laptop, but having a tough one would at least make them work for it a little.
I need a wheelchair van for my son. Help me get the word out. https://www.gofundme.com/wheelchair-van-for-jj
One of the nicest things about free software is that it only takes about 15 minutes to wipe and reload everything with a fresh install. Then you can get the date you need and care about by sftp when you are past customs and wipe it out before you go home.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Speaking as a guy who was waken up by bomb alerts a few times as a kid and who lost friends/family to US sponsored terrorism...
Their job is not to protect you, their job is to make you feel secure... as far as I know, the vast majority of terrorist attacks n US soil were made by American citizens until now. Anyways, do you really think that terrorists would bother carrying attack plans on a laptop through the border? Shit, they could even simply save the plans as an encrypted attachment on their GMail account instead of smuggling it across the border.
OK, so as a foreigner who never committed a crime anywhere (and who has actually lived in the US for two years) I must now get fingerprinted and my fingerprints will be stored essentially infinitely in a criminal database. I must also allow them to make a clone copy of my disks if they see fit, without any probable cause, never mind that there would be a lot of proprietary information on it. I can also get detained or turned back at the border if I can't supply the password to an encrypted file present on the hard disk that I don't know because the file is actually linked to a corporate application. I can also be deported for torture if my name happens to sound similar to a wanted person.
All that so the sheep can feel protected from the evil foreigners?
Land of the free and home of the brave indeed...
The world doesn't revolve around the US either, I have deliberately avoided setting foot on US soil for 7 years now. I have spent my hard earned currencies in other countries that have not yet decided to treat me as a criminal for no reason whatsoever. With the technology available, there is absolutely no reason to bother taking the risk to cross the US border for business.
It sucks that I missed the wedding of friends because of that, but there's no way I'm ever setting foot on US soil while those laws are in the book.
I wonder most of people here are talking about encrypting and dual-boot linux environments. But as I see it, once the officers find out that you are trying to hide something then the game is over. There was one good post about rewriting beginning of file with some .avi movie or so and then use the real TrueCrypt volume (with offset).
This could be the most convenient technique of what was mentioned here, I think, but I would strongly recommend going through http://en.wikipedia.org/wiki/Steganography and following some links, which will surely lead you to programs, which can "hide" your encrypted content much better.
Then you would need not to worry when they do 1:1 hdd image and try to analyze it...
so, rather hiding of encrypted content than only encrypting it
I thought the article was somewhat distasteful. It informs the traveller of tips on how to become paranoid, as opposed to tips on how to act once you already have a reason to be paranoid. Why are we worried about love letters and browsing history? If you are trying to keep the TSA from finding your "Al Qaeda 9ul3s" google searches, then that's little different than going to all that trouble just to keep them from seeing "I think sheep are sexy".
Anyway, I just don't like to see people spending all this time trying to find reasons to be secure and private just for the sake of being secure and private. dig?
-P
"British customs agents search laptops for pornography"
Can't they just use the web like everyone else?
All these solutions being floated here don't take into account practicality; if I am a European business person who flies into JFK every other week, carrying a laptop full of company secrets - hell yes I would have the contents of my harddrive encrypted. And I would NOT reveal the password to anyone; the NSA is only too prone to pass interesting stuff on to US companies. Up- and downloading stuff onto servers elsewhere is simply no solution (for both security and practicality), and neither is giving up the password. What are my alternatives - how can I do business in the US now ?
Religion is what happens when nature strikes and groupthink goes wrong.
I've been sending several PC's back to Europe from China. 3 out of 3 came back to Europe with the HD pulled out and thtown losely back into the PC. No attempt to hide what was going on there.
S
Thanks to all, we have now a nice and pretty much complete list of things to check to make sure pretty much everything gets scanned while going through the U.S. customs.
:)
Maybe the average guard won't read Slashdot but if anybody in the entire U.S. customs administration is concerned by security and stumble upon this, it'll take nothing much than an hour or two for this smart head to read all the comments, make a nice and complete list of all the 'alternatives' and send it to his superiors for a future U.S. customs agent training udpate.
You can now forget about using any of your USB sticks, memory cards, dual boot, etc to pass the US customs.
Is Bruce Schneier secretly working for the U.S. customs?
I may sound like a troll, but seriously. If you don't like how a country treats you, you don't go to that country. The USA seems to be too desirable a country to let itself to treat all visitors like shit. First that fingerprinting stuff and now full search. No, thank you. I possess my dignity. I'll stay out of the States.
If you're traveling by air, use a Gobi thin client laptop. When you arrive at your destination, connect to your secure home network via VPN over wifi or 3G and bring up the same session you left safe at home! If anyone raises an eyebrow, tell them you got the idea from the former CTO of the DIA
In a lot of laptops these days you can simply take out the HD. Tell them the laptop is broken and you are taking it with you to fix it later. Send the HD w/ your luggage and plug it back in later.
Of course this wouldn't help if they look in your luggage and see the HD..
You could also just store all your information on a flash drive.. They are small enough to fit in your pocket, and unless you didn't notice, they don't usually check your pockets...
Will a flash drive set the metal detector off?
Soulution: store private files on your ipod.
That makes no sense you should see how much freedom others in the world have compared to us. And yes we are losing our freedoms in nips and tucks and that must stop. But we still have more freedom that 99% of the world.
Not you have taken my statements completely out of context. And by just yelling STFU has no substance. I fully agree that the 9th circuit should have never reversed this what the border agent did by going into the folder was wrong period and if you READ my my post you will understand that. BUT the initial search was valid and he was selected at random no freedom was lost at that point. And my over all point is if you are not doing anything illegal why are you so worried about what is on the laptop. All of this saving to a SFTP or encryption I fully understand keeping the government from my personal data but I have nothing to hide from a 10,000 foot view look of my stuff for security. But once they cross that I want the government to have a reason to look period. My statements have nothing to do with all the garbage you are throwing at me and you have yet to provide a valid argument to my statement other than scream at me and all me names in hopes to scare me off. Nothing more just scare tactics and they do not work.
I actually don't know that being dishonest to a customs officer is a felony, but a search did find a single case where this was the only law broken, and they were prosecuted. That case was later dismissed, more because it was believed the liar's culture was one of, always tell the authorities what you think they want to hear, and therefore their "intent" to break the law wasn't present. Without any other charges to bring against them...
google search also showed the Supreme court did rule that federal crimes committed on a vessel with ties to the U.S., regardless of the location is prosecutable inside the U.S. I suspect this would cover this situation as well.
Seams they also ruled violating our civil liberty's is not a federal crime, so while not being "allowed" in the US, doesn't mean they can't admit evidence gained from such acts occurring outside the US.
Here's another idea: end the fasciscm.
I am sorry for your losses. I hope to God I never know pain like what you have experienced. The closest I can come is to say that my daughter's teacher lost a daughter at Virginia Tech -- mindless terrorism, as opposed to fanatical terrorism. In the wake of Virginia Tech, some of us are looking more closely at gun control laws, and there is resistance because there is a constitutional principle -- "the right of the people to keep and bear arms" -- at stake.
The U.S. Constitution also guarantees us freedom from unreasonable search and seizure. In the case of Customs, people are being searched, detained, and occasionally arrested for stuff completely unrelated to terrorism. Is it reasonable to strip search every person coming into the U.S. just to catch a few who are into pornography? Why not allow the government to examine every computer plugged into the Internet? After all, remember that the Oklahoma City bombing was the act of U.S. citizens.
A smart terrorist isn't going to put anything on his computer or cell phone that would be found in a digital "strip search" at the border. He's going to get it into the U.S. using other means. There is really no way to stop that. But I may have pictures on my computer that are embarrassing, not meant to be shared with others but not illegal. It really isn't the government's business to be snooping in there.
And there's another thing. It's not just privacy or protecting intellectual property. Today, they're not (as far as I know) looking for people in the political opposition, but who's to say they couldn't be in the future. Suppose a president comes into office who decides to issue an executive order instructing Customs agents to detain and harass people of the political opposition. Sen. Ted Kennedy has already been on the no-fly list once, in an apparent mistake -- or was it? People have been kicked off of planes just for reading Arabic materials. All of this hassle isn't providing the protection it's intended to provide, and at great cost in terms of time, inconvenience, and world opinion.
To return to the Virginia Tech shootings a moment: would it be a reasonable response to make gun ownership illegal and go door-to-door collecting guns? Maybe we could prevent all sorts of shootings, but it would be at a great cost to our personal liberty.
Several times a year, we honor the thousands of men and women who wore a uniform and defended the U.S. and our way of life -- particularly the Constitution. They believed it was worth risking their lives for. I believe it's more than just words.
Again, I don't intend to try and minimize your losses. But one of the things I mourned on 9/11, along with the thousands of people who died and suffered, was that our way of life had suffered a serious blow. The slope from democracy to tyranny is slippery, and every item in the Constitution is something to hold onto to keep us from sliding. I don't want to go down without a fight.
By way of a shameless plug, I will ask everyone who is concerned about this to write their congressman. Venting on /. may feel good, but it doesn't change things.
"Who controls the past controls the future. Who controls the present controls the past." -- George Orwell
Make a boot loader that plays islamic religious songs and displays a three minute countdown in big red digits in addition some arabic text. The bigger and older the laptop the better the effect. The only problem with this little trick is that there's a high chance you'd be offered a free and unconditional tour of one of the US military facilities along with a hands-on waterboarding demonstration.
fuck*ng gringos
Obviously a physical implant is far outside the scope of what they could do... (yes, I know I'm paranoid)
What is it with layered approaches? Is it because it works from cakes to network security?
Of course, you have the freedom for example, to vote for whichever candidates your corporate overlords permit you to vote for...
In the free world the media isn't government run; the government is media run.
I just don't understand who you people are and how you act that you arouse suspicion when entering countries. I have long hair and a beard, I look like a stoner, I mean I look like a software engineer. No one has ever searched ANYTHING of mine entering Japan, Sweden, Germany, The Netherlands, UK, Mexico, or Canada. On returning from Amsterdam to the US many times, still bleary from the night before, all I ever get is "Welcome Home, Sir". Have I just been lucky? The worst experience I ever had was entering Canada late at night and mistakenly answered "yes" when asked if I was there to work. What I meant was "No, I'm here on business". That one cost me twenty minutes waiting to talk to immigration to correct my mistake.
"This mission is too important to allow you to jeopardize it." -- HAL