Slashdot Mirror
Securing Your Notebook Against US Customs
Nethemas the Great points out a piece from Bruce Schneier running in the UK's Guardian newspaper with some tips for international travelers on securing notebook computers for border crossings. A taste of the brief article:
"Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. ... Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won't work here. The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."
http://www.truecrypt.org/
* Creates a virtual encrypted disk within a file and mounts it as a real disk.
* Encrypts an entire partition or storage device such as USB flash drive or hard drive.
* Encrypts a partition or drive where Windows is installed (pre-boot authentication).
* Encryption is automatic, real-time (on-the-fly) and transparent.
* Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
1) Hidden volume (steganography â" more information may be found here).
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
* Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.
If they choose to store the contents of your hard drive for later analysis, not at all. Nor will it protect you against minimally-clever forensics tools.
It depends on what, in particular, you're concerned about. As far as I know, they don't currently routinely search laptops, so it'd be speculation to guess at what a routine search they don't do would miss.
That is what TrueCrypt is for (but don't encrypt the entire drive). Just encrypt what needs encryptin'. Set up an encrypted volume with a shadow volume inside a regular file. Call it something that looks like a system file like MSDOS.SYS or DBLSPACE.BIN or something. (That would explain the unusually large size of the file.)
So first, they would have to know you even have something encrypted (which is just a guess if they see TrueCrypt installed). Then they'd have to know what/which files was/were encrypted (which can't be determined by examining the file). Then they'd have to ask you to mount the volume and provide the password (at which time you then provide the shadow volume password, which only contains innocuous files).
I can't be the only dummy to figure that out.
"They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
They can also image your drive. As Bruce says, the easiest way to avoid this is to not have your data on your laptop. Put it on something else.
Yup. Set the GRUB timeout to 0; you can only boot Linux iff you hold escape.
Imagine the pre-computer days, when the customs could stop you, do a naked search and go through all your papers without any passwords. What could you do at that time? Just do not take the sensitive papers with you or mail them with certified mail.
I think there is no difference now. Email your files and do not put them on your laptop. That is what TFA is basically saying too.
So, IMHO, complains here won't work. The only problem that travelers have with laptop/cellphone search is inconvenience (since everybody is used to store all your files on your hard drive), but otherwise it is not any bit less legal than it was before the laptop era. And inconvenience is not any concern for authorities at all. So consider your laptop to be your briefcase and just not put any documents there that you don't want custom officers to see. End of story.
Works very well. I had to set this up due to being detained at the border for several hours because they didn't know linux. They keep the laptop, computer plus some external drives and let me go. Still working on getting them back, hence anonymously. Bought a new laptop after that, set up the dual-boot with short times to select something other then windows and no log-in required. Been inspected several times after that with no problems.
Having returned from my second trip to China, I still find it amazing that it is easier for me, as a foreigner, to enter China than it is for me, as a US citizen (born a US citizen to parents who were US citizens, etc.) to enter the US after a trip abroad.
I just pretty much walked right through in China - I handed them the entry form (one half of the two part form - the other half you give them when you leave) and they waved me through. Customs in China did not even ask to see my laptop, never mind read files or anything like that.
On returning to the US at Detroit International, I was given the 3rd degree by US Customs agents, and I'm a US Citizen. "How long were you in China?" (as if he couldn't tell by the side-by side entry/departure stamps in my passport) "What were you doing there?" (visiting friends) "What do these friends do for a living?" (A couple of college professors and a financial analyst)
This happened on both of my trips.
And I noticed that they were doing this to EVERYONE, not just me. (The plane had several hundred people on it.) I'd hate to see what they were doing to Chinese citizens entering the US.
I hope they realize that they are going to scare businesses away from the US if they keep this up.
I find it somewhat ironic that the captcha for this post is "undergo".
Or another example is detain you and/or the computer until they can image the drive.
And they can confiscate contraband (your definition may vary).
Ultimately, you have the right to enter the country.
I don't think the issue is whether or not an American citizen might be "banished from the country" upon making a return trip. I'd say, no, they're NOT able to do that.
The problem is, they could confiscate your expensive computer gear, and there's no guarantee you'd ever get it back. (There seems to be no real statute of limitations on the time these people are allowed to take to "examine" your property, if they claim a potential "security risk".)
There are a couple of ways to hide your data; one is to have two Truecrypt volumes, one hidden and one standard. This is easy, but it still lets the customs agent know you are using Truecrypt. This may not be a problem in the US (right now) but what about other countries where simply knowing about a program like Truecrypt could look suspicious?
This post on the Truecrypt forums describes a way to install two OSes, one for show, and one hidden. Unless there is a Truecrypt rescue CD or bootable USB thumbdrive inserted the system will boot to a normal Windows desktop. This method would hold up to any casual sort of inspection, such as those customs agents carry out dozens of times per day. There are a couple of traces that would need to be removed in order to actually have "plausible deniability", but to me not having the questions asked in the first place is preferable to being able to deny one of the potential answers.
It's sad that you might need to do things like this, but there are often technological solutions to social problems.
"He's more machine now than man, twisted and evil."
of course there's always deniable encryption, ie rubberhose.
2 1337 4 u!
Unfortunately, you won't have that luxury. No matter what country you're going into, they can do this and you don't get a phone call. They'll sieze your laptop and you'll have no other options. If you smash it, you'll probably get arrested for interfering with an investigation, or the work of an officer. IF you throw it in the trash, they'll collect it and get what they want.
If the IP on your laptop is worth that much, you shouldn't be carrying it outside of the country on a laptop. I worked at a company that prohibited us from carrying certain information on our laptops to some middle eastern countries, as they were known for seizing/replicating hard drives from employees in certain industries.
If anything, you may face legal issues from your employer if you're taking that valuable of information out of the country.
Because legally you have not entered the country until you pass through customs. Up until that point you are in international waters, so to speak.
If you're not here, you're not under the jurisdiction of our laws.
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
Set grub timeout to 0 with default to windows. When you want to go into Linux, bypass the timeout by holding escape.
upon the advice of my lawyer, i have no sig at this time
While all of that is true, nowadays being put on the "naughty list", or having a name like someone on the naughty list, or being brown-skinned is enough to effectively punish you as much as if you'd been convicted.
There has been a Canadian citizen in Sudan who has (had?) been trapped there because, while he had never been charged with anything, he had been suspected of doing something. He got trapped, and could come home due to being on the no-fly list. Basically, years in legal limbo.
I wouldn't assume getting detained by customs wouldn't necessarily cause you problems. When your name ends up on the unpublished, unfixable, or secret lists of people they don't want to fly
Do you really want to find out the limits of where your theoretical rights end and where your abridged, post 9-11 rights end?
Cheers
Lost at C:>. Found at C.
Put all your important data on one of these - or better yet, don't rip the cable up - leave it alone so it looks like any other cable.
When information is power, privacy is freedom.
That and I know some decent degree of people encrypt their porn anyways (on their home computers - most people stupid enough to download porn at work aren't going to be smart enough to hide it). For the married guys, it keeps the wife from seeing it or the kids from stumbling across it if they're playing on the computer.
;). Heck Truecrypt can even store an encrypted volume on an unformatted unpartitioned chunk of hard drive. There's little way they can prove that that's anything other than some space you haven't allocated yet.
In my own case, I encrypt it (using Truecrypt - awesomest OSS program I've found in a long time) because while my family knows I keep porn on my computer, if I ever have a random car accident or something I don't want them to see exactly HOW MUCH I have on the system once they start looking through my files
"People who think they know everything are very annoying to those of us who do."-Mark Twain
trucrypt has a dual password feature with a hidden encryption sector in the main sector. Give the border inquisitor the primary password that unlocks your grandmothers receipe collection - truecrypt claims it's impossible to determine if a second password to a hidden volume exists - the hidden volume is stored in seemingly random data.
or wear more tinfoil, i hear that protects against multiple vectors.
Sounds like a small price to pay in order to protect my right to liberty. Just because the government demands access does not mean I have to comply.
Except that you do not have such liberty while going through customs. And that is not a special thing of the USA customs. Almost every country usually has this rule where some of your basic privacy rights get removed while you are entering a country.
Remember, it was *your* choice to enter such country (either by booking a flight directly or a flight with a stop in such a country). Therefore, you must fully comply with its legislation.
That is one of the reasons I refuse to fly through the USA (even if the flight prices are around $600 usd instead of $1100... I choose not to get my ass probed in order to obtain a USA visa (even a transit visa)
Of course as I said before, such behaviour is not exclusive of the USA, therefore I think it is really smart to do what the article suggests.
I prefer a different approach however. I usually put all my data in a secure server connected to the internet and just travel with my "barebones" laptop (with only Windows or Linux installed and whatever software I must use).
When I am at my destination, I connect to the server and retrieve my files. As the author of the article says. Customs can not read what is not there.
Ubuntu is an African word meaning 'I can't configure Debian'
Well, to be fair, this is the exact same treatment I've had every time I've re-entered the U.S. (as a U.S. citizen). It's usually always via Boston Logan, and a few times when I arrived in the evening there weren't even any Customs officers working the Citizen's lane. You could have walked through there with a 2,000-pound bomb on a hand truck and I don't think anyone would have noticed. (Which was good, because I was pretty sure I was over my liquor quota...)
There usually is someone working Immigration (which is distinct from Customs -- Immigration is where you get your passport checked, Customs is the luggage business) but even that was just a bored, cursory lookover.
I'm not minimizing the seriousness of these inspections (I can't get my mind around how they're possibly constitutional, at least when applied to Citizens), but in practice I think you have to be doing something that attracts attention before you become a target. U.S. Customs is still largely a joke, at least if you make a modicum of effort to look like an upstanding citizen. Which is ironic, because I assume smugglers/terrorists would at least bother to do that.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Actually, you do:
Note that the bolded word is not "citizen!"
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz