Slashdot Mirror
Securing Your Notebook Against US Customs
Nethemas the Great points out a piece from Bruce Schneier running in the UK's Guardian newspaper with some tips for international travelers on securing notebook computers for border crossings. A taste of the brief article:
"Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. ... Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won't work here. The border agent is likely to start this whole process with a 'please type in your password.' Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day."
Set up a Windows partition and a Linux partition, set it to boot to Windows by default, keep all your data on the Linux partition. How well would that work, I wonder.
I can't recall the name right now but one of the disk encryption utilities creates a dummy encrypted zone for just such a purpose. You make two passwords. The real one gets you your real encrypted data. And another one for entering under "duress" gets you your dummy files. They're both stored in the same encrypted space, one looks like random noise to the other, and supposedly nobody can tell they're both there. Anybody know which utility that was?
Can customs officials refuse entry to an American Citizen? Can they banish me for refusing to divulge my password?
You can bet that before I type my password for a customs agent, I'm going to talk to my company's legal department. And I'll wait in the customs office as long as it takes. Or simply forfeit the laptop and put it in the trash.
The IP on my laptop is easily worth 10x more than the value of the laptop itself.
--
$tar -xvf
No doubt they just install a rootkit/keylogger on your box after ripping your HD so after you leave their rootkit calls back and gives them your truecrypt passwords. Don't use a laptop you've lost sight of.
What is it with layered approaches? Is it because it works from cakes to network security?
My Mobile phone has a 4Gb flash card the size of my little fingernail. If I had any files that I didn't want customs to see I'd keep them on there and hide it somewhere they'd never find it. Come to think of it I'd probably never find it once I got there. :)
Your comment implies that the government and its representatives are infinitely kind and benevolent. That is not so. There is but one step from arbitrary airport search to Guantanamo. This is Slashdot. Government is evil.
There is also the question of what consitutes 'what'. While I would agree that they have the right to ensure that my laptop is a laptop, and not a container for contraband (tangible 'what'), I would not agree that it includes the right to search the information stored upon it (intangible 'what'). If I have a letter on my person, while they should be allowed to ensure that it's a letter, they shouldn't be allowed to read it. And while they should be allowed to check that I'm not carrying contraband, they shouldn't be allowed to probe my mind (if such technology existed) to find out what information I'm 'carrying'.
Of course, what they should do, and what they do do, are two different things because in most countries customs take the position that you do, and so are a law unto themselves.
An even better approach would be to have just a Windows partition. Then do your real work under Linux by booting from a memory stick. If you want to get really paranoid, you could keep all of your sensitive data on a separate, encrypted memory stick, camera memory card ("hidden" in your camera), phone memory card ("hidden" in your phone), etc.
Of course, you should go ahead and do some unimportant work under Windows. Play games, surf the net (safe, unimportant web sites, only, of course), keep your golf scores, etc. That way, if somebody ever does search your laptop, it won't look like a system that's just been wiped to avoid generating any evidence.
There's no point in questioning authority if you aren't going to listen to the answers.
Thats clearly a big NO for myself.
IE if I true crypt a partition, I know it will be (within all reason) safe from "offline attack" like a imaged drive. So if the agent doesn't ask, and just snoops or copies this is not helpful to them. If the agent simply asks, do you have any encrypted data, and show me all of it. Assuming your not willing to commit a felony (granted a nearly impossible felony to prove), the you have limited options not really helped by true-crypt, over just a encrypted file. IE you can either say No, in a nice way like, "I have to talk to my company lawyer for permission" or give it up.
swapping laptops helps the second person the most, cause their not telling a lie when they state either, "not that I know of" or "it's my company's equipment not mine, I cannot access anything more than..." Since the guy with the password is "in the clear" since challenges to him have to fall under the full US constitution. If the guy with the password is standing behind you, well...
Please explain to me how searching hard drives is "securing the border" when we live in the age of the internet. I don't mind a customs agent making sure that my laptop is, in fact, a laptop, but asking a marginally-trained TSA employee to examine all the data on a computer within the few minutes is like asking someone from your lawn service to do a five-minute inspection of a 2" square patch of vinyl siding to determine whether you have a mold problem in your basement.
In both cases you're asking the wrong guy to look at the wrong things, giving him no time or tools to do his "search", and then wondering why it didn't do anything to actually improve the situation. If it's illegal, then the problem is totally different and you have no right to complain about it. We have every right to complain. Since when have law and morality been linked in this country?
I suspect this is a bunch of FUD. I visited the Ukraine last November and when I came back I wasn't even asked to power on my laptop. And yet they might copy all your files off for examination later? Suuure. Rated "possible but unlikely."
Do you have ANY idea how much data storage would be required just to capture that? Not to mention the amount of time sifting through all that crap? And for what? It's too easy to cleverly disguise it or encrypt your data. I just don't buy it.
I think it's more likely that if you are suspected of smuggling something, THEN they might start looking at your junk on your computer, and only keep the data if they really suspect something. But otherwise, I don't believe they have the resources to store and analyze too much or too deeply on a cursory search level.
"They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
IANAL.
Because technically it doesn't. You said it yourself:
I changed the emphasis, but as you can see the 4th amendment only protects you from unreasonable searches. Most people believe that searching a person's belongings before granting entry into a country is a reasonable search.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
Schneier actually mentions TrueCrypt in his article too. However, strangely, he ignored the single most important feature of TrueCrypt regarding this topic, the plausible deniability. The hidden volume feature is exactly designed to prevent Big Brothers from breaching your privacy.
Customs agents (US and Japanese) stopped me several times over the years to inspect my laptop. In every case that I can remember I was able to dodge "inspection" by simply saying that I couldn't turn my laptop on because no battery was installed (which was the truth). I would only carry a power cord in my laptop case, no batteries.
My battery was actually located in a separate carry-on; a backpack or a suitcase or some such.
I guess if they were really interested in the laptop they could've plugged it in to a wall outlet and gotten into it that way.. but they never asked to do that.
present day... present time... hahahaha...
Or, write the real first few seconds (maybe 15) of the trailer to the beginning of the file, et voila, it plays in Windows Media Player!
I think TrueCrypt needs to have an offset for its containers, so that it expects the data to begin at that offset, and ignore whatever is before that..
What time is it/will be over there? Check with my iPhone app!
Hidden volume
Only on Windows. On MacOS X and Linux, this is not available, for unstated reasons.
Please help metamoderate.
Actually, that raises an interesting question. I suspect horse porn is not a violation of any federal laws, but probably a violation of some state laws. Does U.S. customs have a legitimate interest in that? Maybe anti-liberty states (e.g. Texas) need to put up their own state-customs on their highways and airports. Your international flight lands in Dallas, and a man says, "Congratulations, you have passed U.S. customs. Now stand in line for Texas' thoughtcrime filter."
"Believe me!" -- Donald Trump
...you can't prove there isn't one. Neither can they prove that there is. They may argue that it's likely, but whatever.
However, it's also one of the pitfalls. They're not 100% stupid and I wouldn't put it past them to say "okay, then you won't mind if I zero out all the stuff that you claim doesn't have any data". That wouldn't take particularly long, so what is your defense going to be?
However, I don't know if they can actually write data to your machine; I think the current provisions are read-only? whatever.
Anyone who does NOT refuse a border agent's request to "type your password" is a coward and not worthy to call themselves an American IMO. It may seem like a small thing, a way to avoid being detained and hassled all day, but it's the little things like this that define the boundary of where our freedoms are being slowly stripped away.
The old Ben Franklin statement about those who would trade liberty for security comes to mind. It's a shame when people say, "It's all about the benjamins," that it's not THAT sentiment they're talking about. Stand up for your rights NOW - no matter how "inconvenient" it may be - or soon you won't have any to worry about. Sheeple, indeed. Pussies is more like it.
No, they'll take you away for disturbing the peace, and you won't see the light of day for a long, long time.
Mind you, I didn't even have to do that last time I flew into Newark. Looking brown and having a Pakistani name is enough to hold you for 6 hours.
xkcdsw: the unofficial archive of Making xkcd Slightly Worse
Video files are expected to be large and thus won't arouse too much suspicion if you hide your data in them.
Just append bigg-ish data in binary format to highly compressed mpeg files.
That'll keep allow 'em to play in media players, thus avoiding suspicion.
Just remember at what index/byte point you appened it so you can snip out the "header" mpeg file.
http://www.object404.com
Why would someone call in the Federal Marshals if you are just sitting there playing with your laptop / camera menu settings? Did you otherwise look like a suspicious character? There had to have been something that put you in the "uncanny valley" of "not just a regular hotel guest".
I'm asking because I'd like to know what the security guys are thinking -- most of the time they are pretty much overreacting.
Well, if you're not on US territory then yes, you can shoot the border agent and not be prosecuted under American laws. If you're in international territory that means you can be prosecuted (and not by lawyers) under international law, which doesn't really have a whole lot to say about individual murderers.
One of the nicest things about free software is that it only takes about 15 minutes to wipe and reload everything with a fresh install. Then you can get the date you need and care about by sftp when you are past customs and wipe it out before you go home.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.