Slashdot Mirror
Tips For Taking Your Laptop Into and Out of the US?
casualsax3 writes "I'm going to be taking a week long round trip from NYC to Puerto Vallarta Mexico sometime next month, and I was planning on taking my laptop with me. I'll probably want to rip a few movies and albums to the drive in order to keep busy on the flight. More important though, is that I'm also going to be taking pictures while I'm there, and storing them on the laptop. With everything in the news, I'm concerned that I'll have to show someone around the internals of my laptop coming back into the US. The pictures are potentially what upsets me the most, as I feel it's an incredible violation of my privacy. Do I actually need to worry about this? If so, should I go about hiding everything? I've heard good things about Truecrypt. Is it worth looking into or am I being overly paranoid?"
...encrypt it. Full disk encryption is relatively cheap, easy, and unobtrusive.
You gave one such example in your post.
But uh, mind if I ask: exactly what kind of pictures are you planning on taking on your vacation? ;-)
problem solved.
Throw a clean install on your laptop, and put your critical data on a server so you can just log in and download it when you arrive.
When you're about to fly back, re-upload your data and wipe the drive.
You could also just mail encrypted DVDs with substantial insurance.
Short answer: Truecrypt (as you mentioned in the summary.) Is it worth looking into? Yes. Are you being overly paranoid? No. Seriously, have you noticed the big brother trends recently? Truecrypt is very simply and effective encryption, in several forms, from simple encrypted containers to hidden O/S partitions. To take such a simple precaution is not, IMHO, overly paranoid.
http://clightnirish.wordpress.com/
Use a clean install and email the photos to yourself while you are there... or put them on an encrypted thumb drive / cd and snail mail it..
"Ahh! Arrogance and stupidity in the same package, how efficient of you!" --Londo Molari
Are you a middle eastern looking young male? A white male returning from Thailand? If so, be paranoid.
If not, no worries.
Test your net with Netalyzr
Put your files on a few small USB-sticks, or on your home server (for encrypted retrieval once you're in the country). Bring a Live-CD to boot from and then "cat /dev/random > /dev/sda".
Make sure to grow a big beard, learn a few arabic phrases and quote Allah to the security guard in customs.
Then let them have a crack at decrypting your "encrypted" drive.
Just be sure to say "Just kidding" so they don't ship you off to Guantanamo.
You are not entitled to your opinion. You are entitled to your informed opinion. -- Harlan Ellison
...is a good offense.
If you're offended by having your privacy invaded, just make it horribly offensive for the invader as well.
With the right accessorizing and appropriate leather:latex:chainmail ratio, you can ensure even the most intrepid airport screener will breeze you through in record time.
Oh...and, yes, Truecrypt is terrific, but not nearly as fun.
I've taken my laptop across the border 4 times, my wife has done so many times more, neither of us have had our laptops searched. I've been pulled aside by customs and asked questions once, but even then they did not request to see my laptop. I think the bottom line is, if you act shady they'll look at your stuff, if you're just getting your business done then you're fine.
OK, i'm not AC and I can tell you that they don't have time to check out laptops at most international airports beyond the aforementioned bomb check.
Yes, i've passed into and out of the country several times during the last year. No search.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
An ounce of circumvention is worth a pound of countermeasures. Don't store them on the laptop at all. Store the pictures you're taking online and you'll be able to access them from anywhere. Border patrol can't find something on your computer when it's not there. Even if that's not feasible 100% of the time, you could still make a temporary archive online while removing them from your computer. If even that has you feeling paranoid, you could always burn the files to DVD, wipe them from your computer, and stow the DVD.
Offshore laptop rentals with temporary accounts linked to offshore data are booming! What a great business model. You set up an account with the company, stuff all your crap on a server, then when you get to your destination, you pick up a laptop (maybe your "rental fees" are part of your normal monthly service account)... logging in to the laptop mounts the remote volume and download away.
meh
No one said it is happening to everyone. That misses the point entirely. Illegally searching even a small percentage of people is unnacceptable. Especially since people affected by this have almost no redress and the DHS doesn't even accurately report when they do this.
I guess its only a problem when it happens to you. Maybe you should pick up a history book and find out how well that attitude worked in the 1930's and many other time periods.
If you have something that you dont want anyone to know, maybe you shouldnt be doing it in the first place -Eric Schmidt
Send it to your hotel DHL overnight before you leave, and do the same to get it home.
Problem solved.
Do daemons dream of electric sleep()?
Darned border search exception.
"travelers may be stopped [and searched] at . . . the border without individualized suspicion even if the stop [or search] is based largely on ethnicity[.]" United States v. Montoya de Hernandez, 473 U.S. 531, 538 (1985), United States v. Martinez-Fuerte, 428 U.S. 543, 562-563 (1976)
and
"may [...] conduct searches of the traveler's body -- including strip, body cavity, involuntary x-ray, and in some jurisdictions, patdown searches -- if the Customs officer has reasonable suspicion" to do so. United States v. Flores-Montano, 541 U.S. 149, 152-53 (2004), United States v. Johnson, 991 F.2d 1287, 1291-92 (7th Cir. 1993)
Only children think in terms of the worst things that could happen to them. Every day, when I leave my house, I could get run over by a bus. I could get ass raped in a jail after being unfairly imprisoned by a cop for a crime I didn't commit. My house could be robbed. My person could be robbed. My car could have a molotov cocktail thrown at it. I could catch some nasty disease from a toilet seat.
Note I spend about zero time thinking about these things because the chances of them happening to me are about nil. Ditto having my laptop searched. What are they going to find, my porn stash? WTF do I care, really. It's not worth a moment of my life to worry about.
I retort: Maybe you should grow up and worry about things that are important, like where your next meal is coming from. I hear that it's growing fashionable now.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
Everyone has seen a shell prompt and knows that computer professionals use it. If you tell them you are a developer, system administrator, etc. They don't even want to HEAR you talking over their heads. You obviously know more about that machine than them and they send you on your way.
This is my sig. There are many like it but this one is mine.
Insist on showing them every picture!
Also, backup the gutenberg project.
Fill up the rest of your drive with dd if="/dev/random" of="secretstuff.iso" so that if they copy your drive they at least have something they can work on decrypting.
Don't forget to bring your extra harddrives, too! I'd pay you to take some of my crashed ones... I would love for somebody to get the data off of them.
Other than that, all I can think of is for you to laugh maniacally.
When things get complex, multiply by the complex conjugate.
Or have it "crash" on boot and you'll be sent along your way with a sympathetic shrug.
The world is made by those who show up for the job.
I know it's the hip thing to worry about Customs rifling through your laptop, but statistically, you have much better things to worry about when bringing your laptop on vacation ... among other things:
0) Forgetting to bring the AC plug adapter,
1) Customs services in the foreign country,
2) Airport security on both ends,
3) Simple theft of the laptop during the trip,
4) Putting your laptop bag down on the bus and forgetting it,
5) Spilling coffee on your keyboard at an internet cafe, and
6) Dropping your laptop on your big toe and breaking both.
Practically speaking, Customs agents can't be bothered to search individuals that aren't acting truly "hinky". I've been traveling internationally on a regular basis for business. My travel patterns certainly fit a certain "risk" profile (long stays outside the country, frequent travel, watch list name match, etc.) and I've never, in six years of this, ever had anything searched or questioned, much less seized. Practically, it's not worth worrying about.
Truecrypt provides plausible deniability - the capability to create a hidden encrypted volume within another encrypted volume, thereby allowing you to grant access to unimportant/dummy data when a password is asked for without the attacker knowing additional information even exists.
To do this you need the TrueCrypt bootloader installed, which is a dead give-away that you probably have a hidden volume. If you don't and they suspect of being a terrorist sympathizer you'll just get thrown in Gitmo until you give up your secrets.
TrueCrypt plausible deniability is useful against those who cannot employ deadly force against you.
If you're really concerned, wipe the drive, install linux on a small partition, use an encrypted network connection to upload the photos, then secure wipe the drive and install Windows XP on it for your border crossing. Better yet, get a $50 used laptop and leave it with a local school.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Well with Truecrypt at least it's open source so that should provide a good degree of protection against a backdoor in the software itself. There's still the possibility of a backdoor in the underlying encryption schemes of course which would be far beyond most people's ability to detect no matter how many people see it or how long they look. Truecrypt does however allow you to chain multiple encryption and hash algorithms which, given the diversity of their origins, should provide a reasonable degree of protection from backdoors.
Spelling mistakes, grammatical errors, and stupid comments are intentional.
So, you don't believe in life insurance, then? How about property insurance? Do you even lock your door when you go out? I don't worry too much about getting killed or having my stuff stolen, but that doesn't mean I don't take reasonable precautions for it. Having those precautions in place saves me from worrying about it.
Personally, I don't worry too much about where my next meal is coming from, because I have a job. If I lose it, then perhaps I'll worry, until I find another one.
You'd think that, but there have been stories recently about that not being the case.
There are "stories" about kidnapping of children, but I still let my children play outside. There are "stories" of serial killers, but I still walk in the city. There are "stories" of school shootings, but I still let my kids go to public school.
What's your point?
I can find a "story" about anything. That doesn't mean that it's common or that special precautions need to be taken.
Sometimes it's best to just let stupid people be stupid.
We flew into Munich, traveled by Train to Austria and returned to the US via Munich. We had no issues other than US Customs wanted to review the food items we were importing and declared. We knew that when we bought the Austrian chocolate and it took maybe an extra 5 minutes to go through the Agriculture lane for customs.
I did burn a DVD of my pictures as a backup, more in case the laptop was stollen than if US Customs wanted to retain the laptop.
Get over the paranoia and go see the world.
Now that you've escaped, why bother tunneling your way back into the Stalag^H^H^H^H^H^H Soviet^H^H^H^H^H^H U.S.?
"Flyin' in just a sweet place,
Never been known to fail..."
Regular people, just doing ordinary legal business now need to worry about this?
What the fuck is up?
Doesn't this read more like an item that one would have expected to read - historically - by someone concerned about a visit to the Soviet Union, East Germany or Argentina? Looks like the Soviets didn't lose the cold war. There are just 1st and second runners-up, with both losers in a 15 year period, no? I mean, you fuckers used to have LAWS. You used to have a Constitutional validation of basic individual rights! But, I guess there are more important things to a nation, than the consent of the governed.
In America, Soviet Union becomes YOU! You fucked up, America. And now you no longer exist in any meaningful context. The only single thing that defines you as a coherent entity within your borders is the way in which you are taxed - without representation.
I don't know if I am angry or sad. But it is sad.
"Flyin' in just a sweet place,
Never been known to fail..."
This past year we took a laptop with us to Vietnam to pick up our daughter. (We blogged from our hotel a lot. We were awake most of the time anyway.)
Our jet-lagged child's first hour in the USA was interesting. Nothing cuts through the red tape and lines more effectively than a cranky baby screaming at 160 dB.
--- The American Way of Life is not a birthright. Hell, it's not even sustainable.
Border agent: What is your reason for traveling today. ...
Geek: I'm talking to a company about fault-tolerant servers
...
and in this Powerpoint you'll notice that the two processors are running in
lock-step. Whereas, this comparator here looks at these two pairs of CPU's
....
Border agent: You may go.
Geek: Wait! This is the interesting part
Border agent: For the love of God, please go!
[Insert pithy quote here]
The way your dad looked at it, this Secure Digital Card was your birthright. He'd be damned if any slopes gonna put their greasy yellow hands on his boy's birthright, so he hid it, in the one place he knew he could hide something: his ass. Five long years, he wore this solid state media device up his ass. Then when he died of dysentery, he gave me the memory card. I hid this uncomfortable piece of plastic up my ass for two years. Then, after seven years, I was sent home to my family. And now, little man, I give this Sandisk Extreme 8GB SDHC card to you.
One lesson from an incredibly expensive joke of a "terrorist" case in Australia is that a photograph of a landmark is proof you are going to blow it up. Be careful with those holiday snapshots!
I don't know if there's anything like it in Australia but in the US we have this handbook, "The Photographer's Right", photographers started to carry. In a photography class in college I was taking when 911 happened, we heard about how photographers started to go through questioning when they were taking photos. One student there was working on a class assignment when police or private security personnel tried to confiscate his camera. It was a bizarre tyme for photographers then.
Falcon
Should there be a Law?
There is a bill being debated in the US Congress right now to limit impoundment of laptops to 24 hours.
And I'm sure that in order to back that up, they'll take a forwarding address from you and FedEx you the laptop immediately those 24 hours are up, lovingly packaged and at no further cost to the passenger, regardless of where you are in the world. And when FedEx loses a package (because no courier company in the whole of history has ever achieved a 0% loss rate), they'll chase FedEx up on your behalf, replacing the laptop for you if FedEx can't find it in a reasonable timespan.
Regarding the data on the lost laptop, they'll almost certainly image it before they let it go anyway, so I'm sure they'll be only too happy to copy the image to another disk and ship that to you.
And all of this will be done so quickly and efficiently you won't even miss it.