'Social Media Needs A Travel Mode'

Maciej CegÅowski, a Polish-American web developer, entrepreneur, and social critic, writes on a blog post: We need a 'trip mode' for social media sites that reduces our contact list and history to a minimal subset of what the site normally offers. Not only would such a feature protect people forced to give their passwords at the border, but it would mitigate the many additional threats to privacy they face when they use their social media accounts away from home. Both Facebook and Google make lofty claims about user safety, but they've done little to show they take the darkening political climate around the world seriously. A 'trip mode' would be a chance for them to demonstrate their commitment to user safety beyond press releases and anodyne letters of support. What's required is a small amount of engineering, a good marketing effort, and the conviction that any company that makes its fortune hoarding user data has a moral responsibility to protect its users. To work effectively, a trip mode feature would need to be easy to turn on, configurable (so you can choose how long you want the protection turned on for) and irrevocable for an amount of time chosen by the user once it's set. There's no sense in having a 'trip mode' if the person demanding your password can simply switch it off, or coerce you into switching it off.

mode complexity

[micahraleigh]

As a former C++ app engineer, I've found adding "modes" increases the source and test complexity and often end up not being used very much.

A sprawling generalization, but that's what I've got ...

Re:mode complexity

[Dutch+Gun]

Besides, we already have all the technology we need to keep our data private. It's just that current law won't *allow* us to keep it private. As such, the *laws* need fixing, not the technology.

Re:mode complexity

[fustakrakich]

As such, the *laws* need fixing, not the technology.

I'll assume you are familiar with the procedure. Always best to start at the beginning.

Re:mode complexity

[XxtraLarGe]

Besides, we already have all the technology we need to keep our data private. It's just that current law won't *allow* us to keep it private. As such, the *laws* need fixing, not the technology.

They don't need fixing, they need repealing.

Re:mode complexity

It isn't technology nor laws. It is pure and simple ROI, as viewed by social media companies. To them:

Security has no ROI.
Privacy has no ROI.

If it were in their interest to have security, we would be seeing social networks supporting client certs, reduced functionality modes, duress passwords, and many other types of security architectures, as opposed to just nothing like what we have now.

Re:mode complexity

[Opportunist]

Technology can fix those laws.

Re:mode complexity

[Austerity+Empowers]

As such, the *laws* need fixing, not the technology.

Yes, true, but given that it won't happen soon, technology that renders those laws useless is the only step forward we can make now.

Re:mode complexity

[tlhIngan]

Besides, we already have all the technology we need to keep our data private. It's just that current law won't *allow* us to keep it private. As such, the *laws* need fixing, not the technology.

No amount of technology can keep public information private. And no amount of "privacy controls" will make public information private. (See a pattern?).

In fact, "social networks" and "privacy" are an oxymoron. There is no such thing as "privacy controls". "Privacy Controls" are marketspeak for "encouraging marks to over-share". Yes, Facebook and everyone has done their research - people will share more if they get the illusion their data is protected.

In the end, everything you post on a third party website, is public. Thanks to people screen shotting, re-posting, etc, anything you post is public. Even if it's a party for selected individuals, the people you didn't invite will find out anyways.

The only "technology" to keep our data private is to ... keep it private.

Not that I agree with the border proection asking for passwords. But that's a legal issue that can really only be dealt with legally.

Re:mode complexity

Blame me, I voted Johnson!

Curious sig. Do you live in a swing state? Because unless you live in a swing state, your voting for Hillary instead of Johnson could never have changed the outcome. She was either already guaranteed to win your state, or already guaranteed to lose it.

Re:mode complexity

Ah, but so many people nowadays want to cling onto all kinds of untenable positions. "It's so unfair we can't do X."

The obvious solution: don't use social networks. I guess I can come up with the name of a new social network that would let everyone keep their privacy and not have marketers track them--and not change their policies all the time and not be a vector of fake news: welcome to The Flying Pig.

Re:mode complexity

[jareth-0205]

It isn't technology nor laws. It is pure and simple ROI, as viewed by social media companies. To them:

Security has no ROI.
Privacy has no ROI.

If it were in their interest to have security, we would be seeing social networks supporting client certs, reduced functionality modes, duress passwords, and many other types of security architectures, as opposed to just nothing like what we have now.

So ROI does not fix the problem? So we need laws then?

The market doesn't fix everything - that's why we have law.

Re:mode complexity

[jareth-0205]

In the strictest sense you are of course correct, but I don't really see why you're making a distinction between analogue technologies where we have an expectation of privacy, and digital ones where for some reason there is none. By your logic every phonecall you make can be public because it goes through the phone companies' equipment. Every letter you send could potentially be opened and read.

But we don't have it work like that, there are systems & laws set up to keep those things private and a huge fuss is made if those things are not private for some reason.

Stop throwing in the towel just because it's easier to look down on people who use social networks. It is within possibility to fix this in law.

Re:mode complexity

[XxtraLarGe]

Curious sig. Do you live in a swing state?

Michigan.

Re:mode complexity

[tsqr]

Curious sig. Do you live in a swing state?

Michigan.

Still can't blame you, unless you voted 10,000 times.

Re:mode complexity

You are then the reason for which nowadays, most things technology-related fail to live up to their potential or just plain suck compared to the past, despite the advances in what is possible. By catering the lowest common denominator in the name of fecklessness, greed, and generally placing the needs of the users at the bottom of the priorities pile.

Re: mode complexity

Add to that: the authorities can hold you indefinitely on grounds of POTENTIAL terrorism until your preconfigured "trip mode" timer runs down... even if it is years. Welcome to Nazi America. Papers please. No papers? No problem... what else ya got?

Re:mode complexity

[I'm+New+Around+Here]

A voice in a crowd can sway many men.

Re:mode complexity

[Altrag]

No it can't.. at least not beyond the most mundane interpretations such as "the new law could be typed up in a word processor."

Technology needs to be implemented by somebody, and if it runs afoul of laws, the cops and lawyers will simply go after the implementer. Sure that may be impractical if you write your own encrypted messenger client that you and your 3 friends use but when we're talking companies on the scale of Google and Apple and Microsoft, their choice to run afoul of the law could affect millions of users.

Think about the iPhone hack. One judge making one good decision is the only difference between Apple protecting its customers and Apple being forced to (effectively) open the flood gates for iPhone decryption -- which almost certainly would have been used as precedent if the next case featured an Android or Blackberry or whatever.

That said, using encrypted communications is not yet illegal as far as I know, or at least not in the US. I'm pretty sure master keys or similar aren't even required yet. So there's currently nothing to fix in the sense that these companies could freely implement such technologies and just choose not to.

Re:mode complexity

Errr... no.

Re:mode complexity

why should any customer care about the products increased internal complexity?
if something is not used that much by a billion people - that means it is used by millions.

Re:mode complexity

[Arthur+Fontaine]

So there's currently nothing to fix in the sense that these companies could freely implement such technologies and just choose not to.

There is a technology fix to this problem -- and almost all the others, large and small. If I could code I'd already be writing it. https://medium.com/@arthurfont...

Re:mode complexity

[Arthur+Fontaine]

^^THIS.^^

Why doesn't the digital world follow the same model as the analog world, where you are the center of your life, in the sense that you hold the panoptic view of everything that happens to you, and everyone else has theirs? Because we've been hijacked by these massive context-based honeypots that effectively (and often legally, through the terms of service nobody reads), seize ownership of big chunks of your digital identity, and locks them in silos away from every other chunk. You get split up into pieces for the profit of a few people and their VCs.

Re:mode complexity

[Opportunist]

First of all, why the fuck should I give a fuck about your country's laws?

Second, your country blocks my download page? Welcome to VPN.

Third, your law enforcement tries to ferret out the use? It's trivial to disguise traffic like something benign.

Re:mode complexity

[kenwd0elq]

If there was a demand for security, then companies would offer it.

The problem is that if you are not paying for the service, then YOU are the product being sold. Social networking companies sell access to their users, who are generally NOT paying for the service. The users are the PRODUCT being sold, and good security would decrease advertiser access (and remember, the advertisers ARE paying...) to the users.

Re:mode complexity

[kenwd0elq]

Stop throwing in the towel just because it's easier to look down on people who use social networks. It is within possibility to fix this in law.

Possible? Yes. Profitable, to Facebook or Twitter or Google? No, because the users aren't paying for the service; they ARE the service that ADVERTISERS are paying for. As long as social media companies are advertiser-supported, the social media companies will NEVER implement reasonable security measures, because the social media companies would go bankrupt. Zuckerberg et. al. will never offer good security, because they would go broke.

If you have "travel mode" on

then they will simply not let you in. Luckily, these days, there are much better and safer destinations for your travels than the United States, because let's not kid ourselves, the blogger's use of "around the world" really means first and foremost "the United States".

Re:If you have "travel mode" on

[Marxist+Hacker+42]

Because Travel Mode is an indicator that you've got something to hide, and thus, must be using social media to send encoded terrorist messages.

Sometimes I think terrorists are just nature's way of weeding out the violent and stupid- especially suicide bombers.

Re:If you have "travel mode" on

[Opportunist]

"Traveling around the world" means more and more "Traveling all around, but also you go around the USA if you at all can."

Re:If you have "travel mode" on

[myowntrueself]

Because Travel Mode is an indicator that you've got something to hide, and thus, must be using social media to send encoded terrorist messages.

Sometimes I think terrorists are just nature's way of weeding out the violent and stupid- especially suicide bombers.

For one thing, there has to be something for them to see, so they don't see a blank slate and, on that basis, assume you have something to hide and probe you ever more deeply.

Clearly if there were going to be a 'Travel Mode' it would have to be very very well hidden.

When I'm travelling I wipe the phone, factory reset it, and then set it up with my work account instead of personal. That way there are contacts and emails etc but its only work related. My work isn't sensitive so I don't care. But it looks like it has stuff on it so it gives the security guys a nice satisfying experience.

Re:If you have "travel mode" on

[JustNiz]

> just nature's way of weeding out the violent and stupid

Yeah but its also society that is to blame for their existence in the first place. We have already invented and enabled massive mechanisms (such as religion and governments) that systemically hide the real truth, suppress free speech and use education/media as brainwashing mechanisms expressly in order to keep us "little people" ignorant and distracted with crap like social media or with fighting each other, and therefore completely controllable.

Re:If you have "travel mode" on

[Kjella]

Because Travel Mode is an indicator that you've got something to hide, and thus, must be using social media to send encoded terrorist messages.

Maybe, but most likely they'll just see you as another nuisance maker trying to make their job difficult. And in their opinion it's important, valuable, patriotic and you're either non-American or one of the wusses they defend. I'm sure the TSA system has some informal way to shitlist a person so he'll get picked for extra security screenings, luggage checks, extended questioning, "problems" processing forms etc. so any kind of solution that lets the TSA know you're trying to obstruct or evade them is kinda a non-starter.

Sometimes I think terrorists are just nature's way of weeding out the violent and stupid- especially suicide bombers.

I think we'd run of places to blow up before we'd run out of violent and stupid people. Also, most of them manage a pretty solid kill:death ratio so if 50 people of average intelligence dies and one nutjob the average doesn't move much at all.

Re:If you have "travel mode" on

[ColdWetDog]

Maybe, but most likely they'll just see you as another nuisance maker trying to make their job difficult. And in their opinion it's important, valuable, patriotic and you're either non-American or one of the wusses they defend. I'm sure the TSA system has some informal way to shitlist a person so he'll get picked for extra security screenings, luggage checks, extended questioning, "problems" processing forms etc. so any kind of solution that lets the TSA know you're trying to obstruct or evade them is kinda a non-starter.

They're only going to care if you're wrapped head to toe in a Burka or tin foil. And then only maybe.

You do realize that the VAST majority of TSA employees are just trying to get through the day. That includes middle and upper level management. Yes, they realize that most of what they do is security theater - at best - but they still have to do it. Showing up with a blank computer / no social site logins / stupid T shirt or bizarre attitude isn't going to faze them nor will it put you on some magical shit list.

You aren't a special snowflake. Just a random, generic one. And when you melt, no one will care. Get over it.

Re:If you have "travel mode" on

Yes, and I suppose if we only knew this "truth" that's been hidden, we'd self-substantiate from the Matrix and we'd all drive sports cars and never have to work a single day in our lives again.

Re:If you have "travel mode" on

It must be really fun going through life with such constant paranoia. Taking such drastic and inconvenient measures means they (the terr'rists or the gov'mint, take your pick) have already won.

Re:If you have "travel mode" on

[myowntrueself]

It must be really fun going through life with such constant paranoia. Taking such drastic and inconvenient measures means they (the terr'rists or the gov'mint, take your pick) have already won.

I don't travel that often. When I do travel this is really not an inconvenience, you are totally exaggerating.

"We"?

[JustAnotherOldGuy]

"We need a 'trip mode' for social media sites..."

Speak for yourself...my devices aren't polluted with social media apps that leak my info and make me a target for hackers and Border Patrol fascists.

Re:"We"?

How arrogant are you that nobody can say "we" without it including you? If you're not a social media user, why would you assume you're part of the context of "we" that he's referring to?

Why do you need it?

We're talking about international travel here. I've never taken a cell phone to another country. I don't see the need.
Of course, I've never used social media on a cell phone, so maybe I'm just out of touch with what people care about.

Re:Why do you need it?

I live in a small country, close to the border. When I go upstairs with my smart phone in my pocket, I'm connected to a foreign cell phone antenna. Drugs trafficking is a major problem in my neighborhood as is growing marihuana and chemical drugs labos. Two neighbors have been caught with drugs related crimes in the past. One of them used to be my best friend in basic school (under 12 years).
 
I often wonder what will happen when future police investigations try to find drugs traffickers by browsing through the cell phone antenna logs. They will find logs of my smart phone that 'proof' I travel between both countries several times a day. Of course I don't do drugs, but just imagine that the 'proof' of the logs is enough to allow the investigators to take all my computers, tablets and phones to search for incriminating data. Just imagine when they find the pictures from the 80's of my family, cousins and friends where we were naked as children (walking naked was normal back then) while the society has Americanized and has become very prudish on being naked. It might be enough to be considered a pedophile. You simply don't know anymore.

I've lost trust in our politicians a long time ago. I also lost trust in the politicians in the ivory tower in the EU. The 'normal' opposition are the same as the politicians in power. The alternative politicians don't make a chance with our current system. The only alternative politicians that might win are populist who will inherit the totalitarian (but for 'well meant reasons') system of data gathering and profiling from the current system. Populists that are handed over a totalitarian system that can spy on every single individual? That can't be good, can it? Now I don't do anything wrong, but I understand that my pictures are a potential threat. But do you delete childhood memories or not? I don't do drugs yet I understand that moving as often as I do from one country to another (only in cell phone logs) makes me a suspect when investigators work the opposite way by first browsing through the logs to find suspects.

But what politicians can you vote for who keep us safe from the totalitarian grip on all our communication? Nobody can win except the politician who support this totalitarian grip except for populists. I've been thinking about this situation a lot lately. There is no escape. Either we keep choosing the 'right' politicians who have created this mess and keep on sacrificing our own culture for some imaginary multiculture where most people are unhappy or either we choose the 'wrong' politicians who will haply abuse this mess and also destroy everything. I guess that's what is called cynicism, I now understand what I read some 10-20 years ago in some book I can't remember (although I still remember the message that the demise of the west will not come from external threat but from cynical voters who feel helpless and are frustrated in politics).

Possible issue with this logic

[spiritplumber]

Good intention, but what's to prevent a border patrol agent from a rogue state from just detaining people until the trip mode timer expires?

Re:Possible issue with this logic

Just make it impossible to see if travel mode is on or off: even if it is on already, there is still a button to put it "on".

Re:Possible issue with this logic

[ctilsie242]

Why not add a duress password, perhaps? That, and hide the fact that trip mode is on, don't show a timer. Another way to deal with trip mode is to allow for non-trip-mode access only through a user settable range of IP addresses. Leave that range, the functionality set gets reduced. This way, if one is in Lower Elbonia, there is little to nothing the local goons can do to get full access to someone's profile, especially if the user uses 2FA.

Re:Possible issue with this logic

[vux984]

Yeah, users won't constantly stumble over that trying to figure out if they've properly turned travel mode is on or off.

Re:Possible issue with this logic

[eth1]

Good intention, but what's to prevent a border patrol agent from a rogue state from just detaining people until the trip mode timer expires?

Set a "home" location. Require the mobile device to be physically located within a certain distance of that area (determined via GPS) in order for trip mode to be deactivated.

Uninstall?

[Gilgaron]

Does Facebook keep much locally on the phone? It'd seem easier to just uninstall it, deny having an account at the border, and reinstall whenever. Same as backing up stuff to the cloud.

Re:Uninstall?

It'd seem easier to just uninstall it

Easier said than done for the 99% of devices that aren't rooted. :-(

Re:Uninstall?

[Opportunist]

You hand vital information about yourself to a device you don't own?

First mistake.

Re:Uninstall?

You can't uninstall apps on an unrooted device? I thought that was only true for preinstalled apps.

Re:Uninstall?

[Gilgaron]

Do many phones come with Facebook preinstalled or something? In any case, surely even then you can disassociate the account with it.

Re:Uninstall?

[Altrag]

What do you consider "vital information?" Most people probably don't have a text file with their SSN and credit card info just sitting there on the phone's desktop.

But location history? You don't really get to control that. Browsing history? Better remember to clear it every single time you surf the web (can you trust that its actually gone?) Contacts in your dialer.. the type of apps you use.. etc etc etc.

There's boatloads of information that your device knows about you that you didn't have to directly type in. Simple day to day usage generates plenty of information with only assumed consent, and much of that is necessary for it to perform the tasks you want it to do -- you can't really use a navigation app if you disable location tracking for example.

For the super paranoid, you're welcome to get rid of your phone and your home internet connection and try to keep a car from 1982 on the road, cancel your credit cards (and move to a new place that you can somehow rent on a cash-only basis with no names exchanged and leave no forwarding address to ensure they don't have you still on file) and so on and so on to ensure that when they come for you, they'll have to do it the old fashioned way.

For the other 99.9999% of us, we don't really have a choice. Technology is what it is and unfortunately personal privacy hasn't been much of a design consideration (yet.. hopefully..)

And to really piss you off, doing all of that super paranoid stuff I mentioned above? That gets you flagged because they assume nobody in their right mind would go to that much trouble to avoid modern conveniences and well.. they'd probably be right.

Its a bit of an unjustified leap to go from "super weird" to "dangerous" but when we're talking about tourists entering the US these days where the government has basically flat out stated that non-US citizens have less rights than your average pet and even US citizens that dare to leave the country should be viewed with extreme caution when they return.

The "all" in "All men are created equal" has been given a very narrow and constantly shrinking interpretation in recent years.

2 accounts?

[Zemran]

Far better to have a cutsie account in your real name with only polite BS and a 2nd account in a different name where you can be honest. No politics or opinion on your real name and open an incognito browser before logging in to the real account where you say what you really think. A cut down account is far too dangerous as it would still be the person that the junta in Thailand are looking for for criticising the way they arrest, murder people or sell Rohinghya into slavery. It is not just the US who want to read your Facebook page. Better still, leave Facebook and meet your family.

Re:2 accounts?

[mi]

Far better to have a cutsie account in your real name with only polite BS and a 2nd account in a different name where you can be honest

That would violate the "real name" policies of services like Facebook and Quora — you can lose that "important" account if you do that...

Of course, you can another account with your real name — for example, there are over a dozen Facebook accounts with my own fairly rare Firstname Lastname combination already. None of them mine...

But that has its own difficulties — most client-applications remember your username-string, even if you tell them to not record the password. So, you will be seen overwriting your username with the fake one... And, even if you aren't, whoever forces you will see, you last logged-in a year ago — and become suspicious. No, what you want is a "Duress Password", which unlocks the same account but hides the things you want hidden.

Re:2 accounts?

Actually its far far far better just to not use Fakebook, TWITter, and other data mining sites! No One can access something that doesn't exist! And just a note here, even if you delete accounts on these sites, any data that they have on you will still be there forever! And they will continue to try to track your internet use, web searches etc...

Privacy is difficult these days mainly due to idiots that give up privacy to be able to use sites like Fakebook and TWITter, along with using a "smart phone" with apps that report your data to everyone and their affiliates. Basically if you want privacy these days you have to move to a remote cabin in the wilds of Canada with no internet and solar/wind/water power!

Re:2 accounts?

The problem is that two accounts are against FB's ToS, and FB actively and aggressively locks duplicate accounts with no mercy. Ask any furry, kig, or drag queen.

Re: 2 accounts?

Handing over your password is against Facebook's ToS, as well.

Re:2 accounts?

Don't give them any reason to believe the accounts are duplicates. I use GP's strategy just fine. I'm beginning to wonder what on earth people who get duplicates locked are doing. Please don't tell me you've friend both accounts with the other....

One person I know though had two accounts, one for business, another for friends. There's a procedure you can go through to get an official business account. If somebody with no job or other income can do that, anybody can. Granted, that's sort of outside the scope of this topic.

Re:2 accounts?

[Cro+Magnon]

I do half of that. My FB account is full of boring stuff that would put any border cop to sleep (Heck, it puts me to sleep and I wrote it). The good stuff, like my plans for world domination, aren't on FB in any of my identities.

Re:2 accounts?

[Zemran]

"That would violate the "real name" policies of services like Facebook and Quora [quora.com] — you can lose that "important" account if you do that..." If you think that a Facebook account is "important" you have your priorities wrong in life. I would rather lose an account than publish personal information publicly.

Re:2 accounts?

You certainly don't use facebook login for authentication to other sites

Re:2 accounts?

[mi]

If you think that a Facebook account is "important" you have your priorities wrong in life

Don't attack the messenger — as I suggested above, I don't have a Facebook account at all.

By "important" I meant the account, that a user would consider worth protecting by hiding under a different name as you suggested.

Since you have nothing to say but argue about terminology (semantics), I believe, we are done here.

Stupid

This is so incredibly stupid.

If the feature depends on a timer, and it cannot be easily turned off, all the authorities have to do is detain you until the timer expires.

If you try to thwart them by putting an absurdly large timer (one month? one year?), well, you're just screwing yourself then because you are locked out for that duration as well.

But the authorities don't even need to do this! They can just get a warrant (or not, depends on how badly they want you), turn to Facebook and say "this guy is suspicious, hand over his data".

This is a stupid, stupid idea... If you are concerned about what the authorities can glean from your Facebook account then you have an easy option: DON'T POST THAT INFORMATION ON FACEBOOK.

Seriously.

Devices are a red herring.

[xtal]

Border guards can ask for your account passwords.

You don't have to provide them, of course.

But if you're not a citizen, you don't have to be admitted, either.

There are little or no practical appeals.

Not responding truthfully to a border guard is a very serious crime; it's not an option, although refusing can be, with consequences.

It will be interesting to watch the economic impact of this over time - I suspect there will be none, as people have adapted in the past, and this will just become the norm.
 

Re:Devices are a red herring.

[OhPlz]

I don't think there's much of a choice for non-citizens. Look at what open borders get you, tourism numbers in France are way, way down. No one wants to deal with frequent terror attacks and rioting.

Re:Devices are a red herring.

[JustAnotherOldGuy]

As AC said below, "How do I provide that which doesn't exist? What then?"

I don't have a Facebook account, nor Instagram, Pinterest, LinkedIn, etc etc etc. Facebook *might* have a page that *they* started on me, but it's not mine.

You can Google my name all day long and not find squat, I'm just not there. They're welcome to search for me but it'll be a wash with no relevant results.

So how do I give them what doesn't exist?

Re:Devices are a red herring.

[Cajun+Hell]

So how do I give them what doesn't exist?

Create it, and then it will exist.

Re:Devices are a red herring.

[JustAnotherOldGuy]

So how do I give them what doesn't exist?

Create it, and then it will exist.

Nooooooooooo. No no no.

Re:Devices are a red herring.

[AHuxley]

Its fine not to have email, social media, just a phone. But if a person is wanting to enter another nation, expect most online activity to have been found.
A photo will have some use for facial recognition. Friends will be found, friends of friends.
Party? Conference photo? Work? Hobby? A person who shows up in a very interesting nation? Friends of friends online?
A person might not have social media but everyone at their work might :)
Who are they friends with? Who or what do people ate work or friends support on social media?
If you are entering on a visa, the application will often have an email option to track the approval or ask for more supporting documents. That account will then be requested if no social media exists.
Most nations are interested in the faces on social media, connections to other interesting people, groups.
Politics, support, funding of groups. Military background? Political party that funds interesting groups?
People often have such information all over their friends social media.

Re:Devices are a red herring.

[Altrag]

You're just assumed to be socially inept and therefore possibly unstable and a risk.

Employers have been doing it for years. The government just had to figure out a way to write it up so it didn't sound so discriminating..^W^W^W^W^W^W

Sorry I mean had to wait for a president that believes mass discrimination is the solution to all problems.

Re:Devices are a red herring.

[JustAnotherOldGuy]

You're just assumed to be socially inept and therefore possibly unstable and a risk.

And they'd be right! Trust me, my wife will swear to all three of those things without even being prompted.

Implying social media isn't already owned by CIA

There is literally no point trying to protect your social media logins from US Customs officers because the federal government already has direct access to everything on Social Media.

When I travel, I bring a burner phone which I do a factory reset everytime I cross an international border, and a chromebook which I powerwash before I cross the border. I have several online accounts for practically every site so under duress, if they forced me to log in to an account I would simply log into one of the boring ones with nothing interesting on it.

This isn't because I doubt the NSA and CIA already have everything. It's because I don't want a US Customs Officer with a high school diploma reading my shit.

Dumb Idea, Seriously

Seriously, does this Maciej dude really think that a "Trip Mode" does anything meaningful about intrusive border searches? That's just dumb!

In order to limit Border Services' activities, you have to make it so they cannot see anything. Nothing, zero, zip! As soon as they can see "something", then they can continuously expand their search for as long as they are interested. As soon as they can see that you have Trip Mode turned on they can "ask" you in that unpleasant & coercive way they have, to turn Trip Mode off.

The best things you can do are to:

1). Leave your devices at home;
2). Travel under the name Joe/Jane Smith and claim you never use social media. Ever. For anything!
3). Actually not use social media;
4). Boot into a fake, but plausibly real looking environment, with nothing interesting on it. Load it to the gills with internet cat videos and nothing more;
5). When they ask for your device passwords, politely but firmly decline. And be prepared to be detained and miss your flight.

Re:Dumb Idea, Seriously

[Opportunist]

2). Travel under the name Joe/Jane Smith and claim you never use social media. Ever. For anything!

Smart move. Where do I get a passport that says I'm Joe Smith?

4). Boot into a fake, but plausibly real looking environment, with nothing interesting on it. Load it to the gills with internet cat videos and nothing more;

I'd load it with gross but legal porn. Give them something to vomit over. Lemonparty or Tubgirl... gee, if I only could decide...

Re:Dumb Idea, Seriously

[AHuxley]

AC any use of encryption or a different OS mode, encrypted file system can be detected.
With the US gov paying, that software is easy to buy and fast to scan any device for can encryption or hidden accounts or a mode setting.
The encryption will hold but the use of such efforts will be found.
If your a citizen the question will be what files are been hidden? Decrypt and its all good...
The use of a flight mode will then be a chat down about hiding digital photos using cryptography. Still feel the need to hide the photos? Is it the gps and the location in an interesting nation? An interesting person is in one of the images? How many photos are been hidden in that device using that "travel" mode?
Need a lawyer? Time to talk to US law enforcement to start an investigation in the US? The US legal system is ready 24/7 with the needed paperwork. Send the device for more detailed examination to find what image files are been hidden?
The US citizen walks free, the device is returned days, weeks later.
Was an investigation opened? Home computer? ISP logs?
What do the ISP logs show? A lot of https searching for hours? Finally some http ...


If not a US citizen, thats a few lies, time to return to your own nation again.

The concept is "Duress Password"

[mi]

A "mode" will be detectable — looking at your screen whoever compels you to show it (a criminal or an officer or both-in-one) will be able to tell, you are in "travel mode" and demand to see the real deal.

The concept you want is Duress Password — which ostensibly unlocks "everything", but hides the things you previously marked for hiding whenever the "duress" password is entered instead of real one.

And you may wish to use it not only to fool overzealous border-guards, but, for example, to hide certain materials from bystanders at Internet-cafes.

There is a "duress" PAM-module in the works for folks compelled to login to their Unix-laptop and a move to add the feature to Cyrus IMAP-server.

But, to reiterate, it is of utmost importance, that your usage of such functionality can not be not only proven, but even suspected. Whoever is in a position to compel you to login, is also in a position to punish you for fooling him...

Re:The concept is "Duress Password"

Whoever is in a position to compel you to login, is also in a position to punish you for fooling him...

Which is why "duress passwords" or any other scheme to prevent an entity like the US Government from accessing your data is pointless.

The only option is to change the laws such that governments are (at least technically) constrained.

Re:The concept is "Duress Password"

I'm stunned. I saw your username and fully expected you to post something similar to ColdWetDog up there. Are you having a change of heart about being a bootlicker?

Re: The concept is "Duress Password"

Thank you... i hadnt heard about the duress-pam module... sounds like an awesome plan.

Not all ideas are good

There

Re:Not all ideas are good

and I *just* ran out of mod points. serves me right. amen, this is not a good idea.

Irrevocable ....

[PPH]

for an amount of time chosen by the user

Which, coincidentally, will be the amount of time you are held in detention until your phone unlocks.

What if I don't have a Facebookacvount?

How do I provide that which doesn't exist? What then?

Re:What if I don't have a Facebookacvount?

only terrorists don;t have face book... access denied.

Re:What if I don't have a Facebookacvount?

Just Google the name. Something will pop. And even if you weren't on the internet, you are now.

Re:What if I don't have a Facebookacvount?

Don't be silly. Facebook knows ALL about you, whether you have the acvount or not. When the border guard asks for your credentials, just turn on a laptop, phone, tablet or other computer which you own and click any 'like' button on any government webpage.

Re: What if I don't have a Facebookacvount?

Access denied? I live hete and my taxes help pay TSA salaries.

No, it needs to DIE

So-called 'social media' is bullshit. It's anything but 'social', it gives people a reason to not interact with each other (pro-tip: The Internets don't count!), it encourages bullying, toxic speech, fake news, and in the end is just a platform for terrorist organizations to radicalize people whose personalities are already on the fringes to start with. For young people especially it prevents them from learning proper social skills, which just isolates them from their peers even more, especially as they get older. Socially isolated people are orders of magnitude more likely to suffer from mental illnesses, which very often leads to violent crimes. Kill off so-called 'social media' and many of our modern problems will go away with it.

Re:No, it needs to DIE

it gives people a reason to not interact with each other (pro-tip: The Internets don't count!)

I'm sorry that you seem to be stuck in the distant past where all meaningful social interaction was face-to-face. Some of us have developed relationships in other ways now that it is possible.

wow you are incredibly stupid

Do you really think that existence of a "duress mode" will be a secret only we know? Of course they will find out, and adjust tactics accordingly.

Re:wow you are incredibly stupid

[mi]

Of course they will find out

No, they would not — the concept is in wide usage by security and alarm-monitoring companies for example.

Without access to the remote server, it can be made impossible to detect, whether or not the user used the special password or the real one.

Re:wow you are incredibly stupid

[Opportunist]

If you cannot tell whether the device is in "duress" mode, how would you find out?

Re:wow you are incredibly stupid

By beating the owner after they notice that the free and used hard drive space doesn't match the total on the drive sticker. Will they know to look for that? No, but their software analyzer tool will know. But the OS needs to know which mode it's in too so the analyzer would probably find out that way.

Re: wow you are incredibly stupid

It wont be to hard for them to ask you for both passwords, you know

Re:wow you are incredibly stupid

[mi]

notice that the free and used hard drive space doesn't match the total on the drive sticker

Logging-in with a duress code to your laptop should trigger removal of whatever it is you want to protect (whether it is encrypted/hidden or not).

It is a reasonably fast operation and, after it is over, the diskspace will match... The only way to prevent it would be for the compelling party to confiscate the laptop and attempt to unlock it themselves. That method is way too tedious to be used in a dragnet, however...

Re: wow you are incredibly stupid

[mi]

It wont be to hard for them to ask you for both passwords, you know

AFAIK, they don't ask for password. They ask you to "please, enter your password"...

Re: wow you are incredibly stupid

It wont be to hard for them to ask you for both passwords, you know

AFAIK, they don't ask for password. They ask you to "please, enter your password"...

Well that certainly proves that it will be hard for them to ask for both passwords instead.

Re: wow you are incredibly stupid

If having a duress password is optional then you have plausible deniability

Re:wow you are incredibly stupid

[Opportunist]

Yes, a large portion of that hard drive is not partitioned yet. Didn't need it yet, it's probably filled with random stuff from the last wipe.

Re: wow you are incredibly stupid

[Opportunist]

What second password are you talking about? There is none.

Part of having a good duress password is not having to have one to make whatever you're using work in the first place...

Re:wow you are incredibly stupid

[toddestan]

Given their current abuses of power, they would think it perfectly fine to detain someone who they thought might be using a duress password until that person coughs up their "real" password. Whether or not they would know for sure wouldn't be important to them.

That's why even though these technical solutions are nice, the only way to solve the real problem is to stop these abuses of power.

Visitors have no right to privacy post-911

The safety and security of the homeland (no matter which nation that is) trumps your so called privacy every time. Too bad. If you are not willing to subjugate yourself completely to the host country's vetting process, STAY HOME.

Re: Visitors have no right to privacy post-911

Lame

Re:Visitors have no right to privacy post-911

[mi]

The safety and security of the homeland trumps your so called privacy every time

Maybe, it would have if it actually helped. But it is so trivial for anyone to bypass the entire problem — such as by resetting their phone when the plane is landing and restoring from the cloud after checking-in to their hotel — that no terrorist will be thwarted by this.

If any, the safety gain will be temporarily while the lost liberty — substantial. Do the words I just used remind you of a quote by one of the Founding Fathers? They better...

STAY HOME.

During Obama's last fiscal year, the practice quintupled — and is targeting not only foreigners, but US citizens as well. Surrendering your privacy to a random guard's unfounded suspicions or hunches shall not be a condition for returning home.

Re:Visitors have no right to privacy post-911

Unless you're a mooooooooooooooooooooooooooooooooooooooslim.

Re:Visitors have no right to privacy post-911

Jesus christ. The comments on that Yahoo link are truly frightening. Legions of idiots, tripping all over themselves in a mad rush to hand over their privacy... in exchange for some dystopian vision of "security." This is why we can't have nice things.

Uh... Less?

I don't think you understand what social media is for...

YOU are the product. Not the customer.
So gathering MORE data is the job.

User safety? How does that make them money?

What do you mean by travel mode?

[Opportunist]

If that means it needs a feature to send it to or preferably past the end of the world, then I agree.

How about traveling without?

[damn_registrars]

Really, traveling without social media is a very pleasant option in most cases. My most memorable vacations are the ones I took where I was not worried about WiFi or 3G service. Your vacation should get you away from what consumes you during the rest of your existence; if you are worrying about that crap while you are away I'm going to tell you that your doing your vacation wrong.

Re:How about traveling without?

[jareth-0205]

Really, traveling without social media is a very pleasant option in most cases. My most memorable vacations are the ones I took where I was not worried about WiFi or 3G service. Your vacation should get you away from what consumes you during the rest of your existence; if you are worrying about that crap while you are away I'm going to tell you that your doing your vacation wrong.

*this is not a goddamn solution*.

Yes, you can, especially if you're only vaguely on social networks. But we shouldn't have to jump through hoops like this - when you're visiting friends and whatever while travelling, guess what, social networks are very useful in that case. Do you think it stops at social networks? Should you leave your phone completely? Social networks today, your phone call history tomorrow? Is that OK?

You can do this at the moment. Then tomorrow when they start doing automatic searches based on your name, and show you an account they've found that looks like you and has your name, what then?

Re:How about traveling without?

[damn_registrars]

Your reply wandered so much that it's rather difficult to tell if you even had a plan for it. I'll take the most coherent parts of it and try to reply to them:

Yes, you can, especially if you're only vaguely on social networks. But we shouldn't have to jump through hoops like this

If you are so married to your online existence that you consider leaving your laptop behind to be "jumping through hoops" then you probably couldn't be helped by any amount of anything here. Fortunately for you people who are at that level of dependency seldom notice when they are more than 10 miles from their home - as they almost never look away from their screens anyways - so traveling doesn't really matter. As the majority of slashdot readers are far more than 10 miles from an international border, it is reasonable to expect that you wouldn't be a likely candidate to wander far.

when you're visiting friends and whatever while travelling, guess what, social networks are very useful in that case

First of all, if you are visiting other people, that should be your social network, right there. Why do you need to worry about other people at that time? You're taking your attention away from the people who actually cared enough about you to spend time with you in the real world.

Second, if you are visiting people who you interact with in your online social networks, you probably haven't gone some place where you need to worry about a travel mode for your devices; likely you haven't gone more than 10 miles from your home.

Do you think it stops at social networks? Should you leave your phone completely?

Do you really think the two are equivalent in levels of importance?

Social networks today, your phone call history tomorrow? Is that OK?

There are nations that for years have checked visitors' phones at customs. In case you didn't know this before, US laws don't travel with you when you enter another country - you enter another country and you are now expected to adhere to their laws. If you don't like their laws you should have traveled elsewhere.

You can do this at the moment. Then tomorrow when they start doing automatic searches based on your name, and show you an account they've found that looks like you and has your name, what then?

What are you talking about? This is quite a bit removed from the topic at hand. If you're worried that a foreign nation is going to ask you to log in to a social media account, then you've made yourself a slave to social media. I'm guessing you don't leave home often with that attitude, though so you're probably just fine with that.

Re:How about traveling without?

[jareth-0205]

Do you think it stops at social networks? Should you leave your phone completely?

Do you really think the two are equivalent in levels of importance?

You don't? Why are they different? Quite a few people communicate almost exclusively by text, by chat mediums with the people that they know. Some people don't like phonecalls. For an increasing number of people they are absolutely the same importance.

Social networks today, your phone call history tomorrow? Is that OK?

There are nations that for years have checked visitors' phones at customs. In case you didn't know this before, US laws don't travel with you when you enter another country - you enter another country and you are now expected to adhere to their laws. If you don't like their laws you should have traveled elsewhere.

That doesn't make the procedure good or right. Jobs and family often force travel. Anyone who has a distributed life doesn't get to smugly avoid it.

You can do this at the moment. Then tomorrow when they start doing automatic searches based on your name, and show you an account they've found that looks like you and has your name, what then?

What are you talking about? This is quite a bit removed from the topic at hand. If you're worried that a foreign nation is going to ask you to log in to a social media account, then you've made yourself a slave to social media. I'm guessing you don't leave home often with that attitude, though so you're probably just fine with that.

Amazingly naive.

"If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged."

FYI (to correct your many assumptions) I'm British and have to travel to the US and other countries to see family. So yeah I'm very aware that I have no rights at the US border. If *you* don't care about rights at borders then I would say it's far more likely *you* are the one that doesn't travel.

Re:How about traveling without?

[AHuxley]

Any gov will have a passport photo. Travel without a phone, laptop and get asked, about social media?

As a citizen a person can invoke their nations laws, ask for a lawyer, articulate legal protections during the friendly chat down.
Federal, state, city, public/private partnership, charity, NGO efforts to collect and index all social media over the years will then get a facial recognition request.
Past hours, days, weeks, months could be recovered and presented during a chat down or held back to see how a person responds.
Facial recognition is fast so the interview will seem normal, with a short break, change of interview rooms, different staff needed, shift change.
All cover to sort what was found. Or wonder why nothing useful has been found...
If nothing is found is the person in a cult or member of some faith group? Often used as spies as they have no normal online past?
A citizen might walk free hours later but how interested are local/federal officials in that person now?
If a person is not a citizen, one lie and the paperwork is different. A flight back to their own nation.

Dumb people have dumb ideas

The premise: Someone is (figuratively, but only barely) pointing a loaded gun at your face and demanding you give them a list of your associates.

Furthermore, the premise is that this is how the law is and how it will/should say. By that, I mean that 1) You always vote against the only people who run on a platform of upholding the plain meaning and spirit of the 4th amendment, and 2) you are ok with the social networking site's database still having a list of your associates. You just don't want that list to be accessible through your user-agent. If the guy with the gun asks the company directly without involving you or your phone, you don't have a problem (or at least not such a problem, that you would stop using that website or stop voting for Republicrats).

And you want a third party (social networking websites) to Do Something, such that the guy pointing a gun at your face, doesn't get whatever he wants.

I think this is an absurd position and I can't respect it .. or you. Take some responsibility; quit trying to get someone else (who has no stake in the situation) to fix it for you. At a minumum, at least put your votes where your mouth is, both in the booth and with your wallet. Stop using Facebook, and stop voting for people like Trump/Clinton. Currently, you are always acting like your privacy is worthless, and you are always helping (even when the gun isn't in your face) the guy with the gun. You fucking hypocrite. Why would anyone help you? You are the enemy that you're complaining about, asshole!

Re:Dumb people have dumb ideas

[OhPlz]

Why we would vote for people that want to make it easy for terrorists to enter the country?

Re:Dumb people have dumb ideas

Because we're Americans. People's freedom (especially mine) is more important than some snowflake's comical lame-ass security theater.

This attitude is why we ratified the Bill of Rights, and why a few us (with seeming futility) still attempt to uphold them. If you don't like it, maybe you should go back to England and smooch your beloved King George's ass, you limey bastard.

Re:Dumb people have dumb ideas

[OhPlz]

We're Americans, they're not. That's the point. If we choose to admit others, that's our choice, but nothing compels us to do so. We certainly shouldn't do so when it's a threat to national security. Attitudes like yours are why people are getting molested by the TSA for exercising their right to travel. That is a violation of the Bill of Rights, you fuckstick.

Or just

[The+Cisco+Kid]

don't bring any devices with you, and if someone asks for your Facebook password reply with "Whats a face book?"

Re:Or just

[Moof123]

In the end, the internet is a messy place for sensitive secrets. We have reached the point where it is best not to document anything provocative (or potentially twisted by a warped mind wearing jack boots into appearing provocative) on the internet. Big brother is in full force. Love him, or else.

This is not a technological problem

[gweihir]

It is a political one. If you travel to a country where they can demand your passwords, they can do equally bad things to you if you have a "travel-mode" configured. The problem is that they can demand your passwords. In a country that respects personal freedoms, that will not happen. Unfortunately, the citizens of most democratic countries are too unaware of history today to understand the value of those freedoms and how hard it was to get them and are not defending them. If you go to such a country, having them look at all your social media stuff from the inside may be the only option. Whether you want to go to a country run by honor-less and decency-less "authorities" that do these things with the general consent of the citizens there is another question.

Incidentally, doing a "travel mode" is easy: Create long random password that you cannot remember, write it down, set it as your account-password and leave the piece of paper it is on at home. Done.

Yeah, and advertise to the world you're not home

Look, traffic analysis is a bitch. Charlie just has to look at the fact that suddenly Alice is only doing +1 to posts from Bob (her brother) but not from himself (which she usually would), and he can infer she might be in "travel mode".

Add enough "Bobs", and Charlie can do that with >90% confidence. Then he hires some crooks to break into Alice's home, hide lots of defamatory material inside a wall, and one year later, when her husband is running for the local ClimateChange chapter, leak info to the police that "they hide in their basement"...

Sounds far fetched? Maybe the second paragraph is, but the first one is not. Do you trust all "Charlies" in your social network?

More like duress mode

Duress codes...use them

How would you implement this?

[Torodung]

Great so you set "travel mode." And then what? Lock it with a different password? The TLA involved will just ask you for the credentials to turn off travel mode.

Or do you set a time period with no way to turn it back off if you make a mistake? That doesn't sound like a very good idea.

The only way to avoid exposure is to not have social media accounts, or have shell accounts that you log your phone into when you travel. That's your travel mode.

Re:How would you implement this?

" ...or have shell accounts that you log your phone into when you travel."

You are under the mistaken assumption that they read your stuff while you wait. You unlock your device to by-pass any encryption and authentication to social media. Then they plug it into a computer to run scripts that dump ALL contents, not just your logged in account. All accounts on the device. That includes the account authentication tokens to your social media and music and other sites. Your only safe solution is to purchase a burner phone or device and create an account for that device only. Tell your people what number to call or special account to communicate to. Don't reference your normal accounts in the special ones. Don't create social media accounts for it either.

Re:How would you implement this?

[Ksevio]

You say "I'm traveling from the 14th to the 21st, travel mode should cover those days", then you click the "confirm" button and if you made a mistake, you have to wait a bit. That sounds easier than your option.

There already is a mode that works

[SoundGuyNoise]

It's called the "Logout" button. It's an amazing privacy feature.

Re:Implying social media isn't already owned by CI

[ColdWetDog]

You can powerwash a chromebook? Cool. I'm going to have to look into one of those.

Travel Mode Won't Help

[Striek]

The problem isn't just that the ask for passwords. The problem is also that they save them for later use.

http://www.dailyxtra.com/canad...

A month later, André attempted to fly to New Orleans again. This time, he brought what he thought was ample proof that he was not a sex worker: letters from his employer, pay stubs, bank statements, a lease agreement and phone contracts to prove he intended to return to Canada.

When he went through secondary inspection at Vancouver airport, US Customs officers didn’t even need to ask for his passwords — they were saved in their own system. But André had wiped his phone of sex apps, browser history and messages, thinking that would dispel any suggestion he was looking for sex work. Instead, the border officers took that as suspicious.

All the "travel mode" protections we can think of will be useless, unless it also forces a password change. And we all know how often that happens.

As so many other commenters have pointed out, technology is not the problem here. The laws allowing it (or the lack of laws prohibiting it) are the problem.

Jail time?

You: "Sorry, my account is locked for the next 30 days. Can't give you access"
Police: "No problems, you just have to wait here for the next 31 days"....
You: "Oh"

You appear to be advocating...

[drinkypoo]

You appear to be advocating for a technical solution for fascism. The problem is, the fascists have better rubber hoses. Also, if it can't be turned off, then it can be used to grief people; if you can get them to turn it on, whether by owning their account or by tricking them, and they can't turn it off, that's beyond inconvenient.

Whatchu talking about Willis?

" they take the darkening political climate around the world seriously"

The only "darkening political climate" has been created by people who believe open borders are financially feasible.

A condition of sovereignty is to control your borders.

The only thing darkening is the Western world progressives accepting of religious violence and their acceptance that some religions are "special" and that they'll tolerate some of the most crude and cruel behavior because, well.... trump.

Foolproof solution

[ronmon]

Don't use that crap. It's nothing more than candy to lure you into the paedophile's van.

So you say you can't live without your beloved Facebook, Twitter, Instagram, etc? Well, some people think they can't live without heroin, cocaine or oxycontin. That's your fucking problem and I have no sympathy.

Really?

[hackel]

If they can force you to give them your password, they can just as easily force you to deactivate any kind of "trip mode." This is just silly.

Inherent Safety

[sdinfoserv]

How about stop putting private information on social media....AND when you're traveling, pay attention to the foreign place over the virtual one....

Re:Inherent Safety

Stop putting accurate information on social media.

Lie all the time.

I spent a couple of days on Mars last week, just to fuck with customs.

Take a vacation from your social media

[enjar]

Log out, remove it from your device and actually be fully present for your trip. The world's a fascinating place, experiencing it through a four inch screen really doesn't do it justice.

It's mine

... protect people forced to give their passwords ...

It's my Facebook password in the same way it's my library book or my company car. If I started handing those items to strangers so their contents could be searched, people would complain yet Facebook and friends say nothing.

... the darkening political climate ...

The US government wants to search people without a search warrant and they've created 'no constitutional rights' zones to do it: We see this best in "stop and frisk" on the street with personal computing devices and social media being the low-hanging fruit. Since social media tends to project a 'come see me' mentality, the government can search those any time (since the USA demands passenger manifests in advance, not to mention, Visas for all non-residents, they know everybody's name) to discover what anti-American sentiments are being written. Government snooping at the customs gate is partly more accurate surveillance and mostly obnoxious theatre. The DHS even admits to wanting security mechanisms to be obnoxious; for the terrorists, you understand. Just be grateful their plans to search the railways and highways haven't succeeded yet.

Travel mode, AKA...

[fyngyrz]

My phone has a global "travel mode", AKA "Airplane mode."

IOW, I just disconnect when traveling. Also when sleeping. And working.

The Internet in all its various forms and guises serves me. Not the other way around. If it's not that way for you, you need to stop selling death-sticks, go home, and rethink your life. Go on. Go.

Mail your devices home?

[Sheik+Yerbouti]

I was thinking as a work around to this how about just overnighting your electronics to the house? Mostly just as an FU.

Re:Implying social media isn't already owned by CI

[AHuxley]

US gov, federal police, city, state, public/private partnerships, private groups will have collected everything in real time over the years.
A face that finds past use with facial recognition would re build any past social media use.
Politics, parties, friends of friends, funding, support, groups, leaders, other nations, work, holidays.
All a more secure mode hints at is a person knows they will be questioned and tried to quickly hide their digital pasts.
If they are a citizen, expect questions and every device to be searched, cloned, copied, any deleted files on a camera card recovered, any encrypted files systems detected. A few different request for a password.
So a citizen will get to walk out after a few hours of repeated questions, requests for a password, but their need to hide would have been added to a few databases. Any interesting devices will be examined, returned over days or weeks.
What did that person do? Why is that person interesting? Images/gps from another nation they visited while on holiday but had no paperwork for? Why hide the account?
Not a citizen? The interviews go on until the first lie. Deport.

Paperz!!

[easyTree]

I was tempted to say that you need new laws which protect your right to privacy but maybe technical solutions to government nosiness are the way to go.

Here's a thought:

how about not having a social network profile? Or, not use your real name? What are they gonna do, make you get one before you travel? Actually check to see if you're lying?

Multiple accounts?

[bazorg]

The idea of duress passwords sounds right, but requires some changes to the device/software.
If we simply keep another account of the same type that authenticates with the device and syncs to a different set of contacts, map history, browser history, then it should be as plausible as what the security guy finds on the account for someone who is not a very regular user of the "smart" part of their phone.

I think I got dumber reading that...

[NateTech]

Let's break it down...

"We need a 'trip mode' for social media sites that reduces our contact list and history to a minimal subset of what the site normally offers."

If you don't want things in public, don't put them on social media.

"Not only would such a feature protect people forced to give their passwords at the border, but it would mitigate the many additional threats to privacy they face when they use their social media accounts away from home."

No it wouldn't. The oligarchs who want the data will just get it via other means. "Giving passwords at the border" is a convenience for them, but not the only way to get the data. And what are these "additional threats to privacy"? That's just meaningless add-on to the sentence. You created the threat to your privacy when you posted the information in public.

"Both Facebook and Google make lofty claims about user safety, but they've done little to show they take the darkening political climate around the world seriously."

Facebook and Google never have and never will care as much about your privacy as you do. They MAKE MONEY off of mining your information! And another meaningless sentence add-on... "darkening political climate"... huh? When did governments stop wanting information on travelers, ever?

"A 'trip mode' would be a chance for them to demonstrate their commitment to user safety beyond press releases and anodyne letters of support."

And it would be a false sense of security. All it takes is a subpoena or a claim that you're a "terrorist" to get any social media company to quite-willingly hand over whatever law enforcement wants, without you even knowing about it.

"What's required is a small amount of engineering, a good marketing effort, and the conviction that any company that makes its fortune hoarding user data has a moral responsibility to protect its users."

Or just stop feeding them user data.

"To work effectively, a trip mode feature would need to be easy to turn on, configurable (so you can choose how long you want the protection turned on for) and irrevocable for an amount of time chosen by the user once it's set. There's no sense in having a 'trip mode' if the person demanding your password can simply switch it off, or coerce you into switching it off."

They can switch it off whenever they like... it's called a subpoena. You're fixing the wrong problem putting a "mode" in the user front-end. What's needed is encryption on the back end and even the company "hoarding" the data you willingly gave them NOT being able to read it at all, which... obviously isn't their business model...

The key thought here is, you do NOT need social media. No one NEEDS social media. Whatever you GIVE WILLINGLY to a company about yourself is easily accessed by anyone who can even hint that you are some sort of "threat" to anyone in society. No "mode" will fix that. Just STOP providing the information if you don't want it seen by everyone.