How to Defeat U.S. Border Agents from Viewing Your Notebook and Your Private Data

Page 5 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

forumguy

Member
Sep 29, 2008
42
0
0
Originally posted by: spidey07
Originally posted by: forumguy
Right now, the legal law is setup so U.S. Customs can search the contents of any of your electronics without any reason. Also the precendent is there for them to confiscate any electronics at their discretion for later detailed analysis in a lab.

Gee, kinda like fruit, plant material and any animals. DAMN THEM!!! Just who do they think they are!!!


Taking away my bag of fruit is one thing (I would also be pissed) but taking my notebook from me if I'm on vacation would be something else. For business people, not arriving at the destination with your notebook is even worse.

I would almost be okay with them driving around my desktop. But imaging my drive sector by sector and having it end up in any other government agency got me. They won't get me standing in their office while they poke around my email, documents, histories -- not if I can help it -- and it looks like I can do a great deal to prevent this. If they take my personal drives, they will need NSA strength computers a few weeks to crack it even if it is possible at all.

 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Originally posted by: forumguy

Taking away my bag of fruit is one thing (I would also be pissed) but taking my notebook from me if I'm on vacation would be something else. For business people, not arriving at the destination with your notebook is even worse.

I would almost be okay with them driving around my desktop. But imaging my drive sector by sector and having it end up in any other government agency got me. They won't get me standing in their office while they poke around my email, documents, histories -- not if I can help it -- and it looks like I can do a great deal to prevent this. If they take my personal drives, they will need NSA strength computers a few weeks to crack it even if it is possible at all.

lulz, yeah...that's the ticket...act suspicious. Have you ever been pulled from the customs line and missed a flight or are you just reading stories on the intarweb? Try going through customs in amsterdam.

Then again you're on visa so you probably have, but way to act even more suspicious!
 

sactoking

Diamond Member
Sep 24, 2007
7,582
2,817
136
Originally posted by: Mardeth
So if you encrypt the disk and refuse to give the password, can they charge you with something?

Maybe some trumped-up charges, but it has been ruled in federal court (no link atm) that disclosing your password is akin to self-incrimination, and cannot be forced upon you.
 

Newbian

Lifer
Aug 24, 2008
24,768
864
126
Originally posted by: sactoking
Originally posted by: Mardeth
So if you encrypt the disk and refuse to give the password, can they charge you with something?

Maybe some trumped-up charges, but it has been ruled in federal court (no link atm) that disclosing your password is akin to self-incrimination, and cannot be forced upon you.

The problem is if you refuse to give them this they can just refuse your entry into the country until you do as they say.

They don't need to charge you when you need to get into a country and will eventually do what they want.
 

sactoking

Diamond Member
Sep 24, 2007
7,582
2,817
136
I don't believe that's the case. I believe they can confiscate your property, but they cannot refuse entry for failure to disclose a password.
 

forumguy

Member
Sep 29, 2008
42
0
0
Originally posted by: spidey07
Originally posted by: forumguy

Taking away my bag of fruit is one thing (I would also be pissed) but taking my notebook from me if I'm on vacation would be something else. For business people, not arriving at the destination with your notebook is even worse.

I would almost be okay with them driving around my desktop. But imaging my drive sector by sector and having it end up in any other government agency got me. They won't get me standing in their office while they poke around my email, documents, histories -- not if I can help it -- and it looks like I can do a great deal to prevent this. If they take my personal drives, they will need NSA strength computers a few weeks to crack it even if it is possible at all.

lulz, yeah...that's the ticket...act suspicious. Have you ever been pulled from the customs line and missed a flight or are you just reading stories on the intarweb? Try going through customs in amsterdam.

Then again you're on visa so you probably have, but way to act even more suspicious!


And how is having a notebook that boots up normally suspicious? I'll have the regular notebook and an external drive in the suitcase. Are they going to stop everyone for this? You're reaching...
 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Originally posted by: forumguy
And how is having a notebook that boots up normally suspicious? I'll have the regular notebook and an external drive in the suitcase. Are they going to stop everyone for this? You're reaching...

And you're paranoid.
 

uberman

Golden Member
Sep 15, 2006
1,942
1
81
After 911, they pulled Microsoft Flight Simulator off the shelves. It was supposed that some of the Trade Tower Terrorists trained with it. So naturally, if something is going to disappear it's a good idea to grab a copy. I did, I believe is MS Flight Simulator 2000.

Would that be a reason to get hassled if I had that MS Flight Simulator program on my laptop at the airport?
 

Capt Caveman

Lifer
Jan 30, 2005
34,543
651
126
How often do people get their laptops/hard drives confiscated? Millions of people fly for business with laptops and I don't ever hear of this being a problem.

The last few times I've flown with my laptop. They have rubbed it with a cloth and placed it a machine to smell explosives or just had me boot my laptop on then let me go on my merry way.
 

uberman

Golden Member
Sep 15, 2006
1,942
1
81
Originally posted by: Capt Caveman
How often do people get their laptops/hard drives confiscated? Millions of people fly for business with laptops and I don't ever hear of this being a problem.

The last few times I've flown with my laptop. They have rubbed it with a cloth and placed it a machine to smell explosives or just had me boot my laptop on then let me go on my merry way.

I was listening to Brian Copland on KGO radio (San Francisco) a couple months ago and he brought this issue up. Apparently some laptops from Europe were being held for like 30 days. The concern he was speaking about was people; but also businesses with trade secrets, etc. How are they supposed to do business?

 

grrl

Diamond Member
Jun 21, 2001
6,204
1
0
Originally posted by: Crusty
I'd have to say, having a laptop without a HDD is more suspicious then a laptop with an encrypted HDD.

This.
 

forumguy

Member
Sep 29, 2008
42
0
0
Originally posted by: uberman
Originally posted by: Capt Caveman
How often do people get their laptops/hard drives confiscated? Millions of people fly for business with laptops and I don't ever hear of this being a problem.

The last few times I've flown with my laptop. They have rubbed it with a cloth and placed it a machine to smell explosives or just had me boot my laptop on then let me go on my merry way.

I was listening to Brian Copland on KGO radio (San Francisco) a couple months ago and he brought this issue up. Apparently some laptops from Europe were being held for like 30 days. The concern he was speaking about was people; but also businesses with trade secrets, etc. How are they supposed to do business?

Also, the U.S. Appeals Court ruling that fully opened the door for this only came out last April. We may not have hearing much about this but it can only become more common not less.
 
Feb 19, 2001
20,155
23
81
Originally posted by: Capt Caveman
How often do people get their laptops/hard drives confiscated? Millions of people fly for business with laptops and I don't ever hear of this being a problem.

The last few times I've flown with my laptop. They have rubbed it with a cloth and placed it a machine to smell explosives or just had me boot my laptop on then let me go on my merry way.

Probably the people who look like creepy pedos. People go on business trips EVERYDAY, and I have NEVER heard of anyone having to boot up their laptop since the early post 9/11 days. *shrug*
 

imported_Lothar

Diamond Member
Aug 10, 2006
4,559
1
0
Originally posted by: BladeVenom
Just make Goatse your background screen. No one will be interested in looking around on your laptop after that.

After you board the plane and now decide that you want to use your laptop, do you go to the bathroom with it to change the desktop and come back to your seat?
 

forumguy

Member
Sep 29, 2008
42
0
0
Originally posted by: sactoking
I don't believe that's the case. I believe they can confiscate your property, but they cannot refuse entry for failure to disclose a password.


This is a good point and I'll have to research the details into this exact scenario. But I think you are referring to the 5th amendment right. Unfortunately, it might be the case that they interpret your failure to provide a password as equivalent to not opening your suitcase. The recent Appeals Court ruling probably swings it in favor for the U.S. Customs.

There is the widely known case of Sebastian Boucher from earlier this year:

http://www.computerworld.com.au/index.php/id;1316401982

He was pulled over crossing from Canada into U.S. at a Vermont border. They randomly checked his computer (for unknown reasons) by making him to log in. The agent found file names that suggested child porn. Now they want to build a legal case on those files and made a mirror of this HDD. But the drive is encrypted with PGP and they cannot (as yet) force him to unlock it and PGP is stopping them cold. Sebastian refuses to provide the password.

Do a google search for "Sebastien Boucher encryption" and you'll find tons of articles. The legal and privacy folks are following this one closely. The 5th amendment is protecting him now that he's in the U.S. but it did not protect him when he was at the border.

Here is the Wikipedia article on "United States vs. Boucher" case.

http://en.wikipedia.org/wiki/United_States_v._Boucher

 

JSSheridan

Golden Member
Sep 20, 2002
1,382
0
0
Originally posted by: CrazyLazy
If they really care what you have at all they can just take the hardrive from your laptop bag and copy it's contents/confiscate it forever. The only way to be truly safe is to store all your data on a flash drive and put it up your butt. Seriously.

Text
 

hanoverphist

Diamond Member
Dec 7, 2006
9,867
23
76
Originally posted by: JSSheridan
Originally posted by: CrazyLazy
If they really care what you have at all they can just take the hardrive from your laptop bag and copy it's contents/confiscate it forever. The only way to be truly safe is to store all your data on a flash drive and put it up your butt. Seriously.

Text

iron man can fly... why would he be in line at the airport?
 

forumguy

Member
Sep 29, 2008
42
0
0
Originally posted by: DLeRium
So do most of you use truecrypt or what? I might be looking into this the next time I travel.

I use this on my laptops now. It is free, open source and has a lot of users. It supports full transparent boot drive encryption so on a notebook with one drive, it is good not just for travel but even "domestic" use like accidentally losing your notebook behind on a bus.

Truecrypt can also make a file "container". You then mount this encrypted file as any available drive letter. This is good for your external data drives.

Unfortunately, it gets more complicated at the border for international travel. The agent (U.S., British, Canada, etc.) can practically force you to take your notebook out and log in so they can peruse your entire notebook so the encryption won't help against this. Refusing to log in at this point would be like refusing to open your suitcase to them. The thing is my suitcase just has my clothes, toothbrush, etc. But my laptop contains personal thoughts, contacts, banking/investment information, browser history, etc. Plus, they can image your HDD for detailed analysis later and share with other agencies. With the recent Appeals Court ruling, it gives US Customs more confidence to do this more often (they could always do it).

At minimal, just take your notebook's HDD out before arriving at the airport and put it into your suitcase or carry-on. Its only one screw on my notebook. The notebook won't boot then. But, as other's pointed out, it might be more "suspicious" if they were to find out. But who knows, the notebook could genuinely be broken and you're taking it back for repair. A simple enhancement to the plan is to have your notebook boot up off of its internal SD reader into the free PendriveLinux. The entire boot process will appear normal to the casual observer. Another option may be to use Truecrypt's feature called "plausible deniability" where your main OS is on a hidden partition accessible by one password but you have a small decoy OS accessible by another password. If you ever find yourself in the position of being forced to log in, you can pick which OS to start and they wouldn't know about the other one.
 
Feb 19, 2001
20,155
23
81
Originally posted by: forumguy
Originally posted by: DLeRium
So do most of you use truecrypt or what? I might be looking into this the next time I travel.

I use this on my laptops now. It is free, open source and has a lot of users. It supports full transparent boot drive encryption so on a notebook with one drive, it is good not just for travel but even "domestic" use like accidentally losing your notebook behind on a bus.

Truecrypt can also make a file "container". You then mount this encrypted file as any available drive letter. This is good for your external data drives.

Unfortunately, it gets more complicated at the border for international travel. The agent (U.S., British, Canada, etc.) can practically force you to take your notebook out and log in so they can peruse your entire notebook so the encryption won't help. Refusing to log in at this point would be like refusing to open your suitcase to them. The thing is my suitcase just has my clothes, toothbrush, etc. But my laptop contains personal thoughts, contacts, banking/investment information, browser history, etc. Plus they can image your HDD for detailed analysis later and share with other agencies. With the recent Appeals Court ruling, it gives US Customs more confidence to do this more often (they could always do it).

At minimal, just take your notebook's HDD out before arriving at the airport. Its only one screw on my notebook. The notebook won't boot then. But, as other's pointed out, it might be cause of concern. Who knows, the notebook could genuinely be broken and you're taking it back for repair. A simple enhancement to the plan is to have your notebook boot up off of its internal SD reader into the free PendriveLinux. The entire boot process will appear normal to the casual observer. Truecrypt offers a cool feature called "plausible deniability" where your main OS is on a hidden partition accessible by one password but you have a small decoy OS accessible by another password. If you ever find yourself in the position of being forced to log in, you can pick which OS to start and they wouldn't know about the other one.

How's the performance hit? I already suffer from having to use VMWare Fusion with OSX so Vista + OSX is not the best combo, but thats' why I have 4GB of RAM. Although XP would probably make life a lot nicer, I'm hoping there aren't even more things like encryption that will slow me down to a crawl.

Edit: The HD removal.. eh. Not gonna pursue it. It might be relatively easy on my Dell but on my Macbook Pro? Tough luck when you gotta tear it apart.
 

pradeep1

Golden Member
Jun 4, 2005
1,099
1
81
If you are going somewhere you can expect this, then assume they will check all of your electronic devices (iPod, memory cards for cameras, etc.) for "contraband". So forget trying to hide it on your person. Either do the secure FTP transfer of your data after you get there, or mail yourself an encrypted DVD of all of your data.

I used PGP with 256 bit AES encryption on a compressed self-decrypting archive file on a DVD. Pack it in an inconspicuous mailer and just send it to a friend or contact there. If you are worried of even that being looked at and destroyed, mail yourself multiple copies through multiple services (DHL, Fedex, US Mail, UPS). Being inconspicuous, at least one of them will get through.

 

forumguy

Member
Sep 29, 2008
42
0
0
Originally posted by: DLeRium
Originally posted by: forumguy
Originally posted by: DLeRium
So do most of you use truecrypt or what? I might be looking into this the next time I travel.

I use this on my laptops now. It is free, open source and has a lot of users. It supports full transparent boot drive encryption so on a notebook with one drive, it is good not just for travel but even "domestic" use like accidentally losing your notebook behind on a bus.

Truecrypt can also make a file "container". You then mount this encrypted file as any available drive letter. This is good for your external data drives.

Unfortunately, it gets more complicated at the border for international travel. The agent (U.S., British, Canada, etc.) can practically force you to take your notebook out and log in so they can peruse your entire notebook so the encryption won't help. Refusing to log in at this point would be like refusing to open your suitcase to them. The thing is my suitcase just has my clothes, toothbrush, etc. But my laptop contains personal thoughts, contacts, banking/investment information, browser history, etc. Plus they can image your HDD for detailed analysis later and share with other agencies. With the recent Appeals Court ruling, it gives US Customs more confidence to do this more often (they could always do it).

At minimal, just take your notebook's HDD out before arriving at the airport. Its only one screw on my notebook. The notebook won't boot then. But, as other's pointed out, it might be cause of concern. Who knows, the notebook could genuinely be broken and you're taking it back for repair. A simple enhancement to the plan is to have your notebook boot up off of its internal SD reader into the free PendriveLinux. The entire boot process will appear normal to the casual observer. Truecrypt offers a cool feature called "plausible deniability" where your main OS is on a hidden partition accessible by one password but you have a small decoy OS accessible by another password. If you ever find yourself in the position of being forced to log in, you can pick which OS to start and they wouldn't know about the other one.

How's the performance hit? I already suffer from having to use VMWare Fusion with OSX so Vista + OSX is not the best combo, but thats' why I have 4GB of RAM. Although XP would probably make life a lot nicer, I'm hoping there aren't even more things like encryption that will slow me down to a crawl.

Edit: The HD removal.. eh. Not gonna pursue it. It might be relatively easy on my Dell but on my Macbook Pro? Tough luck when you gotta tear it apart.

The new TrueCrypt 6.0 has some new assembly optimizations and a big update for multiprocessor support. I haven't noticed much of a hit for normal disk operations. It might have higher CPU load for big transfers.

TrueCrypt allows a very easy way to both encrypt and decrypt (remove) the encryption permanently if you decide later. The first encryption process runs as a background process and can be paused and resumed until it completes. You can also remove TrueCrypt easily. I gotta say for such a big system change, the TrueCrypt installer is extremely well designed and implemented.

Here's what I would try. Install TrueCrypt and use it for a week or so. The unencrypt removal process is easy to use and totally removes it from the system.
 

Red Squirrel

No Lifer
May 24, 2003
68,417
12,595
126
www.anyf.ca
If crossing the border with any electronics I'd ensure they are very clean of any personal data. To be safe use a brand new hard drive and image your current one, since just deleting files wont do it. You could also run a 25 pass wipe that may do the trick but who knows what technology the US goverment has. Best to not take the risk.

Like everything would be at home and accessible through ssh. The IP info would not be anywhere on the laptop either or they would see it and force you to connect then end up snooping your entire home network. Best bet is don't even have a ssh client on there. Just download it and then use it, then delete it after when going back home.

Trucrypt or other encryption method would probably work too but need to ensure that there's still nothing personal as if they image the drive they WILL crack the encryption and WILL get all your personal data. The US goverment can crack an SSL connection in seconds, even though there's no real known way to do it yet with today's (public) technology. They have mainframes and tons of high end private technology to do these things.

Pretty sad when you can't trust the goverment at all because of their snooping nature, but that's the world we live in.

 

forumguy

Member
Sep 29, 2008
42
0
0
Originally posted by: RedSquirrel
If crossing the border with any electronics I'd ensure they are very clean of any personal data. To be safe use a brand new hard drive and image your current one, since just deleting files wont do it. You could also run a 25 pass wipe that may do the trick but who knows what technology the US goverment has. Best to not take the risk.

Like everything would be at home and accessible through ssh. The IP info would not be anywhere on the laptop either or they would see it and force you to connect then end up snooping your entire home network. Best bet is don't even have a ssh client on there. Just download it and then use it, then delete it after when going back home.

Trucrypt or other encryption method would probably work too but need to ensure that there's still nothing personal as if they image the drive they WILL crack the encryption and WILL get all your personal data. The US goverment can crack an SSL connection in seconds, even though there's no real known way to do it yet with today's (public) technology. They have mainframes and tons of high end private technology to do these things.

Pretty sad when you can't trust the goverment at all because of their snooping nature, but that's the world we live in.

Nobody knows for sure the extent of cracking abilities of big agencies like the NSA. Mathematically, of course, the keys space is fricking massive. To check all keys, we're talking longer than the age of the known universe even assuming speeds of super-computers 10 years in the future. But NSA has got some eggheads for sure that can see patterns of course. They are the biggest employer of mathematicians.

The funny thing is, even if NSA could crack 128-bit or 256-bit encryption easily, they could never admit it! So the information they gather wouldn't be used in a case being tried in a public court -- they certainly wouldn't reveal their capabilities just to find out someone has pirated MP3s! But obviously the information could be used in CIA and mission planning situations where "somehow" the troops and operatives know where to go. ;) How did Japan lose its most valuable admiral in WWII in the Pacific to American fighter planes? NSA!

http://en.wikipedia.org/wiki/Operation_Vengeance
 

mugs

Lifer
Apr 29, 2003
48,920
46
91
Originally posted by: RedSquirrel
If crossing the border with any electronics I'd ensure they are very clean of any personal data. To be safe use a brand new hard drive and image your current one, since just deleting files wont do it. You could also run a 25 pass wipe that may do the trick but who knows what technology the US goverment has. Best to not take the risk.

Like everything would be at home and accessible through ssh. The IP info would not be anywhere on the laptop either or they would see it and force you to connect then end up snooping your entire home network. Best bet is don't even have a ssh client on there. Just download it and then use it, then delete it after when going back home.

Trucrypt or other encryption method would probably work too but need to ensure that there's still nothing personal as if they image the drive they WILL crack the encryption and WILL get all your personal data. The US goverment can crack an SSL connection in seconds, even though there's no real known way to do it yet with today's (public) technology. They have mainframes and tons of high end private technology to do these things.

Pretty sad when you can't trust the goverment at all because of their snooping nature, but that's the world we live in.

They cannot do that. Stop spreading FUD.