Tips For Taking Your Laptop Into and Out of the US? 940
casualsax3 writes "I'm going to be taking a week long round trip from NYC to Puerto Vallarta Mexico sometime next month, and I was planning on taking my laptop with me. I'll probably want to rip a few movies and albums to the drive in order to keep busy on the flight. More important though, is that I'm also going to be taking pictures while I'm there, and storing them on the laptop. With everything in the news, I'm concerned that I'll have to show someone around the internals of my laptop coming back into the US. The pictures are potentially what upsets me the most, as I feel it's an incredible violation of my privacy. Do I actually need to worry about this? If so, should I go about hiding everything? I've heard good things about Truecrypt. Is it worth looking into or am I being overly paranoid?"
You could. (Score:5, Interesting)
Use a clean install and email the photos to yourself while you are there... or put them on an encrypted thumb drive / cd and snail mail it..
Well, who are you... (Score:5, Interesting)
Are you a middle eastern looking young male? A white male returning from Thailand? If so, be paranoid.
If not, no worries.
Re:mail it. (Score:3, Interesting)
That's what I was thinking, but it would likely be expensive to get it through customs. Or put all your data and OS on a SSD and rent or borrow a laptop on whatever country you are going to. Swap the hard drives and you are good to go.
It's called probable cause (Score:2, Interesting)
Plausible Deniability (Score:3, Interesting)
If you're worried about having to give up the password to your encrypted drive, try Rubberhose:
http://iq.org/~proff/rubberhose.org/ [iq.org]
Easy Solution (Score:5, Interesting)
Send it to your hotel DHL overnight before you leave, and do the same to get it home.
Problem solved.
Re:Boot to BSoD (Score:5, Interesting)
Re:If you're that worried... (Score:3, Interesting)
However, there is one big note of caution. Do not back up the container. Ever. An attacker could look at the change over time and determine there is a hidden volume. That's probably too paranoid for your case but it's worth mentioning.
You say an attacker could determine whether there is a hidden volume by comparing two versions of the file. How would they be able to do that? And does this mean they will be able to decypher the password?
Re:If you're that worried... (Score:4, Interesting)
But uh, mind if I ask: exactly what kind of pictures are you planning on taking on your vacation? ;-)
Most keen photographers - myself included - have a story or two about being hassled by security guards or police for photographing public buildings. Check out this article [schneier.com] for examples. It's for security reasons, you see. I might be planning a terrorist attack.
You wouldn't want the TSA goons to decide that your photographs seem odd [boingboing.net] and to give you a full-body cavity search "just in case".
Re:If you're that worried... (Score:4, Interesting)
No they will not get the password, but they will see bits changing in 'Empty space' that will alert them to the presence of a hidden container.
Re:Put the tinfoil hat away (Score:3, Interesting)
> No one is going to search your computer other than to make sure it is a computer and not a bomb.
Oh, really?
You give those trained monkeys way too much credit:
http://www.pressrepublican.com/homepage/local_story_278220015.html [pressrepublican.com]
Re:If you're that worried... (Score:3, Interesting)
I've thought about this myself and if you don't mind getting your hands dirty you could take an SD card and loaded it up with Linux, and wire it in parallel with the hard drive. install a small switch under the battery or something that switches power from the hard drive to the SD card. Then when traveling set the switch to select the card... it will look like a clean Linux install.
Re:If you're that worried... (Score:3, Interesting)
I completely understand not wanting a bunch of law enforcement officials looking at his private data. The thought that it is allowed infuriates me.
But the practical side of me says that I have come into the US several times in the last year, and not once has anyone even asked me to open my bags, let alone turn on my laptop.
Security through obscurity is probably the best bet here - and obscurity means looking just like all the thousands of other tourists coming in from Mexico every single day.
Re:Well, who are you... (Score:4, Interesting)
I am a middle eastern looking young male ... well, not so young anymore, but still well under 50. And as I said in a previous post [slashdot.org], I've never had any real problems with bringing a laptop past airport security on domestic or international flights. And I have had problems [shockandblog.com] before -- big problems [shockandblog.com] -- with airport security (and US Marshals) on a domestic flight. But none of those problems focused on a laptop, and I've never been asked to show what was on my laptop other than once I had to open it up and show that it actually did run. I suppose if someone looked like a child sex tourist flying from Bangkok they might be interested to see what photos are on their hard drive, but by and large their scrutiny is going to focus on whether you're a threat to the other passengers, but do you really think they are looking for vacation_photo_with_osama.jpg?
Re:Known Your Adversary (Score:3, Interesting)
To do this you need the TrueCrypt bootloader installed, which is a dead give-away that you probably have a hidden volume.
Plausible deniability can extend beyond just what truecrypt offers. Personally I would not encrypt the whole disk, just select container files. After all if they seize the computer they would expect it to boot and behave like a normal system, so give that to them.
For truecrypt use the "hide a tree in a forest" approach. Create some bogus aptly named containers - "MySecretStuffFile", and such with nothing but useless junk in it. When someone asks for the truecypt password give them the password to that.
Then create some actual containers masquerading as real files - "Big.zip" or "YourFavLinuxDistro.iso" or such. If they ask what that is, say its a zip or iso or whatever. If they ask why it doesn't work, say I guess its corrupted. If they can't prove its a truecrypt container there is not much they can do. Realistically unless your name pops up on some watch list I doubt that anyone would ever spend the time to sift through the files looking for that stuff.
Re:If you're that worried... (Score:2, Interesting)
Re:If you're that worried... (Score:5, Interesting)
Actually its even easier than that.
If you can, set the BIOS to set the CF or SD card slot as the first boot device, and the hard drive as the second.
Thus, without a card in the slot during boot up, you get a normal Windows session, with the card in you get a Linux session.
Also, if the Linux session does not auto mount the windows disk, then the simpleton inspecting your computer will never see your files on the hard drive.
Puppy Linux and Damn Small Linux are perfect for this
Beny
Re:If you're that worried... (Score:4, Interesting)
close, they can beat you up and shoot you and of course, you did it to yourself. http://www.lewrockwell.com/orig9/higgs-e1.html [lewrockwell.com]
i was actually looking for a story about an army private who was shot in the leg, and all record of his ever being shot were erased, it made the local news... but this story was better, so...
btw i realize this has only happened (reportedly, anyways) to 'army' privates, and of course, Iraqis and Afghanistan people, but it's amazing how some people with pull in the military can abuse the system.
Re:If you're that worried... (Score:5, Interesting)
lol. Von Neumann advised Shannon to call his measure of information 'entropy' because, as he put it, "no one knows what entropy really is."