Tips For Taking Your Laptop Into and Out of the US? 940
casualsax3 writes "I'm going to be taking a week long round trip from NYC to Puerto Vallarta Mexico sometime next month, and I was planning on taking my laptop with me. I'll probably want to rip a few movies and albums to the drive in order to keep busy on the flight. More important though, is that I'm also going to be taking pictures while I'm there, and storing them on the laptop. With everything in the news, I'm concerned that I'll have to show someone around the internals of my laptop coming back into the US. The pictures are potentially what upsets me the most, as I feel it's an incredible violation of my privacy. Do I actually need to worry about this? If so, should I go about hiding everything? I've heard good things about Truecrypt. Is it worth looking into or am I being overly paranoid?"
If you're that worried... (Score:5, Informative)
...encrypt it. Full disk encryption is relatively cheap, easy, and unobtrusive.
You gave one such example in your post.
But uh, mind if I ask: exactly what kind of pictures are you planning on taking on your vacation? ;-)
Re:If you're that worried... (Score:5, Insightful)
Re:If you're that worried... (Score:5, Insightful)
Best Suggestion (Score:5, Funny)
Now that you've escaped, why bother tunneling your way back into the Stalag^H^H^H^H^H^H Soviet^H^H^H^H^H^H U.S.?
Seriously (Score:5, Insightful)
Regular people, just doing ordinary legal business now need to worry about this?
What the fuck is up?
Doesn't this read more like an item that one would have expected to read - historically - by someone concerned about a visit to the Soviet Union, East Germany or Argentina? Looks like the Soviets didn't lose the cold war. There are just 1st and second runners-up, with both losers in a 15 year period, no? I mean, you fuckers used to have LAWS. You used to have a Constitutional validation of basic individual rights! But, I guess there are more important things to a nation, than the consent of the governed.
In America, Soviet Union becomes YOU! You fucked up, America. And now you no longer exist in any meaningful context. The only single thing that defines you as a coherent entity within your borders is the way in which you are taxed - without representation.
I don't know if I am angry or sad. But it is sad.
Re:Seriously (Score:5, Insightful)
Doesn't this read more like an item that one would have expected to read - historically - by someone concerned about a visit to the Soviet Union, East Germany or Argentina?
Regardless of the truth in that statement, I never heard of Argentina being used as an example of an intrusive country. The checks they do at customs are laughable.
Re:Seriously (Score:5, Informative)
because you didn't visit argentina during late 70s or early 80s when our neighbors (well, we too, and ALL the rest of south america) were under a ruthless dictatorship that used to load anyone they didn't like into C-130s and drop them in the midle of the ocean.
BTW, that regime ? sponsored by the US, with CIA's planning. as were all the dictatorships in the continent.
Re:Seriously (Score:5, Informative)
While having someone look at my vacation pictures wouldn't especially bother me, having some Homeland Security dweeb who can't find the power switch impound my PC because he thinks that maybe, possibly, there is a chance there is something questionable scares the hell out of me.
Customs (and others?) can seize laptops, disks, media, etc, FOR NO REASON AT ALL, and there is little or no legal recourse to get the stuff back. If that's not worth being paranoid over....
Re:Seriously (Score:5, Insightful)
The outcome was that the case was thrown out due to a complete lack of evidence apart from a very distant family relationship with another suspect in the UK, so beware, if Kevin Bacon does something you're screwed. It really did look like a show trial set up for an election year so that Australia could finally show the anti-terror laws were working.
To be practical and serious I would say leave a copy of everything you really want to keep with somebody before you fly just so you can get it back if the laptop is mishandled or held up in any way, or even if you just drop the thing yourself.
photographing landmarks (Score:5, Informative)
One lesson from an incredibly expensive joke of a "terrorist" case in Australia is that a photograph of a landmark is proof you are going to blow it up. Be careful with those holiday snapshots!
I don't know if there's anything like it in Australia but in the US we have this handbook, "The Photographer's Right" [krages.com], photographers started to carry. In a photography class in college I was taking when 911 happened, we heard about how photographers started to go through questioning when they were taking photos. One student there was working on a class assignment when police or private security personnel tried to confiscate his camera. It was a bizarre tyme for photographers then.
Falcon
Re:photographing landmarks (Score:5, Funny)
But atleast it smelt nice.
Re:24 hours (Score:5, Funny)
There is a bill being debated in the US Congress right now to limit impoundment of laptops to 24 hours.
And I'm sure that in order to back that up, they'll take a forwarding address from you and FedEx you the laptop immediately those 24 hours are up, lovingly packaged and at no further cost to the passenger, regardless of where you are in the world. And when FedEx loses a package (because no courier company in the whole of history has ever achieved a 0% loss rate), they'll chase FedEx up on your behalf, replacing the laptop for you if FedEx can't find it in a reasonable timespan.
Regarding the data on the lost laptop, they'll almost certainly image it before they let it go anyway, so I'm sure they'll be only too happy to copy the image to another disk and ship that to you.
And all of this will be done so quickly and efficiently you won't even miss it.
Re:If you're that worried... (Score:4, Informative)
According to briefing my boss gave me recently, Truecrypt would not help: If they really wanted to see your content they could ask you to show it to them or alternatively confiscate your laptop and decrypt it themselves. The latter would mean you would probably not see your laptop again.
Let me tell you: As a European scientist I am even more frigthened now to go or even move to the US.
Re:If you're that worried... (Score:5, Insightful)
Truecrypt would not help: If they really wanted to see your content they could ask you to show it to them or alternatively confiscate your laptop and decrypt it themselves.
Truecrypt provides plausible deniability - the capability to create a hidden encrypted volume within another encrypted volume, thereby allowing you to grant access to unimportant/dummy data when a password is asked for without the attacker knowing additional information even exists.
As for the US government just decrypting the colume themselves, as far as I know they simply don't have that capability. If your boss knows otherwise or has knowledge of ways to defeat Truecrypt's plausible deniability then (s)he should provide some kind of evidence to back that up, otherwise this just sounds like uninformed guesswork or pure tinfoil-hattery.
Re:If you're that worried... (Score:5, Insightful)
Truecrypt provides plausible deniability - the capability to create a hidden encrypted volume within another encrypted volume, thereby allowing you to grant access to unimportant/dummy data when a password is asked for without the attacker knowing additional information even exists.
Well, there's that, and the fact that no file can be positively identified to be a Truecrypt volume. Until you you give a password it just appears to be random data. High entropy random data, but the guy at the border is looking for a 5 minutes spree tops - I seriously doubt he knows what entropy is let alone enough to check for it.
If you're that worried create a volume with nearly same size as your system RAM, keep it in a directory with some source code (even write a stupid program that will crash if you want) and just name it "core" or "core.dumped". If asked about it tell them when you were testing your program (that does whatever you want to maekup) it crashed and dumped memory to file. It's probably just corrupted nonsense . . .
Re: (Score:3, Informative)
It is not a good idea to lie to border security. Wipe your laptop and install a plain Linux system so that you can show that the computer works. Encrypt your data and transfer it over the internet or by mail.
Re:If you're that worried... (Score:5, Informative)
Actually it was recently demonstrated that you can positively identify a hidden volume exists within a TrueCrypt volume, defeating plausible deniability. In addition, it was also recently demonstrated [springerlink.com] that regardless of the encryption algorithm used, it's possible to get a silhouette of high contrast encrypted images.
So if they really wanted, they could identify the hidden volume exists, then apply this second technique to identify that images exist on it. To border agents, this is probably tantamount to admitting on the spot that you're smuggling kiddy porn across the border, and you may find that it's more than your laptop which is detained.
Your best protection is to transfer the images separately from your laptop. Store them on Amazon S3 with a tool such as JungleDisk, and download them when you get home (this is a good idea in case something damages your laptop while traveling too).
Re:If you're that worried... (Score:5, Insightful)
You're absolutely right, it'd be downright trivial to confound any "homeland security" flunky. Those wretches couldn't find their own genitals with both hands and a flashlight.
What bothers me is that we're even talking about this like we're troubleshooting a minor tech issue. Why the hell should we have to even think about this? How did we get a place where this is an issue to deal with?
What comes next... they require us to install and run a government supplied application to scan the disk? I mean... that would be in our best interest, right? It'd shorten the lines and protect our children from terrorists at the same time? It's lightweight and unobtrusive, while protecting our freedom?
This country has a horrible sickness, and no politician is going to cure it. I'm about as normal a guy as you'd ever meet... but something has to happen to wake us the F* up, and I afraid it'd have to be something terrible.
Re:If you're that worried... (Score:5, Interesting)
lol. Von Neumann advised Shannon to call his measure of information 'entropy' because, as he put it, "no one knows what entropy really is."
Re:If you're that worried... (Score:4, Insightful)
Simply upload your photos from your hotel room (or an Internet cafe) and delete them from your laptop before leaving for home. Viola.
Re:If you're that worried... (Score:5, Informative)
Yes, I was going to recommend plausible deniability as well.
Here's a little more info about how it works. Basically, you set up a container and a hidden volume. Each has its own passphrase. To open the hidden volume, you use its passphrase when opening the container. To open the container with dummy data, you type its passphrase. It's very simple and quite hidden if done correctly. To be safe, it's best to access the hidden volume from a live CD so the OS doesn't break your deniability by storing temporary files or "recently accessed documents" etc.
However, there is one big note of caution. Do not back up the container. Ever. An attacker could look at the change over time and determine there is a hidden volume. That's probably too paranoid for your case but it's worth mentioning.
Re: (Score:3, Interesting)
However, there is one big note of caution. Do not back up the container. Ever. An attacker could look at the change over time and determine there is a hidden volume. That's probably too paranoid for your case but it's worth mentioning.
You say an attacker could determine whether there is a hidden volume by comparing two versions of the file. How would they be able to do that? And does this mean they will be able to decypher the password?
Re:If you're that worried... (Score:4, Interesting)
No they will not get the password, but they will see bits changing in 'Empty space' that will alert them to the presence of a hidden container.
Rubber hose code cracking.... (Score:4, Insightful)
But I dare say you may be safe... after all, TrueCrypt has probably received a visit from No Such Agency.
Google for crypto nsa backdoor [google.com]
Re:Rubber hose code cracking.... (Score:5, Insightful)
Well with Truecrypt at least it's open source so that should provide a good degree of protection against a backdoor in the software itself. There's still the possibility of a backdoor in the underlying encryption schemes of course which would be far beyond most people's ability to detect no matter how many people see it or how long they look. Truecrypt does however allow you to chain multiple encryption and hash algorithms which, given the diversity of their origins, should provide a reasonable degree of protection from backdoors.
Re:If you're that worried... (Score:5, Insightful)
And that helps when they confiscate your laptop and "lose" it... how?
Pictures: Store them on a high-capacity USB drive, SD card, or other small device. Hide it. That way, if they get your computer, they still won't get your pictures.
Movies: Why I iPod ya? I think they're less likely to grab task-specific devices over computers. And they cost less.
Either way, by bringing along a laptop, there will always be the risk they simply take it and lose it. No amount of data trickery can get around that.
Re: (Score:3, Interesting)
I've thought about this myself and if you don't mind getting your hands dirty you could take an SD card and loaded it up with Linux, and wire it in parallel with the hard drive. install a small switch under the battery or something that switches power from the hard drive to the SD card. Then when traveling set the switch to select the card... it will look like a clean Linux install.
Re:If you're that worried... (Score:5, Interesting)
Actually its even easier than that.
If you can, set the BIOS to set the CF or SD card slot as the first boot device, and the hard drive as the second.
Thus, without a card in the slot during boot up, you get a normal Windows session, with the card in you get a Linux session.
Also, if the Linux session does not auto mount the windows disk, then the simpleton inspecting your computer will never see your files on the hard drive.
Puppy Linux and Damn Small Linux are perfect for this
Beny
Use the tarantino method (Score:5, Funny)
The way your dad looked at it, this Secure Digital Card was your birthright. He'd be damned if any slopes gonna put their greasy yellow hands on his boy's birthright, so he hid it, in the one place he knew he could hide something: his ass. Five long years, he wore this solid state media device up his ass. Then when he died of dysentery, he gave me the memory card. I hid this uncomfortable piece of plastic up my ass for two years. Then, after seven years, I was sent home to my family. And now, little man, I give this Sandisk Extreme 8GB SDHC card to you.
Known Your Adversary (Score:5, Insightful)
Truecrypt provides plausible deniability - the capability to create a hidden encrypted volume within another encrypted volume, thereby allowing you to grant access to unimportant/dummy data when a password is asked for without the attacker knowing additional information even exists.
To do this you need the TrueCrypt bootloader installed, which is a dead give-away that you probably have a hidden volume. If you don't and they suspect of being a terrorist sympathizer you'll just get thrown in Gitmo until you give up your secrets.
TrueCrypt plausible deniability is useful against those who cannot employ deadly force against you.
If you're really concerned, wipe the drive, install linux on a small partition, use an encrypted network connection to upload the photos, then secure wipe the drive and install Windows XP on it for your border crossing. Better yet, get a $50 used laptop and leave it with a local school.
Re: (Score:3, Informative)
confiscate your laptop and decrypt it themselves.
They could confiscate the laptop, but as for decrypting it? Doubtful. A brute force attack on Rijndael (which is the default for TrueCrypt) is just not worth the effort assuming that it can even be done. As far as is publicly known Rijndael has not been broken via brute force attack and if the laptop is not in the "on" state when they confiscate it then they are looking at either brute force attack, rubber hose cryptanalysis, or forget it (i.e. you don't have your laptop anymore and they don't have your dat
Re:If you're that worried... (Score:5, Insightful)
Such a plan is an invitation for disaster and confiscation. Don't think for a second that encryption isn't a red flag. And if they could decrypt (I believe for many reasons that there isn't such a thing as an unbreakable cypher) your data, why are you angry? Would they steal it? Put it up on a flickr site?
Yes, the entire program is a total affront to both US Constitutional rights to reasonable search (this isn't), to privacy (yes, we need a real amendment) and just plain human dignity.
If you have important data, drop it to a DVD. Put that in a separate place. Carry lots of them. Don't look like a terrorist or mad scientist as you go through customs and immigration. Then restore your data as needed. And feel free to make your computer bag as messy as you can.
Re:If you're that worried... (Score:5, Insightful)
I believe for many reasons that there isn't such a thing as an unbreakable cypher.
Theoretically that is true, but the computational complexity (i.e. the number of operations required to solve the math problem) of modern crypto systems is such that rarely will an informed and determined adversary attempt to brute force the crypto system. In fact the number of operations and computing power required render the entire attempt hopeless, since the data cannot be recovered in this way within a single human lifetime (i.e. 120 years) even when the resources available to first world governments are taken into account. It is more likely, assuming that they have no qualms and are determined to get your data, that black bag [wikipedia.org] or rubber hose [wikipedia.org] techniques will employed instead. Basically, if the computer leaves your sight and possession (i.e. it is taken into the back room before being returned to you) then that particular computer can never be trusted again, which is why you should have a backup of your data somewhere else, preferably on a secure off-site server, before you begin your travels and regularly update it during your trip. As far as I know, from my background in Computer Science, modern cryptography provides security that it at least as good as any alternative method and most probably substantially superior to those alternatives. The mathematical and theoretical foundation of modern crypto is well understood and proven (the government also uses these same or similar crypto systems for their own data, so draw your own conclusions about the effectiveness of modern crypto systems).
Don't think for a second that encryption isn't a red flag
So what if it is? Do we surrender our rights under the Constitution because authoritarian elements within our government are treating us all as criminals and terrorists with something to hide? Shall we surrender to fear and give up our rights in response to terrorism or criminal activity and in exchange for what? The promise of those some government agents to protect us against the bad guys? No thanks, I will take my chances with my rights intact. A right not exercised is a right that does not exist except on paper. We should all encrypt all of our data in order to more effectively assert our collective rights against unwarranted search and seizure.
And if they could decrypt...your data, why are you angry? Would they steal it? Put it up on a flickr site?
It is the principle of the thing. The government in the US exists because of the consent of the people. Here in the United States, at least according to the Constitution, the individual citizen is sovereign and any powers not specifically granted to the government by the consent of the people are reserved to us the people. I would rather that everyone walk around armed to the teeth and encrypt all of their data then live in an authoritarian nanny state where big brother is watching.
If you have important data, drop it to a DVD. Put that in a separate place. Carry lots of them.
There are many ways around their schemes (some better than others) and that is one of them. The fact that determined and knowledgeable adversaries can slip through undetected makes this whole piece of security theater even worse. It only inconveniences and compromises those citizens and people who are not able to, by reason of ignorance or incompetence, protect their data (which almost certainly would not include anyone intent on doing real harm).
Can you explain what frightens you? (Score:3, Informative)
You're frightened because the Customs has always had the power to search persons and physical objects at the border without a warrant, or that someone actually thought it might be a good idea to extend the longstanding and repeatedly upheld border search exception [wikipedia.org] to include data on electronic devices [cbp.gov]? If it has always been acceptable (and repeatedly upheld by the Supreme Court[1]) to search for anything else illegal at the border without a warrant, can someone make a good argument why data on one's person
why data on one's person should be excluded... (Score:4, Insightful)
why data on one's person should be excluded...
I think if the person is, for example, a lawyer, the data in question could be protected by attorney/client privilege, and therefore they could face disbarrment for disclosure, even were it done under color of authority.
I imagine, in fact, that this is a real issue for lawyers attempting to operate on behalf of the detainees at Guantanamo Bay.
But I'll also answer the question in the subject, as to why it should not simply have an exclusion cause for lawyers, instead of being struck down for everyone: because it's in my head and they have no right to search my head. What's the difference between data in your head and data encrypted with a password stored in your head? To me, the data is in your head, and the data on the hard drive is just a useful memory aid.
Oh, and if the original poster is more concerned about them getting his data than about losing the laptop, make a one time pad, make a copy of it, put the copy of it in a safe deposit box, travel outside the US, and then after encrypting the data with the OTP, destroy the OTP so it is impossible for you to comply.
-- Terry
Just returned from Europe with no issues (Score:5, Insightful)
We flew into Munich, traveled by Train to Austria and returned to the US via Munich. We had no issues other than US Customs wanted to review the food items we were importing and declared. We knew that when we bought the Austrian chocolate and it took maybe an extra 5 minutes to go through the Agriculture lane for customs.
I did burn a DVD of my pictures as a backup, more in case the laptop was stollen than if US Customs wanted to retain the laptop.
Get over the paranoia and go see the world.
Re:Just returned from Europe with no issues (Score:5, Insightful)
An analogy.
Imagine that you want to walk down a street at night, which just happens to have a lot of coke dealers on it. You have your own *private* reasons for being there. Cop patrols cruise by. The advice given by the other posts is wonderfully technical. The equivalent is. On seeing a cop car, scuttle into a doorway. Wear patterned clothing that allows you to blend into doorways. Wear rubber gloves and be prepared to drop any stash to allow plausible deniability. Have an artificial third leg. In short, wave a large neon sign saying "Look at me."
There is an observation in the science press that terrorists seem to be more likely to be geeks than non-geeks. From the posts here, I'd say they are simply more likely to be caught.
Re:Just returned from Europe with no issues (Score:4, Insightful)
I have not gone thru US customs post 9/11. I did know someone who did, with bits of electronics in his luggage. he was a production engineer taking stuff-ups from China back for detailed design analysis. He had a shit-load of trouble. About 4 hours before he could get onto a plane.
All this is reasonable to expect when social paranoia is given power. I don't like it either. But the original post was, I thought, about someone coming back from overseas and wanting to keep private the info on his laptop. It seems to me that if you act suspicious (encrypting the whole drive) then you are attracting attention. If 300 people have been vomited out of a jumbo jet, the priority must be to clear the very likely innocent as fast as possible. As a passenger, your priority is to get shunted though in the of-no-interest group. This applies if you are a terrorist, porn collector, or simply a good looking woman with photos of yourself on a nudist beach. Making it obvious you have something to hide is a dumb approach. Fun to think of, but stupid as real-world advice
As for being a specialist wanting to take stuff in. Yeah. You would have to evaluate packing it on the basis that you will be declaring it to a Russian customs inspector in 1961, he being well educated in Marxist-Leninist politics, the deviousness of smugglers, and how to keep the commissars happy. Openly declaring electronics and little vials of chemicals would simply speed up how fast you got taken to a specialist interview room. All three education streams probably apply today. (Marxist-Leninism uses different nouns, and the other two are unchanged).
Re:If you're that worried... (Score:5, Insightful)
...encrypt it. Full disk encryption is relatively cheap, easy, and unobtrusive.
And ineffective, unless your privacy is worth more than the cost to piss them off and have to replace your laptop.
Plausible Deniability (Score:3, Interesting)
If you're worried about having to give up the password to your encrypted drive, try Rubberhose:
http://iq.org/~proff/rubberhose.org/ [iq.org]
Re:If you're that worried... (Score:5, Insightful)
But uh, mind if I ask: exactly what kind of pictures are you planning on taking on your vacation? ;-)
It shouldn't matter what kind of pictures he takes. It is none of their business.
Re:If you're that worried... (Score:5, Funny)
It shouldn't matter what kind of pictures he takes. It is none of their business.
I think he was more concerned about our amusement than their business.
Re:If you're that worried... (Score:5, Insightful)
But uh, mind if I ask: exactly what kind of pictures are you planning on taking on your vacation? ;-)
A subtle "if you have nothing to hide then you have nothing to fear" poke. Haha.
It doesn't matter what kind of pictures he takes with him on vacation. He doesn't want a bunch of random law enforcement officials looking at his private pictures. Understandably.
Re:If you're that worried... (Score:5, Insightful)
There's only one solution that guarantees that nobody will rifle through your data: don't bring it with you through the border crossing. That's what servers are for... and SSL, or at least SSH/SCP/SFTP.
Re:If you're that worried... (Score:5, Insightful)
Re: (Score:3)
... and SSL, or at least SSH/SCP/SFTP.
SSH and its related services are SSL, with the addition of a convenient user interface and more direct control over which certificates you choose to trust. You're at least as well off with SSH/etc., security-wise, as you would be with HTTPS.
Re: (Score:3, Interesting)
I completely understand not wanting a bunch of law enforcement officials looking at his private data. The thought that it is allowed infuriates me.
But the practical side of me says that I have come into the US several times in the last year, and not once has anyone even asked me to open my bags, let alone turn on my laptop.
Security through obscurity is probably the best bet here - and obscurity means looking just like all the thousands of other tourists coming in from Mexico every single day.
Re: (Score:3, Insightful)
Use truecrypt with the encrypted volume option. When truecrypt is running you'll see an additional drive letter where you store your documents. When truecrypt isn't running, you just see a file. The file can be anywhere, named anything, say C:\windows\system64.dll.
Before you hit custo
Re:If you're that worried... (Score:4, Interesting)
But uh, mind if I ask: exactly what kind of pictures are you planning on taking on your vacation? ;-)
Most keen photographers - myself included - have a story or two about being hassled by security guards or police for photographing public buildings. Check out this article [schneier.com] for examples. It's for security reasons, you see. I might be planning a terrorist attack.
You wouldn't want the TSA goons to decide that your photographs seem odd [boingboing.net] and to give you a full-body cavity search "just in case".
Re:If you're that worried... (Score:5, Informative)
No, they cannot "sieze your laptop" if you don't give them the encryption password; a strict reading of the policy is that the laptop can be seized in any event, encryption or no. There is NO REQUIREMENT to provide anyone with an encryption password under any circumstances. The existing policy doesn't even speak to encryption. In fact, leading privacy advocates recommend encryption [cnet.com] as the most deisrable solution.
You guys do realize that customs agents at the border have ALWAYS had the right -- without a warrant -- to perform reasonable search and inspection of all physical objects and persons coming into the United States; this policy was designed to expand those longstanding inspection rights to electronic data.
In its current state, it's a poorly written policy. The fact is, no one is going to look at the contents of your laptop, much less be seizing it. (Do you guys actually travel internationally?)
Re:If you're that worried... (Score:5, Insightful)
they're have been over 20 lawsuits filed against US customs for them doing that exact thing (how many didn't sue?). So it is very unlikely the someone from customs will look at your laptop data. But not a absolute by any means.
Now the likely hood of those outside of US customs (ie a thief or friend, etc) looking at it is infinitely more likely. They may even blackmail you with that data. So it is a very good idea for him to encrypt the incriminating photos,etc and a few other things for kicks. I wouldn't worry about the video files ripped from DVD, at most rename them to something less obvious (for windows just change the extension, they won't even play then) Besides if you watching them on the plane the air Marshall seeing(and caring) you play them is slightly more likely anyway. Since entering the US is the only time you'd see customs just delete them as you watch And empty the recycle bin (restore from backup once home.)
Re: (Score:3, Insightful)
The smart thing to do is stay the hell out of the country. It's not safe. There are systems in place to make a person disappear into a concentration camp forever. Whatever justifications are made for their existence, all it takes is for some small minded official to decide to start the process, and you are totally fucked.
Re: (Score:3, Informative)
Ok, I'll bite. Name one US citizen this has happened too. I'm not saying there isn't injustice - but from what I can see the courts still operate in full public view. Laws are by and large still in effect, and we're not gassing women and children.
Re:If you're that worried... (Score:4, Funny)
Re:If you're that worried... (Score:4, Interesting)
close, they can beat you up and shoot you and of course, you did it to yourself. http://www.lewrockwell.com/orig9/higgs-e1.html [lewrockwell.com]
i was actually looking for a story about an army private who was shot in the leg, and all record of his ever being shot were erased, it made the local news... but this story was better, so...
btw i realize this has only happened (reportedly, anyways) to 'army' privates, and of course, Iraqis and Afghanistan people, but it's amazing how some people with pull in the military can abuse the system.
Re:If you're that worried... (Score:5, Informative)
No, they cannot order you to provide the keys to decrypt or force you to decrypt the hard drive/files yourself. There was a recent case (I think it was United States v. Boucher [wikipedia.org]) regarding this issue, but here in the U.S. (for the time being) you are not required to aid law enforcement officials in essentially self-incriminate yourself. In the U.K. you are required to hand over your encryption keys if law enforcement demands it, I think--someone correct me if I am wrong there.
mail it. (Score:4, Informative)
problem solved.
Re: (Score:3, Interesting)
That's what I was thinking, but it would likely be expensive to get it through customs. Or put all your data and OS on a SSD and rent or borrow a laptop on whatever country you are going to. Swap the hard drives and you are good to go.
Put the tinfoil hat away (Score:3, Insightful)
No one is going to search your computer other than to make sure it is a computer and not a bomb.
Put the dunce cap away (Score:3, Funny)
If you haven't noticed lately, the DHS can search your laptop [slashdot.org], make copies of everything on your laptop and keep it. If you are a person who loves exercising arbitrary power over people, you probably work for the DHS or another government agency.
Its really funny that a person who doesn't care about basic civil liberties is posting as AC. However, the joke is probably on me and you are just a troll. :)
Comment removed (Score:5, Informative)
Re:Put the dunce cap away (Score:5, Insightful)
No one said it is happening to everyone. That misses the point entirely. Illegally searching even a small percentage of people is unnacceptable. Especially since people affected by this have almost no redress and the DHS doesn't even accurately report when they do this.
I guess its only a problem when it happens to you. Maybe you should pick up a history book and find out how well that attitude worked in the 1930's and many other time periods.
Comment removed (Score:5, Insightful)
Re:Put the dunce cap away (Score:5, Insightful)
So, you don't believe in life insurance, then? How about property insurance? Do you even lock your door when you go out? I don't worry too much about getting killed or having my stuff stolen, but that doesn't mean I don't take reasonable precautions for it. Having those precautions in place saves me from worrying about it.
Personally, I don't worry too much about where my next meal is coming from, because I have a job. If I lose it, then perhaps I'll worry, until I find another one.
Re:Put the dunce cap away (Score:4, Insightful)
Note I spend about zero time thinking about these things because the chances of them happening to me are about nil.
Which just goes to show how bad people are at understanding small probabilities.
It's foolish to completely ignore possible bad events just because they're unlikely, just as it's foolish to spend lots of time preparing for most unlikely events. The right way to handle unlikely but severely damaging events is to spend a small amount of time on them, and use that time to mitigate the risk to whatever extent is feasible.
For example: you could get run over by a bus. Therefore, it's prudent to pause for a half-second before crossing the street and look both ways to see if perhaps a bus is coming.
You could get unfairly imprisoned by a cop for a crime you didn't commit. Therefore, it's worth learning a little about what you do and don't have to say to police in order to minimize the probability that he'll be able to find probable cause for an arrest, and it's a good idea to have your attorney's phone number in your cell.
Your house could be robbed. So, you should have insurance that covers theft, and should take 15 minutes once a year to video the contents of your home, and store the video in your small fireproof safe (where you keep important stuff to address the small probability that your house will burn down).
You could catch a nasty disease from a public toilet seat. Well, you could use one of those seat protectors, I suppose. Personally, I think the risk is too small to bother. I do, however, make a habit of grabbing a piece of toilet paper to wipe off the seat before I sit down. This would provide some protection from nasty diseases, but also addresses the much more likely issue that someone may have peed on the seat.
And so on. Don't ignore small risks, just take appropriately small actions to mitigate them to the degree that makes sense. If you need to figure out how much makes sense, just come up with a dollar figure that values what you'd lose if the event happened and multiply that by the probability of the event happening in a given year. That's the expected annual cost of that risk. Pick an hourly wage for yourself, divide the risk cost by the wage to get a maximum amount of time that it makes sense to spend addressing that risk.
In the case at hand, it's probably worth a few minutes to type an Ask Slashdot question and read the answers, then a few more minutes to implement whatever seemed to be the best EASY suggestions.
Re: (Score:3, Interesting)
> No one is going to search your computer other than to make sure it is a computer and not a bomb.
Oh, really?
You give those trained monkeys way too much credit:
http://www.pressrepublican.com/homepage/local_story_278220015.html [pressrepublican.com]
Re:Put the tinfoil hat away (Score:5, Insightful)
You'd think that, but there have been stories recently about that not being the case.
There are "stories" about kidnapping of children, but I still let my children play outside. There are "stories" of serial killers, but I still walk in the city. There are "stories" of school shootings, but I still let my kids go to public school.
What's your point?
I can find a "story" about anything. That doesn't mean that it's common or that special precautions need to be taken.
don't take data across the border (Score:5, Informative)
Throw a clean install on your laptop, and put your critical data on a server so you can just log in and download it when you arrive.
When you're about to fly back, re-upload your data and wipe the drive.
You could also just mail encrypted DVDs with substantial insurance.
Short Answer (Score:5, Insightful)
You could. (Score:5, Interesting)
Use a clean install and email the photos to yourself while you are there... or put them on an encrypted thumb drive / cd and snail mail it..
Well, who are you... (Score:5, Interesting)
Are you a middle eastern looking young male? A white male returning from Thailand? If so, be paranoid.
If not, no worries.
The Supreme Court agrees (Score:5, Informative)
Darned border search exception [wikipedia.org].
"travelers may be stopped [and searched] at . . . the border without individualized suspicion even if the stop [or search] is based largely on ethnicity[.]" United States v. Montoya de Hernandez, 473 U.S. 531, 538 (1985), United States v. Martinez-Fuerte, 428 U.S. 543, 562-563 (1976)
and
"may [...] conduct searches of the traveler's body -- including strip, body cavity, involuntary x-ray, and in some jurisdictions, patdown searches -- if the Customs officer has reasonable suspicion" to do so. United States v. Flores-Montano, 541 U.S. 149, 152-53 (2004), United States v. Johnson, 991 F.2d 1287, 1291-92 (7th Cir. 1993)
Re:Well, who are you... (Score:4, Interesting)
I am a middle eastern looking young male ... well, not so young anymore, but still well under 50. And as I said in a previous post [slashdot.org], I've never had any real problems with bringing a laptop past airport security on domestic or international flights. And I have had problems [shockandblog.com] before -- big problems [shockandblog.com] -- with airport security (and US Marshals) on a domestic flight. But none of those problems focused on a laptop, and I've never been asked to show what was on my laptop other than once I had to open it up and show that it actually did run. I suppose if someone looked like a child sex tourist flying from Bangkok they might be interested to see what photos are on their hard drive, but by and large their scrutiny is going to focus on whether you're a threat to the other passengers, but do you really think they are looking for vacation_photo_with_osama.jpg?
Let them try to decrypt it. (Score:5, Funny)
Put your files on a few small USB-sticks, or on your home server (for encrypted retrieval once you're in the country). Bring a Live-CD to boot from and then "cat /dev/random > /dev/sda".
Make sure to grow a big beard, learn a few arabic phrases and quote Allah to the security guard in customs.
Then let them have a crack at decrypting your "encrypted" drive.
Just be sure to say "Just kidding" so they don't ship you off to Guantanamo.
If you can't afford to lose it... (Score:4, Insightful)
As the old traveler's adage goes, if you can't afford to lose it, don't bring it.
Find a cheap laptop used laptop you won't have problems with ditching. Use a live cd or usb key boot solution so nothing ends up on the hard drives.
Keep your pictures on SD cards and mail them or a copy to yourself or some drop point. Encrypt them all.
Best defense (Score:5, Funny)
...is a good offense.
If you're offended by having your privacy invaded, just make it horribly offensive for the invader as well.
With the right accessorizing and appropriate leather:latex:chainmail ratio, you can ensure even the most intrepid airport screener will breeze you through in record time.
Oh...and, yes, Truecrypt is terrific, but not nearly as fun.
Re: (Score:3, Informative)
I've had the same experience. A few sex toys in the carry on will greatly expedite any terminal searches you wind up going through.
-Rick
Re:Best defense (Score:5, Funny)
Careful!!! (Score:3, Funny)
Have you seen the people they are hiring at the airport security recently? You might be subject to an entirely different form of harassment, from someone who feels you are their perfect soul mate...
My personal experience (Score:5, Insightful)
Just passed through security with a laptop... (Score:4, Informative)
Upon my return to the states, the check-in process wasn't any different than it had been a couple of years ago. They asked no questions about my laptop, or if I even had one. The only time my laptop left my bag was when I put it through the X-ray machine.
That being said, it never hurts to encrypt your data anyway.
circumvention (Score:5, Insightful)
In other news.. (Score:5, Insightful)
Easy Solution (Score:5, Interesting)
Send it to your hotel DHL overnight before you leave, and do the same to get it home.
Problem solved.
Re:Easy Solution (Score:4, Insightful)
rsync every *.jpg at icanhazcheezburger.com (Score:5, Funny)
Insist on showing them every picture!
Also, backup the gutenberg project.
Fill up the rest of your drive with dd if="/dev/random" of="secretstuff.iso" so that if they copy your drive they at least have something they can work on decrypting.
Don't forget to bring your extra harddrives, too! I'd pay you to take some of my crashed ones... I would love for somebody to get the data off of them.
Other than that, all I can think of is for you to laugh maniacally.
secondary inspection (Score:3, Insightful)
if uve never been pulled into the us customs secondary inspection i wouldnt worry about it
ive never had my laptop scrutinized and ive been pulled into secondary inspection a few times
{ canadian programmer telecommuting in the states == working in the states }
think about who and what they are really looking for , its probably not you or your files
Theft in foreign country is a bigger concern (Score:5, Insightful)
I know it's the hip thing to worry about Customs rifling through your laptop, but statistically, you have much better things to worry about when bringing your laptop on vacation ... among other things:
0) Forgetting to bring the AC plug adapter,
1) Customs services in the foreign country,
2) Airport security on both ends,
3) Simple theft of the laptop during the trip,
4) Putting your laptop bag down on the bus and forgetting it,
5) Spilling coffee on your keyboard at an internet cafe, and
6) Dropping your laptop on your big toe and breaking both.
Practically speaking, Customs agents can't be bothered to search individuals that aren't acting truly "hinky". I've been traveling internationally on a regular basis for business. My travel patterns certainly fit a certain "risk" profile (long stays outside the country, frequent travel, watch list name match, etc.) and I've never, in six years of this, ever had anything searched or questioned, much less seized. Practically, it's not worth worrying about.
Doesn't seem to be a problem (Score:3, Informative)
This is a job for dual boot. (Score:3, Insightful)
When they boot the system, all they'll see is Windows. Windows will ignore the Linux partition(s). For anything other than an anal-probe search, this'll be enough to keep them at bay.
It's unlikely that they'll do an anal probe search unless they find something else on you that worries them.
The problem is overblown (Score:4, Insightful)
Millions and millions of people travel with their laptops to all countries in the world. Just about no one has problems. Keep things in perspective.
Yes, you should be concerned about laptop searches and seizures as a general principle of public conduct. No, you shouldn't be at all concerned about your laptop on your trip.
Social engineering: Bring a baby (Score:5, Funny)
This past year we took a laptop with us to Vietnam to pick up our daughter. (We blogged from our hotel a lot. We were awake most of the time anyway.)
Our jet-lagged child's first hour in the USA was interesting. Nothing cuts through the red tape and lines more effectively than a cranky baby screaming at 160 dB.
Easy! (Score:5, Funny)
Geek: I'm talking to a company about fault-tolerant servers
...
and in this Powerpoint you'll notice that the two processors are running in
lock-step. Whereas, this comparator here looks at these two pairs of CPU's
....
Border agent: You may go.
Geek: Wait! This is the interesting part
Border agent: For the love of God, please go!
Re: (Score:3, Informative)
So, wait a minute. You were worried enough about being searched that you chose to bring your "noncritical laptop" (I'm assuming that's oposed to your critical one). And you packed this laptop right next to your drug stash?
Also, last time I was on a cruise they had bomb/drug dogs checking the bags both while loading and unloading, so I'm not sure how safe it is to pack contraband on your way out of the country either. Though they weren't checking bags if you carried them onto the boat yourself so I guess
Re: (Score:3, Informative)
If ever a comment needed to be AC'ed it was this one. You'll probably be getting a knock at the door any moment now.
I went on a cruise last year and the day we were to disembark we had to stay in our rooms an hour while the police with drug sniffing dogs arrested several passengers for drug possession.
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
Exactly. I go in and out of the country 15-20 times a year, and have for the last 5 years. Never had any problems with customs. I bring my laptop with about 1/3 of the time and never been asked to show it, let alone whats on it.
If you're a nice guy, it shouldn't be any problems. If you make an idiot of yourself, get ready for the check.
Re:Boot to BSoD (Score:5, Interesting)
Re:Boot to shell (Score:5, Informative)
Re:Memory Stick would be Easier (Score:4, Insightful)
Go a step further. Take a 16GB flash drive, and create a 512 MB partition on it. Mount the rest of the drive using a 512 MB offset, and put your encrypted volume on that. Place a few scenery pictures on the 512 MB fat32 partition, and finally print up a label that says 512MB and stick it on there. They wouldn't even come close to seeing that there is an encrypted volume hidden on there then.