HOWTO keep your data safe at the US border

The Electronic Frontier Foundation has published a new guide, "Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices," which explains how the law, good technology choices, cryptography and backups can be combined to keep your data safe while you travel, especially when crossing into the USA, where customs officials reserve the rights to search your laptop and mobile phone without a warrant and keep whatever they find.

"Different people need different kinds of precautions for protecting their personal information when they travel," said EFF Senior Staff Technologist Seth Schoen. "Our guide helps you assess your personal risks and concerns, and makes recommendations for various scenarios. If you are traveling over the U.S. border soon, you should read our guide now and get started on taking precautions before your trip."
Over the past few years, Congress has weighed several bills to protect travelers from suspicionless searches at the border, but none has had enough support to become law. You can join EFF in calling on the Department of Homeland Security to publish clear guidelines for what they do with sensitive traveler information collected in digital searches by signing our petition. You can also test your knowledge about travelers' privacy rights and help spread the word about the risks by taking our border privacy quiz.
"We store detailed records of our lives on our laptops and our phones. But the courts have diminished our constitutional right to privacy at the border," said EFF Senior Staff Attorney Marcia Hofmann. "It's time for travelers to take action and protect themselves and their private information during international trips."

Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE: crypto • eff • law • privacy

More at Boing Boing

Eurovision 2013: An American in London

The technology that links taxonomy and Star Trek

theophrastvs

and woe-unto-you if the (underpaid so overcompensating via bullying) goons discover a copy of EFF-border-search-.pdf on your hard-drive
- http://boingboing.net/ Rob Beschizza
  
  I do believe that Jacob Appelbaum sometimes will travel without any storage except for a thumbdrive or somesuch containing the 4th amendment to the U.S. constitution. Might be someone else on the harassment list, though.
  - http://www.epinardscaramel.com TokenFrenchDude
    
    He did.
    http://boingboing.net/2011/01/12/wikileaks-volunteer-1.html (it's the bill of rights)
http://boingboing.net/ Rob Beschizza

Anyone know of a good rundown on SSD forensics?
PhosPhorious

“the law, good technology choices, cryptography and backups can be combined to keep your data safe while you travel, especially when crossing into the USA”

As an American, reading that makes me sick to my stomach.
- http://mychemicaljourney.blogspot.com The Chemist
  
  You said it brother… or sister.
awjt

Careful what you put in the cloud.
Careful what you keep under your shroud.
Perch von Radical

Them: “Your computer will not boot! Your hard-drive is nothing but random bits! Your keyboard makes no sense!*”

Me: “Hm.”

*I use Dvorak
ialreadyexist

TrueCrypt. Make a hidden encrypted volume. No one will find it unless they’re specifically looking for it. And, even then, it will be encrypted.
- proginoskes
  
  Be careful with the idea of hidden volumes. As the pamphlet says, lying to CBP is very illegal. If they ask you “is that all there is?” and you refuse to answer, you are now behaving very suspiciously. If you lie and say there is nothing more to see, this is virtually impossible to keep up forever, if lawyers, judges, better forensic techniques and external evidence get involved. Once your lie is found out, you’re in deep shit.
  
  Encrypt your whole disk with simple full disk encryption, and decide ahead of time whether to turn over your passphrase for a search or refuse and face “temporary” detention and more questioning. … Or don’t bring data with you.
  - awjt
    
    That’s bogus. If anyone asks a vague “Is that all there is?” There are a million ways to dodge that question and not appear like a suspicious ass. Just say, “Yes, just the thumb drive.” or “Yes, that’s all I brought.” Make THEM be specific. You’re not lying. You’re giving true answers.
http://www.disoriented.net/ angusm

If I were Jacob Appelbaum or someone else who is routinely subjected to search-and-seizure at the border, I’d prepare a ‘special’ phone with a contacts list that contained only phone numbers belonging to members of Congress, senior TSA officials, etc. Should be good for some lulz.
querent

Long live the EFF. As long as they are as they are, they will get my monetary support.
bardfinn

Use good, one-time-pad encryption, such as TrueCrypt, and

SPLIT YOUR DATA INTO SEVERAL PARTS AND SEND THOSE PARTS WITH VARIOUS PEOPLE / SERVICES.

Even if you use a theoretically-hard encryption, there may be a flaw in the implementation.
jimkirk

There’s a typo in the pdf of the article. On page 13 it says “EEF built a crypto-cracking machine that could try 2^256 possibilities in under three days.”

It should be 2^56; the article on the web page is correct.

That is all.
SoItBegins

I’m more worried about spyware being installed on the hypothetical border-crossing computer (by border patrol, etc) w/o permission…
That_Anonymous_Coward

I’ve often wondered what would happen if a researcher had quarantined something very malicious on a flash drive that was seized. I am sure the protests of “You really don’t want to do that” would get that sucker loaded every faster…
strider

One more step towards a totally martial law state. Next you’ll be asking when you can take a crap and where you have to do it lol.