I'm curious, would the search of laptops extend to removable storage?

I just want to give props to Jennifer Granick - what an awesome piece of popular legal writing! It's some of the clearest and most effective popular legal writing I've ever seen. I think it's especially cute that her example attorney is Attorney Alice and her sample employer is Bob.

Now, is this an issue when going to the states, or will I have to put up with this when going from Canada to Europe?

K386: The problem is, we don't know precisely - and the answer is therefore "Probably, Yes."

Couldn't someone just travel with a moderately cluttered decoy HD in the laptop?

Given the vengefulness which characterizes modern government, doesn't it seem likely that one would be banned for life from entering a given country if one refuses to kowtow to the border patrol?

I just want to know where one might find a copy of the contents of the COFEE jump drives they are probably using...

I've heard about border agents checking laptops, but I have to say, I've never seen it done. Granted I've only traveled outside the US twice in the last two years, but still you'd think if this was all that common at least one person on two full 747s would have been checked, especially given that many people carry laptops these days.

I think they only force the point in so much as its easy to do so. my lap box was confused with a bomb once flying out of Chicago. They tested and tested and tested with the weird wand thing and it kept coming up positive. Eventually my plane started boarding, and the security guard just sort of shrugged and let me be. That was a few years back, but still post 911.

I'm no lawyer, but I believe that entering a plane is like attending a sporting event or rock concert, in that you agree to waive some of your rights to enter.

A rent-a-cop at a football game cannot search you against your will if you refuse, but he can refuse you entry to the stadium if you refuse a pat down. I know that's on the "EULA" agreement on the back of most sporting and concert event tickets. And doesn't that count as a contract that you "sign" by entering the facility?

(For the record, I have no problem consenting to this. I don't want to be in a stadium with a lot of guns and liquor. Mass hysteria can be a very scary thing even without guns and liquor.)

Does anyone have an airline ticket handy? What's it say on the back?

If this is the case that the contract on an airline ticket says something similar, is the issue that the contract is unconstitutional?

(Again, I have no problem waiving that right. I don't want to be on a plane with guns and box cutters and bombs. As for data, I'm not so sure that should be checked for like guns and box cutters and bombs are checked for.)

An adult in America is free to waive his rights in some cases. This is certainly the case with cops entering your home or car, if they don't have enough "plain view" evidence, they can still ask, and many people, when scared, say "sure, go ahead and search." People should know they do not have to consent to this.)

Sometimes, if you look like a druggie to cops, they'll, say "Well, if you have nothing to hide, you can wait here for two hours while we get the dope dogs, or you can consent to a search, and leave now, like I said, if you have nothing to hide."

I think the airline equivalent here would be "enter your password or miss your important flight."

I suppose the issue here is that TSA people should be searching for weapons or bombs, not data, right? What are they looking for? I'm assuming national security stuff. Bomb plans? Bombing plans? OK, I can see that.

What if they find something else? A novel critical of the government, but not seditious? Literary erotica? Hard-core adult porn? (legal, but not everyone likes it)? An expose on TSA screening policies you've written for a newspaper you work for? etc. etc. etc.....

.....etc. etc. etc.

We live in complex times. The world gets exponentially more intricate every day. (I recommend everyone go back and read the 1970s best seller "Future Shock" and underline all the predictions that have come to pass. Your copy will have ink on almost every page of that very long book.)

Complex times raise more questions than answers, not much is black and white, and the noise-to-signal ratio rises daily.

The majority of Americans are more concerned with American Idol and bling than with Constitutional rights, and there are six billion strongly conflicting agendas on this big blue ball, and that number is rising by the second.

And people wonder why I boarded over and soundproofed the only window in my office.

Michael W. Dean
http://www.stinkfight.com

@SiliconSunset

That is the easy part (getting a copy of the COFFEE jump drive.)

Just write a script that auto-copies any USB drive upon mounting. (Best if laptop is running Linux but shows "wallpaper" like it is running WinXP. Bonus points if this script can display a real looking Windows BSOD after the dirty deed is done.)

Imagine the fun CBP would have if they encountered a maxed out laptop "entire lab on a laptop" (16GB RAM, 0.5 TB RAID 5 array on 2.5" SATA drives) running 80 different OSes under VMWare ESXi. Final icing on the cake is this traveler is a presenter going to a security conference.

I can think of a number of ways to fool the average Border Goon. Here's one which wouldn't be too tough for most Windows power-user types and a piece of cake for you Penguin-y types.

Just for "practice" sake you could create a second user account. In Windows at least, you can make sure that account is visible on the Welcome screen and your usual one isn't. I've heard rumors that Border agents type in the password and bring up your mail and browser. So obviously you'd want those to look "used". Maybe you could add in some files... a few pictures of unicorns and rainbows for them to look at.

To discourage identity theft the other account's sensitive data would be on a strongly encrypted partition that mounts onto the user's document (or home) directory. In XP you could accomplish this via the little known NT junction capability.

Have fun and stay free!

It's BOSCO! OK????

#11 "Final icing on the cake is this traveler is a presenter going to a security conference."

LOL!!!!!!!

Well, it's been a long morning, and my First- and Fourth-Amendment rights have received plenty of exercise for the day. I'm going to the range to exercise my Second-Amendment rights.

--Michael W. Dean

This policy is a great illustration of the irrationality of how the "war on terror" is being managed. Computer users all know how hard it is to find our own files on our own computers, but to expect that CBP agents would be able to find suspicious files on someone else's–especially assuming that person would want that info not to be found–is ridiculous. Certainly, an exhaustive search (read, time-consuming and not feasible for even a fraction of computers that pass through security) would likely find obfuscated or otherwise hidden files, but a methodical search is only practical–forgetting for now legality–as a function of evidence gathering. The implicit assumption here must be that terrorists tend to have desktop backgrounds with pictures of UBL and folders full of suspicious files sitting on the desktop. As it stands, this invasion of privacy is merely pointless, time-wasting security theater. Do you feel safer?

has anyone produced a standard bunch of files and images for "search purposes"? If not yet, may I suggest some photoshopped donkey porn of the entire current administration? Perhaps an orgy scene, clad in TSA uniforms?

#15 "an exhaustive search (read, time-consuming..."

Yup. When cops have a warrant, with due cause, take ONE laptop, and think they know what they think they're looking for, police computer forensic personnel (that is, very intelligent, highly educated, crafty scientists who are well trained, specialized in, and on top of changes in computers and security, with a lab full of software and hardware, not the case with TSA luggage checkers) can spend 100s of man hours on ONE machine looking between the cracks for, decrypting, reading (which may require translators) and analyzing whatever it is they're looking for.

MWD

P/s....I wonder if I just made the list for "random screenings" next time I fly?

Funny, I ordered some rare earth magnets from Thinkgeek, and they arrived today. Just as I was reading this post. Mmmmmmm, low tech solution.

The best overall solution is to do what I do: Travel with a clean laptop and store your files, encrypted, on a secure network location. If you need to work on sensitive files on the plane, encrypt them very well and store them on a usb key shoved deep in your carry-on. Side benefit: A stolen laptop is just a hardware loss, not a data loss.

The low tech solution (assuming you've backed your hard drive up before leaving home) is magnets (cue Simpsons quote "magnets, always with the magnets"). Before you leave for the airport, put a rare earth magnet where you can get it quickly, say stuck to a key on your keyring (which you don't store next to your wallet or computer, duh). Assuming you are traveling into a country where doing so is not illegal, when that country's customs officer asks to inspect your laptop, pull the laptop out of the bag with the same hand holding your keys. Make darn sure the magnet rubs right up against the hard drive (sorry, airbook users). Seriously, a rare earth magnet the size of a pencil eraser will hold a one pound weight against my fridge. Your data won't have a chance. Combine the encryption with even partial data destruction from the magnet, and its no easy task to recover the drive's contents. Yes, the customs officer will be very annoyed that the laptop no longer boots, much less provides access to all of your client files and confidential agreements. But machines malfunction, right?

Seriously, though, why are you even thinking about taking years worth of data you have no intention of working on in and out of the country?

Takuan - I know you're trol..err..joking, like always, but if you were to load a laptop with obscene pictures, rude noises, etc... (I'm thinking an offline copy of the Last Measure would be more than enough!) and take it thru customs, chances are you would get turned away for causing a disturbance. Maybe even detained and charged if you did something really nasty to scare bystanders.

Writing to your representatives about this kind of thing is great... causing a scene in the airport when everyone is just trying to travel is called being an asshat.

(I posted this in the other thread by accident, mia culpa)

See, I always figured that it made sense to run an encrypted virtual machine for any sensitive data, with trivial data left lying all over the place on the machine.

I doubt that the individuals involved would be technically skilled enough to be able to tell the difference between a 4.2gb ripped movie and a 4.2gb encrypted virtual machine. Especially if the file names were deceptive.

"The movie isn't playing? dang... must have gotten corrupted..."

For smaller virtual disks, the encrypted file could be given a semi-random name and dumped into a folder of web cache files. Good luck sorting that out.

Of course, if you're really concerned, just keep all of your sensitive data on a SD/HD card that's inserted into your digital camera. I doubt they pull them out and check them for non-photographic data.

garys - don't count on it. Modern HDDs have very powerful rare earth magnets in them already. To get the kind of bit density they have, the platters require the heads to be almost touching the surface to affect it. Also, the field from the head in that one tiny spot is even more powerful than the rare earth magnet inside the drive.

I'm really concerned about the issues raised in this thread, but really DO have nothing to hide. My laptop has a lot of legal porn. It has erotica. It has essays critical of the gov, but not seditious. Other than that, a TSA goon would find a lot of pictures of cats, and a lot of "I'm so great" congratulatory writing, in several different fields, but certainly nothing of a matter of national security.

I thought the point with laptop checks was to just make you turn it on, to show that it's not a bomb disguised as a laptop. (Though it would certainly be possible to rig a smaller, working laptop inside a bigger laptop case with plenty of room for anything else.)

Don't know if I'll consent to a search of laptop next time I fly, will have to think about that. Have to weigh rights vs. missing an important flight.

Curious what Cory would do...Cory if you were on your way back from UK to US or vs. versa, to speak somewhere important, would you refuse if it meant missing your flight and missing the seminar? Anyone else want to weigh in on that about themselves?

It's tricky, because if everyone refuses, they might change the policy, but the majority of business travelers (which are a bulk of travelers) will not refuse.

What I'm now more concerned with is #18, GARYS, sitting next to me on the plane with the big magnet in his pocket, a couple inches from my laptop. lol.....

Michael W. Dean

I don't know about border controls, but if you check your luggage, then surely the best trick is entering security as your flight is boarding. The plane /will not/ take off without you, and security just has to accept it isn't worth it. I discovered this purely by accident when a mate of mine helped me bring my stuff to the airport and we lost track of time playing some video game in the arcade.

#20 posted by mkultra , May 1, 2008 3:02 PM
"......Of course, if you're really concerned, just keep all of your sensitive data on a SD/HD card that's inserted into your digital camera. I doubt they pull them out and check them for non-photographic data."
=======
They will now.

MWD

what do snoops hate? being snooped on.

They open your laptop, you give the password, screen comes up (need a laptop with integral webcam) with large print "RECORDING" , flashes over to monitor view of TSA snoop , "audio recording" scrolls bottom screen) this stays up for ten seconds and then on to normal desktop except for ticker at bottom "recording, recording...."

Actually, Takuan, that's a great idea. But more specifically, what I would love is this: An account on my own system with two passwords, one that's real and one that brings up a fake, "safe" system when entered. (Think of last week's "Lost" where Ben's daughter enters a passcode that appears to work perfectly but actually triggers an alert.)

That way the TSA/Customs snoops would see a harmless laptop, and your real, encrypted pornography would stay hidden. Plus, you could have the trigger password activate the system the way Takuan suggested—but without the large print "RECORDING." Why tip the goons off?

This isnt a great solution but whenever I come back into the country, I just logout of my main account and login to a limited access account with it's own version of outlook and browsing history. I then hibernate the laptop. If someone wants to see what is on my laptop, I just wake it up and go in as that limited user.

If they take the machine and search harder, they can get past that but at least at first glance, my login has approved web history and a access to a hotmail account that I only use for things other than work.

There are better, if more uncomfortable, places to store your SD card. Like the back of a Volkswagen.

If you're on a Mac, there's a fairly straightforward tutorial on how to set up an invisible account that can't be seen when logged in as your fake one.

http://www.macgeekery.com/gspot/2006-02/how_to_hide_a_user_account_in_mac_os_x

@ dafoink: Exactly! You can fill the limited account with several weeks of fake TPS reports. This is similar to the classic "M5" defense (see Star Trek)

Why don't we just tell the government that we don't want our electronics searched and the border and we won't allow it any more. Write your congressmen or whomever. The law can be changed and the policies can be changed and we don't have to put up with nonsense like this.

One can also switch the internal hard drive with another one and tuck it in your luggage or carry-on. Changing the hard drive is not that hard. A small Phillips screw driver and 4 screws is all it takes.

This way if Customs check your laptop, they wont see any private data from the original drive (provided they don't know about the other hard drive). You can then later switch to use your private data.

So just hide your (encrypted) data.

Customs has never asked to look at the files on my laptop. That would take too long.

Another easy way to protect your stuff. Not industrial-grade secure, but secure enough to easily fool a rent-a-cop with a tight schedule.

Take all of your sensitive files and put them into a ZIP archive (bonus points for encrypting it). Copy it into your windows/system directory, and re-name it to something.dll. Easy as pie!

This will not stop a real industrial-strength forensics search, but without any sort of suspicious activity, they will have no reason to keep your laptop.

Also, if you really do have something that is really terribly sensitive, I suggest getting some software that does multiple-writes of random data over the blank areas of your hard drive (too lazy to google one right now).

as MKULTRA points out, there are so many memory devices floating around that the laptop gambit is the usual pointless harassment and theater.

A $15 SD card the size of a postage stamp will carry any sort of perfidy you might have in mind -- just change the suffix to .jpg. Ditto the memory card in your cell phone, GPS etc. etc. I'd very much like to see TSA rummaging through every IPod/MP3 player, though it wouldn't surprise me much to see it happening.

as MKULTRA points out, there are so many memory devices floating around that the laptop gambit is the usual pointless harassment and theater.

A $20- SD card the size of a postage stamp will carry any sort of perfidy you might have in mind -- just change the suffix to .jpg. Ditto the memory card in your cell phone, GPS etc. etc.

rickroll the bastards.

Or make some really, really suggestive home made smut that looks like it's going to cross every legal line anywhere - but never quite gets there. An hour of longing looks, passionate, clothed groping , incredible build up with lots of exciting equipment and farmyard animals in the background, and then nothing.

Why not use something like Truecrypt's 'plausible deniability' mode?

You have two passwords: one that displays files you don't care to show em' and one that shows the actual sensitive data.

You can't tell which password you gave em' nor can you tell there actually is more then one layer of data.

To protect your stuff if you have VERY PRIVATE STUFF:

1.Make a CURRENT image just before flight to usb or dvd(Love Vista Ultimate for that!)
2.Format/Erase (or restore to original state).
3.Cross border and restore (20minutes or even less)
3.Privacy protected, be happy

bring decoy laptops. Old broken junk you "can't get to open" ,let them confiscate it

Sounds like the best practice is to send the encrypted information you're looking to protect across the border electronically rather then physically bringing it across yourself.

I would be delighted to see Alice and Bob crossing the border at an airport, Alice would bring her laptop with no information across, while Bob stays behind with the information. After Alice crosses the border Bob sends her the information over a wireless connection and then deletes the information (scrubbing the area where the data was stored) and then crosses the border himself... I just wonder what they would arrest Alice & Bob for... bonus points if Bob sent Alice an encrypted text document containing the Declaration of independence, the constitution & it's amendments, and some cat macros (so the media would pick up on it... hey, ya gotta have something topical)

Oof, I am in despair reading this article and comment thread. I've carried laptops through airport "security" plenty of times, and of course they've been thoroughly scanned. But no one has ever asked me to boot it up and show me what's in there. All the tricks you've shared about how to hide content are really cool, but I don't think that's the real issue.

I don't WANT to give up MY exclusive access to my personal files, thoughts, photos, writings, whatever. If anything in this world belongs to me, it is those. I feel defeated, I feel like freedom and liberty are becoming laughable concepts in this world. I'm willing to let border guards or cops search me for bombs or guns or whatever, but not my own thoughts.

Shit.

And no, I don't have anything "bad" in there. So don't tell me "If you haven't done anything wrong, you have nothing to be afraid of". That is definitely NOT THE POINT.

exactly Jake. Just when did everyone lose the right to presumption of innocence? That fact that bad people exist does not make me bad by association. Especially when accused by my lessors.

Lessors or lessers? Enquiring minds want to know.

You don't even own the refrigerator box? Wow. Now I feel better about my life.

eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

what can I say? my nephew, he got me a deal. I'd be messhugana not to take it!

#38 posted by realyst: Why not use something like Truecrypt's 'plausible deniability' mode?

Another vote for TrueCrypt here, a fantastic program. The plausible deniability concept is pure genius. They want a password? Give them a password. They want to see your files? Let them go to town.

How sad though, that the price of freedom is our integrity. Just remember, a promise made under duress is not binding.

Here is how you get sensitive info past them. Create a new partition on your HD and move your private info to it. Delete the partition. At the border crossing co-operate with the border guard. If he does take a look there will be nothing suspicious to see. At home or in your hotel room use any standard disk utility to recover the deleted partition. Since you haven't saved any additional info on your machine it's very unlikely that you'll lose any data.

Another method would be to create a hidden partition using Norton Ghost or some other disk imaging utility. Back up your boot partition. Most people don't divide up their HD's into smaller partitions so I'm assuming that is true here too. Delete your sensitive information. Most disk imaging software will compress the data and give you the option to encrypt your back up. I'm sure the CPB could access this info if they wanted to but why would they? If you are so notorious that as soon as you try to cross the border they do a deep scan then you've got bigger problems than this. Again, once home simply recover your information using your preferred disk imager. I like Acronis, ymmv.

If it's really secret info that you must not get caught holding then you need to hire a mule.

i always forget my passwords when under stress. i even write them down, but then forget where i write them down. doesn't that happen to everybody?

What about a hidden volume, or steganography? This isn't mentioned at all in the EFF article.

The trick is to make your password "I killed Evan Chan", then the revelation of the password will always be problematic under the 5th Amendment. You'll have had to have killed Even Chan first, of course...

Ship your laptop ahead of you before you get there. Done.

"The mark of a good engineer is a simple solution."

(haven't read all the comments, sorry if this was already addressed)

How does this jive with HIPAA? My understanding is that medical info can't be given to anyone without the patient's consent, or without a valid court order.

"Civil and Criminal Penalties. Congress provided civil and criminal penalties for covered entities that misuse personal health information. For civil violations of the standards, OCR may impose monetary penalties up to $100 per violation, up to $25,000 per year, for each requirement or prohibition violated. Criminal penalties apply for certain actions such as knowingly obtaining protected health information in violation of the law. Criminal penalties can range up to $50,000 and one year in prison for certain offenses; up to $100,000 and up to five years in prison if the offenses are committed under "false pretenses"; and up to $250,000 and up to 10 years in prison if the offenses are committed with the intent to sell, transfer or use protected health information for commercial advantage, personal gain or malicious harm."

So what if my laptop has patient info on it? Like a copy of my medical history from my doctor. That's patient info, right? And I'm allowed to have it.

I have to side with these individuals who mentioned small, inconspicuous memory storage devices like jump drives and SD cards. I routinely carry information on a mini-SD card that's about 1 square cm. I've walked through metal detectors with this card and no one has noticed. I could hide it in the pages of a book or magazine, slip it into an obscure corner of a carry-on bag, or even stick it under a bandaid on my finger. I sincerely doubt that any border officials would even think to look for this gadget, let alone know what they'd found if they saw it.

Qu'on me donne six lignes écrites de la main du plus honnête homme, j'y trouverai de quoi le faire pendre. - le Cardinal de Richelieu

#50: "Here is how you get sensitive info past them. Create a new partition on your HD and move your private info to it. Delete the partition. At the border crossing co-operate with the border guard. If he does take a look there will be nothing suspicious to see. At home or in your hotel room use any standard disk utility to recover the deleted partition. Since you haven't saved any additional info on your machine it's very unlikely that you'll lose any data."

You're still putting your data at risk with this method. Why not use an ecrypted partition, created in some Program Files folder. Before you travel, rename it to something like whatever.dll, then remove the encrytion software from your machine (including registry entries). Safely at your destination, reinstall your encryption app, then rename back the partition file.
But I don't think most of these folks are very tech savy. You could probably get away with putting everything in a .zip file and then moving it to the system32 folder, renamed to something like winboing.dll.

we need inductive-read mini-media
http://blog.opsan.com/imagescontent/armed.jpg

Another waste of time.
Thanks to republicans and their Bush dog corperate friends.
The destruction of American Freedom is almost complete.
Anyone who wants to get some kind of info across borders will, this only annoys good people.
If there is some kind of info which is sensitive it should be protected at the source.
This is akin to book burning.

Not one thing that has been done since 9-11 has made anyone safer but the US government is proving itself to be the greatest threat to Freedom and the American Way of life.
I hope others will join me in fighting to regain what our country was founded on...Freedom, especially from the government.

My last line sounds like I am the only one fighting for Freedom. Sorry for the pretension.
The EFF and millions, maybe hundreds of millions are fighting to remain Free.
I was referring to the apathetic people who don't pay attention to what Congress or the Courts are doing.
Years ago Frank Zappa made me realize that it is crucial for people to pay attention to government because they make the laws and spend your money.

Submission Accomplished!

Wow, how does this apply to laptops running common multi-user operating systems?

#55, Love that one! Tell them there may be health info on it and unless they get a HIPAA waiver signed they cannot search it. I work in health insurance too, so I'll certain be keeping that in mind.

Easy... copy your documents to a USB drive or leave 'em on a network drive, format your HDD then run the file copy part of XP (or whatever OS).

When first switched on your notebook will require the product key and the HDD will be clean. It won't matter if the drive is copied for later examination as your documents are elsewhere.