Customs Proofing A Laptop
I Discovered the article Security guide to customs-proofing your laptop over at Cnet and thought it would be worth sharing it. It does not really add anything new to the discussion and if you have followed it here (Protect your date when travelling) onÂ my website or at others you might already know every point that is mentioned in it.
The article is divided into three threat levels and an introduction with some interesting background information and links. The first threat level mentions data encryption and certain aspects that have to be taken care of. It mentions for instance the fact that it is possible to read the contents of the RAM if the laptop is or has been powered on shortly before entering customs. It also advices to delete all temporary data on the system like browser cache, cookies and so forth.
Lastly it mentions the possibility that spyware could be installed on the computer while it is kept by the federal agents. The next step would be a full encryption of the system which has the advantage that everything is encrypted meaning no one can access it by simply plugging in the laptop's hard drive into another computer. This could, on the other hand, make border agents suspicious because they might think you are hiding information that they are after.
The last threat level mentions steganophy which means hiding data in other data, for example an important text document in a music track. It also refers to the use of encrypted containers on encrypted partitions. It also mentions electronically sending the data once you reached your destination or storing it on smaller memory cards that are placed in devices that do not look suspicious.
The best solution in my opinion is the secure transfer of data once you are at your destination. This ensures that nothing can be found on the laptop that could arouse suspicion It would also mean that the traveler does not have to lie if someone asks questions about the contents of the laptop.
Others suggested sending the data by overnight shipping which still leaves the chance that the package will be intercepted and analyzed but has the advantage that you cannot be questioned and asked for the password of the (hopefully) encrypted drive.Advertisement
Why not just take out the hard drive??
Well you have to use the laptop at the destination.
If this really becomes a problem you will see a rise in laptop rentals.
People will store the necessary data on the net, travel without their laptop and when they arrive they’ll connect and download whatever they need.
This will seriously encourage people to use the cloud and things like Google docs.
I just wonder – what will happen when the U.S. border guard discovers things like email and internet – will they examine every packet that crosses the border? What idiots…
I’d have to agree, if I were traveling into the US with my laptop I’d be almost inclined to wipe the whole thing and start afresh once I got stateside with a secure download from one of the online storage systems (or even a hidden folder on a web host)
@martin Just take it out and ship it with some secure service, then pick it up on destination or your hotel
and the encryption method doesn’t work, if you read the the bill the hard drive can be handled by private firms for decryption.
I’ve found that using OpenVPN to my home or work PC works fine and solves the problem of airport and hotel wifi. It should also work in this case as well.
Using something like TrueCrypt on a laptop will work if you pick a long password plus a few files as the key. Private firms may be given a copy of the drive to decrypt but they won’t get anywhere with it.
I have installed a cascade virus on my laptop – labeling it: young boy being raped.asf. I figure this will peak those nazis’ interest and have a higher chance of them downloading that encrypted file and attempting to run it on their computers. More people should do the same. Who knows, it might shut down that entire nazi computer network.