Dont take your laptop on holiday!

Given the FBI is planting 'dodgy' links and if your browser, like mine pre-loads links on a page to 'give a better browsing experience' the chances of not having something 'illegal' on your PC is pretty slim. Someone could slip a file of white noise onto a web site and you'll be hanging upside down having your feet beaten in GBay until you tell them the encryption keys for it!

It seems like the only way to function these days is to have all you data on a secure web server that can be accessed by a browser!

NDA ?

What would happen if you have information on your laptop that is under a Non Disclosure Agreement ?

Letting the customs see it will violate the NDA not letting the customs look through it would be making yourself a likely candidate for government harassing untill you give in.

One possible solution

If you run an operating system that has some sort of security then you could:

1. Create a dummy account containing a number of unimportant files. Give this account the minimum number of privileges.

2. Use this account when stopped at the border with your laptop and asked to start the machine.

3. When asked to provide access to other files, you can reasonably claim not to have sys admin rights and refer the enquirer to your corporate IT department (if you have one), hoping that they aren't going to bother. Of course, they might bother and corporate IT might give them the sys admin password over the phone, but how likely is that?

We should decriminalize tertiary unpaid possession

Making of kiddie porn, make it a crime it is the primary crime. Distribution of kiddie porn, keep it a crime it is a secondary crime, but nevertheless may encourage the primary crime. Possession of unpaid kiddie porn, not a crime. Where kiddie is defined as puberty, not this stupid 18 year old rule that has us locking up 16 years olds for photographing themselves having sex.

If 14 year old girls aren't sex objects why do they use them as fashion models?

I know it's common to get an emotional argument to conflate these things into 1 thing, but there was only a marginal case to ban distribution, it already was a secondary crime. Possession is a tertiary crime, it's already 2 times removed from the actual crime and was argued that *buying^* created a market. Distribution is what the FBI did recently, so distribution was already viewed as minor enough for the FBI to do it.

The argument ran that by obtaining child porn you were paying for it, which created the market that drove distribution, which in turn created production. That can't work if it isn't purchased. So the ban on possession should be changed to a ban on *purchase* of kiddie porn. If you watched a murder on TV then you are not encouraging murder, if you paid for a snuff video you would be encouraging murder indirectly.

So if FBI views distribution of child porn (a secondary crime) as acceptable to catch people for possession (a tertiary) crime then it clearly casts a question over whether that tertiary crime should actually be a crime.

Another pointless law...

...Anyone bringing anything they truly fear into the country on a laptop is going to have it encrypted. Thus the government can look at the laptop all they want, they ain't going to get anything off it.

Search, not copy.

Fair enough customs officers are entitled to search. But copying the contents of my HDD would be the equivalent of taking away my clothes (DNA filled) or making photocopies of my (paper) address book (friends or foes).

Are they allowed to do so?

I doubt the searches are occurring at random, I'm pretty sure the Arnold's case was a matter of opportunity, he was on "a" list and him getting in from the Philippines made it a perfect timing. As you said your inspection was "cursory".

I know the gov.uk have a got a propensity to leave loaded laptops unattended but personally I don't and believe no one should, PCs get lifted & looked at. But I'm glad the pervs are doing so, that way there is a chance they get caught.

Duh?

A laptop is exactly the same as a briefcase with respect to documents contained therein. If you wouldn't wish to go through border control with a briefcase full of child porn then why should you expect to do so with a laptop full of the same.

Just because a laptop is more convenient for storing documents and in greater quantity than a briefcase should not make it the equivalent of a diplomatic bag. In fact for these very reasons it should be more of a focus for investigation.

Yes, but...

Thanks for pointing out another indignity / loss of privacy we have to suffer when going to the land of the free and the home of the brave.

I think it is necessary, though, to stop the warrantless searching of devices at just booting the things up. Even a cursory glance for kiddie porn or similar should be off-limits for border guards.

One reason is the fact that governments already have ample powers and abilities to track traffic in what you could call illegal data online. Unlike other contraband, the government already has plenty of opportunity to nab you before you reach the border. The ability to disrupt the possibility of extensive international traffic in illegal data by physical devices alone (i.e. a sneaky sneakernet) is more than sufficiently taken care of by the hoarding of all other personal flight and border control data by the goverment.

Furthermore, how do you limit a 'cursory inspection'? 1 minute, 5 minutes, an hour? Can you be present while the inspection takes place? Can a borderguard boot your laptop off a special inspection CD, or download or otherwise install some search programme of their own (NSA rootkit anyone?) Can they ask for root access, and if they can, what if you don't have it yourself?

Basically, border guards shouldn't ever go there. Literally.

warranty period

When I worked for a US computer manufacturer we used to travel to team meets in the mid-west. Company laptops had only started being xrayed at this time and we noticed that managers making frequent flights had major disk issues. Thier brand new laptops suddenly started to fail at the same time as older issued laptops. This made us BOFH types think outside the box.

After running disk analysis software we determined (we wrote the software to do PM on disk clusters) that the xray machines were fragging the disks.

We had the first few laptops replaced under warranty but after the first ten or so the supplier would no longer provide machines under full warranty - "flight warrany" terms reduced warranty period from two years to six months.

Basically some of the antique luggage hardware at US airports will end up trashing your kit, as cheaper and dirtier sources mean cheaper detectors/displays.

P.s. we tried sending a couple of ROM/EEPROMS through the airports - they were trashed after six months of bi-weekly travel - so your lovely Nikon you take to on that trip to disneyworld is being slighlty trashed every time you go on holiday

IMHO You may as well take a hammer to any electronic equipment in your luggage - the cheap ass holiday destination airport kit will fry it for you anyway.

Very well thought out article.

Slow (sorry), but well worth the read. Very well thought out. :)

old fashioned thinking

so a government needs to think you're suspicious before it can search your laptop. OK - what's more suspicious than refusing a request of "can I juist have a look at your laptop, sir?" They've got you both ways: damned if you do, damned if you don't.

So far as being searched on your way into a "secure" facility. Maybe unreasonable, but what IS reasonable is having all your data scanned on the way out. If you can't think of a reason why, I'd have to ask what you're doing reading an IT forum.

Now while I agree that software won't blow up a plane, and that a self-respecting ponographer will have any dubious material stored safely away in an online backup facility - or stored on micro SD cards that will simply not get found (even if you don't swallow them), or recognised for what they are. However, we have to realise that governments feel a paranoid, driven, imperative to make sure that no-one has any dodgy stuff on them. They've got us used to submitting to degrading enough investigations of our person and our property, it's not too far to expect them to go after our data. They'd want a brain-dump if they had the technology.

The old-fashioned thinking is that they'll find anything. As I said, any decent terrorist will have their data squirreled away where it won't be found - but this new act of security theatre will make the grannies feel a little easier about flying - until of course they're found in possession of some data they didn't know they had.

Simple Solution

From the article:

"And some searches, seizures, and copying of computers are just flat out unreasonable. For example, reading attorney-client or priest-penitent privileged and personal files."

So, I'm a minister and my laptop contains e-mails and other private communications from my congregation, Our Lady of the Encrypted File System.

Why we have border controls

The justification of a border search is twofold - the first is prevent you transporting prohibited goods accross international borders (hence the right to search your suitcase) and the second is to filter out undesirable people and stop them entering the country (hence the need for a passport).

By this reasoning, the border control guards should be entitled to search a laptop for child porn just as they would be entitled to search a suitcase for photographs twenty years ago. Likewise, they should be able to confiscate illegal music just as they would if you had a bunch of pirated CDs in your luggage.

The thing is, whilst carrying a laptop or mobile phone with memory card is pretty much unavoidable for some people, there is no need to store anything suspicious on these devices. If you are crossing the US national border you are just as foolish to take illegally downloaded music on your phone as if you tried to bring cannabis into the United Arab Emirates. If you have a file on your computer called 'how to blow up airplanes' then you should expect to be in as much trouble as if you were carrying a hard copy of the same in your jacket pocket.

We are going through a social readjustment stage at the moment. Just as record companies must accept that digital music is profoundly different to physical copies of music, so citizens have to learn that a computer full of data in your luggage at an airport is not the same as a safety deposit box in your study at home. It is not the nature of the information that matters - it is the fact that your home is your personal space, but that an airport is the government's personal space. The rule is simple; if you don't want the border guards to see it, don't take it with you.

I think the real reason behind this understandable (if not justifiable) resentment of laptop searches is the growing lack of trust we US and UK citizens have in our governments (both independently and as a joing force). If our governments were honestly concerned only with child porn, large quantities of pirated music and genuine terrorist suspects then this wouldn't be an issue. However, it seems that we are currently in the middle of a Mccarthy type witch-hunt against anyone who could be considered antisocial. It feels like everyone is under suspicion and that the autorities consider us all to be worthy of continual surveilence. At the moment the phrase 'if you have nothing to hide, you have nothing to fear' just doesn't ring true - many of us in America and Britain are growing increasingly afraid of our own governments! However, we knew this at our last elections yet voted the incumbant parties back in. A country gets the government it desreves (either that, or democracy is massively over-rated).

@Ian Stuart

but you better fix it afterwards!

Erm, I've been told that Customs & Excise are under no obligation to hand back working or intact property after a search. One of the scarey aspects of them is they can literally rip your suitcase apart looking for contraband, and you have no recourse for compensation. Likewise, I would expect they would feel quite justified in handing you a bag of parts - that used to be youyr laptop ...... or car!

Court order? we don't need no steenkin' court order!

Diplomatic bag

So, does your laptop constitute a diplomatic bag? If you carry a little black book of phone numbers though border security, they can look though that. So why not your contacts on your email program? What's the difference? The amount of data you can carry? Or that the data can be quickly, and perfectly (sort of) copied? Maybe thats the rub.

Ultimately, its only diplomats, who have the right to bring things into country without It being searched.

Maybe this is wrong. Maybe they should require a search warrant. But then it would rather defeat the purpose of Border security...

4GB Mini-SD card

Easy enough to hide, how much 'confidential' data could you store on that ?

Just to add some frivolity

The famous movie where Marilyn's dress is blown is "The seven year itch"

R

Very nice article

nicely written piece.

I agree with the tone of the article too. Americans want security in all things, and from all perspectives. We don't want anyone bombing us, and we don't government sticking their fingers into our things.

This is invariably a very difficult thing to do.

missing the point

Some of you folks are missing the fact the courts said no. The courts said you need a court order.

Where to start?

The article baldly states that we all have passwords on our laptops. Not this geezer, unless you count the encrypted ones in my shadow password file, or maybe the one in .ssh that lets me pick up some of my email, _after_ I supply another password to the server.

Several comments to the effect "can they do that?". Yes, they can. At the very least, they can do pretty much anything if you consent, and despite the bravado of the aptly named "Anonymous Coward" who claims that he would "flat out refuse to tell them", I submit that nearly all of us would consent if the alternative were to be rotting in gitmo while our families wonder where we are. Or being waterboarded (Hey, even McCain has agreed it's not torture anymore). Or maybe a good old fashioned cage full of rats strapped to your face by MiniTrue.

Yes, there are technological "solutions", but all of them have the unfortunate side-effect of making the thugs even more determined to do you harm, if (when) they find out. The only actual solution is to vote the scoundrels out, if you happen to live in a country where they actually still have reasonably legitimate elections. Let me know if you find one, as I might like to move there. Too bad I only speak English.

@ Daniel

As I understand it, people are not worried about the poor sods who have to go through your mom's dirty laundry upon return for idle packets of marching powder finding whatever is hidden on your disc straight away. It is the copying of all content once they do not like your nose, or the simple confiscation of hardware that is ... ah... bothersome. Because you do not know what will happen to it, and because it is stored forever ever after, with your name on it, auto-scanned and looked at by people knowing that there's only 10 kinds of people and stuff, you know...

What kind of idiot ...

... would think to themselves: "I need to move a couple of gig of data across into the US. I think I'll stick it on my laptop and carry it through customs."

@Which user//

> Are they going to log on as? If I create a new user (no admin rights) and log on as that then its not going to give them much at all is it?

Ah, bless...

No logon is required at all to examine any disk physically.

Hysterical

Entertaining article - and it would have been a good one too if you'd managed to stay away from the hysteria.

"They could copy the entire contents of your computer" "They could ....... create a database of your friends and associates"

Well, no, no-one's claiming they could do that (except, of course, you). The border agencies can look - just as they can look in your diary or address book if you're carrying such ancient things. They have no mandate to copy your diary or address book but, if they find incriminating evidence in your diary or address book, they can confiscate those things and use them as evidence in criminal proceedings against you.

Must do better. Excise hyperbole and rewrite.

I guess I had better start.

Collecting all the viri and malware and really bad idea links into one encrypted file.

The password will be YoullBeSorry!.

Just in case I ever need to go somewhere.

It's totally your choice.

At many Canadian airports, you will see signs that say something similar to: "Passengers are free to decline security inspections by choosing not to fly".

In other words, you cross the border knowing full well what you are doing, with the expectation of being inspected.

If you believe anything different, and take risks at the border, you will get what you deserve.

When crossing international borders, there is NO difference between the contents of your laptop and the contents of your luggage. The same search and seizure rules should apply. If security is not allowed to compile a database from a paper list of friends, then they are not allowed to do so from your laptop ... but if they are, it's your fault if they do. If you disagree, I bet you also foolishly don't believe in copyrights or intellectual property as an excuse to protect your other crimes.

The author of the article can't even define a clear line of what he thinks is reasonable, stating a laptop should only be inspected for drugs and explosives, that the data is not security's business, then on the last page the author states that it's totally reasonable for some random searches of laptops without suspicion.

He must really mean: Go ahead search everyone elses, but it's wrong to search mine.

The real problem regarding Americans and Security is how fast you let George Bush destroy your constitution in the name of 911. You ignored your constitutional responsibility to overthrow Bush for taking away your rights. Having done so, you have nothing to complain about when crossing the border.