That is unless you believe that those prying authorities have the will and the way to leave an undetectable backdoor in your laptop. Breaking the chain of custody in any laptop today is akin to destruction of trust in that device. Who is responsible then for paying for this damage?
The technical expertise required to do so is very limited as long as you don't password-protect the BIOS: Basically, they only need to be able to plug in a USB stick and reconfigure the BIOS to boot from it.
In other words: If you leave your laptop outside of your physical control for even a few minutes, you may have to assume that it is totally compromised as long as you don't have a BIOS password.
If the laptop is outside of your control for a longer period of time, you probably have to assume that it has passed through the hands of somebody with sufficient technological know-how to work around the BIOS password as well.
For non-soldered but socketed BIOSes I think one can just take chip out and put it into your wallet, possibly, covering some pins with some dissolvable insulating substance. For soldered SPI EEPROM chips with known pinout, I think one can reflash the chip afterwards.
Craigslist.
Or eBay, or Kijiji, or the Classified section of your local newspaper. Whatever lets you get rid of your possibly contaminated device while recouping at least part of the cost.
The difference between the price of the new device and the amount you can recoup by selling it secondhand, multiplied by the probability that your device will indeed be seized, should be considered an integral part of your budget for any international trip. It's just one of the many ways in which tyrannical governments increase friction in their citizens' daily lives.
Rather than leaving it at home, a trusted third-party service could supply a image/reimaging service at popular travel endpoints.
A lot of risk in it I suppose.
That's a big problem.
edit: To those below: True. I thought about hardware after I posted; didn't even think about the BIOS thing but that's a great point.
Your data should stay at home and a VPN connection to your home PC would be a good first step.
For most of the rest of us, we really have no data of any interest to the authorities. That doesn't mean we shouldn't care about data security, if that's important to us. But it's not the real problem with border confiscation.
The real problem is not having your hardware or software tools at your destination.
So don't bring any hardware or data that you can't afford to lose. Certainly don't bring anything that you're emotionally attached to, particularly inbound.
Either don't bring anything, and buy it all at the destination, or just bring the cheapest stuff you can use productively, and be prepared to replace it at the destination.
The NSA already has my email. But I'd hate to be without a camera, or phone, or laptop, or data, or whatever other tools I was going to use at the destination. Plan for that, it's the more likely and practical threat.
If anyone builds this app, I'd like a slice of the pie, please :-)
I don't know how to do it without some kind of markup / document system (no morning coffee yet). I figure it wouldn't be that hard.
You could use a TDMS file(v1), which each channel is an item. When ran you give the program a password, which it checks against each channel, calculating the salted hash of your password. When it finds a matching hash it decrypts the document (saved as data within the channel).
This gives you a lot of plausibly defensibility because nobody understands TDMS file structure, not even people who work with them (it is an open standard, just nobody cares). And secondly, you decrypt the document and you get something out, even if that something isn't exactly correct.
I could likely push out a windows version by Saturday I guess if you don't mind it'd be using SHA-256 instead of [b/s]crypt for password checking. Maybe future updates to include some form of internal compression + some type of signing who last modified the document(s).
Final fize size of 746kb though made me feel a bit happy.
You can even take it a step further: full disk encryption, one key will give an innocent Windows install, and another key will give the diabolical plans.
However, information is only compressible to the extent of redundancy involved, so this can be spotted: compare the amount of encrypted data with the size of the innocent data.
Happily enough, statistical sampling techniques can make that possible [1].
[1] S. Garfinkel. Searching A Terabyte of Data in 10 minutes. http://simson.net/ref/2013/2013-01-07%20Forensics%20Innovati...
It gets broken, searched, x-rayed, fucked up and generally treated like shit.
At Zurich airport, they managed to break my old IBM T42. Had to get my company at the time to courier a new one overnight from the UK by road which cost £1150 just for the courier.
How exactly do they tell the difference, what if I use steganography to hide stuff in my family pictures? They won't flush anything, they will keep everything in case it's relevant.
> During that time authorities searched about 1,000 laptops carried by travellers.
We don't live in the police state that most Snowden and Kim Dotcom supporters here tell us that we do.
I get really tired of seeing anecdotes used to represent the average.
That's pretty much true for any and every society.
My point is I highly doubt the extent is as little as 1,000 as most searches are not logged.
(I'm not a US Citizen, so my rights were further limited given US had no obligation to let me in)
Here was my ad-hoc procedure from traveling internationally a few months ago (tourism), with a prior of not really expecting to be hassled on the way there, but unknown for the way back:
1. Choose the laptop I'm least likely to miss in the case it gets stolen by JBTs, with respect to the functionality I require.
2. Wipe(1) the first 10MB of disk (has only ever been LUKS), then one /dev/urandom pass into the entire thing. (In retrospect, zeros may have been better than random)
3. Reinstall Debian, with a passphrase I don't mind giving up. Sync over only files that I don't mind giving up.
4. Go through Japanese customs - the only question asked was "Are you with him?" (friend in front of me).
5a. At this point, I possess a still uncompromised machine at the destination, with stored ssh host keys, etc. When (last-minute) prepping, this possibility didn't quite occur to me. Not being prepared to take full advantage of this was regrettable.
5b. (If machine had been molested, I would have not logged into my privileged accounts at all. For the most part I didn't have to anyway, but since I wasn't fully prepared it came in handy once or twice)
6. For return, wipe first 10MB of disk again, then one /dev/zero pass to the entire thing (so there was no argument that I had encrypted data). Then mkdosfs on a whole-disk partition for derp-nothingness. (This was done with a Debian install image written to an old flash drive I had with me for the purpose. My only concern at this point is the hardware getting stolen.
7. Take hard drive out of laptop so that it is a separate device. This would most likely increase suspicion, but make them even less justified in stealing the whole machine (not that this would stop them).
8. Get waved through coming back through USG because laptop "searches" aren't actually that common for people not on the primary watchlist (everyone is on the secondary watchlist). Still, I will do the same thing next time, and think it irresponsible to not.
There are of course improvements that could be made to this, including a small default-booting "nothing to see here" install, with file times etc automatically adjusted. Automatic copying of machine credentials etc when you're at your destination. Using a separate partition instead of the flash drive. And of course automation of the process so it's easy for everyone to do :)
Difficulty level: Macbook Air
My laptop was never touched by customs - had it been, my plan was to never trust the machine again.
Most people are in my situation - never actually getting hassled but wanting to protect themselves now that the gloves are coming off. In the future we all may have to deal with device quarantines of a few days at every crossing (what a boon to local sellers!) but that's not now.
As for my phone, if I were in a position to be worried about customs installing backdoors, I'd prepare a recovery zip beforehand with all my data, then download it from my own server or a secure storage, and flash it after passing customs. Or better yet, travel with a SIM and buy a cheap Moto G, the resale value alone once back at home would make up its US price.
Full on encryption, tmp lock and filesystem hashing via tripwire then is mandatory. Fun thing is that you can screw up the malware to send all kinds nasty shit back to them, like trojans and viruses, PIF files and EXE files and whatever might tickle your fancy. Then get your malware do maximum damage on their network.
After all they hacked your laptop, they engaged in illegal activity and it is only fare for you to punish them to the fullest extent of your technical capability.
They cannot acknowledge the fact that they hacked your laptop without a warrant.
etc.etc.
There's tons of fun to have this way. Since people who are doing these things are expecting you to be retarded luser and so you can set a trap and have them fall straight into that.
Make a blog post and example of malware and how to entrap the said trespassers, what does malware do etc.
my 2c.
No clear players in this market for consumers though. Where is the consumer remote desktop via browser+SSL that doesn't rely on a US hosted cloud service?
The one you host on your own infrastructure?
I don't know of a good self-hosted combination for that.
http://www.amazon.com/dp/B006BFCOIE
But really, it's safer to not physically carry data across the border, but to access it over VPN or another secure tunnel while abroad.
Who pays for damages?
If harddrive is separated from laptop, does it get seized as well?
What if I have 100GB of random data on hdd?
Is there obligation to provide technical support to officers? Not everyone knows howto boot FreeBSD without bootloader.
Do I get written certificate of what was seized? There could be some bitcoins on hdd...
2. Wipe your PC.
Optional 2.5. Download a bunch of fake personal files.
3. Pass the border.
4. Access Internet.
5. Download your datas.
Then, upon reaching your destination, and knowing that no one had access to your random bits in the one-time-pad, download your documents from home, and decrypt it.
No amount of processing power by the NSA will be able to help them get your files, and the only way the bits of your documents pass through the internet, is if you can confirm that the key to decrypt the file hasn't been touched.
Otherwise you risk having all your hardware confiscated by border guards and returned months later. Your plan above won't work if they confiscate your hardware as you'll have nothing to download onto.
If anything, I would go to the point of screwing with border agents by having tens of thousands of pictures of my dogs, kids, flowers, and whatnot, all with naming similar to PICnnnnn or whatever is the current default of most digital cameras. Having them given the wrong doc type would be a nice touch too.
Of course why not store your data on a SD card and just pop it somewhere they are not bound to look?
Requires a second wipe after step 3, and may get you into trouble, depending on what the crapware does without your input.
http://en.wikipedia.org/wiki/Key_disclosure_law#United_Kingd... (also contains details for other countries)
Each block of flash can be written only a limited number of times, so flash drives (SSDs, cards, USB sticks) all have more blocks than are visible as part of the disk. Drives internally rotate active blocks in and out of the spare pool to try to keep the number of writes to each similar ('wear levelling'). When you write to a flash drive — including trying to overwrite data to destroy it as someone might on a magnetic disk — it will generally pull a block from the spare pool for the new data, and put the old block in the spare pool.
The spare pool is invisible to the OS, but it is reasonable to assume that there are ‘secret’ commands to access it — not because some TLA demands it, but because the hardware/firmware engineers need it for development and debugging.
BUT there is a great big BUT. Writing flash is a two-step process. Programming flash can only change a 1 bit to a 0. Before this, there has to be a slower erase step, that sets the block to all 1s. In order to avoid this performance-killing overhead on every write, flash drives erase as much as possible (whether spare pool blocks or TRIMmed visible blocks) in the background as soon as possible.
