It also seems prudent to obfuscate your GRUB screen and have it quickly default to Windows to avoid in-depth scrutiny (do the front-line thugs really know any better?). It seems that once you've become an exception by telling them that you can't/won't decrypt a volume, your laptop is probably getting stolen regardless.
I like what you came up with - but it has a really large problem in that, if you are stopped and compelled to show your computer, you would become a combatant by refusing to share information. You would immediately be seen as a risk, get arrested, and then compelled to give up the name of an accomplice. However, as you know, most of this is just theater- since you have nothing to hide, the only real problem is the "in plain sight" provisions that could get you in trouble for having a couple of downloaded movies on your desktop.
So how about this?
Get a larger than required laptop disk, and partition it, with one size being a tradtional, smaller size. 250 or 120GB perhaps.
On the larger partition, stick your fave OS, work etc.
On the smaller, put a plain win xp install, with some fake data and so on. Outlook with generated emails that look reasonably fresh and so forth.
Then, have a boot loader that can be configured to autoboot to either system unless a special key combination is entered on system start.
This way, once you're done with your flight, you can encrypt your partition and reboot into your "clean" system. Then, if you get stopped, you can happily show the system. At that point, there really would not be any evidence for any further search, so you would not easily be detained. You could also go further by ensuring your clean system didn't see the other partition, and that you had a sticker showing the hard drive size being the same as the smaller partition.
Ghost Drives.
simpler and safer than having to risk your machine.
There is no point in altering the laptop hard drives sticker. If they have gone through the trouble of opening the hatch to see that they are likely going to just remove the drive and hook it up to their equipment at which point it's going to be obvious there's more than meets the eye.
doubt it. given that new macs can show the harddrive with the simple removal of a panel, i can see lots of "front line" cops try and make sure 1+1 = 2. Would have to go to a lab to prove that it'd been partitioned, and that costs money and requires warrants.
Schneier has previously written about TrueCrypt, which has a cryptographically protected version of this defense (it creates a deniable hidden partition within the free space of another encrypted partition): http://www.schneier.com/blog/archives/2008/07/truecrypts_den...
Obviously there are many other ways to simply hide your data from customs (e.g. put it on a microSD card and physically hide it). But the solution in this article has the interesting property that "it also allows you to deny a customs official your data without having to lie or pretend" which might be nice if, say, you want to publish it in the IT manual for your public corporation.
But that's false: if you can't reveal the contents of your hard drive, you'll have to explain that it's encrypted with a key you don't have on you. The question will then be asked "so where's the key?" and you'll have to explain that a confidante has it. When you decline to reveal who that is, you are then having to lie. If you choose not to reveal it's with a confidante, you are then also pretending.
Remember, cops are supposed to be good at the asking questions and human behavior stuff. Less good at detecting when something's been altered technologically.
Nope. The article mentions that it's better to give the key to somebody "you have a privileged relationship with", such as a spouse or a lawyer. Then you can even tell the customs officials who has the key - the catch is that the process of getting the key (legally) out of the person who has it is between hard and impossible.
Sure, you could call that person and ask him to email the key without saying you're still in customs - but that is something they cannot tell you to do.
I think Schneier's making a very dangerous and ignorant suggestion with his latest post. He's not a lawyer, and yet he's dispensing advice that deals more with legal issues than security ones.
There are two things that can happen when they ask to search your encrypted laptop - you can decline, or you can give them the key. If you decline, no matter what cockamamie reason you give, you're going to be dealing with a legal matter, most likely seizure and possibly detainment.
Think about it, you get the same result by politely declining and asking for a lawyer.
Bruce's 'solution' doesn't solve anything. The outcome is the same, only now you have on record how you went to great lengths to prevent the border agents from reading what was on your laptop. Whereas, if you just shut the fuck up and wait for a lawyer, you can get legal advice before you say something really stupid.
As for privileged communications, does he really believe that if they could legally compel you to divulge the key, that they couldn't do the same to your wife?
The legal system is not a logical system like your computer. Clever hacks don't always work.
If you were considering doing this, you might as well just DHL your encrypted laptop to your location. Business travelers already ship critical stuff instead of carrying it.
The motivation for Schneier's scheme (which he mentions in the article) is that you can still use your data while you're on the plane; you don't need to trash your working key until right before you enter customs.
Does anyone have a personal experience with getting their laptop searched?
I carried my laptop around between the US, Germany, and France earlier this year, and no customs officials seemed even remotely interested in my laptop. Other people I've talked to said the same thing... not saying it doesn't happen, though - anyone got some input here?
There are plenty of countries (particularly in the middle east) that will search your laptop for no reason, particularly if you don't fit their idea of what constitutes a laptop user (e.g. you carry two).
FTR I've had my laptop checked in the Americas, Europe, Middle East and AsiaPac.
I was recently selected for a random search at Pearson airport in Toronto. Even then, the agent just took out the laptop out of the bag and set it aside. He didn't inspect it at all.
Airport checkpoints are (supposedly) for security. They're trained mainly to look for weapons and explosives. The controversy is over laptop searches at customs and border crossings. Customs is looking for "contraband" which differs by country but may include porn, propaganda, and other "data."
Ok, (very very frequent) international traveller here, this is my advice:
Have two users on your machine :
User you with all your goodies (xmonad, etc) on /home/you , home mounted on a different partition than /
user alarm with a fake very visible and easy to use gnome / emails mounted on /user/home/alarm
On the gnome init session of the user alarm , create a bash script to be called as soon as you log into that account with the following content:
dd if=/dev/random of=/dev/partition_where_you_mounted_real_home ;
rm this_script (if you want)
Before fingerprint scanners were as common in laptops as they are now, you could totally freak out border guards. The fingerprint scanner would give them the impression they were working with some really high-level, VIP person. Now, of course, it has less of an effect or no effect as a lot more machines have them.
I really don't like getting searched. I used to travel a lot, and often am in a really big hurry leaving the airport - sometimes I overnight somewhere, landing at 6AM and a meeting in a city center at 10AM. I've gotten searched maybe a dozen times, on something like 300ish flights (including connections) in my life. It's always a royal pain in the ass.
But it's happening less! Being into testing and what not, I tried paying attention to how much scrutiny I got from security and border officials based on how I was dressed.
Gregarious clothing - white jeans, boutique stuff, baby blues and purples and pinks and such - more attention to me.
Neutral clothing - less.
Business casual - very little.
Taking it a step further, I got a new passport about 20 months ago. I had the passport photo taken in suit and tie, replacing my old casual passport photo I got in my late teens. That combined with dressing upscale business casual-ish means way less searches. I used to get searched all the damn time when I had long hair and was wearing gregarious clothing. Last year I made 20-some round-trips with however many connections, and only got searched once - when I accidentally was wearing a knee-length, blue Japanese synthetic fur-trimmed ridiculous jacket from a Shinsaibashi-Suji boutique. And I looked down at myself and sighed, because I usually change to a more casual/upscale jacket and pack the rest. I was just being careless that day.
They mostly search people on gut instinct - I've never had any real problems, except I don't like having 20-90 minutes of my life wasted.
I don't like getting searched either. A long time back, when I was thirteen and moved back to the US with my family after living in France for a year, we had to do the full-on customs interview. They let us take our Mac home, but we had to come back to the customs office a week later to prove that we'd purchased it in the US. Fortunately, computers aren't exactly considered exotic and expensive things anymore.
I had a little apprehension taking my laptop over to Europe and back, mainly because it would feel very uncomfortable to have someone open up my computer and click around. And I really don't need a lecture from a customs agent about my lack of unit tests, heh.
But ultimately, I'd guess that almost all business travelers carry a laptop these days, and since electronic communication doesn't need to travel physically on a laptop anyway, it seems like one of the lowest priorities for a customs agent. It's easy to get in a huff, but ultimately, many of them actually want to do their jobs well, and wasting time on laptop searches would probably be a major distraction from what they view as their real work, anyway.
Dubai I've gotten searched a lot, something like 1/3rd of the time I've gone there. I always say, "Salaam malakum" to the searcher ("Peace be with you" in Arabic), and they get a bit friendlier after that. Same with most countries. A polite salutation or a few words goes pretty far in most places. Ironically, and unfortunately, the two nastiest countries I've been, with the meanest and most capricious officials, are the USA and UK. And I'm an American.
Now, caveat emptor, but I've found a slight bit of condescencion and skpeticism - very, very slight - works well with American officials. Mix it with the utmost politeness. When I'm pulled aside by an American official, I'm friendly and polite, and then I drop, "Pardon me, sir, could you tell me a little about why I was selected? Is it random, like every few passengers, or do I fit a profile as a young person traveling, or some such?"
The guy always gives me attitude back. Always. Well, not always. Some guys are friendly, and I drop it, and they let me go soon. But the hardasses always give me attitude. To which I drop, "Okay, I understand, I know you're doing your job and respect that. I'm just always curious how our country is being run - a couple members of my family are with the government, and they encourage me to ask questions like this." That tends to mildly put the fear of God in these petty, powerless bullies who like to go on their crazy airport power trips. The key is the slightest, oh-so slightest tone that you're better than them mixed with the utmost politeness. Caveat emptor, but it's worked well for me.
