International travel electronics
Travel computing
There is an issue right now making the news rounds about devices being searched at border crossings and evidence being used to deny entry or deport people who have differing opinions.
There is a couple of ways that they are doing this:
1. by demanding that you open your device
a. they can force it if you have biometrics setup but cannot force an unlock with password although they can deny entry or deport
b. They can seize a device and forensically remove and analyze the data which means it could be a loong time before you get your device back
This means that you have some choices, the obvious: have a backup of everything that you are not willing to lose
The less obvious: Dont travel with anything that you dont want others to have access to
So lets start with the things that you can do for a phone and then move on to laptops and other devices.
With a phone your device should always be encrypted. This prevents data removal and analysis. It is a good practice anyway in case your phone gets stolen or lost that will prevent anyone from accessing your phone not just border agents. Many of your higher end or newer phones have this built in and there is nothing that you need to do to start using the feature but it is good to check and make sure.
With the biometrics you should disable them before travel and turn them back on when you get home if you use them. Another thing that you can do is restart or power down you phone since on boot it requires your pin or password to access anything. Some phones also have a key combo to enable lockdown mode without a restart. This will also require the pin or password to log in.
But me being a little paranoid i prefer a bit more solid method or two for that kind of thing. I have seen multiple redit threads asking if there was a way to have two different pins go to two different UI’s. There are a couple of methods that fake this, sort of but it doesnt really put in any kind of isolation that would prevent someone from accessing data and still would be potentially vulnerable to data retrieval.
Another one that i have seen an XDA write up on was dual booting for many devices. As long as it is encrypted this should be a good solution:
https://xdaforums.com/t/mod-dualboot-for-any-samsung.4680492/
I have not used this method but something that worked back when was having one OS on the mmc and another on a micro-sd and then just having the one that you use on the mircro-sd and pulling it before going through a crossing. But it looks like not many devices do that anymore, i looked and did not see where anyone was doing it recently even with rooted roms.
but those are some difficult methods and most people arent going to put in that kind of work for their phones, so there are some simpler ways.
The easiest thing to do is to wipe your device and create a new account for when you are going through customs. Then on location you can switch back to your regular account and restore from a backup. Then do the same when you are leaving.
Another simple way is to get a dumb phone. Get a dumb phone that is a simple enough solution but if you cannot get by with just a dumb phone you can get a used phone on the secondary market when you get where you are going and log into it while you are there and then switch back to the dumb phone when you leave. This is easier to do with phones that have physical sim cards than it is to do with a esims.
I am sure this is not an all inclusive list of things that work its just a couple of good ideas.
Now on to computing devices and data. Some times you have to be able to access some data but i still think that the best ways are the easiest on this one. First thing once again encryption is your friend.
Dual booting could be useful but i think it will present alot of the same problems with device confiscations as the phones.
You could set your device to boot from a usb and just have your entire system on a usb stick. This would be a little bit better but still can be confiscated.
I think one of the simplest solutions is to have your device be a thin client. Basically nothing on it but a way to access a machine in another location. Granted your performance will then be dependent on the quality of your internet connection. Another way to do it would be a network boot from your home server. not one that i have tried.
Tails could be a good easy way to do it as long as you didnt need persistence. While having that on a usb when you go through customs could be a red flag you could have a blank usb and then just download it on site and wipe it again before you leave. A similar solution is to have an image with all of you accounts and everything all set up and available from your home server, download it when you get where you are going and put that on a usb to boot from. Minimizes bandwidth issues by only needing to be downloaded once and provides all the benefits of bringing your own drive. Just remember to wipe it again before you leave.
For the thin client there are multiple solutions. Sunshine and Moonlight work well for wayland systems and x11 systems alike although i am still partial to x2go for x11 systems. This just requires you to have everything set up on your home computer or a paid service like a digital ocean droplet. Another would be proxmox with a vm setup and using novnc. This does require a bit more setup although you could just install it on your home computer and use any browser to access. I have only used proxmox for that but it should work the other way too. Although it is a bit of a setup for that too.
Another potential solution that has a few more risks but is a little simpler is mail yourself to whatever location you are going. Pull your hard drive or external drive and put it into a package and mail it overnight to where you are going to be
Plus there is still all the things that you should do when you traveling and when you get where you are going.
- have a VPN, do not trust others to manage your security.
a. have one that is a paid service from a company that is proven to not log info. I think there are a couple of free ones that are decent but i dont know about the logging on them. Really this one should be a backup for the next
b. have one that is set up by you for you on your home network so that you can access all of your stuff at home without having to open a bunch of ports and will also provide you a means to encrypt all of your traffic in order to pass it back to a provider that you trust
2. minimize your interactions with anything that requires you to log in
a. while traveling i think that is a good idea to occasionally log into your bank accounts and verify you are the only person making transactions. Before you do that you need to make sure that you are on a secure connection and using a vpn of some kind.
b. use tap to pay wherever you can as it is more secure and less prone to skimming hardware than chip or magnetic swiping. Your phone tap to pay is arguably more secure since it creates a temporary card number for transactions.
3. Carry the minimum amount of digital gear with you when the cross the border. If you dont have it on you it cant be searched and used against you. A couple of things can be done here and some of them have been mentioned before
a. plan to purchase low cost devices when you get where you are going. Phones and tablets or low cost laptops are pretty easy to get on the secondary market or even some pawn shops or consignment shops but i think facebook market place and craigslist are the best bets in the US as most of the other stores that i mention have started selling electronics online and everything else in store.
b. ship things to the location or venue that you are going to. There is still a chance that it will get lost or seized but the chances are lower and you are not likely to get detained or held with it. Plus if it is encrypted as mentioned before then it should be safe enough. Shipping will probably cost a small amount less than buying but that depends a lot on the locations. But if all goes well you can avoid all the hassle involved with restoring and or re-downloading all your data
c. If you need a phone when you are crossing a border, which is understandable, have a dumb phone or wipe your phone before crossing and be logged into an account that is not associated with anything else of yours. Brand new never used
Let me reiterate the most important part: have a backup of everything you dont want to lose and dont carry anything you dont want someone else to have access to. No this is not about how to get away with crimes this about protecting your privacy and human rights