<\/p>\n
<\/p>\n
Travel computing
\nThere is an issue right now making the news rounds about devices being searched at border crossings and evidence being used to deny entry or deport people who have differing opinions.
\nThere is a couple of ways that they are doing this:
\n1. by demanding that you open your device
\na.\u00a0 they can force it if you have biometrics setup but cannot force an unlock with password although they can deny entry or deport
\nb.\u00a0 They can seize a device and forensically remove and analyze the data which means it could be a loong time before you get your device back
\nThis means that you have some choices, the obvious: have a backup of everything that you are not willing to lose
\nThe less obvious: Dont travel with anything that you dont want others to have access to<\/p>\n
So lets start with the things that you can do for a phone and then move on to laptops and other devices. Plus there is still all the things that you should do when you traveling and when you get where you are going.<\/p>\n 2.\u00a0 minimize your interactions with anything that requires you to log in 3.\u00a0 Carry the minimum amount of digital gear with you when the cross the border.\u00a0 If you dont have it on you it cant be searched and used against you. A couple of things can be done here and some of them have been mentioned before Let me reiterate the most important part: have a backup of everything you dont want to lose and dont carry anything you dont want someone else to have access to. No this is not about how to get away with crimes this about protecting your privacy and human rights<\/p>\n","protected":false},"excerpt":{"rendered":" Travel computing There is an issue right now making the news rounds about devices being searched at border crossings and evidence being used to deny entry or deport people who have differing opinions. There is a couple of ways that they are doing this: 1. by demanding that you open your device a.\u00a0 […]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[10,9],"class_list":["post-692","post","type-post","status-publish","format-standard","hentry","category-joes-deep-dive","tag-digital-privacy","tag-travel"],"_links":{"self":[{"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/posts\/692","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/comments?post=692"}],"version-history":[{"count":1,"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/posts\/692\/revisions"}],"predecessor-version":[{"id":693,"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/posts\/692\/revisions\/693"}],"wp:attachment":[{"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/media?parent=692"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/categories?post=692"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/linuxlugcast.com\/index.php\/wp-json\/wp\/v2\/tags?post=692"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nWith a phone your device should always be encrypted.\u00a0 This prevents data removal and analysis.\u00a0 It is a good practice anyway in case your phone gets stolen or lost that will prevent anyone from accessing your phone not just border agents.\u00a0 Many of your higher end or newer phones have this built in and there is nothing that you need to do to start using the feature but it is good to check and make sure.
\nWith the biometrics you should disable them before travel and turn them back on when you get home if you use them.\u00a0 Another thing that you can do is restart or power down you phone since on boot it requires your pin or password to access anything.\u00a0 Some phones also have a key combo to enable lockdown mode without a restart.\u00a0 This will also require the pin or password to log in.
\nBut me being a little paranoid i prefer a bit more solid method or two for that kind of thing.\u00a0 I have seen multiple redit threads asking if there was a way to have two different pins go to two different UI’s.\u00a0 There are a couple of methods that fake this, sort of but it doesnt really put in any kind of isolation that would prevent someone from accessing data and still would be potentially vulnerable to data retrieval.
\nAnother one that i have seen an XDA write up on was dual booting for many devices.\u00a0 \u00a0As long as it is encrypted this should be a good solution:
\nhttps:\/\/xdaforums.com\/t\/mod-dualboot-for-any-samsung.4680492\/<\/a>
\nI have not used this method but something that worked back when was having one OS on the mmc and another on a micro-sd and then just having the one that you use on the mircro-sd and pulling it before going through a crossing.\u00a0 But it looks like not many devices do that anymore, i looked and did not see where anyone was doing it recently even with rooted roms.
\nbut those are some difficult methods and most people arent going to put in that kind of work for their phones, so there are some simpler ways.
\nThe easiest thing to do is to wipe your device and create a new account for when you are going through customs.\u00a0 Then on location you can switch back to your regular account and restore from a backup.\u00a0 Then do the same when you are leaving.
\nAnother simple way is to get a dumb phone.\u00a0 Get a dumb phone that is a simple enough solution but if you cannot get by with just a dumb phone you can get a used phone on the secondary market when you get where you are going and log into it while you are there and then switch back to the dumb phone when you leave.\u00a0 This is easier to do with phones that have physical sim cards than it is to do with a esims.
\nI am sure this is not an all inclusive list of things that work its just a couple of good ideas.
\nNow on to computing devices and data.\u00a0 Some times you have to be able to access some data but i still think that the best ways are the easiest on this one.\u00a0 First thing once again encryption is your friend.
\nDual booting could be useful but i think it will present alot of the same problems with device confiscations as the phones.
\nYou could set your device to boot from a usb and just have your entire system on a usb stick.\u00a0 This would be a little bit better but still can be confiscated.
\nI think one of the simplest solutions is to have your device be a thin client.\u00a0 Basically nothing on it but a way to access a machine in another location.\u00a0 Granted your performance will then be dependent on the quality of your internet connection.\u00a0 Another way to do it would be a network boot from your home server.\u00a0 not one that i have tried.
\nTails could be a good easy way to do it as long as you didnt need persistence.\u00a0 While having that on a usb when you go through customs could be a red flag you could have a blank usb and then just download it on site and wipe it again before you leave.\u00a0 A similar solution is to have an image with all of you accounts and everything all set up and available from your home server, download it when you get where you are going and put that on a usb to boot from.\u00a0 Minimizes bandwidth issues by only needing to be downloaded once and provides all the benefits of bringing your own drive.\u00a0 Just remember to wipe it again before you leave.
\nFor the thin client there are multiple solutions.\u00a0 Sunshine and Moonlight work well for wayland systems and x11 systems alike although i am still partial to x2go for x11 systems.\u00a0 This just requires you to have everything set up on your home computer or a paid service like a digital ocean droplet.\u00a0 Another would be proxmox with a vm setup and using novnc.\u00a0 This does require a bit more setup although you could just install it on your home computer and use any browser to access.\u00a0 I have only used proxmox for that but it should work the other way too. Although it is a bit of a setup for that too.
\nAnother potential solution that has a few more risks but is a little simpler is mail yourself to whatever location you are going.\u00a0 Pull your hard drive or external drive and put it into a package and mail it overnight to where you are\u00a0going to be<\/p>\n\n
\na. have one that is a paid service from a company that is proven to not log info.\u00a0 I think there are a couple of free ones that are decent but i dont know about the logging on them.\u00a0 Really this one should be a backup for the next
\nb. have one that is set up by you for you on your home network so that you can access all of your stuff at home without having to open a bunch of ports and will also provide you a means to encrypt all of your traffic in order to pass it back to a provider that you trust<\/li>\n<\/ol>\n
\na.\u00a0 while traveling i think that is a good idea to occasionally log into your bank accounts and verify you are the only person making transactions.\u00a0 Before you do that you need to make sure that you are on a secure connection and using a vpn of some kind.
\nb.\u00a0 use tap to pay wherever you can as it is more secure and less prone to skimming hardware than chip or magnetic swiping. Your phone tap to pay is arguably more secure since it creates a temporary card number for transactions.<\/p>\n
\na. plan to purchase low cost devices when you get where you are going.\u00a0 Phones and tablets or low cost laptops are pretty easy to get on the secondary market or even some pawn shops or consignment shops but i think facebook market place and craigslist are the best bets in the US as most of the other stores that i mention have started selling electronics online and everything else in store.
\nb. ship things to the location or venue that you are going to.\u00a0 There is still a chance that it will get lost or seized but the chances are lower and you are not likely to get detained or held with it.\u00a0 Plus if it is encrypted as mentioned before then it should be safe enough.\u00a0 Shipping will probably cost a small amount less than buying but that depends a lot on the locations.\u00a0 But if all goes well you can avoid all the hassle involved with restoring and or re-downloading all your data
\nc.\u00a0 If you need a phone when you are crossing a border, which is understandable, have a dumb phone or wipe your phone before crossing and be logged into an account that is not associated with anything else of yours.\u00a0 Brand new never used<\/p>\n