You may not have to go thru tsa security with private aviation, but you still have to go thru customs/border control. Doesn’t matter how you arrive, ya gotta talk to them. (Diplomatic passports excepted, tho these days that’s no guarantee. Last week someone in border control stopped the former Prime Minister of Norway, because his diplomatic passport had a stamp from one of the seven.)
2 Likes
I am sure that this will trigger the “so someone thinks they are a real smartass” treatment, and of course they confiscate the phone.
The usual answer is the electronic equivalent of Peseach dishes, a set of traveling hardware. I would just use one of the phones hanging around from your last upgrade, and buy it a disposa sim, so no worries about foreign data roaming charges.
I wonder if there is a version of secure delete for a phone or tablet. It’s a bit of a challenge with the wear leveling controller inherent to a flash drive. At a minimum, I would do a hard reset…
For laptops, this sure sounds like a chromebook is the right answer, with any actual data sitting on a server on the far end of a vpn.
I wonder if “you can’t share your account credentials with a government agency, without prior consent of [service name]” could be added to the TOS of the usual big social media providers.
Oh yea, I avoided the book of face, my twitter is untouched for the past 4 years, etc…
My vision of “smartass” treatment starts with 72 hours in a featureless, overlit, 60F room, with a Bieber soundtrack for the particularly obstinate.
1 Like
The time they are holding me is time they aren’t spending with other travelers. (Their assumption is that my initial 12 hours after arriving home is more valuable to me than it is to them. This is the same logic behind scheduling an IRS audit appointment for 4:30pm on a Friday before a three-day weekend. They have incentive to close the case and move on, and will act irrationally to make that closure goal. Bonus points if they find the cell number for the Secretary of State in your address book, even if it is “wrong.”)
Perhaps I should make ISO images of these “tar-baby” USB devices available and widespread so that CBP will ultimately decide that data mining is not worth the efforts. I am thinking as security conference trade show giveaways, with the files of indeterminate length as hidden, and a readme file describing these hidden assets in a well marked folder.
As long as the level of efforts to capitalize on this pilfered data become astronomical across several returning US citizens, eventually the Elephant in a Matchbox Doctrine will need to be examined within CBP under the context of budgets rather than the (unreviewable) context of judicial oversight.
3 Likes
What makes you think they’ll let you go after 12 hours if you do these things? At that point, you’re clearly a terrorist actively subverting their work.
2 Likes
"I am a network security auditor working for…
"The second laptop, which is wrapped in plastic and with an evidence tag is running a heavily modified firmware, OS, and deliberately corrupted file system which is intended to mitigate the potential damage to some installed malware which was likely created and installed by a well-funded hostile state actor. That is why the laptop is dressed up with the stickers you see indicating that it is/was state property, so that it would be targeted and infested. This laptop is going straight to the forensics labs at Palo Alto Networks and potentially the NSA for further analysis. Under no circumstances is this laptop to be connected a live network connection. The Wireless card is still in place and the antenna connection has been replaced with a dummy load so the OS believes it still have a wireless NIC.
"Should you decide to copy files from this laptop, I am going to require both you and the site supervisor to sign off on this chain of custody report. Use extreme caution as the installed malware contains some nasty surprises, including the ability to modify firmware on just about every major component including SATA drives and back door access to modern Intel processors for the purposes of self-replication and network based attacks.
(Now the onus on the copying and delay is on them.)
2 Likes
That might work, if they can call the place you say that you work and confirm that you do, in fact, work there as a network security auditor.
Or, since you’re claiming to be a government worker, they may already have a database at the border to check that.
1 Like
Then they laugh, slit the bag open, and walk away with it. How are you going to stop them?
You seem to think that Customs folks care about your clever strategy. It is luck of the draw. You might get away with it. They might ignore you and just open it anyway (out of your sight). They might detain you as a questionable person clearly trying to smuggle something across the border as they take the entire laptop apart.
You get no points for being clever with Customs. You can decline to open or unlock things but they also have a, currently legally established, right to confiscate your equipment then. “Have your work contact the Customs department. Good day.”
This is why people say “travel with no data” and “travel with burner devices.” That’s the current best practice, not being clever with Customs.
2 Likes
Good. (The original goal was for them to take the bait and make an ass of themselves.)
When their own hardware is borked by their indifference in handling traveler data, the onus is now on the CBP as they have been dutifully warned that gold digging in a mine field is not such a hot idea. Also it makes for great material as a keynote speaker at the next security conference either as yourself or others point out these follies. Covert video of this exchange would be used as evidence of their incompetence/indifference and comedy gold.
For the coup de grâs, the third laptop is a throwaway unit and is deliberately infested and locked up with ransomware, with a prompt for the unlock key.
(My experience is that when the CBP asks about your profession and find out you were outside of the country working on a public safety radio upgrade project that is being jointly sponsored by the US DoD and the local governments FAA, coast guard, and law enforcement agencies, the conversation is usually shortened down to “Welcome back to the United States, have a nice day.”)
1 Like
You seem to be doubling-down on being cute and clever with Customs. Good luck.
1 Like
This topic was automatically closed after 5 days. New replies are no longer allowed.
