←back to thread

Ask HN: For the privacy minded, How do you prepare for gadget Border Searches?

17 points OrbitalShotput_ | 1 comments | 03 Apr 25 03:53 UTC | HN request time: 0.348s | source

This is coming up a lot these days in the news- but Customs and Border Patrol have increased the amount of searches they do for travelers coming to and leaving the US. I find this fascinating- because it feels like an area that should have answers -but that there are only some.

With Laptops, one can do things like dual booting, and basic file or OS encryption -so if you are asked to unlock your laptop, you can show someone your OS- and if they decide to do a advanced search, take it and image it- files and items will still be encrypted. Now, this is the sort of thing Veracrypt's Hidden OS would solve without resorting to individual container and file encryption- however that is not a real option these days as that only works with MBR partitioning, not EFI- and nothing else in that space has appeared.

For phones - the situation is messier.

It appears there is no general encrypted profile app or feature one can do in a similar manner, say with steganography features- Sure one could obtain a Graphene phone or the very latest updated Apple or Android device so the Cellebrite or Greykey device can't break into it if you refuse to unlock your password and they take it to image it. If you cooperate and unlock something for them to do a basic search on and then they take it to image presumably- there's a lack of hidden/profile options that are encrypted or steganographically able to hide files in files which would be enough for this sort of thing.

There also is no whole-imaging solution to make a perfect backup, as current backup methods don't include everything, like if someone has apps not covered by a backup or full settings.

And one does not want to unlock the bootloader or Root a phone to attempt this,that would make them easier from a Cellebrite type attack.

For those of you a bit privacy minded who do like to see how private and secure a setup you can do- How do you handle this? This isn't something totally new, but mobile devices are not as far along as computers it appears- and that is something the general public is fully susceptible to.

1. OrbitalShotput_ ◴[03 Apr 25 03:57 UTC] No.43564583[source]▶

>>43564550 (OP) #

Bruce Schneier recently reached out to the general community looking for solutions to this as well

https://www.schneier.com/blog/archives/2025/04/cell-phone-op...

Adding context on the image thing-

I have old 32 bit apps for some of my hardware cameras / other devices that attach to Android Phones, that will not be backed up with all their settings, and that worries me as even though I've extracted their APKs for preserve, each install requires reaching out to a server for first activation and one day there won't be a response when the companies that made those hardware cameras end support - and I won't be able to do that first activation which is all they need.

A Full image theoretically would make this a non-factor- but the built in Backup method for Android doesn't do this. This would be the same if had the Apple variant of these cameras. And while things like TWRP exist which could attempt it fully- that involves unlocking the bootloader which is what one does not want when there is a chance of a casual forensic search.