←back to thread

Ask HN: For the privacy minded, How do you prepare for gadget Border Searches?

17 points OrbitalShotput_ | 1 comments | 03 Apr 25 03:53 UTC | HN request time: 0.2s | source

This is coming up a lot these days in the news- but Customs and Border Patrol have increased the amount of searches they do for travelers coming to and leaving the US. I find this fascinating- because it feels like an area that should have answers -but that there are only some.

With Laptops, one can do things like dual booting, and basic file or OS encryption -so if you are asked to unlock your laptop, you can show someone your OS- and if they decide to do a advanced search, take it and image it- files and items will still be encrypted. Now, this is the sort of thing Veracrypt's Hidden OS would solve without resorting to individual container and file encryption- however that is not a real option these days as that only works with MBR partitioning, not EFI- and nothing else in that space has appeared.

For phones - the situation is messier.

It appears there is no general encrypted profile app or feature one can do in a similar manner, say with steganography features- Sure one could obtain a Graphene phone or the very latest updated Apple or Android device so the Cellebrite or Greykey device can't break into it if you refuse to unlock your password and they take it to image it. If you cooperate and unlock something for them to do a basic search on and then they take it to image presumably- there's a lack of hidden/profile options that are encrypted or steganographically able to hide files in files which would be enough for this sort of thing.

There also is no whole-imaging solution to make a perfect backup, as current backup methods don't include everything, like if someone has apps not covered by a backup or full settings.

And one does not want to unlock the bootloader or Root a phone to attempt this,that would make them easier from a Cellebrite type attack.

For those of you a bit privacy minded who do like to see how private and secure a setup you can do- How do you handle this? This isn't something totally new, but mobile devices are not as far along as computers it appears- and that is something the general public is fully susceptible to.

Show context

reify ◴[03 Apr 25 08:47 UTC] No.43566758[source]▶

>>43564550 (OP) #

My friend does this when they go to the USA

A 256Gb microSD hiddden in luggage with a fully updated MX-Linux installed.

Create a snapshot of the updated system on a MX-Linux live CD including all the programs you would normally use, VPN etc, save it to a usb drive and write that to your microsd card.

sudo dd if=snapshot.iso of=/dev/mmcblk0 bs=1M status=progress

meanwhile, install a new HDD drive on an old laptop. wipe it and install any new linux distro. you wont be using this at all

at your destination, input your microsd card into laptop, change boot order and boot into your new microsd card,

The microsd card leaves no traces, it runs in memory.

A freshly installed Lineage on an older phone.

you wont have to unlock anything, you will have nothing on your laptop or phone

border force can access everything. there is nothing to see!

get a trusted friend to send you any important files via signal or any other encrypted messaging or email service

At your destination, login into your emails and messaging services etc

replies(3): >>43567756 #>>43571501 #>>43573042 #

1. giantg2 ◴[03 Apr 25 17:44 UTC] No.43573042[source]▶

I might have to look into a live MX Linux. I've been trying to make an iso of my current Kali install for VMs and it just won't work - won't even create the image successfully. And of course Kali doesnt have an accessible image for Kali everything either. Really frustrating.