this post was submitted on 30 Jul 2024
488 points (99.4% liked)

Privacy

31815 readers
448 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

tl;dr: only applies to NY Eastern District, and likely only US citizen can enjoy

all 47 comments
sorted by: hot top controversial new old
[–] [email protected] 46 points 3 months ago (4 children)

Always turn your phone off before crossing international borders. And use a >20 char boot passphrase.

[–] [email protected] 22 points 3 months ago (2 children)

They can still ask you to trun on and have it unlocked. Refuse and you being an international traveller? They probably will deny your entry.

[–] [email protected] 7 points 3 months ago (2 children)

In the very unlikely instance that happens, fly to the nearest country, make a backup of your phone, factory reset it, then fly back to a different poet of entry

[–] [email protected] 6 points 3 months ago (2 children)

Or just bring a burner phone with fresh international Sim card

[–] [email protected] 11 points 3 months ago

This is the real answer.

Flying to China for work/play?

Leave your real phone at home. Take a cheap burner.

[–] [email protected] -2 points 3 months ago

No, don't use SIM cards.

[–] [email protected] 4 points 3 months ago (1 children)

The port of entry that originally denied you entrance immediately notes that in the system and you are "Flagged" at all other ports of entry.

[–] [email protected] 2 points 3 months ago* (last edited 3 months ago)

Sure, but that doesn't mean the person is going to be an asshole at the other point of entry.

I flew into NYC one time with a joint. They always target me because of how I look, so I got all my shit searched. Dude found half a joint (yeah I fucked up). He looked at me and then put it back and continued the search, pretending be didn't find it.

People in NYC are nice people. Their city doesn't care about weed. His employer (CBP) did, but he made a decision not to fuck up my life over a stupid small thing.

I've also crossed borders in Israel when doing human rights work. Its easier to go by land than by air. The environment at different ports of entry is just different than others.

[–] [email protected] 3 points 3 months ago (1 children)

Don't refuse... Just casually forget

[–] [email protected] 11 points 3 months ago (1 children)

The issue is that customs agents have the authority to refuse you entry into the country for no reason if they so choose. Refuse to consent to a search and you could be refused entry. This includes simply transiting through the airport, as the US requires foreigners to go through customs even for connecting flights (I'm not sure if that's always the case, but it has always been the case for me.) So they can't force you to let them search your phone, but the end result is the essentially the same.

[–] [email protected] 2 points 3 months ago

Well, you know when you get around my age, technology gets confusing

[–] [email protected] 22 points 3 months ago (3 children)

You don’t have rights when crossing a border. If you’re not willing to have customs rooting through your data, delete it and restore from backup after you arrive.

[–] [email protected] 20 points 3 months ago (1 children)

The problem is that this also applies within a radius around a “port of entry”. So everybody that lives within about 100 miles of the coast, an airport, or a rail line that crosses a border — which is probably about 80+% of any country.

[–] [email protected] 3 points 3 months ago (1 children)

It is definitely not 80% of the US

[–] [email protected] 3 points 3 months ago (1 children)

Might be 80% of the population of the US.

[–] [email protected] -4 points 3 months ago (2 children)

The US has a decently large area. The larger the area the bigger the ratio of are to circumference

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago)

The costs count though, and most of the population lives there.

https://discuss.tchncs.de/pictrs/image/86ce0e08-cac6-4f54-b684-09fb756108d8.jpeg

[–] [email protected] 3 points 3 months ago

The circumference is where everyone lives. The area is comparatively empty.

[–] [email protected] 7 points 3 months ago (1 children)

If we're talking about US citizens entering the US, AFAIK they have no right to deny you entry.

[–] [email protected] 9 points 3 months ago

Sure, but they can still fuck up your life

[–] [email protected] 2 points 3 months ago

Oh, you definitely have rights when crossing many borders. But, of course, it depends on the border.

[–] [email protected] 11 points 3 months ago* (last edited 3 months ago) (2 children)

They will detain you. I know the US procedure because i was instructed as i worked there as a representative for an overseas company in Europe.

If you're a national of the US they will detain you and hold you in detention to ask you questions. During this time your phone will either be cloned or confiscated to be decrypted at a later date. You will be released after a few hours. They will likely not bruteforce it, but rather attempt to use security flaws present in your device/firmware. They will do the same to your laptop.

If you're not a national of the US, you will be denied entry and flown back to where you came from. This is common practice in a lot of western countries.

What you should do is not carry sensitive information across borders, by using a cloud service to sync at your destination or use hidden encrypted containers in your device. Unless you're involved in terrorism, white collar crime, CSAM or drugs, they will never have people smart enough to find out hidden containers on you.

[–] [email protected] 2 points 3 months ago (2 children)

Even if my phone is empty, I'm not going to give them a password out of principle. And I'm not saying anything in detention. No questions will be answered.

Again if I really need to get into the country, then I'll try again at a different port of entry. Usually land crossings are easier.

[–] [email protected] 3 points 3 months ago (1 children)

if you've flown for 12 hours with all that entails to go to the US (for a reason) and are presented with the choice of unlocking your phone or be denied entry, you will cooperate. Especially if you moved all your sensitive info beforehand.

[–] [email protected] 2 points 3 months ago (1 children)

Nope. Definitely won't violate my standards, even if they throw me in prison.

[–] [email protected] 2 points 3 months ago

We are proud ofyour, but your sacrifice will be in vain and not make it to the news. Pick your battles.

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (1 children)

You're free to do that, but seems like a good way to be put on a list to be harassed more in the future. You make a cop/border agent feel stupid and he/she will make sure to make your life harder.

The records will show you're trying different ports of entry and if a border guard doesn't like you, you will be selected for investigation and getting off that list may take years. Worse, you can be banned from entry for no reason and good luck appealing that.

Personally i like to treat the customs agents real nice. I call them sir or ma'am, i follow their instructions and i show them a squeaky clean phone and they let me off with a smile at the first port of entry. Being combative with an agent will not change the laws. Moreover if you have obligations to a company, they will not look kindly to this sort of attrition causing delays and will pass you over next time they need someone. This of course means you won't get paid as much (or, depending on circumstances, at all).

I agree with the other poster, picking battles is the way to go.

[–] [email protected] 0 points 3 months ago* (last edited 3 months ago) (1 children)

Dude, if you willingly gave your company phone to a border agent, we'd fucking fire you. We train employees not to do that.

I always say "no thank you" when they ask me to do something I don't want to.

And, yes, protest does work to give us rights. History shows this. Ffs resd the article

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (1 children)

I guess your company trains to different standards than my company then. A multi national globe operating company can never afford to fire employees for refusing to cooperate with authorities during border checks. At most it can train them to secure data during border crossing.

If the company i work for did what you suggest, they would fire all their employees in the space of a week or have them all detained or refused entry to countries. They'd lose billions in business. Only a domestic or low volume company can afford having their employees routinely detained at borders in such a manner.

It just doesn't make any sense what you're saying, but you do you bud. All the best.

[–] [email protected] 1 points 3 months ago (1 children)

which borders are they crossing where that's mandatory? Very few countries require this. In most you can just say "no thank you"

[–] [email protected] 2 points 3 months ago (1 children)

Well most recently this year i crossed US borders at the Texas point of entry. I was told expressly to always provide them with my devices, as if i said no thank you i would be denied entry to the US and it would go on the record for future visa applications, which could be denied on grounds of that, thus affecting future assignments. When you get a work visa, you have a time limit to enter the US and if you miss it, you need another. I was told i was completely responsible for any data that third parties could obtain and i would be fired and legally prosecuted if sensitive data was seen by people who did not have security clearance and NDA clearance for the data i was carrying, which border security does not have, even though some US government personnel do have those clearances.

Fortunately my company provided cloud space for any personal or company data i would be carrying and i wasn't asked for anything because i came from Europe and i guess they weren't too suspicious about me, so in the end it wasn't an issue. Nevertheless, i had to take mandatory corporate training to prepare for any immigration interviews and had to sign specific liability agreements for the data i carry since it is highly sensitive.

I don't just work as a liason in the US, but this was the most recent. For the industry i work in, this is pretty standard.

You can say no, but that doesn't mean there won't be consequences, in my case I'd lose my job or lose assignments, which would probably mean I'd be put only on European assignments or demoted to a domestic only position, which would be paid substantially less. So in essence, i can't really say no nor slack on opsec. Being able to feed my family is more important than protesting on grounds of principle for me. Also i could have issues getting to the US in the future, for any reason that may be, since getting a work visa requires grueling consulate interviews and they check literally everything. It's one of the most annoying places to get work visas to, even coming from Europe. It took me one year of scheduling and attending interviews to be cleared for it. I was even asked to provide all my personal social media account handles.

[–] [email protected] 1 points 3 months ago

They're trying to pressure you. Cops do this. You have rights though.

I always say no thank you, even if they don't ask my permission. At worst they spend 5 minutes typing on their computer and then they let me through.

It does catch them off guard, but they know your rights. Exercise them with a smile and a thank you. You're making assumptions that cause harm to you and your peers.

[–] [email protected] 2 points 3 months ago (3 children)

aren't they going to ask you to unlock it, or do as they do in China and run a quick scan using their special software?

[–] [email protected] 8 points 3 months ago (1 children)
[–] [email protected] 1 points 3 months ago

Ohh.. wow.. 🤯

[–] [email protected] 6 points 3 months ago (1 children)

or do as they do in China and run a quick scan using their special software?

Can I get a source for this?

[–] [email protected] 3 points 3 months ago

First time I heard about it was from this youtube channe...called "all things secured" but I don't remember the video , he said police officers stopped him and plugged a USB C on his phone, after a few moments they let him go..

this article discuses the same situation but I'm sure you can find other sources

[–] [email protected] 4 points 3 months ago (1 children)

They can ask. And you can say no. Some countries might torture you, but that's honestly low risk. And for that we have duress passwords.

Special scanning software can't defeat strong encryption with a strong passphrase

[–] [email protected] 11 points 3 months ago (1 children)
[–] [email protected] 4 points 3 months ago

Again, rubber hose cryptanalysis is, in fact, defeated by a duress password. We do have counter forensics tools that work against torture.

[–] [email protected] 44 points 3 months ago

Hey that’s a good improvement

[–] [email protected] 39 points 3 months ago

Always should have needed one.

[–] [email protected] 22 points 3 months ago

Fucking finally!

[–] [email protected] 17 points 3 months ago (1 children)

And only for now until it inevitably gets appealed.

[–] [email protected] 7 points 3 months ago* (last edited 3 months ago)

Oh for sure. They will appeal, apply for "stay of execution" to suspend the judgement claiming this will degrade its operation capability and contray to public interest, and drag this into a legal battle until they win.