Protecting Yourself From the Border Patrol

Some tips on how to protect your privacy and data if your laptop is seized at the border

4:20 PM -- You’ve probably heard about the search and seizure of electronic devices (laptops, cellphones, MP3 players, and more) by U.S. Customs and Border Protection. If not, take a look at the Washington Post article “Clarity Sought on Electronics Searches.” It’s an interesting read, and it may make you reluctant to carry electronics on international flights in the future.

Aside from opting not to carry electronics on international flights, how can individuals and companies protect their privacy and sensitive information? Before, a password seemed simple enough, but not with stories of “search and seizure” victims being forced to provide their usernames, passwords, open their email, or allow their Web browsing histories to be recorded.

Since the leading operating system is Windows, one way that might prevent searches could be switching to Mac OS X or Linux. It’s unlikely that the border agents’ search tools are cross-platform. Plus, I doubt they’d know what to with machines that could boot into more than one operating system -- and that defaulted to an OS with no GUI. It might be fun to watch the agents’ blanks stares, but switching OSs isn’t really a practical solution.

Another option is virtualization. Do you think border agents are going to understand virtual machines (VMs) and are currently briefed on software like VMware and Parallels? Creating a virtual machine that runs Windows with full disk encryption might work -- any sensitive or personal documents could easily be stored within the VM. Also, any Web browsing or email could also be done through the VM.

One method that I’d be willing to try is encryption, using the free, open-source tool, TrueCrypt. TrueCrypt creates an encrypted volume for storing sensitive information. The newest version -- released last week -- added support for Mac OS X (it already supports Windows and Linux). Applications like Firefox could even be run from the encrypted volume so that all browsing history and cached files would be encrypted. A key feature of TrueCrypt -- in contrast to full disk encryption, which is visible when the computer boots -- is that the TrueCrypt volume can’t easily be detected. It just looks like random data.

And if a savvy border agent sees that you have TrueCrypt installed, you can use a hidden volume. That gives border agents one password to access one part of the encrypted volume, while another password goes to the more interesting data.

— John H. Sawyer is a security geek on the IT Security Team at the University of Florida. He enjoys taking long war walks on the beach and riding pwnies. When he's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5