the last time this idiocy was going around, companies were switching employees to netbooks, chromebooks, thin clients, burners, etc. when traveling – default install, don’t log in until in the other country, log out or wipe before leaving the other country – this time, the corporations seem perfectly happy to capitulate and throw their corporate secrets (and the employees) under the bus …
Probably because most backup solutions, especially mobile, are inadequate. Telling employees to wipe their phone and having 5% lose their 2FA, important docs, or whatever is worse than the 0.01% probability of their phone being searched.
I’ve been wiping all devices when crossing borders for a decade, but I don’t use big tech (non E2EE) cloud, and the whole process is the most stressful part of international travel for me.
Easiest solution is to do everything on a remote host and just use the laptop or rdp or ssh or whatever works best for you system.
Yeah, Tailscale makes this a breeze too. Just RDP into your home desktop, and the only thing a third-party will see is your (encrypted) connection to your home network.
When you travel, bring as few devices as possible with you. Obviously, you’ll bring your phone with you, but leave your laptop at home if you can.
Last time I travelled overseas I took a burner phone without a calling plan, and just used it as a wifi device at the hotel. I used google maps and “offline maps”, GPS still worked. Used the phone as a camera, and I would have uploaded anything private and wiped locally but that wasn’t necessary.
If anyone at the border had asked, I’d have said it was so I didn’t risk losing my phone, and so work couldn’t call me up and bug me during vacation.
Other way around. Leave your phone, which can track you, at home. Bring your laptop so you can do real work and have full entertainment when you travel.
Taking photos and using a GPS to get around in a foreign country can improve entertainment :)
What about checking it into your luggage (assuming airport)? It’s unlikely that they’ll fish it out and bring it to the security checkpoint just to get you to unlock it. For land travel, maybe mail it to your hotel or something.
That’s better than not having a phone at all.
I guess since most devices don’t have removable batteries anymore, you’d be violating checked baggage regulations as they don’t allow batteries. Not sure what the consequences would be, though.
Don’t they have universal unlocks for suitcases? They can just take a phone / laptop out, disassemble it quickly to clone the hard drive (or sometimes not even that, just power it on and use any of the various Israeli exploits they’ve bought) and presto, you can go on your merry way.
Yes, they can access your phone if they want to, but accessing the data is another story. You’d have to be a very high profile target for them to try attacking your phone, and if it’s off, they’d have to break the encryption. AFAIK, the “Israeli exploits” aren’t magic, and it’s not something they’d even try in a typical airport check.
If you’re really worried about it, mall your phone to your destination, those have a lot less security.
deleted by creator
Here’s what travelers should know: “This site isn’t available in your region | usatoday.com”
Yeah very cool. Also I presume that translates to “We can’t be fucked to care about user privacy enough to comply with GDPR”. And also “We can’t be fucked to know what the EU is”. Because they are blocking access to me here in Switzerland, outside the EU, where GDPR doesn’t apply.
Buy a burner phone. Use a newly created email. Don’t install any of your socials (not even lemmy).
Use only Signal (with messages auto deleted after being read) to be in touch with the really close friends and family.
Don’t bring your personal laptop.
If it’s a longish stay you may install socials a few days after completing immigration. But don’t use fingerprint or Face ID in that case.
The neat part of this is then getting detained for even longer for “suspicious activity”
Hopefully the respective country’s embassy and place of work (outside of work, study I don’t see why anyone would want to go to that hellscape) can step in. Like check in with your significant other post landing when you’re waiting at immigration checkpoint. And if you’re not heard from after that, alarm bells should go off and embassies should be informed.
Sounds like not coming here at all would be much simpler.
Wow. Here is a free guide from the EFF, though it’s from 2017 so I don’t know how useful it still is.
The article doesn’t mention what happens if non-citizens decline, but The Guardian says:
For visa holders and travelers from visa waiver countries, they are at risk of being denied entry if they refuse to unlock devices
Which is really dumb IMO, because if a cop tries that just after being allowed in, then it’s a violation of the 4th amendment. I really hate that.
deleted by creator
No, use a burner phone. Don’t install any apps, and only have the most important numbers in there, if at all. Use a new mail account with it.
deleted by creator
That’s the reason not to enter the US.
Can you buy a used iPhone 8 to use as a burner phone? It should not raise suspicion.
The photos app can also be an issue imo
I need an android phone that logs me into one fake version of the operating system when I unlock it with one pattern, and another OS when I use my real pattern.
Like a virtual machine kind of deal where the attacker cannot know that there are other logins, or how many. Preferably with some kind of automated system that simulates normal usage so it looks real but boring.
The novel Little Brother by Cory Doctorow comes to mind.
One PIN would log you into your real account, another PIN into a decoy account, and no indication of the other one existing.
That does not exist in the real world.
This is called plausibly deniable encryption, though you cannot hide the presence of the system itself.
GrapheneOS has a Duress PIN feature, which wipes your phone if entered.
My LG G2 from 2014 had that, I’m sure there are current ROMs that support this
It is real on pc, veracrypt hidden partition.
I think it only is truly deniable with a HDD
Opsec level 3:Deniability
http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/index.html
(Note:. onion links should be viewed with tor browser)
deleted by creator
OnePlus phones have the system cloner. You can use a different finger print and/or pin to enter a different system with it’s own apps and users.
I know Androids can have user profiles which is what you’re talking about. I wish iOS would do the same thing.
You can do this on pc with veracrypt hidden partition.
On desktop/laptop I think it only is truly deniable with a HDD. Not sure about phone storage forensics but a Linux phone possibly could work for this. Might try for fun at some point
Opsec level 3:Deniability
http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/index.html
(Note: .onion links should be viewed with tor browser)
That’s where I got the idea! I already use veracrypt like this on my laptop when I travel to other countries.
But it would be dope if there was an android that could do this too.
Brilliant and feasible!
If you really need to, go without a phone and buy a cheap one there. Memorize a few numbers and use a single application to handle your communications.
I would probably be detained. I have no mainstream social media, keep no images on my phone and don’t use gmail.
Can’t this be avoided, at least on Android, by simply shutting down your phone? Thought I read somewhere that they lock down everything, even system processes, after turning on again until you unlock it again. Or are you also forced to type the password and let them in?
Border entry is different than self incrimination.
If you are charged with a crime you cannot be compelled to give a password as it resides in your head. However if you use finger prints or face recognition to unlock it you’re SOL.
Best thing to do is get an android and setup a dummy account. use that account when you get off the plane so when you unlock it there is nothing to go through.
The best thing is to just not go to the US
*border.
The android comment is because pin/gesture after restart.
Seeing a lot of responses that are wrong because they are talking about what police in the US can do. This article is about border crossing where border patrol can ask you to unlock the phone without any warrant/etc. If you refuse then you can be denied entry to the country (although I believe that is just non-citizens). Not sure if things can escalate from there.
Edit: which means if your phone was off, they’d just ask you to turn it on and unlock it.
This is the $5 wrench, right?
You must unlock your phone for them
You may refuse, and they’ll put you on the first flight back.
And your phone will likely be confiscated and you will be barred entry in the future - definitely worth considering before planning your actions.
So if you accidentally tripped the device reset by being panicked and entering your pin incorrectly a few times, what would happen?
Could be seen as obstruction, they will likely detain you and send you back where you came from ater a few days or weeks…all comes down to the mood the officer is currently in.
That goes for Americans too I think?
They’ll tell you to unlock it. If you refuse, they’ll deny your entry (if you’re a traveler) or detain you and bully you (if you’re a US citizen)
What does this mean:
If you’re a green card holder, do your research. “You have to have a good understanding of what the visa category that you’re coming in allows you to do and does not allow you to do,” Heubel said.
Once you have a green card what visa categories could you fall into? I thought once you were a permanent resident and could do whatever you want except vote.
Yup, they seem to be conflating permanent residency with visas.
TL;DR: Don’t enter the US, it’s a fascist oligarchy with zero respect for human rights or privacy.
Would it help to have electronics, phone included, in your checked baggage?
If not, then people might have to consider smuggling their phone through in a brick of coke. Or put it in a condom and swallow it.
The airline will have issues with you putting lithium batterys in the hold. This has caused fires and taken planes down. Have to keep elecronics in the cabin where the user and crew can respond on they short and cause a fire.
Your brick off columbin nose powder is safe to go in the hold.
I have traveled many times with my electronics in the hold. Turns out has long as your battery is attached to the device (meaning not loose) it will be fine. But then security wise I don’t know if it will change much. security can access your luggage:
