Saturday, 2009-12-05 06:56 MST

How to Secure Your Laptop Before Crossing the Border

Do you regularly travel to the U.S. on business? If you take confidential information of any kind with you, take heed: US policy allows offers [sic] of Customs and Border Protection (CBP) to search and confiscate computers, phones, personal digital assistants, cameras, digital music players and other data-storing devices. Operating under the U.S. Policy Regarding Border Search of Information, agents have also downloaded the contents of entire computer hard drives and other storage media for later review. (Note: similar situations occur at the borders of other countries as well.)

For many travelers, CBP reassurances that confidential data is handled carefully ring hollow. And travelers who resist searches, even by insisting that such searches would require a warrant and probable cause if conducted within the United States, can be detained, sent back to their country of origin or otherwise grievously inconvenienced.

These recent developments have many legal experts and others asserting that the "border privacy" playing field is undeniably tilted in favour of border agents.

This article suggests 10 steps you can take to shield sensitive information, like that protected by solicitor-client privilege, when crossing the border. Each one comes with caveats, the most important of which is that there are no guarantees. You should consult an IT security expert to help you choose the best options for your needs.

So says the Canadian Bar Association, in a practical howto on securing your computer.

A few thoughts....

  • One way to handle the problem is: don't travel with a computer at all. Buy or rent a computer on the other side of the border. Or borrow one from a friend or colleague.
  • Pull in a live CD such as Puppy Linux or Ubuntu, or the U.S. Air Force's Lightweight Portable Security, and use that. This works particularly well if you have VPN access to your home computers. Many live CD Linux distributions will let you generate (or download) a USB stick image as well.
  • Store your VPN access information the old fashioned way, on paper. But scramble it or omit a bit of the information. Hide it in a notebook full of notes to yourself.
  • Programs like the Free Software Foundation's shred (info coreutils 'shred invocation') are less effective on modern operating systems that cache hard drive data. See the caveats in the info page.
  • A good flexible password generator is apg (man apg), short for "Automated Password Generator". It is available on most Linux distributions. It makes nice pronouncable passwords, as long as you like.

Posted by Charles Curley | Permanent link | File under: security, resources, privacy, law