An interesting way to protect your laptop from border searches

[thewayne]

Bruce Schneier is an internationally-recognized expert in cryptography and computer security. He has an interesting proposal. First, you get a whole-disk encryption program and encrypt the entire disk. You create a normal key that you would remember. Then you create a massively random key: pound on the keyboard for a few minutes. Email the hash to a friend, preferably to one with whom you have a high level of privacy/protection with, your attorney or priest, for example. When you land wherever you're going, before you hit Customs, you delete your normal key, leaving only the highly random one. When they ask to inspect your laptop, you tell them truthfully that you cannot boot it as you do not have the key. Once you get through, email your friend from an internet cafe and get the key back.

A commenter said that this would not be a legal defense in England and could potentially lead to your arrest.

It occurs to me a similar technique, if you're traveling with your spouse, would be to send it to their webmail account and vice versa, assuming you do not have direct access to your spouse's account, since your spouse cannot be compelled to testify against you (at least last time I checked, I could be totally wrong).

There are those who say, well, if you have nothing to hide, why should you do something like this? I finally found a good response to that: just because I have nothing to hide doesn't give you the right to go poking around me. Privacy may not be a Constitutionally-protected right, that doesn't mean we can't get some every now and then.

http://www.wired.com/politics/security/commentary/securitymatters/2009/07/securitymatters_0715

Comments

[greyweirdo.livejournal.com]

Privacy used to be constitutionally protected. This situation would go under 4th and 5th amendments, if we still had those amendments of course. We've sort of lost track of those the last few decades.

EDIT: I should point out that I know the bulk of the story is about international travel, but I just chose to complain about the last sentence.

[thewayne.livejournal.com]

Sadly, we've lost track of a lot of stuff over the last few decades, the last decade in particular.

[deborak]

Bill has been going through customs a lot (he's in Germany right now, Japan next week, previously Italy, Korea and UK) and he's never mentioned any request to boot up his laptop. I'll have to ask him about that.

[thewayne.livejournal.com]

It seems to be mainly a US/UK thing. Though it hasn't been recent, I've frequently been asked to boot my computer when flying. Usually the (in)security people wanted to see the screen change to make sure it wasn't full of dummy electronics that could take over the plane.

The best way to secure an airplane is to armor the cockpit door and the air crew are the first to board and the last to leave. The Israelis learned this the hard way, we seem to be slow learners. I guess it just doesn't cost enough.

[silveradept]

Hrm. That looks like a very good solution to the problem. Of course, there's the worry that the remaining key item will be deleted. Wouldn't it be easier to store your randomized key on, say, your home PC, so you can tell the truth about not being able to access it, and then decrypt it that way?