Homeland Security Still Plans To Search Laptops At Borders With No Probable Cause

from the ain't-no-due-process-at-the-border dept

There's been plenty of concern over the past few years with regards to Homeland Security's claims that it has the right to inspect the contents of your laptop at the border, even without any probable cause. While it may be well established that the 4th Amendment doesn't apply until you're actually in the country, that doesn't mean there aren't some serious questions raised. I, like many others, have no problem with border searches of actual physical containers and luggage at the border. That makes perfect sense, because it's physical goods that you're purposely trying to bring directly into the country. You packed them with the specific idea of bringing them into the country.

But stuff on your laptop is different in two very important ways:
  1. You mostly store everything on your laptop. So, unlike a suitcase that you're bringing with you, it's the opposite. You might specifically choose what to exclude, but you don't really choose what to include.
  2. The reason you bring the contents on your laptop over the border is because you're bringing your laptop over the border. If you wanted the content of your laptop to go over the border you'd just send it using the internet. There are no "border guards" on the internet itself, so content flows mostly freely across international boundaries. Thus if anyone wants to get certain content into a country via the internet, they're not doing it by entering that country through border control.
Thus, it makes little sense for border control to search the contents of your laptop other than if the gov't wants a random "free pass" at checking out some content about you. DHS' insistence that it needed the right to search laptops at the border made little sense, and some of our elected officials pushed out bills to curb such border searches, though none have passed.

Instead, the new head of DHS has "revised" the rules for laptop searches, but they're only slightly better in that the old rules were "anything goes," while the new rules are "we're still searching laptops, but we have a few rules." The main components of the new rules are that you're allowed to be present in the same room as your laptop, phone or device as it's being searched -- but not necessarily to see what border patrol is doing. Also, they can't keep your laptop for more than five days, which seems pretty damn long to me. Though, as some note, this basically means that you should make sure any encryption on your laptop takes more than five days to crack.

DHS boss Janet Napolitano's reasoning for the searches is hardly compelling:
"Keeping Americans safe in an increasingly digital world depends on our ability to lawfully screen materials entering the United States,"
Um... right, but, again, the contents of the a computer laptop can easily enter the United States via the internet with no border control process whatsoever. The whole claim that this has anything to do with screening materials entering the US is totally bogus.

On top of this, the other thing that's not at all clear is how far the "search" can go. With a growing number of "cloud" based services in use, many of which act as if they're local, can the border patrol search those as well? For example, I use Jungledisk, which gives me a virtual drive that shows up in my file system as if it were a local hard drive, even though it's hosted in some data center somewhere. It looks like a local drive... but it's not actually on my laptop. Would border patrol have the right to search that, even though the contents of that drive are not actually traveling across the border?


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 11:29am

    The border people don't need probably cause. Your rights when you are in the border area are EXTREMELY limited, as you have not yet been granted access to the US. You are in a virtual no-man's land.

    Anything you bring over the border is subject to inspection, to whatever degree they feel is needed. if you are driving across the border, the guards can pretty much disassemble your can down the pieces to inspect for anything they like without any justification, and they can hand it back to you in pieced.

    Mike, you need to chat with your "lawyer friends" about the border. It isn't the same as the rest of the US.

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    senshikaze (profile), Aug 28th, 2009 @ 11:30am

    Wait till get mine. Wonder what they would say to a laptop that doesn't boot into a GUI? Hell, I'd even log in, not like they could find their way around.

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    Digital Protector (profile), Aug 28th, 2009 @ 11:37am

    Re:

    There's still a chance that someone has heard of 'Lunix' at the crossing - the real moment of truth is when someone crosses with a completely homebrew OS.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    diabolic (profile), Aug 28th, 2009 @ 11:37am

    How else can the RIAA and MPAA get the government to legally search your laptop for MP3s and Movies?

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    Mike Masnick (profile), Aug 28th, 2009 @ 11:39am

    Re:

    The border people don't need probably cause. Your rights when you are in the border area are EXTREMELY limited, as you have not yet been granted access to the US. You are in a virtual no-man's land.

    Yes. I said that in the post. Doesn't change the point, so not sure why you brought it up again.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 11:50am

    Re: Re:

    It is important because the rest of it is a rant about nothing - once you start with the basic idea (you have limited rights at the border) the rest of it is not important.

    If they search your papers (not laptop) and find an address, they can ask you about the address. They can ask you about the people there. They can check THOSE people for criminal records. They can contact those people to see if your story checks out. Laptop or no laptop, nothing changes.

    If you have connectivity on your laptop to a remote site without a passord (how foolish!), by carrying it through the border you have granted them rights for anything they can "see". That remote content is what you are bringing through with you.

    Like I said, once you accept and deal with the idea that you have very limited rights, the rest of your rant seems somehow meaningless.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    ChurchHatesTucker (profile), Aug 28th, 2009 @ 11:50am

    Re: Re:

    Or it just boots to a screensaver of a six-day countdown timer...

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    Chronno S. Trigger (profile), Aug 28th, 2009 @ 11:55am

    Re: Re: Re:

    I think there are two points of the rant you missed.

    One, That you have limited rights

    Two, That they are wasting five days to search a laptop when the same data can just be E-Mailed to yourself.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Yohann, Aug 28th, 2009 @ 11:56am

    What about alternative OSes?

    Obviously someone this moronic wouldn't know the first thing about Linux, Unix, Solaris, etc. I happen to run Linux, so all I need to do is make a separate login that's perfectly clean (if I had anything to hide, that is). Would they want the root password? If these people are thinking that information can't come in through the internet in some encrypted file, then I sure as hell wouldn't want these doorknobs poking around in an OS they don't know anything about. Last thing I need is, "Good news. Your laptop is clean. Bad news. It's *really* clean. Hope you backed up."

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Fiercedeity (profile), Aug 28th, 2009 @ 12:04pm

    I'm not very knowledgeable about encryption, but I believe I read once of a product that can easily create an undetectable encrypted partition. So basically, even if you were looking for it, you'd still never find any evidence of it. I can imagine that if someone *really* wanted to get something across the border, they could do that and the searchers would never know.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    edgebilliards (profile), Aug 28th, 2009 @ 12:09pm

    Limited Rights-ish

    the push to search laptop contents at the border gained a lot of ground as soon as child pornography started turning up. the searches have nothing to do with national security (there's no "digital terrorism" you can commit inside the physical borders that you can't outside of them) and all about using anything related to underage porn as a whipping boy for political gain.

    that's what makes United States v. Boucher so ironic. while the general public has to have their files haphazardly poked at by a customs official, just a little bit of pgp can make it all fruitless.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 12:11pm

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    Dark Helmet (profile), Aug 28th, 2009 @ 12:13pm

    Hmmm....

    So, not to give the stereotypical Dark Helmet response here, but I noticed that one point seemed to get repeted over and over again in the story:

    --The government's reasoning for the border searches doesn't make sense because there is not virtual policing being done over the internet--

    The conclusion everyone, including Mike, seems to be reaching is a logical one: the government is lying about its reasons.

    Question: What if that conclusion we're all reaching is the wrong one of the two possible? What if, and I'm not technical to know if this is truly even possible, but what if the government DOES have a way to monitor incoming international traffic with a system sophisticted enough to monitor and analyze digital traffic (telephone, fax, email, etc.) for whatever parameters it desires? Maybe this would utilize the Echelon System that was previously used against the Russians. Maybe this would fall under COINTELPRO.

    If that was the case, then it would make sense that the government would be worried about malicious digital malware/software/etc. sneaking through the physical weak point of the border crossing.

    Unless someone can tell me that such a scenario is ABSOLUTELY, 100% impossible....well, doesn't that just make more sense?

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Furf, Aug 28th, 2009 @ 12:18pm

    Actually their searches are going to be extremely difficult now .. with the new biometric controls on the laptops ..
    they would need me to swipe my finger 30 times to get to anything remotely confidential. you cant even boot up without swiping the finger

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 12:19pm

    Tom Ridge

    Considering the recent revelations by Tom Ridge, I am still unsure why the DHS continues to exist, except to be a tax on airline travel. $15 per passenger per flight is serious business.

    If you desire to seek real background, look up "The Nexus of Politics and Terror"

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Kazi, Aug 28th, 2009 @ 12:20pm

    Re:

    Let's not forgot open source full HD encryption with a 256 bit key. Can't incriminate yourself by giving up the key. So they can just guess what they key is. How long would it take for them to do so? A lifetime or more.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Dan, Aug 28th, 2009 @ 12:22pm

    Goverment packet sniffing

    The only scenario where the government stance makes any sense is either the government is monitoring all the internet packets entering the U.S., or terrorist organizations BELIEVE our government is doing so.

    Given our track record since the Patriot Act, I could believe it myself.

    But I do think it is a wasted effort. Our border guards are best used for other things.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 12:22pm

    Re: Hmmm....

    Oh look at you. Your back. Tinfoil hat and all.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Kazi, Aug 28th, 2009 @ 12:23pm

    Can your JungleDisk network drive be located in Europe, Asia, North America and South America at the same time or a combination thereof?

    The contents could be split on different continents due to cloud computing ... even be in different places at different times!

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    teknosapien (profile), Aug 28th, 2009 @ 12:27pm

    you missed something

    nice write, but your missing a bigger picture here DHS has jurisdiction over 200 miles from any entry point in the US. This is particularly troubling when you actually look at what that covers (a very small area in the center of this country) I was never a conspiracy theorist until the last presidency ended and some of their tactics came out

     

    reply to this | link to this | view in thread ]

  21.  
    icon
    btr1701 (profile), Aug 28th, 2009 @ 12:27pm

    Re:

    > Your rights when you are in the border area
    > are EXTREMELY limited, as you have not yet
    > been granted access to the US.

    Where in the US Constitution does it say that my rights as a citizen disappear at the border or that the US government doesn't have to recognize them so long as I'm not in the country?

    Please quote the article and section, please.

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    btr1701 (profile), Aug 28th, 2009 @ 12:29pm

    Re:

    > The border people don't need probably cause.

    Oh, and the proper term is "probable cause", not "probably cause" as so many people seem to believe.

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    Dark Helmet (profile), Aug 28th, 2009 @ 12:32pm

    Re: Re: Hmmm....

    "Oh look at you. Your back. Tinfoil hat and all."

    Okay, you can think I'm wrong all you want, and lord knows the whole bury your head in the sand and call people who question things "alarmists" or "conspiracy theorists" is an age-old concept, but what about the questions?

    Or the fact that information on the Echelon Network and COINTELPRO is partially declassified?

    I mean, I'm not just making this stuff up. Both of those things are 100% real and are things the government has admitted exist.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Yohann, Aug 28th, 2009 @ 12:34pm

    It's all BS anyway.

    One person with limited knowledge of computers and networking sitting on high in an important position thought this sounded like a great idea to showboat and let everyone know they are focused on the "greater good" of the country and its safety. That's it.

    Whoever signed it probably wasn't aware of the sheer numbers of ways of getting around this problem. If child pornography is going to get into the country, it's going to get in one way or another, either in an encrypted file or over a private FTP sealed with ssh.

    I'm sorry, but I don't see Janet Napolitano as being heavily computer literate, nor do I think she knows anything about networking and communication. She probably wanted to show off how much she cared about the safety and security of America's people, and one of her advisors thought this would be a great idea.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    not this time, Aug 28th, 2009 @ 12:40pm

    I regularly travel into the US with my laptop, and although I have never been searched, I have broken customs rules more than one time, with stuff a lot more dangerous, and nobody seemed to care. For instance, I entered with more (a lot more) than 10 grand in cash. I entered with plant material (it was tulip bulbs from the netherlands, but it could have been something a lot nastier). With so many other potential things to search for, why bother with a laptop full of torrents?

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 12:40pm

    Re: Hmmm....

    Even if they somehow manage to examine the utterly insane amounts of data that flow in and out of the country, there's still encryption, SSL is, when used correctly, secure.

    Also the routers that shuffle stuff over seas are privately owned, and it's expensive enough building hardware that can just keep up with the traffic, monitoring it, while not utterly impossible, is entirely impractical, even for the NSA or whatever spooks.

    And as I mentioned, if you want to get something in/out and you really are paranoid there's always encryption, and the NSA probably doesn't have a magic way to crack SSL.

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    Jason (profile), Aug 28th, 2009 @ 12:41pm

    Re: Re: Re: Re:

    Three. (and the biggest one I think) That regardless of having the power to do so, the searching of laptop content is simply unreasonable.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 12:41pm

    Re: Re:

    err, considerably more than a lifetime (unless you mean the lifetime of galaxies...)

     

    reply to this | link to this | view in thread ]

  29.  
    icon
    Jason (profile), Aug 28th, 2009 @ 12:43pm

    Re: Re:

    Probable cause - more correct
    Prolly cuz - more accurate to actual practice.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 12:46pm

    Re:

    err, not so much biometrics are sort of pointless for this use... they aren't very secure (even compared to a fairly weak password) and it's not like fingerprints are hard to get.

    "Here have a glass of water while you wait"

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Paul Brinker, Aug 28th, 2009 @ 12:46pm

    The responsibility is for physical safety, not information safety

    When you cross the boarder the guards job is to prevent you from bringing in prohibited items. Digital information for the most part is not prohibited (CP, State Secrets, Crypto can be). The general rule is that boarder guards cant prevent you from coming into the US if your holding a US Passport. Its also held you don't have to give your passwords. So ultimately those people from the US coming back just have to say "no" to giving any password and the boarder guards really cant do anything about it.

    In addition, there not trained in handling most computer systems anyway, most guards just don't care and the few that do have most likely flagged you for something else and will take your computer as part of the process.

    Its about the sane non-issue as People from the US going to Cuba, we tell you its against the law but when some guy did it and told the boarder guards he went there (he was attempting to get arrested over the issue) all he got was some extra screening.

    All we have is the illusion of security with out anything really happening. If the gov cared about all information coming in and out we would have the great firewall of china that would only allow "clear" traffic.

     

    reply to this | link to this | view in thread ]

  32.  
    icon
    ChurchHatesTucker (profile), Aug 28th, 2009 @ 12:46pm

    Hrm.

    What if you are (or claim to be) transporting someone *else's* laptop. Nothing sinister about that, but you wouldn't have the key to whatever is encrypted. Should I just make a deal with a buddy? Or start a "laptop swap" website?

    This whole things reeks of middle management, like most of "Homeland Security."

     

    reply to this | link to this | view in thread ]

  33.  
    icon
    imbrucy (profile), Aug 28th, 2009 @ 12:48pm

    Re: Re:

    256? Come on you can't call your self a true geek with anything under 1024.

     

    reply to this | link to this | view in thread ]

  34.  
    icon
    Chronno S. Trigger (profile), Aug 28th, 2009 @ 12:48pm

    Re: Re: Re: Hmmm....

    Because one, it would need a computer watching for the flagged content, and two, if it was a computer, it could be programed to search for the little things like MP3s, Movies, books, and so on along with the terrorist things, so we'd be hearing more about people being slammed for that. Besides, if the did have anything like that in use, how could they keep track of Http, Ftp, E-Mail, torrent, IM, and however many thousands of other programs, all of which could be encrypted.

    Not calling you a conspiracy nutter, just saying that it's damn near impossible. With all the data coming over the borders, the delay for checking would probably be longer than the 5 days for the laptop.

     

    reply to this | link to this | view in thread ]

  35.  
    icon
    Jason (profile), Aug 28th, 2009 @ 12:49pm

    Actually...

    "Though, as some note, this basically means that you should make sure any encryption on your laptop takes more than five days to crack."

    Except that encryption that powerful probably violates encryption export/import laws, and at the very least it would probably get them an automatic extension.

     

    reply to this | link to this | view in thread ]

  36.  
    icon
    Dark Helmet (profile), Aug 28th, 2009 @ 12:50pm

    Re: Re: Hmmm....

    That's all probably true, but the possibility left open is still intriguing.

    Particularly if the Echelon Network includes some kind of Angel/OA God algorithm or SSL cracking capability.

    After all, let's again look at motivations and making sense of things. The Echelon Network was used against the Russians AT LEAST up until the fall of the Soviets (although many argue it is being used against them and others to this day). When was SSL protocol first utilized?

    If there were such simple ways to get around all of this monitoring the government has admitted to doing on other nations, why would they bother doing it? Doesn't it follow that they can crack or subvert most/all known encryption and tunneling techniques?

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    thegreatsemaj, Aug 28th, 2009 @ 12:50pm

    Encryption

    The problem with encryption is that if you have an encryption on your computer above a set number of bits it is classified as a munition and is a crime.

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    dangyou'redumb, Aug 28th, 2009 @ 12:55pm

    Re: you missed something

    Not a very proficient cartographer, huh? I love it when the tin foil comes out - makes me wonder if some of these people used lead instead of aluminum and are experiencing the poisoning effects. 200 mile from the border leaves a small part of the coutry in the center blah blah blah....

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    Ed, Aug 28th, 2009 @ 12:58pm

    Confiscation

    For those that think they can encrypt or hide the data or boot into non-GUI, well, Homeland has the right to confiscate your laptop, copy the hard drive to a third party for hacking. Oh, and all this without liability.

    So, let's say you are innocent of every law there is and they don't believe that you are that squeaky clean, they could still take your harddrive, pull the data, send it to Hackers-R-Us who then looses the data (with your passwords, etc), which eventually falls into the lap of Mr. Credit Thief, which then pulls all your money out of your bank to support his / her habit. Let's even say you have a clear path with evidence that the government was responsible for Mr Theif to get access to your bank, well, the government doesn't care and you have no recourse... Good Luck!

     

    reply to this | link to this | view in thread ]

  40.  
    icon
    Sean T Henry (profile), Aug 28th, 2009 @ 1:00pm

    Re: Re:

    And for safe measures place a hidden file system on the disk with a weak password and a few nasty viruses and trojans. That will make it fun if they copy the drive, just remember to mention that the computer has been acting up and you think it has a virus.

     

    reply to this | link to this | view in thread ]

  41.  
    identicon
    Kazi, Aug 28th, 2009 @ 1:01pm

    Re: Re: Re:

    My true geek does a memory overflow on anything more.

     

    reply to this | link to this | view in thread ]

  42.  
    icon
    Digital Protector (profile), Aug 28th, 2009 @ 1:03pm

    Re: Re:

    You certainly aren't obliged to give them that information, but unfortunately the present legal situation dictates that if you refuse, they don't have to let you (back) into the U.S.

     

    reply to this | link to this | view in thread ]

  43.  
    icon
    Hephaestus (profile), Aug 28th, 2009 @ 1:03pm

    Re: Re: Re:

    Six day countdown timer ... ROFL .... Dude that is classic .....

    Then have it boot to a partition filled with Videos of Julia Child, Yoko Ono, Animals in dresses wearing makeup, with a desktop background of a sheeps behind wearing womans undies....

     

    reply to this | link to this | view in thread ]

  44.  
    icon
    ChurchHatesTucker (profile), Aug 28th, 2009 @ 1:04pm

    Re: Encryption

    "The problem with encryption is that if you have an encryption on your computer above a set number of bits it is classified as a munition and is a crime."

    Can one prove what the bit count is for an unknown encrypted file?

     

    reply to this | link to this | view in thread ]

  45.  
    identicon
    Kazi, Aug 28th, 2009 @ 1:10pm

    Re: Re: Re:

    I thought you could "plead the 5th" to prevent self-incirmination. They can keep the laptop. If it was important I'd have another image somewhere.

    If I have US Citizenship how can they refuse me my right to stand on US soil? That is a right - I hope?

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    Kazi, Aug 28th, 2009 @ 1:13pm

    Re: Re: Encryption

    1 bit for 1 buller. 2 bits for 2 bullets. 3 bits for 3 bullets. 4 bits for 4 bullets.

    99,999 bit for a nuclear submarine.
    99,999,999 bit for a nuclear reactor.
    99,999,999,999,999,999 bits for a aircraft carrier.
    99,999,999,999,999,999,999,999,999, ... for using all of the above.

     

    reply to this | link to this | view in thread ]

  47.  
    identicon
    Yohann, Aug 28th, 2009 @ 1:16pm

    Re: Encryption

    That's only true if you're planning to export the encryption to an outside country so that the country can use it against the US. The software and hardware requires it to be licensed and approved by the US government. I don't believe having it installed on your laptop doesn't actually count as 'export', as bringing one bottle of wine from Italy is considered 'smuggling'.

    Anyone could potentially write a 'munitions grade' encryption program for themselves, take it out of the country, and give it to a friend. But if you're a company that writes the program and sells it to other countries, then you have to go through the licensing and declaration.

     

    reply to this | link to this | view in thread ]

  48.  
    identicon
    Kazi, Aug 28th, 2009 @ 1:16pm

    Re: The responsibility is for physical safety, not information safety

    +1

     

    reply to this | link to this | view in thread ]

  49.  
    icon
    BAlbrecht (profile), Aug 28th, 2009 @ 1:35pm

    Re: Re: Re: Re: Re:

    Four. A search without enough probable cause to justify a warrant is a clear violation of privacy rights, especially if you are USA citizen. If DHS feels time is of an essence, they can seize the laptop and wait for a warrant to be issued before violating you.This needs to change.

     

    reply to this | link to this | view in thread ]

  50.  
    identicon
    Rekrul, Aug 28th, 2009 @ 1:39pm

    Fill your laptop with the most disgusting pictures and videos you can find. Make your password something like "F*ck you assh*le, you piss-drinking, sh*t-eating piece of inbred maggot infested goat-f*cker." Keep making small mistakes, like forgetting to mention the commas and claim that the keyboard has been acting up a little, so that they need to type it multiple times to get in. Have it play one of the Two Girls, One Cup style videos as soon as the desktop loads.

    In other words, make them regret looking at it.

     

    reply to this | link to this | view in thread ]

  51.  
    identicon
    Jason, Aug 28th, 2009 @ 1:43pm

    Re: Encryption

    No, it's no longer classified that way. Encryption import now has it's own section of laws with requirements for permitting or a specific form stating exemption from the requirement.

     

    reply to this | link to this | view in thread ]

  52.  
    icon
    mattarse (profile), Aug 28th, 2009 @ 1:51pm

    Re: Re:

    Unless the five day rule is because they have a way to crack any known encryption in 5 days...
    just being paranoid....

     

    reply to this | link to this | view in thread ]

  53.  
    icon
    mattarse (profile), Aug 28th, 2009 @ 1:53pm

    Re: Re: Re: Re:

    I believe the statement above to be incorrect - I don't believe they can ever refuse you entry. Arrest you on the spot yes, but as a citizen they cannot refuse you entry.

    If they can I'd like to see some documentation of this.

     

    reply to this | link to this | view in thread ]

  54.  
    identicon
    Jesse, Aug 28th, 2009 @ 2:06pm

    Re:

    That may be how it is now...but just because it's that way now doesn't mean we can't advocate for a change. Legislation is far from permanent.

     

    reply to this | link to this | view in thread ]

  55.  
    identicon
    Drunk Stepdad, Aug 28th, 2009 @ 2:22pm

    But but but Obama! Hope! Change! Come on guys, you remember hope and change! Don't you?

     

    reply to this | link to this | view in thread ]

  56.  
    identicon
    interval, Aug 28th, 2009 @ 2:26pm

    Re: Re: Re: Re:

    @Chronno: "...the same data can just be E-Mailed to yourself."

    Right. Which leads me back to my favorite point on this topic; the more power a government creates for itself in the name of protecting its citizens, the more it tends to simply victimize its own citizens.

    This is about power, people. The rulers believe its their job to make rules, its its not about what kinds of sense those rules make.

    For a simple illustration compare the effectiveness of airport security in Israel, with a much smaller government, and the supposed security in a US airport. Israel doesn't make Grandma take off her shoes to look for a bomb, and Israeli security is 1000 times more effective. Why do they make her do that here?

     

    reply to this | link to this | view in thread ]

  57.  
    identicon
    Someantimalwareguy, Aug 28th, 2009 @ 2:43pm

    Re:

    The containers can be discovered forensically. The best advice is to keep your sensitive data away from your travel computer/device and only access it through a secure connection to your home system or to your company's servers. Further, you need to keep that computer in a static mode while in a vulnerable position or place so some form of virtualization while accessing that data is important from a forensic perspective...

    To be secure, you need to actively participate, not rely on what some sales or technical forum guru told you is safe!

    JMHO
    SAG

     

    reply to this | link to this | view in thread ]

  58.  
    identicon
    NullOp, Aug 28th, 2009 @ 2:58pm

    Not Likely

    Searching the contents of your laptop is very unlikely as it is somewhat difficult to do. My laptop has thousands of files on it and I make an effort to keep it clean. Most people are not very tidy when it comes to their PC/laptop. Few machines would be searched during the course of a day and it would be a wasted effort. If I want to sneak anything in I can just email or even mail it to myself. I don't even need the laptop while I'm crossing the border. Duh!

     

    reply to this | link to this | view in thread ]

  59.  
    identicon
    interval, Aug 28th, 2009 @ 3:05pm

    Re: Re:

    @Kazi: "Can't incriminate yourself by giving up the key."

    Well, the Homeland Gestapo have already shown that the constitution doesn't really apply to them, so hiding behind that little fact isn't going to help in my opinion. They aren't really supposed to be searching our laptops anyway, what leads you to believe they can't imprison ("waylay") you until you give them access to whatever they want?

     

    reply to this | link to this | view in thread ]

  60.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 3:08pm

    So let's take this apart:

    "Homeland Security Still Plans To Search Laptops At Borders With No Probable Cause"

    The title is midleading, because "Homeland Security" isn't doing the searches randomly on the street. It is only at border crossing. So while it is Homeland Security in theory, in practical terms it is the US Customs and Border Protection (an agency under Homeland Security). The title would be equally misleading if it said "Whitehouse Still Plans to Search Laptops" as Homeland Security is under control of the Commander in Chief. Heck, the title could be "Obama Stills Plans to Search Laptops". It would be equally as misleading.

    Further, the laptops are only searched at border crossings, a place where probably cause is NOT required to conduct a search. In technical terms, your wanting to enter the country is probably cause, if you want to look at it that way.

    So now we know that the entire concept of Mike's article is lost.

    The rest of the story is a nice little rant, but in the end, customs is responsible to make sure that undesirable people, objects, contraband, and anything else illegal isn't entering into the US - that would include (remarkably) all those kiddie porn pictures on your laptop, as well as the next unreleased video from Osama Bin Hiding. Heck, it could include the address of the safe house where you are keeping those illegal immigrants you keep smuggling in on your carry on luggage (they are small).

    So it's all a rant about nothing at all - whatever you show up with at the border can be inspected, and if your laptop happens to connect automatically to a remote server or service, it is likely also to be inspected. In the words of Bill Curtis, he always has space to carry the internet.

     

    reply to this | link to this | view in thread ]

  61.  
    icon
    senshikaze (profile), Aug 28th, 2009 @ 3:16pm

    Re: Re: Re:

    4096, baby!

     

    reply to this | link to this | view in thread ]

  62.  
    icon
    senshikaze (profile), Aug 28th, 2009 @ 3:19pm

    Re: Re:

    I would be amazed if anyone has heard of "lunix", hell, even i haven't! (It's Linux btw, to any who were confused at the (geeky) sarcasm)
    And besides the odds are about 1% of the computer using populations, so about 10,000,000 people. world wide.

    (if the computer using population is only 1 billion, of course)

     

    reply to this | link to this | view in thread ]

  63.  
    identicon
    Jason, Aug 28th, 2009 @ 3:52pm

    Re: Confiscation

    Yeah, I think that's a pretty huge and somewhat paranoid stretch of reality. While its possible that some government agent might run a identity theft ring on the side, it's highly speculative, quite unlikely, and would naturally be governed by appropriate internal regulations in addition to government law code.

    The real issue here is that the power for unwarranted search shifts the role of government beyond the nature of what was intended by our constitution -- whether the purpose for doing so is valid or not.

    Yes, we need to protect our borders, but when you give officers the power of search and seizure without warrant, you are in effect creating a quasi-hostile relationship where none previously existed and where there was no cause to do so, and this is a breach of the trust given the government by its people.

    The situation with border control has unique interests because of a general need for national defense, but it does not change the fundamental relationship between the government and the governed. A citizen's travel status of "entering into the country" as opposed to "already being in the country" in no way changes responsibilities and powers of those governing, nor does it change the citizen's rights and responsibilities.

    Without some prior cause, how can the government, on a regular basis, treat its citizens as though they were hostile parties? I recognize the need for exceptions for general defense, but it must be reasonable with appropriate acceleration of probable cause.

    Blank check access to your hard drive with no cause is so far short of reasonable as to be utterly stupid.

     

    reply to this | link to this | view in thread ]

  64.  
    identicon
    Lawrence D'Oliveiro, Aug 28th, 2009 @ 5:08pm

    Re: Encryption Strength

    imbrucy wrote:

    256? Come on you can't call your self a true geek with anything under 1024.

    You should be clear what kind of encryption you’re talking about hear. 1024 bits is a reasonable key length for RSA public-key encryption, but for a secret-key algorithm like AES, 128 is ample.

    By the way, weaknesses have recently been found in 256-bit AES. So it’s wisest to stick to AES-128 for now.

     

    reply to this | link to this | view in thread ]

  65.  
    icon
    ChurchHatesTucker (profile), Aug 28th, 2009 @ 5:23pm

    Re:

    "So while it is Homeland Security in theory, in practical terms it is the US Customs and Border Protection (an agency under Homeland Security)."

    *long, hard stare*

    Y'know, it's people like you that worry the rest of us. Go play with your taser.

     

    reply to this | link to this | view in thread ]

  66.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 5:39pm

    Re: Re:

    Sorry dude, but there is a huge difference - my point is saying "homeland security" you might as well say "Obama himself" because it isn't any more accurate.

    Homeland Security in and of itself is doing NOTHING - it's the customs people, an agency UNDER Homeland Security that is doing it.

    The difference between direct and indirect. The shoe is on the other foot when you guys get all fussy about if a torrent file (or listing site) is infringing or not. Same freaking deal here.

    Accuracy is something sorely lacking these days around here.

     

    reply to this | link to this | view in thread ]

  67.  
    icon
    ChurchHatesTucker (profile), Aug 28th, 2009 @ 5:52pm

    Re: Re: Re:

    "Homeland Security in and of itself is doing NOTHING - it's the customs people, an agency UNDER Homeland Security that is doing it."

    I'm still staring at you like you're an idiot.

    I'm not saying you are, understand, because you obviously have great insight into bureaucratic distinctions, which takes a keen intellect. I'm just looking at you *as if* you were.

    I'm sure you'll appreciate the difference.

     

    reply to this | link to this | view in thread ]

  68.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 5:53pm

    Re: Re: Re:

    Except, if I read the news right, the policy regarding this is set by the Department of Homeland Security. The policy was announced by Department of Homeland Security personnel. The policy covers what Customs and Boarder Protection officers can do, BUT those officers of Customs and Border Protection do not set the policy.

    The Immigration and Customs Enforcement is a branch of Homeland Security, and does not sound to create their own rules and policies, instead they are given down.

    So, to look at what your saying, if Obama himself said "These are the new rules." It would NOT be Obama or the Obama Administration who made the rule, but the officer who decides to follow the new directive?

    Or am I missing something in my reading?

     

    reply to this | link to this | view in thread ]

  69.  
    identicon
    Anonymous Coward, Aug 28th, 2009 @ 11:05pm

    They'll just beat it out of you

    First, you can't plead the Fifth because giving up a key isn't expressive. The government can force you to give up unencrypted documents without running afoul of the Fifth Amendment; they can certainly ask for your encrypted documents as well.

    Second, encryption won't help you. They won't crack the encryption, they will crack you. You can be jailed indefinitely until you give up your encryption key. A year in jail will effectively ruin your career regardless of whether you are convicted or not.

     

    reply to this | link to this | view in thread ]

  70.  
    icon
    techflaws.org (profile), Aug 29th, 2009 @ 3:19am

    Pointless Security Theater

    > Anything you bring over the border is subject to
    > inspection, to whatever degree they feel is needed.

    So what? No degree will make the US any more safe. Just read about how Bruce Schneier got through airport security.

     

    reply to this | link to this | view in thread ]

  71.  
    icon
    gr8oldies (profile), Aug 29th, 2009 @ 4:13am

    I wouldn't worry to much about this

    I drive a Semi truck and have a laptop mounted on the dash (kind like the police do)I run GRLevel three doppler radar to monitor weather and road conditions via WiFi. I also run OTS AV DJ software with about 5 thousand songs with the audio patched into the stereo.I cross the border into Canada and back into the U S on an average of 6 times a week have been doing so for years and I have never had a border guard give me a second look with the exception of one time when a young female guard noticed the music it was playing and thought it was neat and was impressed that an old fart like me was running such a setup. So I wouldn't worry to much, this is just another "Feel Good" thing the government is doing to make you think they are watching out for our best intrest. Like one of the posters stated above if they mess with you they have you flagged for something else and it's a way to screw with you further.

     

    reply to this | link to this | view in thread ]

  72.  
    identicon
    Anonymous Coward, Aug 29th, 2009 @ 6:01am

    Re: Re: Re: Re:

    Go ask a customers person who they work for, and they say "US Customers and Border Protection". Most of them actually hate being lumped under Homeland Security.

    Homeland Security was basically created to get a bunch of different organizations to talk to each other and work together, but the reality is that mostly it trod on toes and invaded different little fiefdoms that poeple had built up over many, many years.

    Homeland Security is like "head office", the idiots who send down stupid memos and ask you to file everything in duplicate. Customs is the actual people running the office and doing the work. Homeland Security ain't sending anyone to check laptops, they send a memo to Customs saying "check more laptops" and Customs works on it.

    I just stare back at you *as if* you were being an arrogant shit. I'm not saying it, just looking *as if*

     

    reply to this | link to this | view in thread ]

  73.  
    identicon
    ..., Aug 29th, 2009 @ 6:29am

    Re:

    And this "border area" extends 100 miles into the US from the border. A large portion of some states are within this "border area"

     

    reply to this | link to this | view in thread ]

  74.  
    identicon
    Anonymous Coward, Aug 29th, 2009 @ 6:31am

    Re: Re: Re:

    or
    cuz ah sez so

     

    reply to this | link to this | view in thread ]

  75.  
    identicon
    Anonymous Coward, Aug 29th, 2009 @ 6:34am

    Re:

    Automatic all expenses paid trip to Guantanamo

     

    reply to this | link to this | view in thread ]

  76.  
    identicon
    ref, Aug 29th, 2009 @ 7:23am

    Re: Re: Constitution-Free Zone

     

    reply to this | link to this | view in thread ]

  77.  
    identicon
    Noone, Aug 29th, 2009 @ 11:32am

    STOP

    When did we begin to accept that our rights only apply within the borders of America? If a person is a representative of the United States dealing with a United States citizen, they should treat them with the same rights (Which we used to consider inalienable) as they would someone 10 feet away inside of the country's borders.

     

    reply to this | link to this | view in thread ]

  78.  
    identicon
    Anonymous Coward, Aug 29th, 2009 @ 1:20pm

    Re: Actually...

    I don't think there are encryption import/export laws on anything available to the public. Especially things like Open Source encryption software. Some encryption that is publicly available still hasn't been cracked.

     

    reply to this | link to this | view in thread ]

  79.  
    identicon
    Anonymous Coward, Aug 29th, 2009 @ 2:14pm

    Re: Re: Actually...

    You miss the point - if there is data on your laptop that in encrypted, it might actually make them want to hold you longer - perhaps you are smuggling state secrets or plans for the next 9/11.

    It's sort of like denying a cop the right to search your car when you are pulled over. You may win that fight, but you will probably lose the battle (can you say probably cause?). If you specifically deny a border agent access to a file on your laptop, I would say your stay at the border is going to be very long indeed.

     

    reply to this | link to this | view in thread ]

  80.  
    identicon
    Joe Dirtee, Aug 29th, 2009 @ 5:05pm

    Re:

    OUR rights are getting more and more limited ,we dont even have to be at a border! Keep up the laws and lawsuits and pretty soon the USA will be another Communist country!

     

    reply to this | link to this | view in thread ]

  81.  
    icon
    senshikaze (profile), Aug 29th, 2009 @ 7:56pm

    Re:

    Yea, I think I saw them on the corner the other day. Their pimp is a tough one.

     

    reply to this | link to this | view in thread ]

  82.  
    identicon
    Anonymous Coward, Aug 29th, 2009 @ 9:27pm

    Re: Re: Re: Actually...

    refusing a search does not give an officer probable cause. if it did Police would never need warrants because they could just ask to search somebody and either be granted permission or be refused and given probable cause

     

    reply to this | link to this | view in thread ]

  83.  
    icon
    btr1701 (profile), Aug 30th, 2009 @ 7:40am

    Re: They'll just beat it out of you

    > You can be jailed indefinitely until you give up your encryption key.

    Not according to the U.S. Court of Appeals, they can't. The court has ruled that the government can't force citizens to provide passwords or encryption keys.

     

    reply to this | link to this | view in thread ]

  84.  
    identicon
    Anonymous Coward, Aug 30th, 2009 @ 6:42pm

    Re: Re: They'll just beat it out of you

    Remember! You aren't entirely under US law at that point - the border is never never land. The border people can refuse you entry FOR ANY REASON. They can detain you for long periods of time, well beyond the standard 48 hour hold. You aren't being jailed as a US citizen, you are jailed pretty much as nobody.

    You have very, very few rights at the border.

     

    reply to this | link to this | view in thread ]

  85.  
    icon
    mattarse (profile), Aug 31st, 2009 @ 4:45am

    Re: I wouldn't worry to much about this

    The problem with that attitude is that one day they may decide to start inspecting each and every laptop. If you haven't protested when they made the policy saying they could do - how will you be able to protest when they do start doing it.
    Today they may only be looking for the stuff we all find horrendous (child porn) but tomorrow they may arrest you for not having proof that you own the CD's related to the mp3's you are playing.

     

    reply to this | link to this | view in thread ]

  86.  
    icon
    mattarse (profile), Aug 31st, 2009 @ 4:47am

    Re: STOP

    The borderzone now extends 200 miles into the country so you should say 200 miles and 10 feet inside the countries borders.

     

    reply to this | link to this | view in thread ]

  87.  
    icon
    Overcast (profile), Aug 31st, 2009 @ 7:39am

    You don't need encryption or anything else - if you really want to hide data from them, put it on a FTP site or a Webmail site. That or ZIP it and rename the file to make it appear like something else. "Dang, what a shame that database is corrupted".

    It's a stupid waste of time - if they were so worried about security at the border, why not do something about the thousands of illegals that cross the border weekly?

     

    reply to this | link to this | view in thread ]

  88.  
    identicon
    ikegami, Aug 31st, 2009 @ 1:58pm

    Though, as some note, this basically means that you should make sure any encryption on your laptop takes more than five days to crack.

    Not true. If they can make a copy of the crypted content, they can continue to attempt to crack if even after the laptop has left their possession.

     

    reply to this | link to this | view in thread ]

  89.  
    identicon
    Anonymous Coward, Sep 1st, 2009 @ 9:30am

    Re: Re: Re:

    err no...

    see breaking RSA is just factoring big numbers (really really big numbers) and if you can do that fast there are all kinds of much better things you could use it for...

    nobody has the hardware needed to crack good encryption at kind of scale that you need for stuff seized at the border...

     

    reply to this | link to this | view in thread ]

  90.  
    identicon
    Anonymous Coward, Sep 1st, 2009 @ 9:39am

    Re: Re: Re: Hmmm....

     

    reply to this | link to this | view in thread ]

  91.  
    identicon
    Anonymous Coward, Sep 1st, 2009 @ 9:42am

    Re: Actually...

    The encryption import/export laws no longer exist and strong encryption can be freely transported into and out of the US

     

    reply to this | link to this | view in thread ]

  92.  
    identicon
    Anonymous Coward, Sep 1st, 2009 @ 9:50am

    Re:

    yea but if the encryption doesn't suck then they still won't be cracking it... it's not worth the effort unless you're REALLY REALLY REALLY interesting for other reasons

     

    reply to this | link to this | view in thread ]

  93.  
    identicon
    Darren Chaker, Sep 2nd, 2009 @ 6:21pm

    Border Laptop Search

    As technology evolves, so to does government interest. It use to be top secret papers would need to be copied and given to a KGB handler, to get back to Moscow, now, mini-SD chips fit 8+ GB, which can hold thousands of pages of documents.

    American's have the Fourth Amendment as a shield to protect them from unreasonable searches and seizures. The Fourth Amendment has evolved with technology. See, United States v. Blas, 1990 WL 265179, at *21 (E.D. Wis. Dec. 4, 1990) (”[A]n individual has the same expectation of privacy in a pager, computer, or other electronic data storage and retrieval device as in a closed container.”). However, the Fourth Amendment ceases when you want to enter back into the USA. Every body cavity and computer is open to inspection with little more than reasonable cause. A true border search can be made without probable cause, without a warrant, and, indeed, without any articulatable suspicion at all. The only limitation on such a search is the Fourth Amendment stricture that it be conducted reasonably. Note that the reasonableness calculus is different at the border (i.e., looser) than it is inland.

    Despite such, when entering the USA, and, for the purposes of this post, a person has the Fifth Amendment as a shield. In a recent decision in Vermont, In re Boucher, a federal magistrate judge held that the Fifth Amendment right against compelled self-incrimination protects a suspect against having to reveal the password permitting access to his computer files. The software the defendant used, and which I recommend, besides using file wiping software in conjunction with other counter-forensic measures, is PGP whole disk encryption. Nothing has broken this encryption. The court determined that if Boucher was "forced" to provide the passphrase, then the contents could incriminate Boucher thus violate the Fifth Amendment. You can find the court's opinion here: http://www.volokh.com/files/Boucher.pdf

    The end result, if you have material on a computer you do not want inspected, encrypt it. If the government can get a warrant to place spy ware on your computer while 'inspecting it' to reveal your pass phrase, then encrypt the file on a thumb drive. Of course, if your 'vacation' included taking pictures, then transfer those pix to an encrypted drive and insure the SD card from the camera is securely wiped.

    In short, for every measure to obtain information, there's a counter-measure. However, if you are doing something while outside of the USA which can attract the Feds, I recommend---DON'T DO IT. Freedom is not free, but stupidity will put the most intelligent in prison.

    Darren Chaker

     

    reply to this | link to this | view in thread ]

  94.  
    icon
    roxanneadams (profile), Sep 28th, 2009 @ 5:56pm

    Does anyone else remember this happening? In 1990, I had to turn in and plug up my laptop at airport security to show that it worked. This happened to me more than once, in both the DC and Atlanta airports, but I can't remember it happening anywhere else. I had been told that if I didn't have my power cord, and the battery was dead in the laptop, then it couldn't go on the plane with me.

    This wasn't such a big deal, but what p**d me off was the security screeners would insist on handling my camera, looking through the viewfinder and pressing buttons before they gave it back to me. I had the feeling that they really didn't know what they were doing, but were going through some act, probably for the benefit of the morons who were supervising them. I never carried film in the camera - I always mailed the finished 35mm rolls to Kodak, because I didn't want anyone at the airport to ruin my pictures.

    I was really surprised that after 9/11, airport security didn't start doing this again. These acts were as pointless as taking off your shoes and walking barefoot through the screening area.

     

    reply to this | link to this | view in thread ]

  95.  
    identicon
    nemesis, Sep 29th, 2009 @ 3:20am

    Re: Border inspection

    I believe you (Anon Cow) are correct about having no reason to search your belongings; however, it is my understanding that, if nothing "illegal" is found during the search, Customs MUST restore your property to its pre-search condition.

     

    reply to this | link to this | view in thread ]

  96.  
    identicon
    Mitchell, Dec 2nd, 2009 @ 6:47am

    I am pretty much a bleeding heart liberal and I feel that anybody entering the country should definitely be subject to having their laptop searched. There was even some talk that the authorities were being given keys that could defeat encryption software, so they could immediately unencrypt suspect files...and I agree with that too, but I think I read that doing so was actually not allowed without arrest..

     

    reply to this | link to this | view in thread ]

  97.  
    identicon
    hebe01, Aug 12th, 2011 @ 4:37am

    women sexy shoes

    Yea, I think I saw them on the corner the other day. Their pimp is a tough one.
    htt

     

    reply to this | link to this | view in thread ]

  98.  
    identicon
    hebe01, Aug 12th, 2011 @ 4:39am

    sexy shoes for ladies shoes

    I believe you (Anon Cow) are correct about having no reason to search your belongings; however, it is my understanding that, if nothing "illegal" is found during the search, Customs MUST restore your property to its pre-search condition.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This