DHS Introduces Rules for Airport Laptop Checks
DHS has unveiled a revised set of rules for laptop checks at border control.
There's nothing more annoying than doing the security dance with TSA officials at the airport; but hey, it keeps us all safe. As long as they're not hauling you off to inspect your luggage or perform a physical, the endless packing and repacking of laptops and electronics really isn't so bad.
One thing, though, that a lot of people have a problem with is the laptop checks DHS is allowed to do if they feel like it. Last year DHS polices came to light that said TSA could kidnap any device capable of storing information (including hard drives, flash drives, your cellphone, MP3 player, Kindle, pager, and any books or documents you happen to have lying around) for “a reasonable amount of time.” In other words, as long as they liked. Not only that, they could also share your data with other federal agencies or private entities for language translation, data decryption or, and this one is our personal favorite, “other reasons.”
The Obama administration this week unveiled new rules for searching computers and other electronic devices when people enter the United States. Designed to strike a balance between respecting travelers' privacy and protecting and securing the U.S. borders, the rules are a mix of good and bad as far as the average traveler is concerned.
According to PCWorld, DHS can still search electronic devices during border crossings without suspicion of wrongdoing. So even if you're not acting shady, they can still take away your computer. However, the revised rules stipulate that CBP must complete a search of an electronic device within five days and ICE must complete a search within 30 days.
DHS says that between October 1, 2008 and August 11, 2009, 221 million travelers were processed at U.S. borders and about 1,000 searches of laptop computers were conducted, of which 46 were in-depth examinations. Have you ever had an electronic device searched by DHS? Let us know in the comments below!

use a long one
they cant force you to give up encryption keys but they can brute force
be sure the device is off and battery removed as you can recover encryption keys from memory up to 5 minutes in some cases after the laptop has been powered off, so turn it off and remove battery for about 5-10 minutes before packing the laptop up
if they really want the data on the PC let then spend a few thousand dollars in hiring someone to attempt to crack it
I have never had my equipment searched but if it ever is, they would have a hard time getting past the encryption only to find out that theres like multiple other encrypted drives and files in the pc, with nothing in them
isn't disappointment great
it is like those Russian dolls toys where when you open it it is the same exact doll just smaller until when you reach the last one and nothing
if theres a limit to the time they can hold a item then do that, put encrypted volumes in your ipods, pocket pc's pda' PSP' cellphones and any other device that holds data. it will be a great way you waste their time
you don't need anything in them it will still show up as random data in a hex editor
if enough people do this, the searching will become too expensive and annoying and it will eventually be scrapped
it is an invasion of privacy, especially if other humans are looking at your content
how many times have you seen on the news about people sending a computer to a repair shop and the workers will start looking through their personal files
imagine giving your system to people whose job is to look through your stuff, it is a privacy problem
if they replaced the human workers with hamsters or squirrels who have no interest in out personal stuff then I will be a little more ok with the searching but the way it is now, it has to stop, it is just a major inconvenience to anyone who goes through with it
http://www.truecrypt.org/
They do not have ANY rights to force you to decrypt the data woth out a warrant.
It happened on the fly to Moscow from formal socialist country in 1988. I was sure that I will never going to experience police state when I move to USA, but congratulations every one USA now is no better then USSR just 20 years ago.
There is absolutely no difference if they seize you computer for 30 days or for ever. They need only few minutes to copy entire drive and unlimited time to break the encryption sooner or later. And until I see the source code of Windows I am going to believe that there is backdoor put for them. The only encryption program I trust is TrueCrypt, but it is limited by the under lying OS. There is no way to guaranty that your encryption key was not stored by Windows into the swap file.
I agree that equipment should be searched for concealed weapons and explosives, but snooping inside my data has no justification at all. I would like to ask everybody to thing for a moment and answer to the following questions:
1. If terrorist is coming to the country with laptop, the custom holds the laptop, but lets the terrorist enter the country, how this improves our security?
2. If the government is allowed to hold your computers for data examination, should the government be allowed to hold anyone for 30 days for interrogation to find out what information we are holding in our heads? (Note the brain is much easier to crack!)
http://www.truecrypt.org/
They do not have ANY rights to force you to decrypt the data woth out a warrant.
use a long one
they cant force you to give up encryption keys but they can brute force
be sure the device is off and battery removed as you can recover encryption keys from memory up to 5 minutes in some cases after the laptop has been powered off, so turn it off and remove battery for about 5-10 minutes before packing the laptop up
if they really want the data on the PC let then spend a few thousand dollars in hiring someone to attempt to crack it
I have never had my equipment searched but if it ever is, they would have a hard time getting past the encryption only to find out that theres like multiple other encrypted drives and files in the pc, with nothing in them
isn't disappointment great
it is like those Russian dolls toys where when you open it it is the same exact doll just smaller until when you reach the last one and nothing
if theres a limit to the time they can hold a item then do that, put encrypted volumes in your ipods, pocket pc's pda' PSP' cellphones and any other device that holds data. it will be a great way you waste their time
you don't need anything in them it will still show up as random data in a hex editor
if enough people do this, the searching will become too expensive and annoying and it will eventually be scrapped
it is an invasion of privacy, especially if other humans are looking at your content
how many times have you seen on the news about people sending a computer to a repair shop and the workers will start looking through their personal files
imagine giving your system to people whose job is to look through your stuff, it is a privacy problem
if they replaced the human workers with hamsters or squirrels who have no interest in out personal stuff then I will be a little more ok with the searching but the way it is now, it has to stop, it is just a major inconvenience to anyone who goes through with it
https://www.ironkey.com/
That works as well too.
I laughed so hard I almost shit in my pants.
This is still BS. My coworkers and I have to travel with laptops and blank drives quite often to perform forensic data collections and we have had instances were Totally Stupid Annoying officers confiscated blank hard drives and never returned them. We can not wait 30 days for our equipment to be returned either we need it immediately. So far we have not had an instance where they have confiscated a client original; not sure what to do when that happens.
Actually, they'll just raise your taxes or make encrypting information illegal. Welcome to the Change.
And now for the how to piss off DHS department ... Use TrueCrypt to create a number of encrypted containers with strong passwords and maximum entropy passfiles. Then destroy the passfiles. Idealy ensure that the passfiles never actually existed in cleartext on any media your carrying wit you, but at least do a secure erase on them. Now you've got a number of encrypted containers, which can ONLY be accessed by brute force ... but you used maximum entropy passfiles to encrypt the volume header. That should suck up quite a few cycles on someone's supercomputer, and if they ever do get in, they'll find exactly ... nothing.
then we will just have to boycott the airlines and border checks, use portal guns to get where we need to go
or if needed you can also fill your portable medias free space with tons of the most disturbing non illegal content you can find and make all the workers scared to randomly check laptops with out a really good reason
anyway this will eventually ruin the economy further
most major companies do not use the internet or mail when transporting highly sensitive information, and theres no trusting a someone else to look at it who isn't in the company, trust me giving the chance a worker getting $13 an hour wont resist copying info from a company computer if that information could be worth millions, companies will just avoid doing business with the US.
those places go crazy about protecting the privacy of them self and their workers, if you even try to go to a private area or ask a worker for any information not giving out to you from the start, you can probably get arrested, why not extend some of that privacy our way, or level the playing field, if you can look through our stuff then we can look through your stuff at will.
It happened on the fly to Moscow from formal socialist country in 1988. I was sure that I will never going to experience police state when I move to USA, but congratulations every one USA now is no better then USSR just 20 years ago.
There is absolutely no difference if they seize you computer for 30 days or for ever. They need only few minutes to copy entire drive and unlimited time to break the encryption sooner or later. And until I see the source code of Windows I am going to believe that there is backdoor put for them. The only encryption program I trust is TrueCrypt, but it is limited by the under lying OS. There is no way to guaranty that your encryption key was not stored by Windows into the swap file.
I agree that equipment should be searched for concealed weapons and explosives, but snooping inside my data has no justification at all. I would like to ask everybody to thing for a moment and answer to the following questions:
1. If terrorist is coming to the country with laptop, the custom holds the laptop, but lets the terrorist enter the country, how this improves our security?
2. If the government is allowed to hold your computers for data examination, should the government be allowed to hold anyone for 30 days for interrogation to find out what information we are holding in our heads? (Note the brain is much easier to crack!)
46 out of 221 Million people had something of interest.
If the entire population of the planet, 6 billion people, crossed the border with devices in hand there would only be about 1300 intensive searches. Much ado about nothing.
You have nothing of value or interest on your devices.
Remove youR tin foil hat.
yeah... ya know what? I'm just gonna totally stop worrying about the privacy of my data. Because you said so, and because i'm confident that all ppl empolyed by the US government adhere to rules and good moral standards.. and they would never do/take anything for their own personal gain either.
...TH comments need to have a eyeroll emote
And, everyone else... FedEx your electronics to your destination.
The key issue here is that the DHS, or any law enforcement agency, needs reasonable cause to search and seize a computer. It is these FREEDOMS that the war on terror seeks to protect. Why would our government betray its citizens and the spirit of the constitution in such a way? It seems unconstitutional.
Thank you for providing the prof. That is exactly why TSA should not be allowed to do this on first place.
Good thing you're Irish or else I'd say you'd qualify to be a perfect American citizen with that statement.
I'm sure terrorists will keep laptops or other media devices full of evidence against them and get caught cause the DHS is so effective in it's job. But hey, whatever helps you sleep at night right?