Sensible Erection | Customs officers searching laptop harddrives

Monday, 7 January 2008

Customs officers searching laptop harddrives

quote [ A couple of years ago, Michael T. Arnold landed at the Los Angeles International Airport after a 20-hour flight from the Philippines. He had his laptop with him, and a customs officer took a look at what was on his hard drive. Clicking on folders called “Kodak pictures” and “Kodak memories,” the officer found child pornography. ]

I was going to search "Child Pornography" on the Google for the thumbnail image but I thought it wasent such a great idea after all.

[politics] [by Jin@2:48pmGMT] [+10 Informative]

Comments

taiga said @ 2:59pm GMT on 7th Jan
When I was younger and saved a few porn pictures on my computer, I made sure they were stored in the same place as some random files for PageMaker. I knew where it was, but my mother and father wouldn't stumble across it if they went poking through.

Todomanna said @ 3:02pm GMT on 7th Jan
I just saved it under "PORN!!1!" Who would suspect that?

Tirade said @ 5:48pm GMT on 7th Jan
I just saved them all on floppies (ironic, huh?) and hid the disks well.

Quenadian said @ 8:14pm GMT on 7th Jan
Dude, it would be so much easier to just hide a thumb drive up your ass.

k0k0peli said @ 5:53am GMT on 8th Jan
Hey, how about that TD that looks like a dog humping the laptop?

-_- said @ 8:11am GMT on 8th Jan
I used to save my porn in a folder labeled "read me's" but then I found out about searching by file type and gave up ... I was just hiding it from friends that used my computer anyway so then I started a collection of weird shit in a file labeled "porn" and people stopped poking around in my computer when they used it.

ckfahrenheit said @ 6:45pm GMT on 7th Jan

-->

theolypse said @ 3:01pm GMT on 7th Jan

theolypse said @ 3:02pm GMT on 7th Jan

theolypse said @ 3:02pm GMT on 7th Jan
I suck at HTML, but I am brave enough to challenge Google.

afrasr said @ 3:09pm GMT on 7th Jan [Score:2]
Yes, using the "protecting the children" argument for essentially illegal searches.

What this is doing is catching the stupid, but giving the powers that be, more and more power to fuck with you on your arrival to the US.

I'll be sure to re image my laptop before leaving home, and making sure it does not have anything that could possibly get me in trouble.

This would include;

MS software installation files and media (trade violations, plus they could claim I was planning on working there)

any music (illegal music piracy)
Any videos (illegal movie piracy)
Any system or encryption software that is illegal in the US ( there is a lot of it )

Any pornographic images that were legal in the country of origin, but would get me busted for CP in the US (Swedish teen porn Eg they look 16-17 ish)

Any company trade secrets I may have on encrypted volumes. (I am contractually not allowed to tell anyone that is not my company, including US Govt )

When I move to Canada, I will be making a point of avoiding ANY US airport, and just flying direct to Canada.

lizard-bitch said @ 3:23pm GMT on 7th Jan
The only one of those that is true is the child porn. It would be impossible for an agent on simple inspection to determine whether or not you have usage permissions for any software/data, let alone how you had acquired it. My understanding is that it is currently legal to use any encryption software that you want in the US; the only regulation is on export.

Child porn is fairly unique in that the thing speaks for itself.

afrasr said @ 3:59pm GMT on 7th Jan
No, but its enough for you to be kicked out of the country if they have a reasonable suspicion

I am a network engineer, and if I am in the US on a holiday visa, and I have my laptop with me, and it has the tools of my trade on it, because it doubles as a work laptop, then the customs officer is able to kick me out.

Your current understanding is partially correct, but there are import AND export rules surrounding encryption software for the US, as well as other countries... All it takes is a slightly smart customs officer who is having a bad day, to make your life really fucking difficult.

They don't need to arrest you, but they can confiscate your laptop, and make you A) verify that all you have on there is legal and legit (a PITA for music and software, I leave all my official MS licenses in my safe at home)

B) Just revoke your visa and kick you out because they have a suspicion about you.. and that makes it nearly impossible to get a visa for a while, unless you go through the long and expensive appeals process

All over a laptop, that they had no right to be poking into in the first place.

monkeytooth said @ 9:19pm GMT on 7th Jan
I tend to agree that music, video and legitimate software is unlikely to arouse suspicion or even provide an excuse to be hassled, unless you've got like 10,000 files of said material (which of course is known to happen). I don't travel with receipts for things I've owned for years and I find it hard to accept that they will be demanded. Packing 10 movies on a trip is pretty much legitimate.

I think the biggest grey area will be material that sets off keyword searches and creates a 'reasonable suspicion' which in this day and age could be a very broad net. What I mean is that you don't have to have any illegal material to be inconvenienced or lose your laptop - it's probably enough to have suspicious material. The scary thing is that we're not talking about genius detectives here... These are people who're trying to find something that might not even exist.

They probably will automate the process to search image files and maybe some text searches "while they're there"... because if you're writing some software to plug in and search someone's shit, why not throw in a few more lines of code to search for text. Is this paranoia?

Someone will review the images that are found within a certain file size and flip through text files that are flagged by keywords. Video I guess too. It's creepy to think that they might mirror all or some of your files in the process and keep them for further analysis... or fapping.

Personally I'm much more afraid of them finding some interesting military pdf I stumbled across and forgot about, rather than First Time Video fisting clips. The former could conceivably land me in Guantanamo Bay, while the later is pretty much a blush as they look up the 2257 proof of age.

Online drives are an okay idea but most of the time it's pretty much like handing over all your files by default to the NSA instead of risking them searching them at the airport... so that plan is kinda flawed. Maybe I'm 5 years too early on that paranoia? CARNIVORE is reading this comment right now, so it's not completely tin-foil-hat, is it?

It's the thin end of the wedge.

Dooming_Doom said @ 11:17pm GMT on 7th Jan
"Atomic Bomberman"

todde said @ 6:22am GMT on 8th Jan
A contract which violates the law is not valid. If the gubbmint has a legal right to snoop on your hard drive it doesn't matter what your employer says.

aomal said @ 11:46am GMT on 8th Jan
When I flew into Ottawa in 2006 and they made me login into to my computer and then the Canadian immigration officer went searching around to look for whatever they were looking for, illegal porn I’m assuming. They used to ask questions about your internet usage when you were at the immigration checkpoint in Ottawa, what sites you go to etc… if they saw you carrying a notebook, not sure if they still do it. I complied, only because fearing that they would look at my carry on and notice there’s another notebook in there, which did in fact have all my porn (only legal stuff ) on it’s HDD, which would have been embarrassing and delayed my entry. It goes both ways, US isn’t the only country to do it.

lizard-bitch said @ 3:17pm GMT on 7th Jan
I'm torn on this, because in the old world international communication and transportation was fairly limited, but now it is integral. It is not a great stretch from here to say that the feds could intercept all communication across the border.

lilmookieesquire said @ 3:35pm GMT on 7th Jan
Well, this is an interesting scenario...

The government went even further in the case of Sebastien Boucher, a Canadian who lives in New Hampshire. Mr. Boucher crossed the Canadian border by car about a year ago, and a customs agent noticed a laptop in the back seat.

Asked whether he had child pornography on his laptop, Mr. Boucher said he was not sure. He said he downloaded a lot of pornography but deleted child pornography when he found it.

Some of the files on Mr. Boucher’s computer were encrypted using a program called Pretty Good Privacy, and Mr. Boucher helped the agent look at them, apparently by entering an encryption code. The agent said he saw lots of revolting pornography involving children.

The government seized the laptop. But when it tried to open the encrypted files again, it could not. A grand jury instructed Mr. Boucher to provide the password.

But a federal magistrate judge quashed that subpoena in November, saying that requiring Mr. Boucher to provide it would violate his Fifth Amendment right against self-incrimination. Last week, the government appealed.

lilmookieesquire said @ 3:37pm GMT on 7th Jan [Score:2 Funny]
Do you have 'iddie porn?

mayyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyybe~

devilsad said @ 5:13pm GMT on 7th Jan
Wrong Answers to Give to Law Enforcement Officials:

"Fuck you, pig!"

"Yes, you can search my stuff. I have nothing to hide."

"Yeah, that's mine."

"That's a bullshit law and you know it!"

and now,
"I look at pornography, want to check it out with me? I hope I deleted any pictures that look younger than 30..."

k0k0peli said @ 5:51am GMT on 8th Jan
Suppose you don't know. You say 'maybe', and you definitely get searched, and if any is found, you're fucked.

Or you say 'no', and maybe you're searched, and if any is found, you're fucked, plus you're charged with lying to a federal agent.

So don't say anything. Look him (or her) in the eye and shake your head to indicate negative, maybe grunt 'unh-uh', but don't SAY a word. What you say WILL be used against you.

Better yet: leave all the kiddie porn (images and texts) at home, burnt onto unlabeled CDs/DVDs in your miscelleny pile, along with your political screeds, terrorism databases, explosives and drugs formulae, etc. Don't cross paranoid borders with those files.

monkeytooth said @ 10:04am GMT on 8th Jan
Okay, I hate to disagree, especially on the internet, but that's totally wrong.

Always say no to any representative of law enforcement. ESPECIALLY if if you don't know. Forget kiddie porn... I mean for ANYTHING.

The chance of them tacking on a 'lying' charge and that being significant in any way after you're busted is totally outweighed by the advantage of telling them what they need to hear instead of what they're trained to pursue.

Even if you're packing fruits and vegetables and they ask if you have any food in your luggage. Just lie again later and say you forgot.

A "maybe" or a "yes" means step into that other line for further inspection sir. A "no" means go ahead step through, have a nice day, unless they see stress in your body language or hear it in your voice (or nervous grunting), or have other reason to be suspicious (such as appearance, time of travel, origin or destination, mode of transportation etc).

This goes for anything from a road check to a airport.

and I agree wholeheartedly - leave the porn at home... Or better yet, don't have any kiddie porn at all.

Nihil said @ 7:30pm GMT on 7th Jan
Asked whether he had child pornography on his laptop, Mr. Boucher said he was not sure. He said he downloaded a lot of pornography but deleted child pornography when he found it.

I don't have any experience with US customs officer, but this sounds like a very stupid answer.

Naruki said @ 12:19am GMT on 8th Jan [Score:1 Insightful]
Yep. Honesty is pretty stupid when dealing with the police.

He _might_ have been lying, but that is certainly a reasonably possible scenario for anyone who uses mass-downloading software. Say, 95% of the SE membership?

flat_michael said @ 8:18am GMT on 8th Jan [Score:1 Underrated]
honesty is stupid when dealing with the police WHEN YOU ARE DOING ILLEGAL THINGS

COP: Do you have a bomb in your carry-on?
STUPID PERSON: Didn't the last time I checked.

COP: Do you have a bomb in your carry-on?
INTELLIGENT PERSON: No I do not, sir.

Naruki said @ 9:50am GMT on 8th Jan
In your bomb scenario, the person may OR may not have a bomb. Either is plausible.

The first one is stupid regardless of whether you are doing anything illegal.

Ergo, my first comment stands.

Transfer said @ 3:58pm GMT on 7th Jan [Score:4 Underrated]

f00m@nB@r said @ 7:33pm GMT on 7th Jan
i'm a doctor, not a pr0n merchant!

Transfer said @ 10:08am GMT on 8th Jan
Spock, set faser to wide dispersal, and when the song gets to it's highest point... THROW IT IN THE TUB!

ring riot said @ 4:06pm GMT on 7th Jan
Sorry to quote so much directly from the article, but I'll just let Judge Dean Pregerson of the Federal District Court of Los Angeles speak for me, here:

"Electronic storage devices function as an extension of our own memory," Judge Pregerson wrote, in explaining why the government should not be allowed to inspect them without cause. "They are capable of storing our thoughts, ranging from the most whimsical to the most profound. Computer hard drives can include diaries, letters, medical information, financial records, trade secrets, attorney-client materials and — the clincher, of course — information about reporters’ “confidential sources and story leads.”

and Judge Neidermeier of Vermont:

"The government can make you provide samples of your blood, handwriting and the sound of your voice. It can make you put on a shirt or stand in a lineup. But it cannot make you testify about facts or beliefs that may incriminate you. The core value of the Fifth Amendment is that you can’t be made to speak in ways that indicate your guilt."

Also from the article:

"Under the government’s reasoning,” the brief said, “border authorities could systematically collect all of the information contained on every laptop computer, BlackBerry and other electronic device carried across our national borders by every traveler, American or foreign.” That is, the brief said, “simply electronic surveillance after the fact.”

So...wait, I'm losing count...how much of the Constitution is actually left?

ring riot said @ 4:12pm GMT on 7th Jan
Forgot to mention, although you probably already knew this: the FAA - the ones who will receive the information from your laptops - is under Homeland Security.

ring riot said @ 4:31pm GMT on 7th Jan
Oh, and while we're on the subject of horrible ideas - we're now officially tracking children with RFID chips:

http://apnews.myway.com/article/20080108/D8U1E97G0.html

lateniter said @ 5:14pm GMT on 7th Jan
In 1986, when I was an associate in a practice, I saw a patient I'd never see previously. When I asked what he did, he said he "worked for Big Brother".

He said he worked for a company that was working on the design for a microchip - that it would eventually be able to be scanned from incredible distances.

That the company plan was to:

First sell the technology to use it as an implant to ID lost pets.

THEN: sell it as a convenience for people that would go to night clubs or other places they frequented so that they were scannable.

THEN, in 15 or 20 years, when people were used to it, to begin selling it as an implant for babies, when the concept was no longer so onerous (as it was then in 1985).

After ANOTHER 10 - 20 years... ALL babies would be getting them and within 50 years, the government would be able to keep track of almost every body.

I thought he was nuts in 1985.

They seem right on schedule.

ring riot said @ 6:08pm GMT on 7th Jan
I live in Maryland. There's a couple in Michigan who live next door to me. She just had her baby here in Maryland - during a conversation about her baby, she told me that the hospital told her that her baby should have a chip imbedded under her skin. When she declined, they kept trying to get her to do it. She still declined.

It's already happening.

leswilkerson said @ 6:12pm GMT on 7th Jan [Score:1 Funny]
I live in Maryland. There's a couple in Michigan who live next door to me.

Damn- I never realised Maryland was so big.

Aidentas said @ 6:55pm GMT on 7th Jan
I wonder what exit off I-70 takes me to Detroit.

ring riot said @ 7:27pm GMT on 7th Jan
AH! Sorry - they're FROM Michigan...

leswilkerson said @ 3:37am GMT on 8th Jan
Just kidding with ya', ring. :)

kang said @ 5:40am GMT on 8th Jan
For a second here I was concerned that my geography was worse than I suspected.

ring riot said @ 7:29pm GMT on 7th Jan
Anyway - I don't know whether it's true or not - but I didn't even bring it up to her, it was just part of her story of being at the hospital when the baby was born.

Naruki said @ 12:21am GMT on 8th Jan
I read a report (here?) that said those chips may cause cancer or tumors.

I think preparing a nice class action lawsuit would be a good idea.

devilsad said @ 5:26pm GMT on 7th Jan
The district was interested in trying out the program in the hopes that it would improve communication with parents, who will be able to check a Web site to see whether the buses are on time and their children are on them, Kraeger said.

Failure at Parenting: having to use a WEB SITE to know if your little snowflake actually gets on the school bus or not.

Of course 'at first' it is just to see if they get on the bus, then later they can check if they are in school grounds, then later they know which route and how long you take to get home, then later they can monitor where you go at break times and if you spend too long hidden from the CCTV cameras, then later they know who you associate with and if they are marked as known troublemakers.... all good conditioning to get them used to the totalitarian surveillance state they're trying to set up.

ComposerNate said @ 4:19pm GMT on 7th Jan [Score:5 Underrated]

hoboninja said @ 5:17pm GMT on 7th Jan

f00m@nB@r said @ 5:48pm GMT on 7th Jan
back in the wild and wooly days of the internet, getting pr0n off alt.binaries.pictures.erotica.teen was a dodgy affair because there was almost always someone who posted a kiddie pr0n picture set. :/

Tirade said @ 6:01pm GMT on 7th Jan
Yeah, I ran into something like that back in the day once... I didn't think I could have actually gotten in trouble for it since I was only 13 or 14 at the time, but still. When a 13-14 year old looks at a picture and says, "She's too young for me." you know there's something wrong there.

CapnSilver said @ 6:56pm GMT on 7th Jan
The problem is these days that there is real porn with kiddie porn file names. Incest Taboo Rape Teens or some such shit.

I once dl'ed this video of a chick with a large but top quality rack. She must have been 14. I was quite disturbed. But that's what you get for dl'ing russian porn.

-_- said @ 7:15pm GMT on 7th Jan [Score:2 Insightful]
What I don't understand is why someone would carry any data at all across international borders if they are concerned about offending the border censors (China I'm looking at you here) when they can store it across multiple G-Mail accounts or any of the myriad online storage venues and simply access it from their new destination.
Other than that I guess your looking at having to use multi-layered PGP and store the keys in an email account , though then you are looking at loosing your computer and possibly your freedom until (or even after) they find a way to crack it (might take a while though ;)

The best bet is probably to just distribute your stuff across the net (as encrypted files?) and have a folder of bookmarks stored in an email account you can access from memory.

Border crossings have always been choke points where the individual loses nearly all control over their own privacy and self determinism, it has always been best not to carry anything questionable (or likely to provoke a conversation) through such a venue.
The reason for controlled border crossings has always been to exert control over what enters or leaves a country be it physical objects, individual people, or information ... and as long as there have been border guards there have been ways to make them ineffectual, it's just another arms race.

utah said @ 8:27pm GMT on 7th Jan

“Under the government’s reasoning,” the brief said, “border authorities could systematically collect all of the information contained on every laptop computer, BlackBerry and other electronic device carried across our national borders by every traveler (sic), American or foreign.” That is, the brief said, “simply electronic surveillance after the fact.”

Or they could take samples from your luggage and look for pollen, soil, DNA, fabric, receipts, explosives, drugs and all the other myriad manifestations of Locard's Principle; which would be physical surveillance after the fact.

atter_cob said @ 9:31pm GMT on 7th Jan
Simple solution:

1) Get some hard drive encryption program that does per-account encryption. If you have Mac, it come built in.

2) Make another account on your computer besides the one you usually use.

3) In the security settings change the login so that it does not list users but just provides a username/password prompt.

4) Log into the extra account and surf the web a bit.

Now if you are ever stopped at customs and some dork wants to look at your computer say "sure thing" and log into the extra account. There will be nothing interesting to look at. In the very, very small likelihood that the customs agent figures out that there are other account on the computer and wants you to log in to them all you have to do is say "that's my wife/coworker/brother's account and I duno the password."

Also, if you really have something that you don't want the agents to see then keep it in a zip file, encrypt the zip file, rot13 the file, and rename it something like "dx3.dll". (Make sure you use SRM to delete the original plain-text files and you should still use harddrive encryption.)

The rot13 step and renaming it is so that someone who looks at the file (or uses a search tool to look for encrypted files) won't be able to tell it's an encrypted file. The idea is to just avoid the whole issue were the agent might notice it and ask for you to decrypt it.

If you're really paranoid you can do all of the above and make a second extra account that has root-level write access to the whole drive and that when logged in to will start a background job to silently SRM your regular account's home directory. Of course then you better be good about keeping backups.

eIfish said @ 10:25pm GMT on 7th Jan [Score:2]
'Simple solutions', in cryptography, are typically attractive and bogus.

Don't faff about with encrypted zips, and ROT13, and obfuscated filenames, and homemade cryptography.

Choose a proper, tested solution like PGP or Truecrypt, and use it correctly.

(FWIW, it would be trivial to spot a ROT13ed encrypted zip, because zips have bits with no entropy in (notably the directory at the end, but also various headers and padding), which would be a clue to anyone with a hex editor and a brain that the file was not just random data. And would easily be flagged by a program that just looks for files of a specific range of randomness).

cskrat said @ 2:02am GMT on 8th Jan
Nothing wrong with proper, tested cryptography being combined with a bit of obfuscation.

It's the same concept as a good safe with a good lock being disguised as something that is not a safe.

So encrypting something with PGP then disguising it as some system dll would offer more security than simply encrypting the document and leaving it in plain sight in your 'My Documents' folder.

Of course if they have the opportunity to run their own forensic searching software on your system then it is conceivable that sufficiently well designed software of that nature will raise red flags on any file or even disk sector that looks like it could be encrypted data.

EPT said @ 10:01am GMT on 8th Jan
I think at the point you are examining files with a hex editor, you've progressed beyond 'trivial'.

hoagy said @ 5:00am GMT on 8th Jan
I would worry about whatever virus or rootkit that their USB stick is going to install on my computer (maliciously or not).

And how about diplomatic computers... Wars could be started if customs looked through a diplomat's computer. So why not create a nation of the pirates with official diplomatic status?

-_- said @ 8:14am GMT on 8th Jan
partly because you have to have a military before other nations will give a damn about offending your diplomats.

Vampire_X said @ 5:29am GMT on 8th Jan
ya know i say this a lot nowadays, but if i was an american living in america i would get the fuck out NOW.
fuck, go somewhere relatively free like europe. canada wont help you motherfuckers before youre settled in canada will be part of america in all but writing. check out denmark, we got health care and good unimployment. personaly i live here and id go with spain or something because its warmer...

but getting to something with a point: if you want to have sex with 15 year olds(cant see why but hey, do your thing) its legal here, people might look at you wierd but its legal.
if you want to do drugs go for it, just watch your back at christiania and you can easily get some good smoke and even if the cops catch you its just a fine as long as you werent holding too much.
worried about the languege? most danes i know speak at least passable english, its everywhere and what damage would learning a new languege do? i can communicate with russians and lithauanians with body languege and understanding or by drinking enough.
this is really going nowere but i like ranting and getting off the point to persue another point and then rant about ranting but loosing the point. whatever happened to dave chapelle?

kang said @ 5:46am GMT on 8th Jan
"but getting to something with a point: if you want to have sex with 15 year olds(cant see why but hey, do your thing) its legal here"

You should write travel brochures.

k0k0peli said @ 8:09pm GMT on 8th Jan
Brochures with titles like:

TOP TEN PLACES WHERE FAT OLD GRINGO DRUNKS CAN FUCK PRE-PUBESCENT AIDS-HIV-FREE CRACK WHORES!

SUBSUBTROPICAL PARADISES: CHEAP SEX, CHEAP DRUGS, FREE HOSPITALIZATION, AND EVERYONE SPEAKS ENGLISH!

THIS IS FOR YOU: YOUR ONLY COMPETITIORS ARE VACATIONING PALEORUSSIANS WHO DRESS EVEN WORSE THAN YOU!

Something like those.

Vampire_X said @ 5:39am GMT on 8th Jan
oh yeah by the way, seaching laptops might catch a few people who like to watch child porn. buuuuut it also lets government(wich comes from something like gubermente wich means control of the mind (guber=control, mente(mind))
its like spying on large segments of the population to catch criminals you funded and trained yourself... oh yeah
fucking doublespeak, straight orwellian. why is there not rioting in the streets of america? i guess the same reason as why there wasent in germany before and during the ww2, people fear being taken away by a shadowy government agency or chastised by their fellow contrymen for not being supportive of the party line

monkeytooth said @ 10:17am GMT on 8th Jan
People aren't rioting because most people who point out the worst scary orwellian stuff also tend to mix in a pinch of batshit insanity, which totally undermines the legitimacy of the true stuff they say.

manoreason said @ 3:05pm GMT on 8th Jan
Awesome thumb. *saved*

k0k0peli said @ 8:26pm GMT on 8th Jan
Something to keep in mind: You have to cross a border. You have to take your laptop. You dump all your pr0n & radical texts & bomb plans & terror encyclopedia onto some media that you'll leave home. But you should remove all traces of that interesting stuff from the laptop drive. So you look around, maybe find a program like ERASER, which can obliterate residual patterns pretty thoroughly.

But it takes time. I'm currently scrubbing a 500GB FireWire drive that I'll return to WalMart (I got something bigger & better). With the fastest & least effective scrub, writing semirandom data, it's taking about ONE DAY (24 HOURS) PER 100 GB. The more thorough scrubs may take 7-35 times as long. If you have lots of pr0n etc to remove from your modern laptop with a capacious drive, GIVE YOURSELF PLENTY OF TIME.