[antonio266]

Souce: CBA

Here�s what you need to know about data searches at the border, and how you can protect sensitive data.
Bare in mind that the Canadian Bar Association is not made of IT & phone specialists. Still a great read with recommendations from a bunch of lawyers. Much of this apply to phones and their memory cards.

Do you regularly travel on business? If you take confidential information of any kind with you, take heed: policy allows offers of Customs and Border Protection (CBP) to search and confiscate computers, phones, personal digital assistants, cameras, digital music players and other data-storing devices. Operating under the Policy Regarding Border Search of Information, agents have also downloaded the contents of entire computer hard drives and other storage media for later review. (Note: similar situations occur at the borders of other countries as well.)

For many travelers, CBP reassurances that confidential data is handled carefully ring hollow. And travelers who resist searches, even by insisting that such searches would require a warrant and probable cause if conducted within the United States, can be detained, sent back to their country of origin or otherwise grievously inconvenienced.
These recent developments have many legal experts and others asserting that the �border privacy� playing field is undeniably tilted in favour of border agents.
This article suggests 10 steps you can take to shield sensitive information, like that protected by solicitor-client privilege, when crossing the border. Each one comes with caveats, the most important of which is that there are no guarantees. You should consult an IT security expert to help you choose the best options for your needs.

1. Be Anonymous

Thousands of travelers cart thousands of devices through America�s borders each day. The CBP has to weigh security concerns with the limited time available for searching.
Many travelers believe the odds will stay in their favour. If you aren�t one of these, read on.

2. Travel with a �Bare� Computer

Be �forensically clean�

The CBP can�t read what a computer doesn�t contain. That�s why certain companies give their employees �forensically clean� computers for travel. These computers contain the operating system, required applications, and little or no data.

Once at their destinations, employees work with data stored on company servers via secure virtual private network (VPN). (Secure connections are a must since, under certain circumstances, U.S. law permits interception of e-mail and remote server connections.)
Employees may download files to their computers, upload the results of their work to company servers and �forensically clean� their computers before traveling again.

Given widespread availability of broadband Internet access throughout the United States, traveling with a clean laptop presents few problems unless particularly large files or problematic Internet access hampers the employee�s ability to access data.

Use software with "Saas"

Following in the footsteps of phenomena such as Google Docs, more companies offer software based on the Internet. All their customers need to access these applications is a standards-compliant web browser.

Conceptually, customers use software as a service (SaaS � on the software developer�s servers) rather than as a product (on a computer�s hard drive). And, importantly, the data resides on the same server as the SaaS application.

This tactic is less secure than total forensic cleanliness for several reasons, not the least of which is your web browser. It records your Internet activity using cookies, history and other data. Delete all these traces of your Internet activity before you board your next flight. (For more information, refer to "Files to Delete� sidebar.)

Saas: One issue to Consider
What if border agents really want your data? If a server (your company�s or a SaaS provider�s) resides within America�s borders, the US Patriot Act enables US government agents to access your data (and impel the SaaS company to keep the breach quiet).

Should the data reside outside US borders but the company head office or chief executives reside within, the data must be turned over upon request or the company/executives may face charges.

Files to Delete

Not everybody travels with forensically clean laptops provided by their firms. If this describes you, consider the following list of file types to remove from computers you take across borders.

Documents
Look for all the usual suspects like .doc, .xls, .ppt, .pdf and so forth.

Mac owners: since the Mac does not need to save files with file name extensions, you might miss file types by searching for extensions. Make sure the Mac shows all file name extensions before you search.

E-mail and PIM information
Carefully review your email for messages you can delete.

Personal information managers store calendars, tasks, contact lists, notes and other information � check this as well.

Temporary files and folders
Various programs keep copies of documents and other information in temporary folders, and do not always delete them once you quit the program.

Temp files can reside in several places: a global search on the word �temp� will help find them, as will consultation of the software�s documentation.

Photos
Look for files with extensions like .jpg, .png, .gif and so forth, as well as information inside image handling software you use (e.g. Adobe Photoshop, Apple iPhoto).

Certain digital cameras produce RAW photos, some in proprietary formats with esoteric file name extensions. Check your camera manual for specifics.

Virtual memory
To supplement the RAM, the operating system may use a part of your hard drive as �virtual RAM.�

Windows allows you to turn virtual memory off. If you can�t live with the performance hit, make sure your entire hard drive is encrypted.

Browser data
Whenever you surf the Web, your browser records your wake in its history of pages visited, a cache containing downloaded pages, the cookies any sites might write to your hard drive, the names of any files you downloaded and so forth.

The default settings in most browsers allow a certain amount of this information to build up on your hard drive. Change those options so that the browser promptly deletes all such information once you shut down the browser, or soon after. Recommendation: Mozilla Firefox can automatically delete all surfing traces each time you shut down the browser.

3. Turn Off Your Computer, Early

If you must bring data on your computer, turn it off five minutes prior to reaching customs.

While running, computers store unencrypted information in random access memory (RAM). If you walk through customs with a computer in sleep mode, the RAM shows what you were working on.

RAM does not void itself of information until five minutes after the computer has been turned off. So when the �Fasten Seat Belt� sign comes on, turn your computer off.

4. Back Up Your Data

Should border agents confiscate your computer, they won�t stop your ability to work billable hours � as long as you left a copy of your data in a safe place, such as another hard drive or your company�s servers, and you can quickly recover all that data (documents, calendars, e-mail and so forth.)

5. Use a Different User Account to Hold Sensitive Information

Any modern computer can be used by different people, each with their own sets of documents. Users can password-protect their accounts so other users with access to that computer can�t access documents that don�t belong to them.

Privacy application: the traveler can use the computer via a �clean� non-administrative account while in transit and carry sensitive documents in a �safe� account for which the traveler does not know the password. Upon confirmed arrival at the final destination, the colleague who created the �safe� account can send the password to the traveler via secure e-mail.

Meanwhile, all that travelers can do at customs when asked about other accounts is shrug their shoulders. (Remember, all accounts should be encrypted.)

Choose Perplexing Passwords

Is your password your company�s name, your own name, the word �password� or something else that�s easy for you to remember?

Here�s a reality check: modern password-guessing software can generate tens or even hundreds of thousands of guesses a second � and it starts with the most commonly used passwords.

However, if your computer is confiscated, forensic specialists rarely try to �crack� a password. Instead, they look for places where your computer might have written the password to the hard disk (registry, swap files, deleted space), or places where a user may have done so (e-mail, contact file, text file). Strong encryption that covers the whole drive provides a good first line of defence.

Security experts still recommend you make passwords as difficult to crack as possible. Here are a few hints:

Don�t use actual words, which are susceptible to �dictionary attacks� where programs throw every word in the dictionary at your signin system until one works.

Choose longer passwords over shorter ones.

Don�t use passwords like your name, age, address, or any other personal information of yours or of people you know.

If the software allows, make passwords case-sensitive. Sprinkle upper-case and lower-case liberally throughout the password.

Again, if the software allows, include numbers, punctuation and special characters as well as letters.
6. Partition and Encrypt Your Entire Hard Drive

Hard drive partitioning, like encryption, is a common IT practice that enables people to use a hard drive as though it were two or more drives. These partitions can be encrypted using different passwords. And some of today�s partitioning tools can hide partitions.
Privacy application: Encryption and partitioning, when combined, allow a traveler to decrypt a partition that contains �safe� data for border agents to inspect. Agents might not know to look for other partitions if the partitioning tool hides them � a tactic known as steganography.

To increase the chances this subterfuge will work, buy a larger hard drive for your laptop, make the �safe� partition the same size as that of the drive sold �standard� with the laptop, and put the rest of the hard drive in other partitions.

Even if you don�t partition, strong encryption of an entire computer hard drive, and electronic data of any sort, is a security best practice and should not raise eyebrows.
Why the entire hard drive? Certain programs can record information outside of encrypted areas without a user�s knowledge.

While strongly recommended, encryption is not foolproof: border agents can simply ask you to type your password. The consequences of denying this request could prove onerous.

7. Protect FireWire Ports

FireWire is a type of data port that allows for faster data transfers than are possible via USB. Certain higher-end Windows-based computers and just about every Mac in existence has FireWire.

The CBP can quickly copy an entire hard drive via FireWire. Macs let their owners block this option by setting an Open Firmware Password. Consult your IT provider for advice on how to protect your FireWire port.

8. Store Data on Small Devices

Camera memory cards and USB memory keys can store huge amounts of data. Since they�re small, you can carry them inconspicuously. Also because they�re small, they are easily lost, and just as easily confiscated by border agents if found, so use strong encryption on these devices as well.

The Ironkey is a military-grade USB flash drive that actually self destructs after 10 failed login attempts.

9. Protect Phones and PDAs

Phone records, text messages, emails, documents � today�s phones, particularly smartphones like RIM�s BlackBerry, Apple�s iPhone and Palm�s Treo carry amazing amounts of information.

But keep the device as �clean� as possible if you think it might be confiscated. Also, enable any password locking and encryption tools, if available.
Another possible solution: certain smartphones can be �wiped clean� remotely when they are reported lost. And every one allows users to synchronize the data on them onto their computers so that they can quickly put the data onto a replacement unit should the need arise.

10. Clean Your Laptop When Returned

Border agents might even return confiscated laptops with a little something extra: spyware that tracks the owner�s computer activity and sends log files back to �Big Brother.�
�Fedware� may be invisible to onboard spyware scanners, so the first thing to do when you get your laptop back is to boot it using an external drive and scan the onboard drive for anything that should not be there.


Tools for Protecting Electronic Data

Want to protect your electronic data? Here are a few tools that might come in handy, some of which you might already have.

Encryption and hard drive partitioning

Modern computers ship with their own encryption tools. Microsoft bundles Bitlocker Drive Encryption on certain versions of Windows Vista while Apple includes FileVault on every Mac.

If you need more sophisticated options, PGP Disk and TrueCrypt lead a largely capable pack of hard drive encryption options.

Password generator

Not sure whether your password is up to snuff? Download a password generator that can take away the guesswork.

(Mac owners already have Apple�s Password Assistant, stowed away in the Accounts System Preference application that Apple offers if owners want help creating a password for a new account on the Mac.)

For more information on passwords, refer to the "Choose perplexing passwords" above.

File shredders

When you delete a digital file by emptying the Recycle Bin/Trash Can, the operating system doesn�t actually obliterate the file � it just refuses to recognize its existence and allows other applications to overwrite that section of the hard disk. That�s why files that owners think are long gone can turn up under forensic examination. It�s like the difference between putting a piece of paper in a recycling bin and throwing it into a roaring fire.

In addition to software designed specifically for the purpose, today�s major operating systems ship with �secure delete� features that overwrite specific portions of the hard drive to the point that the original file is unrecognizable and unrecoverable.

[ALToronto]

Thanks! I wonder how long ago this was written - they mention Palm Treo! Still very relevant today. Good thing I've never been flagged for a device search.

Posted via CB10 from my awesome Passport

[AnimalPak200]

Split the computer into components, ship some components separately via separate couriers, send other components with different employees, meet up at the other end and hope there aren't any extra screws left when they put it back together.

Lol... crazy stuff.

Posted via CB10

[AluminiumRims]

Canadians, why do you accept this kind of crap?

Also, how common is it that you must give away your laptop/phone for forensics?

[ALToronto]

Canadians, why do you accept this kind of crap?

Also, how common is it that you must give away your laptop/phone for forensics?

It's not common at all. If the border agents suspect that you're smuggling something, or are involved in some other illegal activity, or fit the profile of someone who does, you are more likely to get searched.

The most I ever had to do was boot up my devices to prove they were real. But I imagine that a 20-something man with an arabic-sounding name would be scrutinised more thoroughly.

Posted via CB10 from my awesome Passport

[antonio266]

You would be surprised, but that happens often when entering Canada's big border neighbour...

[Old_Mil]

Canadians, why do you accept this kind of crap?

Also, how common is it that you must give away your laptop/phone for forensics?

To be quite honest I think we Americans have a bigger problem with this. Even our local police departments are routinely harvesting data from cell phones en mass without a warrant at routine traffic stops.

Posted via CB10

[Tatwi]

Canadians, why do you accept this kind of crap?

Also, how common is it that you must give away your laptop/phone for forensics?

We don't, but they do it anyway.

Posted via CB10

[AnimalPak200]

You would be surprised, but that happens often when entering Canada's big border neighbour...

I used to cross the CA-US border several times a month. The Canadian border agents were way friendlier (to a US passport holder), than the US border agents.

At one point I had graduated from university, my lease had ended, still didn't have a job, had all my stuff in a storage container back in Pennsylvania (no family or anything),.. and despite me telling them all of that the Canadian agent actually listened to my explanation and let me through to visit my girlfriend.

On the flip side at one point while planning our wedding, my fiancee left a wedding magazine inside the car. As I crossed back to the US the border (by myself) the US agent saw it, flagged me on to customs and immigration, where they searched my car for almost an hour and accused me of smuggling my fianc�e's belongings in preparation of illegally smuggling her in. Don't mind that we had already applied for her fiancee visa and... she was not even in the car!

So yeah... this crap has been going on for ever. You just need to travel a bit to realize how crazily everything you do or don't do can be interpreted, and how important it is to have a good explanation for everything.

Posted via CB10

[Tatwi]

I noted a distinct lack of advice on what one should do when the border people demand a person give his passwords. That's the biggest issue of them all too.

Really, where does it end? What's to stop the border people from demanding a person give them the passwords to his online accounts too? They can justify anything at the expense of the device owner.

Further, is one tossed in jail for genuinely not knowing the password to the device, program, or whatnot?

And finally, turn on CPAC and take a good look at our Canadian House of Commons. Right behind our Prime Minister, to his right, you will often see a man wearing a turban. You will see people of Asian decent, people of Native American decent, and many other "tribes" from around our world. When they speak, you will hear people who speak with accents that they learned in their country of origin. All of these people are Canadians and they represent our country. Our diversity is our strength.

Being a "suspect" sure as hell better be more involved than, "stop the brown guy". We ARE better than that awful level of racism and intolerance, as a nation and as individuals.

Posted via CB10

[ArcPlug]

Canadians, why do you accept this kind of crap?

Also, how common is it that you must give away your laptop/phone for forensics?

Right, cuz all is well in the land of the free. *irony*

Posted via CB10

[dbmalloy]

Travel across the border all the time with work... as the operations are run by humans.. it is a crap shoot as to how you are treated... no different than this forum... people who have issues come and complain.. some want answers ... others want to vent... but most make it sound like their issues are the same for everyone... boarder crossings are the same... to put it into context... on average over 300,000 people cross the northern border daily...if this issue was as prevalent as people make it to be the border would grind to a halt.... Agents do not stop you for no reason.... it is either you fit a profile, do not have the correct documentation, you are pissy with boarder agents or they are pissy with you...

Although the OP posted a comprehensive post... which is spot on... anyone following it may actually cause more problems then they are avoiding... If I were a border agent and found a super cleaned laptop... it would raise red flags and cause me to look even more into the individual... it would appear to me they are trying to hide something.....here is a novel idea that applies to internet... if you do not want someone to see it... do not post it.. send it or store it....

If you have nothing to hide ... the worst you are is out time.... maybe some money...if you do ... you lose your freedom... pretty simple...