....that if you don't cough up the key to your military grade encryption, that your hard drive/iPod/whatever will just be confiscated?
In a move that could affect millions of people around the world, the US government has quietly relaxed a two-decade-old policy that limited the reading and copying of papers and electronic data carried by travelers crossing into American borders, according to recently released documents. Under guidelines that were most …
Whoever the next President of the US is, I hope he's not a pussy. I can't believe that a few small incidents have caused this much distress in the Western World. Briton nor the USA was built by running away from things and cowering in fear. Accept the losses and come back swinging - I hope the next "Ruler of the Free World" understands that; whoever he/she happens to be.
You may not have gotten the memo.
McCain - certified sociopath with bad impulse control, know-nothing and xenophobe: PUSSY
....followed by Palin - fundamentalist ultra-nationalist sociopath with end-times mentality and a knowledge based on Post-It Notes with Repuke Soundbites: PUSSY
Obama - the only change you can believe in is that he transforms into President Klingon without the philandering: PUSSY
Nader - Duh?
Ron Paul - Wuh?
it's very sad to see how things like schengen's no border control agreements have turned into snooping-and-sharing agreements, mandatory-biometry and dog-chip fests and all that shit
one could say ok, i will never travel/visit the us/uk/japan because i'll get fingerprinted, photograpied and abused at the border controls but it's only a matter of time until it's done where you live too..
the real terrorist that enjoys dominating the world (tm) with the fear he spreads around is the politican, the other terrorists (alquaeda and all that idiots) have already won and sit relaxed seeing how we get fucked by our own people
Full disk encryption. There's just no excuse not to have it/use it these days, especially if it's a work laptop. I'd like to see full encryption used in mobile phones as standard as well - it's prolly possible on my n95, I'm just not particularly paranoid about people reading my endless "working late - will get dinner myself" texts. =p
"Welcome to America! Thanks for bringing us your business, your much needed tourist dollars, and your biometrics! Now bend over..."
Waiting patiently for a sane US administration,
The solution to this problem is still simple.
1) Don't ever travel to the USA (Uncivilized Surveillance Area)
2) Refuse to do business with, or to employ, any person who breaks rule 1.
3) Refuse to acknowledge IP (Imaginary Property) coming from entities within this area.
Until the American voters replace their Corporistic government, simply refuse to deal with them. Consider their money worthless.
After all it's been seven years now.
And contrary to what the fascisti in the DHS would like you to believe, the world today is pretty much the same world it was on 9/10, barring serious erosion of civil liberty in the so-called free world.
The question to ask about all these liberty-destorying measures is, had this measure been in effect on 9/11, would it have prevented the destruction of the World Trade Center? The answer in almost all cases is no.
I like Canada, maybe there next year. Went there in 2006, loved it. America already booked for this year, so can't cancel that. So either Canada or maybe somewhere in Northern Europe, Norway maybe (for the cod fishing). Just have to tell 'er indoors...
Paris, 'cos I'd rather tell her:)
so the border patrols can confiscate your shiny new ipod to inspect it for Al Qaeda's speaches hidden on it, and it later gets lost in shipment back to you into the border patrol guys pocket. I also bet some of the laptops they confiscate go missing and end up on ebay to help alleviate Americas current financial issue.
EFF *reveals*? .. this story was known in Febuary ... but worth an update for sure
As an American, I stopped flying because it's unreasonable search to have to remove my stinky shoes .. much less keep my ID details and travel records for 40yrs+ .. take a laptop or camera "? .. read private or business information without probable cause .. screw that !
If you don't have a warrant or my face up on a wanted poster ( or computer screen now ) just leave me the f**k alone
Anyway, seeing as US citizens will be subject to all this crap coming back in from even Canada and Mexico .. I'm just not going to bother leaving this really beautiful county ..
I could never see all the places I'd like to here .. I lived on the East Coast until 18, and have been West Coast since, and driven across the land several times .. been in about 45 states
The gReeD heADs have sure made a mess of things now, but all in all, never traveling out of the US isn't much of a loss, and I'll protest and do what I can to fight this crap
as far as I'm concerned, all the international airlines can go bankrupt, maybe then they'll figure out they've made it too much of a hassle
it's sad indeed that probable cause is being lost on all levels here .. I can't say on the internet what most 55yr. old+ American men would like to do with our Congress for the passage of laws like this.
Put military grade encryption on your hard drive. Now there's a great way to get through customs. Do you really think US customs goes through every dickweed's computer. Act like a semi intelligent traveler and visitor instead of a 20 year old asshole and you'll walk right through, just like any other country that's had 3,000 of it's citizens killed by "visitors". Actually act like a prick and get sent back. Too damn many tourists around anyway.
If your a business visitor who has to go, just go, if your a mindless Disney tourist who spends their whole 14 days holiday in theme parks (who won't really notice the DHS), just go. Those of you who really want to see some of the other spectacular places, The Grant Canyon, Death Valley, etc, either just suck it up and go or go somewhere else.
As someone who has spent a great deal of time and money in the US, before they started treating every visitor as a criminal and fingerprinting them. I will just give it a miss, in many ways Canada is nicer any way.
Unscrupulous Swastikawearing Arseholes - just about sums them up. Everything about their governments is truly frightening - from the way they still treat their indigenous peoples and those poor folks still homeless in New Orleans, to their addiction to bombing folks in third world countries, it all really stinks of political terrorism.
Anyone who thinks that they can do business, have fun with these little white devils and that they can come out unstained, is simply an idiot.
If I had the unsavoury desire to traverse their borders, I would fill my portable digital data storage device with every known movie and piece of music or art work that successfully ridiculed their sense of being. Of course I'd encrypt it all for good measure, and joyfully pass the suckers the key. Then I'd stand back and watch. Hopefully all this would be survieled on CCTV, and be accessible to all via a Google search and Myspace, Youtube, what ever! And it would be on record forever and ever, amen.
Any important data I'd like to smuggle into the (unsavoury) state of America would be picked up from my UK server, once I had a seat in Starbucks.
But I don't suppose this has occurred to them.
Don't encrypt stuff and you risk having it copied or snooped.
Encrypt stuff and you just draw attention to the fact that you may have something to hide, so they force you to hand over the keys.
Solution: Have a recently factory reset eeepc with you. Leave all your docs at home and then SSH/VPN back to your home network to get at your files while you are away. When it's time to go home just upload the files to home again and hit the factory reset button on the eeepc again (or use DBAN style military grade wiper for magnetic media).
- Keep everything on home PC.
- Set up LogMeIn Hamachi VPN software on home PC.
- Wipe laptop (securely) and use restore disk to make it all "i'm not a threat, just a luser"
- Download and install Hamachi at a cafe in your destination.
- Work / play as appropriate over your secure VPN connection.
- Remove Hamachi before return.
Alt solution: Don't go there.
...because tourists won't care if DHS grunts copy their friends' phone numbers into their uberdatabase, and most tourists don't carry laptops (well, most tourists that don't read El Reg :-)
The real impact will be felt in the business world, where workers often have no choice but to go where they're sent. Corporate policies adapt to this security risk, making employees travel with blank kit, but eventually the inconvenience will hurt production in some way and senior management will find some other way of doing business, perhaps by using different continents.
You'd think that an administration so obsessed with pleasing big corporations would realise the potential impact of this!
The worst of this waste of time is, it won't really catch anybody who is serious about doing anything. So all it will do is catch the witless pervs who carry the wrong sort of pictures and video or the part-time Jihadist who carries some dodgy documents. .
The rest will either just fedex the data, or use any one of the other possible ways to circumvent such foolishness.
Perhaps it's just a grab for trade secrets to help the commerce of the USA,
Within a couple of months of being serious about snooping / confiscating the whole of First / Business class passengers toys and data, either they won't come or will just not carry any device that will be subject to scrutiny.
I am sure the economy of the USA is up to discouraging wealthy passengers from visiting, they don't need the business anyway.
I guess the authorities will be busy checking all those Chinese business men buying up the USA on the cheap.
Could we have an Icon of a village idiot please.
Simon is pretty much on the mark. If you encrypt your data, and they do decide to check it, they can hold you until you unencrypt it for them - which is very likely considering the suspicision any kind of encryption will draw.
Solution? Put your laptop in your checked-in luggage, which they don't check. Alternatively do what Simon said and take a factory reset laptop, with a portable hard drive containing all of your data in your luggage.
The whole thing makes no sense. You can carry whatever data you want in your checked in luggage, but what ever you take on board can be held, scanned, rifled through, ripped, and analysed. It's almost as if they are afraid of what you might do with the data on the plane?
All multinational corporations can easily work around these risks. They can transfer their documents and other stuff encrypted over the internet and have spare laptops and cellphones readily available at their offices so that there is no need to take any data whatsoever over the Yankee border.
That's an interesting club that the USA has joined. Other members include bastions of freedom such as China, Russia, Saudi Arabia, Iran, North Korea ....
But they are a few years late. Today there is little reason ever to carry a hard disk across borders. Just download your stuff after you arrive (using an encrypted protocol, of course). Of course, this'll be a lot easier if you carry a flash-card-based Linux system such as an EeePC, rather than a Microsoft hard-disk-based one with no segregation between the system files and your own personal data. And one less sale for that US corporation as an unintended consequence? I hope so.
As for "if you're innocent, what have you got to hide"? It should be obvious. Company or personal confidential data. Once it's in their systems, do you really think it'll stay confidential? Even if you trust the US government, do you trust every single person it employs?
and so the rise of the dumb terminal laptop that connects to an RDP profile at home/work begins.
why bother taking the data with you when you can leave it in your home and access it via encrypted vpn tunnel.
no net connection? great, holiday time and the blame is on the US government ;)
"Put your laptop in your checked-in luggage, which they don't check."
Don't TSA open luggage anyway these days? I'm also pretty sure they X-ray checked baggage, and a laptop would be pretty obvious on there.
That's before you consider the likelihood of it being broken or stolen by the baggage handlers. I've found big muddy footprints on top of my checked luggage on one occasion, I guess they needed to reach something high up and used it as a step stool.
@Dan Gray: they do inspect checked luggage, albeit randomly. I traveled by air to Canada and the EU last year from here in the US (purely as a tourist) and found a wonderful little memo in my checked bag from the TSA stating they had 'randomly selected' my bag for inspection. It was obviously searched, as the contents were packed a little differently. They did not hinder its movement despite my having placed two knives and a multi-tool inside, all of which would have had me detained (if not arrested) if they were in my carry-on luggage.
Hopefully the Department of Hostile Schizophrenia will have a lobotomy after January 20, and becomes much more peaceful, logical, and rational. Not to mention W et al being given free lobotomies after a stay at Gitmo.
Another vote for a village idiot icon, but in the meantime, mine's the one with the large Swiss Army knife in the pocket...
Given that The Land Of The Free *still* refuses to admit that WWII was in full swing for three whole years before they got off their fat butts (and only then because the Japanese made it so fscking obvious that even a blind warthog could not miss it), I would hesitate to start bleating about how many US citizens have been killed if I were you.
How much money was donated by NorAid so the murdering cowards, sorry "brave freedom fighters" of the IRA could blow up civilians whose only 'crime' was to be in the wrong place at the wrong time? How many people have been killed by domestic American psychopaths and sociopaths like the Unabomber?
It's supposed to be "government of the people, by the people, for the people" isn't it? With freedom of speech, freedom not to incriminate yourself and freedom to travel? Or are you really surrendering the Constitution without realising?
I'm happy to be stopped and searched at the border as I believe it does make a difference, albeit about as much as a fart in a jacuzzi. But as the bloody irritating advert says, "every little helps".
Most hotels have decent free wifi broadband connections... just give all your data to google for safe keeping, that way, it's safe from any spying by gov or corporations in the US..... oh... wait a minute..... bugger! :)
Seriously though - do what others are suggesting, just have a VPN connection to your home or work systems, password protected obviously, and store nothing of corporate/personal value on the machine itself. They can't force you to log into your corporate or home network remotely and download data to their database... or at least I don't think they can.
Also - since you are on the net in the hotel, you can upload your photos and stuff before setting off home, then secure erase them state side so they don't get pics of you outside US buildings, which obviously means you are on a terrorist scouting mission.
Nothing to see here... just moving along officer.
I wouldn't take anything of value I wouldn't want to lose on holiday with me, especially to the US of frikkin A.
Are to provide the plonks at the border with any keys they ask for.
Oh, and don't name any directories with dodgy names like "nuclear option for competitors" or something like that unless a Cuban vacation is attractive.
My personal stuff of course is what Ironkeys were made for!
and I'll say it again. Don't travel to the USA as a tourist. There are huge numbers of more interesting, less expensive and more entertaining places in the world. Don't travel to the USA for business. If your employer forces you to travel to the USA, have them sign documents that they'll pay you for any time spent in custody, that they won't hold you personally responsible for the cost of confiscated equipment, and that they won't fire you if you show up 3 weeks late at the American site because some untrained hillbilly in customs decided that he didn't like what you were wearing that day.
US customs were absolved of anything resembling "due process" months ago. They don't NEED a legal excuse to fuck you over, they can do it to whomever they please, for any reason they choose.
How lucky are you feeling today?
(Paris, because she might not mind an intensive body cavity search)
If you have to carry the data, you can encrypt it AND make it look like harmless unencrypted data. Perhaps if they analyzed a file containing data, they might discover there's something there - maybe even unencrypt it eventually.
But if it's a picture of your kids, in a folder with seven hundred other pictures of your kids?
Actually, they'd probably spot you as a scout for a molesting ring.
The only way to survive this is to go with the Force (they has it), and don't fight or stand on your rights--they will win and you haven't any, whether you're a homecoming American or an incoming Alien.
Just smile, be helpful and have no obvious encryption and keep your personal/company stuff on a website or micro-SD. You know, just like the foreign spies and terrorists do.
I wish we could set up rules about Aliens, but we're too nice and insecure pinko liberals. God I look forward to the blue-tattoo Database Society
Thanks you crazy yank politicos for dropping the bar a few dozen notches lower - I'm quiet sure the Euro zone and UK fascists shall be right behind you. Infact I wouldn't be suprised if George scatface Brown is at this moment demanding that psychotic whore Jackie Smith get to work on this one upping the Yanks at this very moment. Bah...
American lawmakers held a hearing on Tuesday to discuss a proposed federal information privacy bill that many want yet few believe will be approved in its current form.
The hearing, dubbed "Protecting America's Consumers: Bipartisan Legislation to Strengthen Data Privacy and Security," was overseen by the House Subcommittee on Consumer Protection and Commerce of the Committee on Energy and Commerce.
Therein, legislators and various concerned parties opined on the American Data Privacy and Protection Act (ADPPA) [PDF], proposed by Senator Roger Wicker (R-MS) and Representatives Frank Pallone (D-NJ) and Cathy McMorris Rodgers (R-WA).
Cisco has alerted customers to another four vulnerabilities in its products, including a high-severity flaw in its email and web security appliances.
The networking giant has issued a patch for that bug, tracked as CVE-2022-20664. The flaw is present in the web management interface of Cisco's Secure Email and Web Manager and Email Security Appliance in both the virtual and hardware appliances. Some earlier versions of both products, we note, have reached end of life, and so the manufacturer won't release fixes; it instead told customers to migrate to a newer version and dump the old.
This bug received a 7.7 out of 10 CVSS severity score, and Cisco noted that its security team is not aware of any in-the-wild exploitation, so far. That said, given the speed of reverse engineering, that day is likely to come.
A security flaw in Apple's Safari web browser that was patched nine years ago was exploited in the wild again some months ago – a perfect example of a "zombie" vulnerability.
That's a bug that's been patched, but for whatever reason can be abused all over again on up-to-date systems and devices – or a bug closely related to a patched one.
In a write-up this month, Maddie Stone, a top researcher on Google's Project Zero team, shared details of a Safari vulnerability that folks realized in January this year was being exploited in the wild. This remote-code-execution flaw could be abused by a specially crafted website, for example, to run spyware on someone's device when viewed in their browser.
Someone is trying to steal people's Microsoft 365 and Outlook credentials by sending them phishing emails disguised as voicemail notifications.
This email campaign was detected in May and is ongoing, according to researchers at Zscaler's ThreatLabz, and is similar to phishing messages sent a couple of years ago.
This latest wave is aimed at US entities in a broad array of sectors, including software security, security solution providers, the military, healthcare and pharmaceuticals, and the manufacturing and shipping supply chain, the researchers wrote this month.
Brave CEO Brendan Eich took aim at rival DuckDuckGo on Wednesday by challenging the web search engine's efforts to brush off revelations that its Android, iOS, and macOS browsers gave, to a degree, Microsoft Bing and LinkedIn trackers a pass versus other trackers.
Eich drew attention to one of DuckDuckGo's defenses for exempting Microsoft's Bing and LinkedIn domains, a condition of its search contract with Microsoft: that its browsers blocked third-party cookies anyway.
"For non-search tracker blocking (e.g. in our browser), we block most third-party trackers," explained DuckDuckGo CEO Gabriel Weinberg last month. "Unfortunately our Microsoft search syndication agreement prevents us from doing more to Microsoft-owned properties. However, we have been continually pushing and expect to be doing more soon."
Period- and fertility-tracking apps have become weapons in Friday's post-Roe America.
These seemingly innocuous trackers contain tons of data about sexual history, menstruation and pregnancy dates, all of which could now be used to prosecute women seeking abortions — or incite digital witch hunts in states that offer abortion bounties.
Under a law passed last year in Texas, any citizen who successfully sues an abortion provider, a health center worker, or anyone who helps someone access an abortion after six weeks can claim at least $10,000, and other US states are following that example.
California lawmakers met in Sacramento today to discuss, among other things, proposed legislation to protect children online. The bill, AB2273, known as The California Age-Appropriate Design Code Act, would require websites to verify the ages of visitors.
Critics of the legislation contend this requirement threatens the privacy of adults and the ability to use the internet anonymously, in California and likely elsewhere, because of the role the Golden State's tech companies play on the internet.
"First, the bill pretextually claims to protect children, but it will change the Internet for everyone," said Eric Goldman, Santa Clara University School of Law professor, in a blog post. "In order to determine who is a child, websites and apps will have to authenticate the age of ALL consumers before they can use the service. No one wants this."
Democrat lawmakers want the FTC to investigate Apple and Google's online ad trackers, which they say amount to unfair and deceptive business practices and pose a privacy and security risk to people using the tech giants' mobile devices.
US Senators Ron Wyden (D-OR), Elizabeth Warren (D-MA), and Cory Booker (D-NJ) and House Representative Sara Jacobs (D-CA) requested on Friday that the watchdog launch a probe into Apple and Google, hours before the US Supreme Court overturned Roe v. Wade, clearing the way for individual states to ban access to abortions.
In the days leading up to the court's action, some of these same lawmakers had also introduced data privacy bills, including a proposal that would make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.
Carnival Cruise Lines will cough up more than $6 million to end two separate lawsuits filed by 46 states in the US after sensitive, personal information on customers and employees was accessed in a string of cyberattacks.
A couple of years ago, as the coronavirus pandemic was taking hold, the Miami-based biz revealed intruders had not only encrypted some of its data but also downloaded a collection of names and addresses; Social Security info, driver's license, and passport numbers; and health and payment information of thousands of people in almost every American state.
It all started to go wrong more than a year prior, as the cruise line became aware of suspicious activity in May 2019. This apparently wasn't disclosed until 10 months later, in March 2020.
Brave Software, maker of a privacy-oriented browser, on Wednesday said its surging search service has exited beta testing while its Goggles search personalization system has entered beta testing.
Brave Search, which debuted a year ago, has received 2.5 billion search queries since then, apparently, and based on current monthly totals is expected to handle twice as many over the next year. The search service is available in the Brave browser and in other browsers by visiting search.brave.com.
"Since launching one year ago, Brave Search has prioritized independence and innovation in order to give users the privacy they deserve," wrote Josep Pujol, chief of search at Brave. "The web is changing, and our incredible growth shows that there is demand for a new player that puts users first."
Biting the hand that feeds IT © 1998–2022