The usual fare: log out, disable biometrics, use long pins and passwords, power off. Prefer a burner device, or clean your device and restore when you arrive.
I remember how Google's internal guidelines for travel circa 2011 required to remove any material under NDA from your laptop when traveling to China or Russia; you had to restore it over the VPN after a safe arrival. Funny that now the same precautions apply to the US :((
This has been the recommendation when traveling to the US since 2001, only that the worry was NSA rather than ICE.
The procedure that I got recommended in 2005 was to install a second fresh operative system (preferable windows) on the laptop on a separate partition/disk, make a copy of the old boot partition and disk encryption headers, encrypt the copy and store it online for later retrieval, and then overwrite the old boot with the new installation. Make sure to leave the old partitions alone.
The restore is then as simple as downloading the encrypted backup, decrypt and dd it back in place. Repeat the process before taking the trip back. It was advisable to test the processes before to familiarize yourself to it, and to use the fresh installation a bit so it wasn't completely blank.
> I remember how Google's internal guidelines for travel circa 2011 required to remove any material under NDA from your laptop when traveling to China or Russia; you had to restore it over the VPN after a safe arrival.
I made this suggestion when I served on the security team at a major cybersecurity player.
When we had our company-wide annual internal conference it was always in person. This meant that basically everyone, with basically cumulative access to everything, and all our code, would be traveling across a multitude of borders at once. Some of which were less friendly than the US (at that time).
This was rejected as impractical for developers and redundant for everyone else. So I suggested locking the accounts of everyone who was traveling between the time they left and the time they arrived. This would have the side effect of signing them out of our most sensitive systems and removing certain highly confidential data from laptops. This was also rejected as “unnecessary”.
That company now counts a healthy proportion of the Fortune 500 amongst their customer base. I hope things are not so cavalier anymore.
You have a working OS! But you're logged out, all sensitive data is removed (safely overwritten with random data first), and you don't have the means to connect to the VPN or anything corporate (it was before zero-trust architecture), even at gunpoint. You can check your flight status, or look up a cafe nearby to eat, etc. But you have to go to a Google office in the destination city, identity yourself, and get the trusted bits restored on your corp machine. This, together with an OTP device, finally allowed you to reconnect to the internal network (and go check fresh memegen).
I do understand why all these steps are required. And they are good. But how should zero-trust architecture solve that? You‘re still authenticated what the core problem is.
Do you need to disable biometrics if you simply reboot? my Pixel 10 Pro XL wont let me in without pin after reboot. Biometrics wont work until that first unlock.
The guidelines also say that if the border agents of China or Russia ask you point blank, to give them access. It is not worth risking your personal safety for your device. That includes your PIN and password, and in China and Russia's case, whether or not that's actually allowed by law.
Ditch the phone. The liability, tracking and mental health problems created due to modern phones has made owning one unsustainable. Email works, at worst, voip providers exist. Do you need a map? Print one. Do you need directions? Ask someone. Does the restaurant only offer app or qr, ask someone, or go somewhere else.
I have never encountered a phone-related problem that could not be solved with:
1. A print out.
2. Asking someone.
3. Using your web browser on your computer.
4. Using some kind of voip if audio communication is needed.
Yes, it is not as convenient as the surveillance and privacy nightmares of today, but if your life is only about convenience, then send your money to the government, and let them just decide for you how much money you need, and you don't even have to think about that.
A minor inconvenience is a price well paid for freedom from surveillance and excellent mental health.
The ones who complain about inconvenience don't really care about privacy, democracy and freedom, so should not complain when these things are attacked.
Yea, driving a modern / newer car is just as bad privacy-wise as having a mobile phone. I mentioned plate readers as I was expecting "Don't drive new cars" given the "don't use mobile phone" comment :)
I don't agree a phone free life is an insane idea at all. It is in fact extremely reasonable, rational, and admirable. The parent makes it sound easier than it is though. You might consider that part "insane".
I have tried really really hard to break the phone addiction too. Though so far without durable success, unfortunately. :-(
Hey look judging from how this thread evolved in the last several hours, at least it turned out that the bait worked and a bunch of people were dumb enough to take it?
To be fair though, that horse bolted a couple of centuries ago. What other name would you call it by? There's another "united states" on the same continent. The country to the immediate south is formally known as the "United Mexican States".
But the whole hemisphere is not "Mexico". USA and Canada are not also "North Mexico". Their harmless little reminder is more correct than any of the attempted arguments against it.
It was the first group of united states on the continent. North America was, relative to the land that became Mexico, thinly peopled. Unlike in Mexico there was no pre-colonial, indigenous empire that had ruled and named the land which eventually became the 13 colonies. So there wasn't necessarily a better alternative to put after "United States of" at the time. Do you know of one?
The level of arrogance some western-hemisphere Spanish speakers have, trying to tell foreigners that the name they use for their own country in their own native language is wrong, demanding that they translate the Spanish name and use that instead, is so absurdly entitled that it's just... hilarious.
This is the point: in English, it is not a generic geographic term.
It is in Spanish, though, so I get where the confusion comes from (at least when that confusion is genuine and not just boring troll shit). In Spanish, "América" refers to what in English is "the Americas", because in English we use separate terms for North, South, and (sometimes) Central America.
It's not pushback. It's just dishonest ragebait bullshit.
I treat all items on an international trip as disposable. Been robbed by thieves, police (Mexico lol), and brutalized by US CBP enough to know it's not worth it to try and take anything across borders besides the shirt on your back. Anything carried is a liability for them to claim you filled some customs form wrong or to fake a drug dog hit on it.
"Immigration and Customs Enforcement have already started targeting travelers, with agents in plain clothes forcefully detaining a mother in front of her young daughter at San Francisco International Airport on Sunday after a tip from the Transportation Security Administration."
I don't think the tsa is at sfo. They use a private contractor for tsa functions. Is the quote made-up?
Airlines like Alaska Airlines make it very difficult to board a plane without a phone. It's still possible, but you need to prepare early and get your boarding pass printed at home, provided that you have a printer, apparently.
It's an interesting state that you can force someone to unlock their phone with biometrics, but you can't force them to reveal a pin.
Anecdotally, I have been to the US a few times in the past year, and seen no change myself - where are you going and why? Thanks have a good trip. It was for short business trips, and I'm white with a number of documented entries/departures, so my experience might be very different from the next person though.
Don't carry them with you. I'm old and I can tell you from experience... you can live life without holding a cellphone all the time. It's not as hard as you think.
159 comments
I remember how Google's internal guidelines for travel circa 2011 required to remove any material under NDA from your laptop when traveling to China or Russia; you had to restore it over the VPN after a safe arrival. Funny that now the same precautions apply to the US :((
The procedure that I got recommended in 2005 was to install a second fresh operative system (preferable windows) on the laptop on a separate partition/disk, make a copy of the old boot partition and disk encryption headers, encrypt the copy and store it online for later retrieval, and then overwrite the old boot with the new installation. Make sure to leave the old partitions alone.
The restore is then as simple as downloading the encrypted backup, decrypt and dd it back in place. Repeat the process before taking the trip back. It was advisable to test the processes before to familiarize yourself to it, and to use the fresh installation a bit so it wasn't completely blank.
> I remember how Google's internal guidelines for travel circa 2011 required to remove any material under NDA from your laptop when traveling to China or Russia; you had to restore it over the VPN after a safe arrival.
I made this suggestion when I served on the security team at a major cybersecurity player.
When we had our company-wide annual internal conference it was always in person. This meant that basically everyone, with basically cumulative access to everything, and all our code, would be traveling across a multitude of borders at once. Some of which were less friendly than the US (at that time).
This was rejected as impractical for developers and redundant for everyone else. So I suggested locking the accounts of everyone who was traveling between the time they left and the time they arrived. This would have the side effect of signing them out of our most sensitive systems and removing certain highly confidential data from laptops. This was also rejected as “unnecessary”.
That company now counts a healthy proportion of the Fortune 500 amongst their customer base. I hope things are not so cavalier anymore.
I would like to add as a reminder to encrypt all devices as well. Leave as little plaintext data as possible.
Veracrypt has the ability to create hidden volumes, regardless of OS.
How do you restore it via VPN? Don't you first need a workable OS to connect to VPN first?
I have never encountered a phone-related problem that could not be solved with:
1. A print out. 2. Asking someone. 3. Using your web browser on your computer. 4. Using some kind of voip if audio communication is needed.
Yes, it is not as convenient as the surveillance and privacy nightmares of today, but if your life is only about convenience, then send your money to the government, and let them just decide for you how much money you need, and you don't even have to think about that.
A minor inconvenience is a price well paid for freedom from surveillance and excellent mental health.
The ones who complain about inconvenience don't really care about privacy, democracy and freedom, so should not complain when these things are attacked.
> unless you gamble and drive without plates
New cars are being fitted with cell modems to ping cell towers.
I have tried really really hard to break the phone addiction too. Though so far without durable success, unfortunately. :-(
Maybe it's because I went nearly 50 years with no cell phone?
It seems reasonable to shut the phone off—check it through with your luggage.
(One of my favorite travel memories was trying to ask people in Tokyo for directions to my hotel—I speak only English.)
But you knew that already and decided to just post bait.
ha ha
It is in Spanish, though, so I get where the confusion comes from (at least when that confusion is genuine and not just boring troll shit). In Spanish, "América" refers to what in English is "the Americas", because in English we use separate terms for North, South, and (sometimes) Central America.
It's not pushback. It's just dishonest ragebait bullshit.
It is something that needs correcting tbh. The USA does not own the Americas.
I don't think the tsa is at sfo. They use a private contractor for tsa functions. Is the quote made-up?
Anecdotally, I have been to the US a few times in the past year, and seen no change myself - where are you going and why? Thanks have a good trip. It was for short business trips, and I'm white with a number of documented entries/departures, so my experience might be very different from the next person though.
"No, I don't have to."
Detained in a room for twelve hours.
"Okay, okay, here's my phone."
They are still active for accessing anything in the wallet, however.
It'd be fun to see how they'd handle a CLI. Might result in getting detained, though.
Enable self-destruction mode caused by a special unlock PIN on each of them.