On Sun, Dec 30, 2012 at 11:02 AM, Eugen Leitl <eugen@leitl.org> wrote:

----- Forwarded message from Julian Oliver <julian@julianoliver.com> -----This is why I personally think it's wise to carry just a skeleton system over the border on a bootable USB stick, with full disk encryption. Once on the other side of the border, securely download the data required (as I said in last post).

This is what I do when I go OCONUS. I have an older 'burner' laptop that I only take on travel with me that has a 250GB hard drive. Before every trip I DBAN the drive and reinstall my usual desktop and applications (reinstallling Arch Linux is pretty fast once you're used to it, and I use Backpac ( https://github.com/altercation/backpac) to automate much of the construction process). I also make sure to copy some files into my home directory just so anyone poking around in there will have something to find - photographs from vacations, RPG books from Drive Thru, and whitepapers that I never seem to have the time to read at work. I try to shoot for looking like a harmless nerd. Before I left I built a file on a separate system that goes into a directory of videos on my website which is actually a TrueCrypt volume containing a KeePass database, a copy of the Tor Browser Bundle, Torchat, a set of SSH keys that are only used while on travel to log into certain IP addresses, a set of OpenVPN certificates to set up a VPN connection to a machine I trust back home, and a text file of URLs and IP addresses for things. Anything sensitive that I pick up while on the trip (like notes taken or documents) get copied into the TrueCrypt volume. The TrueCrypt volume is only opened when I need it, otherwise it just sits on the hard drive pretending to be a video. Bandwidth permitting, I download that file to my laptop for the duration of the trip, and (also bandwidth permitting) it's SCP'd up to the same web server it was downloaded from so there is always an offsite copy (which also gets backed up once a day along with the websites on that server). Just before heading home, one last copy is uploaded to the web server and then it's securely deleted from the drive. I don't use journaling file systems on my travel laptop, so it seems to have a better chance of irretrivability. I've also experimented with overwriting the file with ISO images (like the Arch Linux installation ISO) and other videos (concert footage is nice) prior to shredding the file. I haven't done a forensic analysis to test whether or not an actual overwrite takes place, so take that with a dose of sodium chloride. It makes me feel better, though. Sticks are easier to throw away/hide and if your laptop is stolen/seized

within the country your data doesn't have to go with it - the stick's in your pocket or in your sock when walking around. Before you cross the border again the stick should be physically destroyed. This is better than trusting data deletion.

I would recommend microSD cards for this - much smaller, can be fitted into a USB key-like adapter for access, they're relatively cheap (so you can carry a lot of them with you, and if one goes missing it's hard to tell (*cough*)), and they can be destroyed with a pair of nail clippers or a flush if absolutely necessary.

It can be smart to have a stock standard Windows install on the physical hard-disk that wakes from sleep on lid-open with a picture of you and a dog laughing in the sunny grass. Invite them to browse around and find nothing. Never use that Windows install, of course. Boot Debian GNU/Linux or BackTrack Linux on the stick.

That's a pretty good idea. Not the way I roll, but it works.

I've been extensively questioned at the border on a few occassions over the years /because/ my laptops don't have a Desktop as such, no icons either. Both my arms were grabbed at the Australian border as I reached to type 'firefox' in a terminal, to start the browser in an attempt to show them a normal looking environment.

That was a concern of mine, but I've not heard of it happening before. Good to know it's a risk worth planning for (I do - Firefox, LibreOffice, Clementine, a couple of other familiar-seeming apps on the desktop).

Terminals at the border are not a good idea.

No, they're not. White text in black windows sets people off. Too many movies with thrilling scenes of people typing, I think.

To avoid the machine being tampered with, invest in a solid state netbook and super-glue the shell together. It's not a crime.

I put stickers on the seams on my notebooks in places where they would have to be damaged to gain access to the internals - on the sides, on the bottom over a screw or two, places like that. I use different stickers for every trip - sometimes Snoopy, sometimes My Little Pony, sometimes whatever is cheap in the kid's section at the drugstore. I switch them up to make it less likely that the sticker pack used can be guessed (maybe it's a bit overboard, but it's also minimal effort on my part). If the stickers have been creased, cut, or moved it would mean that someone had been poking around in the guts of my laptop. -- The Doctor [412/724/301/703] [ZS|Media] https://drwho.virtadpt.net/ "I am everywhere." -- You received this message because you are subscribed to the Google Groups "ZS-P2P" group. To post to this group, send email to zs-p2p@googlegroups.com. To unsubscribe from this group, send email to zs-p2p+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE