At U.S. borders, laptops have no right to privacy. [but only if you're lazy]

[coderman]

On 10/25/06, Sarad AV <jtrjtrjtr2001 at yahoo.com> wrote:
> ... [link: At U.S. borders, laptops have no right to privacy.]

that's nice.  i'm glad i am aware of and utilize something called
"full disk encryption".  you may have heard of it, and wanted some,
but most of it sucks and is far to expensive or cumbersome to use. [1]

AES-256 behind two (n?) factor auth and they can take my disks and
probe until the (32bit) time_t overflow, enjoy.

my mitigation is now a broadband line and a few hours of distraction
to "re cache" my new laptop/hdd. [2]

that's the beauty of full disk crypto: no worries about physical
theft/loss, physical data recovery on platters, trojans compromising
your boot sequence or key mgmt tools and rootkit'ing / sniffing your
secrets. [3]

ah, much better...

"beg your pardon, you need my what for the laptop to clear inspection? ...
heheh, you're an amusing individual.  can i have my laptop back or
will you keep it out of spite?"

---

1. is 2007 the year of full disk encryption?  we should start an
anonymous betting pool backed by pre-paid visa / e-gold accounts tied
to fictitious identities... (at least, before they
legislate/strong-arm pre-paid phones, credit cards, and other privacy
preserving financial/communication services into the ether via the
convenient shock-fear-prod's of child pr0n and terrorism)

2. this assumes you also regularly perform full and incremental
backups, and verify / test archive / backup integrity prior to finding
out you actually don't have another copy of the data that just walked
out the door and became pure entropy in this lost context...

3. assuming it is designed, implemented, and usable enough to be
secure against these threats without leaving important information
perilously vulnerable to exploits or catastrophic failure.  this is a
hard problem (tm) :)