[liberationtech] Travel with notebook habit

Bryce Lynch virtualadept at gmail.com
Sun Dec 30 11:37:08 PST 2012 

On Sun, Dec 30, 2012 at 11:02 AM, Eugen Leitl <eugen at leitl.org> wrote:

> ----- Forwarded message from Julian Oliver <julian at julianoliver.com>
> -----This is why I personally think it's wise to carry just a skeleton
> system over
>  the border on a bootable USB stick, with full disk encryption.  Once on
> the
> other side of the border, securely download the data required (as I said
> in last
> post).
>

This is what I do when I go OCONUS.

I have an older 'burner' laptop that I only take on travel with me that has
a 250GB hard drive.  Before every trip I DBAN the drive and reinstall my
usual desktop and applications (reinstallling Arch Linux is pretty fast
once you're used to it, and I use Backpac (
https://github.com/altercation/backpac) to automate much of the
construction process).  I also make sure to copy some files into my home
directory just so anyone poking around in there will have something to find
- photographs from vacations, RPG books from Drive Thru, and whitepapers
that I never seem to have the time to read at work.  I try to shoot for
looking like a harmless nerd.

Before I left I built a file on a separate system that goes into a
directory of videos on my website which is actually a TrueCrypt volume
containing a KeePass database, a copy of the Tor Browser Bundle, Torchat, a
set of SSH keys that are only used while on travel to log into certain IP
addresses, a set of OpenVPN certificates to set up a VPN connection to a
machine I trust back home, and a text file of URLs and IP addresses for
things.  Anything sensitive that I pick up while on the trip (like notes
taken or documents) get copied into the TrueCrypt volume.  The TrueCrypt
volume is only opened when I need it, otherwise it just sits on the hard
drive pretending to be a video.  Bandwidth permitting, I download that file
to my laptop for the duration of the trip, and (also bandwidth permitting)
it's SCP'd up to the same web server it was downloaded from so there is
always an offsite copy (which also gets backed up once a day along with the
websites on that server).

Just before heading home, one last copy is uploaded to the web server and
then it's securely deleted from the drive.  I don't use journaling file
systems on my travel laptop, so it seems to have a better chance of
irretrivability.  I've also experimented with overwriting the file with ISO
images (like the Arch Linux installation ISO) and other videos (concert
footage is nice) prior to shredding the file.  I haven't done a forensic
analysis to test whether or not an actual overwrite takes place, so take
that with a dose of sodium chloride.  It makes me feel better, though.

Sticks are easier to throw away/hide and if your laptop is stolen/seized
> within
> the country your data doesn't have to go with it - the stick's in your
> pocket or
> in your sock when walking around. Before you cross the border again the
> stick
> should be physically destroyed. This is better than trusting data deletion.
>

I would recommend microSD cards for this - much smaller, can be fitted into
a USB key-like adapter for access, they're relatively cheap (so you can
carry a lot of them with you, and if one goes missing it's hard to tell
(*cough*)), and they can be destroyed with a pair of nail clippers or a
flush if absolutely necessary.


> It can be smart to have a stock standard Windows install on the physical
> hard-disk that wakes from sleep on lid-open with a picture of you and a dog
> laughing in the sunny grass. Invite them to browse around and find nothing.
> Never use that Windows install, of course. Boot Debian GNU/Linux or
> BackTrack
> Linux on the stick.
>

That's a pretty good idea.  Not the way I roll, but it works.


> I've been extensively questioned at the border on a few occassions over the
> years /because/ my laptops don't have a Desktop as such, no icons either.
> Both
> my arms were grabbed at the Australian border as I reached to type
> 'firefox' in
> a terminal, to start the browser in an attempt to show them a normal
> looking
> environment.
>

That was a concern of mine, but I've not heard of it happening before.
Good to know it's a risk worth planning for (I do - Firefox, LibreOffice,
Clementine, a couple of other familiar-seeming apps on the desktop).


> Terminals at the border are not a good idea.
>

No, they're not.  White text in black windows sets people off.  Too many
movies with thrilling scenes of people typing, I think.


> To avoid the machine being tampered with, invest in a solid state netbook
> and
> super-glue the shell together. It's not a crime.
>

I put stickers on the seams on my notebooks in places where they would have
to be damaged to gain access to the internals - on the sides, on the bottom
over a screw or two, places like that.  I use different stickers for every
trip - sometimes Snoopy, sometimes My Little Pony, sometimes whatever is
cheap in the kid's section at the drugstore.  I switch them up to make it
less likely that the sticker pack used can be guessed (maybe it's a bit
overboard, but it's also minimal effort on my part).  If the stickers have
been creased, cut, or moved it would mean that someone had been poking
around in the guts of my laptop.

-- 
The Doctor [412/724/301/703] [ZS|Media]
https://drwho.virtadpt.net/
"I am everywhere."

-- 
You received this message because you are subscribed to the Google Groups "ZS-P2P" group.
To post to this group, send email to zs-p2p at googlegroups.com.
To unsubscribe from this group, send email to zs-p2p+unsubscribe at googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.



----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list