U.S. border agents stopped journalist from entry and took his phones
|
In other words: Another incentive for passengers to hide the data and for companies to move towards remote desktop solutions, where the mobile device is merely a client.
|
I Found the Canadian Law About Preclearance
Originally Posted by pilot007
(Post 27550328)
Came across this article in the Washington Post.
Interview with the journalist at CBC. One of the comments in the CBC link mentions that he could have walked away without turning over his phones as this was a pre-clearance area. Is that possible? What do you guys think? Right of traveller to leave preclearance area 10 (1) Every traveller has the right, at any stage of the preclearance process, to leave a preclearance area without departing for the United States, unless a preclearance officer informs the traveller that the officer suspects on reasonable grounds that the traveller has committed an offence under section 33 or 34. Section 33: Deceptive Statements. Section 34: Obstruction. There was a new international agreement signed in 2015, but I don't see a reference to a new Canadian law other than the 1999 Preclearance Act, which I posted above. This presentation from April 2016 would suggest that the right of a traveler to withdraw is, thankfully, still intact (chart 7). |
Originally Posted by WorldLux
(Post 27550362)
In other words: Another incentive for passengers to hide the data and for companies to move towards remote desktop solutions, where the mobile device is merely a client.
Don't travel with data on your systems. Don't travel with automatic access to other systems. Put data on a private cloud and remotely access it, as needed, through a VPN. Don't trust DNS, use IPs for direct VPN access. Use 2FA and if truly paranoid, don't bring the HW device with you or know the passphrase yourself without calling another person when traveling. You want to be able to tell border officials that you honestly do not know the passphrase. Should go without saying, but whole disk encryption is required for all portable devices ... and beware of known bugs (there's an encryption bypass for certain versions of Win10 today) around whole disk encryption. Look up 'evil maid attack.' Smartphones need full encryption, VPNs and 2FA as well, especially when crossing borders. |
If Ou had already been inside the U.S. border, law enforcement officers would have needed a warrant to search his smartphones to comply with a 2014 Supreme Court ruling. But the journalist learned the hard way that the same rules don't apply at the border, where the government claims the right to search electronic devices without a warrant or any suspicion of wrongdoing. |
Originally Posted by Alex71
(Post 27550902)
So it seems neither American laws nor the laws of the country, where they are based, apply to these preclearance officers. They can simply do what they want. Only more reason to object the expansion of these preclearance facilities to additional countries.
|
With the exception of the outcome, this incident is not that different from the one discussed in this thread:
|
Originally Posted by dsdwe234sfd23
(Post 27550735)
THIS!
Don't travel with data on your systems. Don't travel with automatic access to other systems. Put data on a private cloud and remotely access it, as needed, through a VPN. Don't trust DNS, use IPs for direct VPN access. Use 2FA and if truly paranoid, don't bring the HW device with you or know the passphrase yourself without calling another person when traveling. You want to be able to tell border officials that you honestly do not know the passphrase. Should go without saying, but whole disk encryption is required for all portable devices ... and beware of known bugs (there's an encryption bypass for certain versions of Win10 today) around whole disk encryption. Look up 'evil maid attack.' Smartphones need full encryption, VPNs and 2FA as well, especially when crossing borders. http://www.cjr.org/first_person/ed_o...nding_rock.php |
Originally Posted by FliesWay2Much
(Post 27551437)
Check out my upstream post where I found the Canadian Preclearance Act. It actually does a decent job preserving rights of people on Canadian soil being confronted with a U.S. CBP interrogation.
● New officer authorities include: - Authority to question and seek identification from travelers wishing to withdraw from the preclearance area |
Originally Posted by chucko
(Post 27558096)
Not very practical, in this case. I don't think they have WiFi at the Standing Rock protest site. And this guy had a Nexus card!
http://www.cjr.org/first_person/ed_o...nding_rock.php Thanks for the link. He wasn't going to be allowed in regardless of his answers. They were fishing for more data. ANYTHING can be searched at a US border. OTOH, it is easy to pick up a burner Android device at any grocery store once inside. I've done this in other countries rather than risk my normal device at a border. Security is almost always a trade-off between convenience and security. The only tool I know that is both more convenient AND more secure than other alternatives is ssh. But most end-users have never heard of ssh, which is really too bad. Then push the changed data back to the private cloud BEFORE going through a border again. Again, lots of tools for this - rsync (over ssh) is one. Just providing options. Oh, and don't use passwords, use key-based authentication. Using passwords and you've already lost the security game. I understand this could be a shock to most people. |
All times are GMT -6. The time now is 2:22 am. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.