U.S. Customs Warrantless Searches of Computers and Cellphones
Dec 29, 2015, 1:32 pm
#1
Suspended
Original Poster
Join Date: Sep 2012
Location: CPH
Programs: Delta SM
Posts: 497
DHS warrantless search of iPhone
From Techdirt:
Judge Not Impressed With Government's Warrantless 921-Page 'Peek' Into A Suspect's Cellphone:
And since everything hinged on the search for money:
Please read the rest of the article to see what the court had to say about the warrantless fishing expedition carried out on this fellow's iPhone.
Judge Not Impressed With Government's Warrantless 921-Page 'Peek' Into A Suspect's Cellphone:
All the DHS wanted was a warrantless "peek" at the contents of a seized iPhone. The phone, one of three seized from a person suspected of drug trafficking, was examined by the DHS, with the warrant arriving a month later. Now, all of the evidence obtained from the phone is being tossed out.
The problem was, Djibo's money checked out. The declaration form was legitimate and the amount of currency he was carrying was found to be legal. (Yeah, let that last part sink in for a moment…)
Dec 31, 2015, 3:25 pm
#2
Join Date: Nov 2010
Location: Baltimore, MD USA
Programs: Southwest Rapid Rewards. Tha... that's about it.
Posts: 4,332
I'm particularly impressed by one of the comments after the article:
There's your first mistake, and one of the main causes of police and government abuse of power. Many of them don't see their jobs as 'upholding the laws' at all, rather they believe that it's their jobs to 'catch/stop the bad guys'.
If you believe that your job is to uphold the law, then clearly any actions which break the law are to be avoided. If on the other hand you believe that it's your job to 'catch bad guys', then laws become guidelines that can be ignored, rather than hard and fast rules that must be followed.
That sums up the problem with law enforcement in this country in a single, concise sentence:
Many of them don't see their jobs as 'upholding the laws' at all, rather they believe that it's their jobs to 'catch/stop the bad guys'.
It's brilliant, and the more you think about it, the more you realize how ingrained that attitude is. It's the Richard M. Nixon school of thought - "If the president does it, then it's not illegal!" So if a LEO does something, no matter how much it breaks laws, rules, or policies, as long as it's in the process of catching a bad guy, it's okie-dokie. The end justifies the means.
Simply brilliant, and horribly disturbing to realize.
Originally Posted by That One Guy
Originally Posted by That Anonymous Coward
It is a very sad day when those charged with upholding the law seem to have no problem blatantly lying in court.
If you believe that your job is to uphold the law, then clearly any actions which break the law are to be avoided. If on the other hand you believe that it's your job to 'catch bad guys', then laws become guidelines that can be ignored, rather than hard and fast rules that must be followed.
Many of them don't see their jobs as 'upholding the laws' at all, rather they believe that it's their jobs to 'catch/stop the bad guys'.
It's brilliant, and the more you think about it, the more you realize how ingrained that attitude is. It's the Richard M. Nixon school of thought - "If the president does it, then it's not illegal!" So if a LEO does something, no matter how much it breaks laws, rules, or policies, as long as it's in the process of catching a bad guy, it's okie-dokie. The end justifies the means.
Simply brilliant, and horribly disturbing to realize.
Dec 31, 2015, 3:30 pm
#3
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
I'm particularly impressed by one of the comments after the article:
That sums up the problem with law enforcement in this country in a single, concise sentence:
Many of them don't see their jobs as 'upholding the laws' at all, rather they believe that it's their jobs to 'catch/stop the bad guys'.
It's brilliant, and the more you think about it, the more you realize how ingrained that attitude is. It's the Richard M. Nixon school of thought - "If the president does it, then it's not illegal!" So if a LEO does something, no matter how much it breaks laws, rules, or policies, as long as it's in the process of catching a bad guy, it's okie-dokie. The end justifies the means.
Simply brilliant, and horribly disturbing to realize.
That sums up the problem with law enforcement in this country in a single, concise sentence:
Many of them don't see their jobs as 'upholding the laws' at all, rather they believe that it's their jobs to 'catch/stop the bad guys'.
It's brilliant, and the more you think about it, the more you realize how ingrained that attitude is. It's the Richard M. Nixon school of thought - "If the president does it, then it's not illegal!" So if a LEO does something, no matter how much it breaks laws, rules, or policies, as long as it's in the process of catching a bad guy, it's okie-dokie. The end justifies the means.
Simply brilliant, and horribly disturbing to realize.
Dec 31, 2015, 4:40 pm
#4
FlyerTalk Evangelist
Join Date: Mar 2008
Location: DFW
Posts: 28,103
Apr 11, 2018, 10:28 am
#5
Join Date: May 2016
Posts: 31
U.S. Customs Warrantless Searches of Computers and Cellphones
I understand this a grey area and there are conflicting reports online but I haven’t found a single report of a US Citizen’s experience of what happens if they refuse to provide a passcode to their phone. Is there anyone here who did so and what happened next?
Apr 11, 2018, 11:42 am
#6
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,231
CBP can't prohibit a US citizen from entering the country, but they can confiscate the phone for an indeterminate length of time.
Better idea would be to erase the phone before going through customs, and then restore from backup once you're back home/in office. They can't demand a passcode for information on a phone that doesn't exist.
Better idea would be to erase the phone before going through customs, and then restore from backup once you're back home/in office. They can't demand a passcode for information on a phone that doesn't exist.
Apr 11, 2018, 3:00 pm
#7
Moderator: Travel Safety/Security, Travel Tools, California, Los Angeles; FlyerTalk Evangelist
Join Date: Dec 2009
Location: LAX
Programs: oneword Emerald
Posts: 20,627
There is extensive discussion of at least one such incident in this thread:
US citizen and GE member forced to unlock phone at IAH
Interesting article about an incident at IAH. Seems that CBT has the power to search your phone but not the power to force you to unlock it?
I'm guessing that a GE member refusing to unlock a phone means GE status goes bye bye?
http://www.theverge.com/2017/2/12/14...ump-travel-ban
Interesting article about an incident at IAH. Seems that CBT has the power to search your phone but not the power to force you to unlock it?
I'm guessing that a GE member refusing to unlock a phone means GE status goes bye bye?
http://www.theverge.com/2017/2/12/14...ump-travel-ban
Last edited by TWA884; Apr 19, 2024 at 8:59 am Reason: Update link
Apr 11, 2018, 9:40 pm
#8
Join Date: Sep 2017
Location: GIG - YYC - SVO
Programs: Lost it all and don't care
Posts: 945
I always wipe my electronics before I travel across any border, and never travel with any of my other devices that may have been used to access or store anything that any other foreign service may find objectionable in their own minds.
Apr 12, 2018, 1:57 am
#9
Join Date: Jan 2009
Programs: Hilton Diamond, IHG Spire Ambassador, Radisson Gold, Hyatt Discoverist
Posts: 3,622
Yes. The officer asked to me enter the passcode to my phone. I said no. Hey said "We'll seize it." I said "fine."
They didn't seize it.
At least in the 9th Circuit, they can't seize a phone to perform an off site forensic search unless they have reasonable suspicion of criminal activity.
CBP did release a policy earlier this year suggesting that they can "exclude" your device from entering the USA if you don't give them the password.
They didn't seize it.
At least in the 9th Circuit, they can't seize a phone to perform an off site forensic search unless they have reasonable suspicion of criminal activity.
CBP did release a policy earlier this year suggesting that they can "exclude" your device from entering the USA if you don't give them the password.
Apr 18, 2018, 4:47 am
#11
Join Date: May 2011
Location: San Antonio, TX
Programs: AA EXP, DL Silver, Global Entry
Posts: 1,863
I have to ask if we have any idea how often does CBP ask/demand to examine devices? Does there appear to be pattern like some kind of traveler profiling, certain itineraries, etc? The reason I ask is that since this practice went into effect we’ve traveled back from Europe twice and Mexico once and never been asked about our devices. I was actually thought maybe our last trip that involved a lot of travel in the Middle East might be a tripwire so I took a hard look at sites we might have visited on line and actually wiped our searches, history, etc., just in case.
Apr 18, 2018, 5:13 am
#12
Suspended
Original Poster
Join Date: Sep 2012
Location: CPH
Programs: Delta SM
Posts: 497
It hasn't happened to me (yet), but I always change my iPhone and iPad from a 4-digit password to 20-digit alphanumeric* before entry to the U.S. I'm also ready for a confiscation if they wish, so I sleep like a baby before landing at MSP.
*Cracking the iPhone:
*Cracking the iPhone:
Law enforcement agencies have a new iPhone cracking tool that works with all modern iPhones and the newest versions of iOS 11, the GrayKey, designed by a company called Grayshift.
Previous reports have suggested the GrayKey can crack 4-digit passcodes in a matter of hours and 6-digit passcodes in days, but as highlighted by VICE's Motherboard, cracking times for the GrayKey and other similar iPhone unlocking methods can potentially be even faster and 6-digit passcodes no longer offer adequate protection.
Previous reports have suggested the GrayKey can crack 4-digit passcodes in a matter of hours and 6-digit passcodes in days, but as highlighted by VICE's Motherboard, cracking times for the GrayKey and other similar iPhone unlocking methods can potentially be even faster and 6-digit passcodes no longer offer adequate protection.
Apr 18, 2018, 6:56 am
#13
Suspended
Join Date: Mar 2002
Location: Canada, USA, Europe
Programs: UA 1K
Posts: 31,452
It hasn't happened to me (yet), but I always change my iPhone and iPad from a 4-digit password to 20-digit alphanumeric* before entry to the U.S. I'm also ready for a confiscation if they wish, so I sleep like a baby before landing at MSP.
*Cracking the iPhone:
*Cracking the iPhone:
Apr 18, 2018, 10:47 am
#14
Join Date: May 2013
Location: New York
Programs: UA Silver, Marriott LTPP, Hertz Five Star
Posts: 1,079
If customs really wants your phone or PC, they will take it and contract out cracking it. They can't deny a citizen entry, but they can confiscate devices. If you're really paranoid (or more politely, just security conscious), it's not unreasonable to take precautions. That being said, the number of seizures is exceedingly small, and new guidelines in 2018 are more restrictive on border searches.
If you use a modern Samsung or Apple device and have device encryption enabled (default on newer iOS/Android versions) with a sufficiently strong passcode and incorrect entry attempts wipe (generally the latter is a default) it's a good start. However, the software is basically validating the PIN (for the Apple devices since iPhone 5S except the iPhone 5C and iPad Air 2 & later, a chip called the secure enclave is in the middle). It's a stronger protection to enter customs with your device off as it ensures the full encryption passcode is not loaded into device memory. Depending on how devices like the GrayKey (post #8) work it might or might not prevent passcode bruteforcing, but not having the key to decrypt loaded into device memory would increase the attack surface. Going with a dumbphone or wiped smart device could be more secure, and then restore from cloud at arrival.
(The fact that Graykey devices require more time to crack more complex passcodes suggests to me that they have figured out some way to prevent the secure enclave on iPhone/iPad from incrementing the incorrect passcode attempt counter up but the end result is just good old fashioned bruteforcing but whether or not that works if the device is freshly booted/encryption key is not in memory as a result is not public knowledge).
If you're using a Windows PC, Bitlocker with TPM will generally preload the encryption key and just have the password screen. For additional protection, you can use group policy to restrict the TPM from loading the relevant key for encryption to device memory until a valid username/password for the system is entered (general partition for system is encrypted, small partition for logon screen is not, TPM throttles logon/bruteforcing attempts). Encryption that skips the TPM and just relies on an encryption key being correctly entered at startup may be more secure (in theory, assuming the key is strong enough).
As a US citizen, upon request from CBP I would personally refuse to decrypt personal devices and would offer CBP to contact my employer on authorization to decrypt any corporate devices (by putting the decision on my employer, the liability for the consequences of choosing to comply or not with the request falls on them.)
Never been asked personally though...
If you use a modern Samsung or Apple device and have device encryption enabled (default on newer iOS/Android versions) with a sufficiently strong passcode and incorrect entry attempts wipe (generally the latter is a default) it's a good start. However, the software is basically validating the PIN (for the Apple devices since iPhone 5S except the iPhone 5C and iPad Air 2 & later, a chip called the secure enclave is in the middle). It's a stronger protection to enter customs with your device off as it ensures the full encryption passcode is not loaded into device memory. Depending on how devices like the GrayKey (post #8) work it might or might not prevent passcode bruteforcing, but not having the key to decrypt loaded into device memory would increase the attack surface. Going with a dumbphone or wiped smart device could be more secure, and then restore from cloud at arrival.
(The fact that Graykey devices require more time to crack more complex passcodes suggests to me that they have figured out some way to prevent the secure enclave on iPhone/iPad from incrementing the incorrect passcode attempt counter up but the end result is just good old fashioned bruteforcing but whether or not that works if the device is freshly booted/encryption key is not in memory as a result is not public knowledge).
If you're using a Windows PC, Bitlocker with TPM will generally preload the encryption key and just have the password screen. For additional protection, you can use group policy to restrict the TPM from loading the relevant key for encryption to device memory until a valid username/password for the system is entered (general partition for system is encrypted, small partition for logon screen is not, TPM throttles logon/bruteforcing attempts). Encryption that skips the TPM and just relies on an encryption key being correctly entered at startup may be more secure (in theory, assuming the key is strong enough).
As a US citizen, upon request from CBP I would personally refuse to decrypt personal devices and would offer CBP to contact my employer on authorization to decrypt any corporate devices (by putting the decision on my employer, the liability for the consequences of choosing to comply or not with the request falls on them.)
Never been asked personally though...