Not everything can be backed up to the cloud these days. Banking apps, for instance, (understandably) like to use secure storage, so at the very least you will need to do a 2FA handshake all over again, which can be very painful when you are abroad.
What happens if one has no Google or social media accounts (although I have an Android phone, I have neither—I've never set up an account on the phone)?
It seems to me these days if one doesn't have any such accounts one's likely to be singled out as being suspect or suspicious.
This is why I have my old iPhone as a dedicated travel phone. No way am I going to let officials rifle through my real phone looking for sensitive information or private photos. Especially out of sight!
With my travel phone, I always assume everything I put on there is public info. If I lose my phone, no big deal, just an annoyance.
Rather silly advice. Sometimes one has no choice about their destination. Secondly, many countries now apply these grotesque little petty tyranny laws. Canada does, for example, and many people consider it "welcoming". Better practical advice, ad maybe also activism than depending on a possibly shrinking list of supposedly "nice" governments.
You always have a choice. You can choose not to go. If someone asks you to go you can say no. If they don’t take no for an answer then you can lie to them. Just say you can’t get an ESTA, there are many innocuous reasons such as visiting Cuba.
It’s true that Five Eyes countries are in general not very welcoming but the US is certainly the most unpleasant to enter.
>You always have a choice. You can choose not to go.
Of course, you can physically restrain yourself from going to X or Y unpleasant major country, but go ahead and tell someone rushing urgently to such a country for the funeral or medical emergency of a family member, or a serious financial emergency, that they can just "choose not to go" as if it were a case of choosing what toilet paper to buy.
As a non-citizen, I don't think you have enough rights to really fight back, and you could risk upsetting a petty border agent who may decide to 'punish' you and maybe deny entry.
Thankfully I've learned to back up and wipe devices before travel and then only restore after landing.
That's idiotic. They are wasting time harassing people, and searching physical devices for material that can be easily transmitted between any two internet-connected points on the planet. The "bad guys" they are trying to bust will do exactly that.
It's like still doing body searches for drugs when remote matter replicators have become ubiquitous.
I don't think they're illegal, but journalism aside, they may at times be suggestive of a terroristic inclination. It will raise further red flags. They can however lie to you that the possession is illegal and detain you for it, even though it's legal as per the First Amendment, and no jury will find you guilty if you quote the First Amendment in your defense, except in the event of a Supreme Court precedent against such possession.
Some countries like NZ and Australia do ban content that is violence and censor it despite journalistic value. They recently tried to force X to ban footage of a stabbing globally for all users, and Musk said no luckily.
It's shocking how much censorship we have these days in the world. "For our safety", except it's not, it's for the reduction of freedom since freedom is noise and noise in 0.001% of cases can generate unsafety.
Yes. Children are victims. They are re-victimized when the videos are shared. Perverts sharing them encourages more to be produced. Same thing with murder videos and animal torture videos.
Families have become victims of harassment when weirdos have sent images to them of their dead family member.
Most people would be offended if I pissed on their mother's grave.
Let's say they can't be re-victimized and their families aren't new victims. There's still the argument that it encourages more killings.
I believe that videos like the Christchurch massacre should be banned. That video was made by the murderer and I'm sure was intended to bring fear to that community and encourage more acts of violence by other murderous weirdos.
A surveillance video or a video made by a victim or bystander is different. I don't think those videos should necessarily be shared, but if they're not made by the perpetrator or shared to try to bring support to the preparator, then yeah it's probably newsworthy. Still, the victims' families should be taken into consideration. I'm sure you wouldn't want to be scrolling through Twitter and come across a video of someone you know being murdered.
> Still, the victims' families should be taken into consideration. I'm sure you wouldn't want to be scrolling through Twitter and come across a video of someone you know being murdered.
Maybe so, but I don't want you in charge of determining my feelings on the matter, and I want to be subject to your censorious ideas even less. We may agree on many things, but inevitably we'll disagree on others and then my life becomes worse because of your judgement. Just leaving it alone is probably the least harmful thing.
If you are arguing for the banning of sharing of videos of murder created by the murderer, then your initial comparison to CP is off.
In any case, the general idea of banning access to and possession or distribution of evidence of crime creates an insane power imbalance that I don't think can ever be justified, unfortunately, by the obviously extremely unfortunate things you mention above.
Videos of violent crimes that were filmed by the perpetrator of that crime should be illegal to distribute. Perjury is illegal. Judges limit what people can say about ongoing trials. There are all kinds of restrictions on speech. It's ok if this is one of them.
I’m probably a little odd but I wipe my devices before international travel. All my travel documents are printed. If they want to steal a device, I’ll just replace it.
When I arrive safely I restore from backup and nothing is lost except an hour or so.
This is not nearly as odd as it may seem to some people. Many federal agencies and DOE national laboratories use a similar procedure to this by issuing you separate temporary devices while on international travel. That basically requires you to only bring the files that you need if you bring any of them at all.
How do you deal with banking apps, the type where you confirm a credit card transaction? They cannot be restored from backup, need to be setup fresh on every new phone…
Endpoint navigation is not optional for me. I suppose you could pre-login to only those apps, but still, there is nothing that interesting on my phone that I want to spend the energy to wipe, restore, and re-login to a hundred apps.
How is that a big deal? Half the time you'd have to install the local equivalent of those ride hailing services anyways - that is if regular local cabs aren't the preferred way to get around.
I use like 2-3 apps for getting around, depending on country. I don't know what you're doing with hundreds.
1password works just fine with OTP across all my devices.
Using an authentication method tied directly to and dependent on my phone seems extremely risky and short sighted. A phone can be lost, fall out your pocket into a toilet, etc and those are just accidents. They also basically have a max life time of five years. What happens when you buy a new phone?
Does that answer the question? If you have a password and key for 1Password, and keep both your passwords and authentications for accounts behind that password and key, doesn't that defeat multi-factor authentication? Because if the person has access to your account password within 1Password, then they also have access to your account authentication within 1Password.
Factor means something you have, something you know, or something you are. 2 are needed to access 1Password.
Storing everything in 1 app makes the app a single point of failure. Storing everything on 1 device makes the device a single point of failure. Single point of failure and single factor authentication are different.
KeePassXC is a TOTP authenticator and it saves to a file. You can put the file anywhere you like. You can, given the correct master password, open the file again on any device and generate TOTP codes.
i like this. i've wanted to do this. but what might be the "right answer" to an inquisitive border force who ask why you have device(s) that are factory fresh?
I’ve never actually been detained or questioned (but know people who have).
If I were I’d tell them the truth that I feel more vulnerable during the chaos of travel and don’t want any risk that a lost or stolen device could leak anything personal.
Would this satisfy them? No idea. Getting stopped at the border is legitimately a single small concern of many more likely scenarios.
for you or anyone reading this, let me enlighten you. when you are dealing with border police there are a few things that you will come to understand. in practice, these border police answer to absolutely no one. there is no oversight and there are no consequences for them treating you poorly -- in practice. for future commenters please read the following words: "IN PRACTICE." the idea that you would tell them that you feel vulnerable about such and such and they would be understanding about it literally makes me laugh. they couldnt care less about the way you feel or whether or not you are at risk for leaks, theft, humiliation or any other bad outcome. you are less than human to them. this is what its like when there is almost literally zero accountability. if they pull you aside, they have already decided that you are guilty. sometimes they might search you and let you go but they also will just decide that they dont like the look of you and that you arent going to get in. once they pull you aside they can search you, interrogate you, hold you, whatever they want. the idea of there being some human element to this interaction is completely laughable.
pretty much every country runs one of these stockyard style mini police states on their borders now. and everyone puts up with it because of "terrorists." meanwhile, literally millions of undocumented people have streamed over the southern border of the US in recent years and how many terror attacks has that resulted in? well ill be damned, zero! so it turns out when the border police tear up your stuff, treat you like human shit and cost you thousands of dollars in hotel and other reservations because they decided they just didnt like the look of you -- it was literally all for nothing! besides the sadistic pleasure that the border police take in hurting people of course. isnt life just so funny like that? hee hee!
most people dont know because the vast majority of people are never pulled aside. but if 80% of people had the experience of being pulled aside, the same one that people have now, even if they all made it through to their destination... the border police would essentially be abolished back to their pre-9/11 status. its gotten completely out of control.
canada is the worst offender when it comes to this. one time they pulled me aside and one by one i literally explained or swatted down every single one of the officers objections. they werent used to someone who was already familiar with how things work. she tries to pull out a paper and pen and ask me all of my destinations to prove that i couldn't afford the trip. and half way through my meticulous and articulate explanation of my plans and stops it became very obvious that i could afford the trip and the clip board kind of melted away off to the side and she chose something else to nit pick me on. ive had canadian border police literally bark at me, sneering, eyebrows slanted at 45 degrees like i was looking at a cartoon character. they really treat you like you arent even human.
edit: if you give a phone call to the canadian border police, i forget the acronym, the first thing you hear is an automated message that swearing and verbal abuse will not be tolerated. IE they have tons of people who make angry phone calls to them after being put through their sadistic border process. how can they not realize that if they dont want people to be mad, they should treat people like human beings. thats the thing, they way they treat you is completely unnecessary. its not like being rude will foil the terrorist.
The point of saying "I feel more vulnerable during the chaos of travel and don’t want any risk that a lost or stolen device could leak anything personal" is not to generate empathy in the border agent, it's to provide a plausible cover story that will cause minimal fuss. Whether or not they empathise with you is irrelevant.
I truly don't see why you're being downvoted. Much of this is often true and some of it is sometimes true, but none of it is absolutely unbelievable. Speaking specifically of the Canadian border police, from personal experience with being "taken aside", I can vouch for an absolutely arrogant, condescending, shitty attitude of treating you as if you were a suspicious piece of scum for no good reason or justification outside the random bullshit they make up in the spur of the moment when they can find nothing concrete.
It's not a difficult answer—I bring a burner phone with me when traveling internationally because I don't want to run any risk of a thief getting the keys to the kingdom. Sure, I could remote wipe if that happened, but it feels a lot safer to just not have a phone with real data on it at all.
You're not the first person they've detained who didn't want to bring their real phone with them for totally innocent reasons.
this has not happened to me yet, but as a non-US citizen with a green card, if USBP told me "give us the code or you're not admitted" the next time i try to enter US, i'm gonna give them the code
IANAL, but as a green card holder my lawyer told me they cannot deny you entry without an order from an immigration judge (likely if travel was not brief - more than 180 days, or they engaged in illegal activity after leaving the United States as defined in 8 U.S.C. 1101(a)(13)) - you only have to answer questions about your name and status, nothing more - though, obviously it will likely cause delays.
It's similar in Canada; permanent residents and citizens have the legal right to reentry and it can't be denied. But that right applies to you, not anything you are carrying. Play that game and you'll probably lose the device to border security.
Losing the device in such circumstances is definitively the best outcome. There is a shit ton of data that these devices have and the law is so complex that you probably committed a crime somewhere without you realizing it.
Yikes, I don't know about border detentions. The right to representation attaches (generally) at the start of criminal proceedings, pursuant to the 6th Amend. Is a border detention a criminal proceeding? Probably it's just some sort of administrative function and so your rights are certainly much slimmer at this point.
Good choice. The only circumstances where it’s not a big risk to withhold your PIN is when you are a citizen entering your home country. Even then they can turn it into a pretty nasty time for you (as seen by the guy in the article, where they threaten to just keep his stuff).
Depends how much you want to visit the country in question. I will be bummed if I am blocked from visiting EU (I am US citizen) but any other country is kinda irrelevant. If Japan put me on no travel list, I would not care one bit.
There is inconvenience of being deported but frankly risk of giving access to all clouds account to random official is just too high.
There is also risk of them putting you in jail but I am not sure if unblocking phone really mitigate it.
All the deportations I’ve heard of where the person arrived by air, they were jailed until they could be put on a flight back. They only say “you can’t come in, now go away” if you’re crossing a border by land - and plenty of countries are going to refuse to let you walk away even then.
"So that I have the maximum amount of space available for downloading tons of beheading videos over the hotel Wi-Fi when I get to my room in New York."
More seriously, I would say that the wiped phone has a minimal amount of data in it, which has the advantage that if it is has to be searched, the search time will be minimized.
A good solution while it remains legal and backups remain unreachable authorities.
Are they unreachable? How sure are you? Aren’t you just raising suspicion and acting like a criminal by walking around with wiped devices at International borders? Seems suspicious.
How is it suspicious? Buying a burner phone is one of the most common pieces of advice you'll see for traveling internationally [0]. This wiping strategy is just one small step from that, especially if OP doesn't have a current-year flagship smartphone.
For most people border patrol is not the biggest threat they face when traveling internationally, and OP's steps are very reasonable ones to take against all manner of non-state-sanctioned thefts.
> Generally seen by whom? Do you have a citation for this claim?
By border security. Citation is having worked with ITAR materials in the past, and thus having been required by law to carry clean devices. I had a letter saying my blank phone and laptop were normal. (Only had to use it once, because I was only asked to unlock once.)
> hard time imagining how one would go about telling the difference unless it's a current year flagship smartphone
Any expensive device that doesn't appear to have been purchased for that trip that has zero communications, contacts or other items border security might be curious about will raise eyebrows.
Side note: I still recommend wiping devices and restoring on the other side. But that's quite different from this being best practice. Buying a burner phone is, though that's less and less feasible as we integrate smartphones into our lives.
I thought it was obvious that this is what I was referring to. It’s interesting that people don’t see how traveling with wiped devices sends red flags.
I wipe and restore.
But I have been questioned twice about whether I plan to sell the devices (they didn’t believe me in either case) and one rather unkind border professional I am pretty sure took me in for further questioning because of the blank phone.
But why? Like for example, in the US you can chalk it up to reducing labor rights to drive down cost and increase stock price, but what’s the reason Australia has this authoritarian boner atm?
Australia is a special case as it does not have a national-level bill of rights [1]. There are various cases that enshrine aspects of human rights as Australia is party to many UN human rights agreements, but there is no central easy document people can go back to like the US constitution or the German Grundgesetz. That allows for easy overreach that has to, time and time again, be pushed back by courts and then enshrined in new laws. For example, age discrimination is unconstitutional in some countries but is only illegal in Australia since the Age Discrimination Act 2004. So Australia needs piecemeal laws for every civil rights issue.
Australia is very much a Nanny state. You get fined for all sorts of things - Jay walking, biking without helmet, speeding over 5km/h, red light cameras, changing lanes without signal e.t.c
The solution to this is simple; erase your devices before you cross an international border and carry no data storage. If the reset device was taken from you then it's been bugged go buy a replacement. Otherwise just log back in to the cloud on the other side.
Depends on the device. When they take it out of sight they'll plug it into an automated unit that just hoovers up the data and sends it to intel. They want to build a detailed profile on every traveller. Now if you wipe the device and are logged out of your accounts, they're stuck. So they leave a rootkit that relays the login info when you type it in at home later.
If they take your device out of sight or plug it into any of their hardware, then it's a write off. Straight to Craigslist
It’s so strange to see a country concerned about Chinese incidence essentially turn into them, with greater and greater threats to free speech, digital freedoms, and privacy. It’s one thing to complain about China and another thing to complain about them while adopting the worst of their practices and none of the good pieces.
`“My only defence is to regress to 1985 and travel without a single electronic device, depriving me of my ability to communicate, my livelihood and to even call my airline.”`
There’s an easier way. Just buy a device and keep it in Australia, and cross the border without a phone.
If we just look at traveling, not really, only the English speaking ones and partially Russia, for now. No one will ask you for your passwords when going to China or the North Korea.
Just load it up with an emergency contact, your airline and flight details, the address and number of your (or any plausible) hotel, and that's it. If questioned, you can explain that you don't want to suffer the theft of private information, so you just travel without any. Do try avoid implying that they're the thieves you're most concerned about if you value your time.
You need to travel without your laptop too, which is (for me, at least) much more trouble to replace at the destination. I tend to just carry a Chromebook or a fresh OS install with nothing private kept locally. It's a bit more awkward to get stuff done while I'm away (especially on the plane), but I can mostly use remote resources if I have to.
There could be multiple duress passwords, one type would silently wipe the phone while displaying some fake data in a fake/locked down OS. Another would brick the device, another would turn on tracking and call authorities of choice..
Bricking or wiping isn't a good option because it makes it obvious what you did. One of the properties you want from a duress passcode is to convince the attacker (the border force in this case) you gave them what they want. Convincing fake data is hard to generate and easy to spot. Another alternative is for the duress passcode to unlock a subset of data and apps. This lets them see real but uninteresting data like contacts or family photos while keeping your personal documents (business, legal, medical, financial, keychain, or otherwise sensitive) private.
Once you give governments power for security purposes, to “save the children,” or to “prevent terrorism,” they will use it for any purpose they please.
It all started in the US with the patriot act after September 11th, and now we have warrantless, wholesale spying as a completely normalized reality 23 years later and absolutely no expectation of privacy for citizens.
Their track record across the world is pretty consistent.
And now TSA is trialing facial recognition at airports across the country. To my horror, nearly everyone just accepts it and follows the process instead of opting out.
Yes I was shocked that the lady behind the podium stated “now look here” as if it is totally normal. They’ve clearly been instructed to do this. And it makes it all the more alarming that this power is vested in the government. They can abuse this ability to introduce new dystopian things in many other settings that are more consequential.
RE "...Australian Border Force officials forced an Australian-US dual national to hand over his passcodes to his phone..." Its the law in Australia. Its an offence not to provided the passwords.
US and AU governments can fuck right off with this gestapo horseshit.
Also, don't follow random people you meet on social media or appear in photographs with them because a few people will be watchlisted, and there is no logic to the proliferation of watchlists and their taint will cause you problems for the rest of your life.
I was asked if my device contained any contraband, like illegal porn or beheading videos.
I had the option of handing over my passcode, or have my device confiscated and sent to a lab for cracking.
As a non-citizen, I complied. The device was searched for about an hour out of my sight. Meanwhile, I was quizzed by another border agent.
In hindsight, I realized that this gave access to my keychain and all my cloud documents. It feels very violating.
If anyone has suggestions how to prepare for this in advance, let me know.
All of this is completely legal under current law.
https://www.nbcnews.com/tech/tech-news/without-warrants-u-s-...
https://www.documentcloud.org/documents/5983533-90-2.html