How to cross borders and retain digital sovereignty \ stacker news ~bitcoin

How to cross borders and retain digital sovereignty

1021 sats \ 16 comments \ @03cc1d 2 Mar 2023 bitcoin

When crossing the border into the police states (UK, US, Canada, and Australia) your digital devices (phone / laptop) are subject to search and possible seizure.

If asked, you are obligated to provide the passwords to the device(s) - but not cloud accounts.

Therefore, these days it is only rational to cross such borders after performing a factory reset of your equipment, or at least deleting everything private (2FA accounts, social media apps, email apps, call history, SMS, messaging apps, photos, Bitcoin wallets, etc).

With this in mind, what are some good tools / strategies for securely managing / restoring your content (and settings), on both Laptop (Qubes) and Mobile (Graphene)?

10,000 sats bounty

03cc1d's bounties

view all past bounties

1200 sats \ 1 reply \ @zuspotirko 2 Mar 2023

My second suggestion is to have a pc running at home and you just VPN there from remote to your pc at home. It's super secure from the encryption and at the moment of going into the plane you carry nothing but a password for the vpn home in your head.

0 sats \ 0 replies \ @03cc1d OP 2 Mar 2023

Yes, @wumbo mentions this above, this could be a good option from the laptop side of things. Not sure if it would work with Qubes, but I could get an alternative Distro running on a home machine.

10 sats \ 1 reply \ @jpz 2 Mar 2023

Crea copias de seguridad encriptadas y ponlas en un servidor auto hospedado en nextcloud luego solo las descargas, las desencriptas y listo.

0 sats \ 0 replies \ @03cc1d OP 2 Mar 2023

If you're talking about a simple directory, indeed that would be fairly straightforward. But how to restore a graphene phone including 2FA codes?

And how to restore all the apps, ssh keys, wifi config etc on the laptop?

probably you are right though and it would just be a case of manually putting everything into a filesystem (and taking it back out)

Seems like a right PITA

10 sats \ 3 replies \ @Wumbo 2 Mar 2023

One technique I have seen mention is factory reset + a dummy account.

After doing a factory reset mock up some stuff. Download some random pictures of families, vacation, dogs, etc... to the wiped laptop.

Also have a burner cloud account: Gmail account with emails( recipes from your "Mom", e-invite to the neighbors house party, etc...)

This lets one provide a token objection first but giving them what they think they want in the end.

0 sats \ 2 replies \ @03cc1d OP 2 Mar 2023

I'm not fussed about the token account. I'll happily tell them I wiped the device so they couldn't jerk off to my nudes.

The main problem is restoring all the useful content afterwards.

0 sats \ 1 reply \ @Wumbo 2 Mar 2023

You could get in the habit of remoting into a machine for daily use. (remote desktop, etc...)

Then the laptop just becomes a thin client. Nothing to restore because the "actual" Machine never cross the boarder.

0 sats \ 0 replies \ @03cc1d OP 2 Mar 2023

that could be a nice workaround, leave a laptop at home and set up some kind of vpn.

just leaves the 2FA and Mobile issue

0 sats \ 4 replies \ @ek 2 Mar 2023

Steganography comes to my mind:

Can't ask you for the password if they don't know there is one ¯\_(ツ)_/¯

0 sats \ 3 replies \ @03cc1d OP 2 Mar 2023

if they can't access the device, they take the device

0 sats \ 2 replies \ @ek 2 Mar 2023

Steganography is about hiding (potentially encrypted) data in other data like images. So you can unlock your device and they can take a look around but depending on your threat model, they won't find anything suspicious. So they won't ask you for your password for the hidden data since they don't even know it's there.

0 sats \ 1 reply \ @03cc1d OP 2 Mar 2023

aha gotcha, good point. Actually that's quite nice as you could carry a very long, secure key that you can subsequently use to access your cloud keepass database or something like that.

0 sats \ 0 replies \ @ek 2 Mar 2023

yeah i think as long as you are not trying to protect yourself against state level actors you should be fine using that method

but also depends on the data you want to protect. not sure if you can easily hide a lot of data using steganography. but could be, like inside a long video or something

0 sats \ 1 reply \ @zuspotirko 2 Mar 2023

You should look into Tails.

It's a Linux Distro meant to be carried on an USB stick and works via Tor. USB sticks are surprisingly large and cheap these days. Nobody looks at an USB stick at the border. Just put it in a random pocket together with a pack of gums or something, nobody cares to llok.

And if they do they'll plug it in their Windows laptop and just see a bunch of technical /bin /etc /lib etc. folders that they don't understand. And your important files are encrypted anyways.

0 sats \ 0 replies \ @03cc1d OP 2 Mar 2023

I'm familiar with Tails but I'm not sure it will help in terms of setting up a laptop for daily work (video conferencing, email, coding / development etc).

Also it doesn't solve the mobile issue (2FA, contacts, messaging apps etc).

Wiping the device and having a decoy account is easy.

Restoring everything (including 2FA, apps, bitcoin wallets etc) is the hard / time consuming part, at least to do so in a secure way.

0 sats \ 0 replies \ @01xCc 2 Mar 2023

для дураков, используй второе дно) Работает как часы) придумай свой вариант для пароля к данным с другими данными)