Reason Magazine

T|4.23.08 @ 11:10AM|#

TrueCrypt, baby! The man will never find your porn!

Works on thumb drives, too.

|4.23.08 @ 11:15AM|#

Well, I guess my "Michael Cheroff is a Terrorist" screensaver will have to go...

Jennifer|4.23.08 @ 11:18AM|#

Serious question: if you're going on a trip and decide to replace your lovely "Starry Night" screensaver/background with something vile like a goatse picture, is this kosher or are you expected to make sure nothing on your computer offends the delicate sensibilities of the overpaid high-school dropouts playing security theater roles these days?

|4.23.08 @ 11:20AM|#

I'd have a folder entitled "Secret Terrorist Plans" but every file in it would be the Rick Astley video.

LarryA|4.23.08 @ 11:28AM|#

Finally! Now at least someone will read my stories. And who knows? One of the TSA folks may have a sister who's married to a Hollywood producer who...

Aw, come on. It's as likely as them catching a terrorist by randomly snooping hard drives.

|4.23.08 @ 11:30AM|#

Jennifer -

If you do that, try to get in line near a small child, so you can also accuse the TSA guy of showing obscene material to a minor.

Dr. Logan|4.23.08 @ 11:31AM|#

I'd have a folder entitled "Secret Terrorist Plans" but every file in it would be the Rick Astley video.

When you rickroll the TSA, everybody wins.

Episiarch|4.23.08 @ 11:31AM|#

Aigghhh, joke handle.

|4.23.08 @ 11:33AM|#

Serious question: how do they determine if a picture is child porn? There are some really young-looking 18 year olds, and for that matter, some frighteningly overdeveloped 14-year olds.

Neu Mejican|4.23.08 @ 11:36AM|#

Arnold argued that a laptop is like a home - and therefore receives the same privacy protections. But O'Scannlain countered that you cannot live in a laptop and it travels with you, so there is less privacy expectation.

Doesn't your second life avatar have privacy expectations?

Warty,

Any more questions like that an you will be subject to a reasonable cause search.

;^)

|4.23.08 @ 11:39AM|#

Ummm, what the fuck is the border patrol looking for? Virtual illegal aliens?

If I have photos of the Hoover Fucking Dam on my computer, am I going to be detained?

|4.23.08 @ 11:41AM|#

I have one of those really cool "earthrise from the moon" pictures on my desktop; will they assume I took it myself from my secret moonbase fortress?

Jennifer|4.23.08 @ 11:48AM|#

Two girls. One cup. 'Nuff said.

|4.23.08 @ 11:49AM|#

Mr. Brooks, I'm afraid you're going to have to... "GET ON THE GROUND! NOW MOTHERF#(*#&@!"

Bingo|4.23.08 @ 11:51AM|#

What if someone brought a lethal computer virus across the border on their laptop?? I, for one, am glad that the TSA will be keeping us safe from such terrorist activities.

ed|4.23.08 @ 11:55AM|#

I don't own a laptop, cell phone or wristwatch.
I was a quiet man who blended in.
They never saw it coming.

Alex Jones|4.23.08 @ 11:56AM|#

P Brooks | April 23, 2008, 11:41am | #

In that case they would want to find out how you broke through the radiation belt and reached the moon, since they never did.

|4.23.08 @ 11:57AM|#

Y'know, I don't have a huge issue with people being cavity searched when they cross the border. That's just the way it works.

The problem is "the border" is now defined as every square inch of land up to 100 miles from the border, so huge sections of this country lost the 4th Amendment decades ago and never even knew it.

|4.23.08 @ 11:59AM|#

Uhm, Bingo, do you honestly think a TSA agent would have the slightest clue how to locate a virus on someone's laptop? If I have a heart attack from laughing this hard, I'm sending you the bill.

Naga Sadow|4.23.08 @ 11:59AM|#

T,

Awesome looking program, but I suspect that the NSA's code breaking mainframes in the basement would make mincemeat of the virtual encryption.

Guy Montag|4.23.08 @ 12:00PM|#

From my warm, sticky, fingers . . .

Bingo|4.23.08 @ 12:16PM|#

The borders of our internet are insecure! Millions of IllegalMexicanImmigrants and IslamicTerrorists are free to browse American websites on American servers. They have clear and open access to the White House, FBI, Department of Defense. They can insert a virtual weapon of mass destruction at any moment and destroy millions and interrupt ebay and eshopping and email.

Do you want an Islamofascist foreigner talking to your teenage daughter on Myspace? Or what about a Chinese spy looking at your son's facebook information? The Russian mafia can send your children pornography and drug information, completely unhindered!

We should demand the government do something about this threat. If we don't secure the borders of our tubes for the children, then the terrorists will have won.

|4.23.08 @ 12:20PM|#

Bingo -
Where did you copy and paste that post from? It was way too good to have been your own snark.

Elemenope|4.23.08 @ 12:27PM|#

Ummm, what the fuck is the border patrol looking for? Virtual illegal aliens?

Yes. And virtual drugs. And usage of encryption and/or steganography.

If I have photos of the Hoover Fucking Dam on my computer, am I going to be detained?

Yes. Welcome to Amerika.

|4.23.08 @ 12:35PM|#

Millions of IllegalMexicanImmigrants and IslamicTerrorists are free to browse American websites on American servers. They have clear and open access to the White House, FBI, Department of Defense.

Not only that, foreign investors, newly made rich by the debasement of the Federal Reserve asswipe Note, will have unfettered access to the Hud Home listings! Do you really want The French buying houses in this country? Homes freshly repossessed from god-fearing, red-blooded American house-flippers?

Oh, for shame...

|4.23.08 @ 12:46PM|#

~Naga Sadow

It's not virtual encryption, it is a virtual drive that is encrypted that they mean. And while it is probably the case that NSA can break AES-256 with their monster server farms, let's see how they do when everyone coming across the border has many gigs of material encrypted thusly. Are we all supposed to wait for them to decrypt before I board the plane? Talk about delays...

If we'd all just encrypt every message we send online, even if it's "hey Jennifer, go see this goatse picture..." then we'd not have to worry about AT&T setting up listening posts.

Naga Sadow|4.23.08 @ 12:54PM|#

Johnnykrisma,

There was a computer engineer at USM who basically said the same thing. So much information and too few personel to review everything. He theorized that any eavesdropping was carried out by using certain phrases and keywords, that were indexed by using other databases such as the FBI's, CIA's, etc.

|4.23.08 @ 12:59PM|#

"Probably good for the external drive and web hosting industries, though."

Until an Executive Order is signed authorizing, and demanding, access to said external drive(s) and web hosting services in the interest of NATIONAL SECURITY and THE CHILDREN a la the "terrorist" phone call monitoring program.

Bingo|4.23.08 @ 1:01PM|#

Hey now Reinmoose! No need to doubt my snarkiness ;)

LMNOP: I think you mean steganography. Time to encrypt all my important docs into 2girls1cup and goatse

I'm actually surprised the social conservatives haven't tried to get legislation for a national firewall (like China). For the children, of course.

|4.23.08 @ 1:07PM|#

I'm going to go out on a limb and guess QTParted will do a better job of erasing/ formatting my hard drive than whatever crap Windows has built in.

----

Once upon a time, I had an atom bomb mushroom cloud as a desktop picture. All I have to do is find it, and photoshop the Chrysler building into it, and I won't ever have to worry about flying again.

But I don't really want to spend the rest of my days in a dog kennel, either...
fuck it.

I better get to work.

Jennifer|4.23.08 @ 1:09PM|#

And while it is probably the case that NSA can break AES-256 with their monster server farms, let's see how they do when everyone coming across the border has many gigs of material encrypted thusly. Are we all supposed to wait for them to decrypt before I board the plane? Talk about delays...

Actually, I wouldn't put it past the government to adopt the default attitude "if it's encrypted, it's probably illegal and proof that you need to be detained." What does the TSA have to lose if everybody misses their flight? Nothing. TSA gets paid either way. Why should the Border Patrol give a shit if citizens are stranded outside the country and forbidden access back in? It's not like they're ever rated on matters like "customer satisfaction."

|4.23.08 @ 1:15PM|#

Bingo -
It wasn't in doubt of your snarkiness, it just looked too life-like to be snark. It's a compliment.

Other Matt|4.23.08 @ 1:16PM|#

Actually, I wouldn't put it past the government to adopt the default attitude "if it's encrypted, it's probably illegal and proof that you need to be detained."

No, they'll let you go on, leaving your laptop behind until it's decrypted, or destroyed. Or, you can give them the password, it's your choice.

Bingo|4.23.08 @ 1:28PM|#

Other Matt: The TrueCrypt hidden volume feature works pretty well there. One password pulls up the fake volume and the other password pulls up the real one. Put some financial docs and some soft-core porn in the fake volume and let 'em take a look if they want. They can't tell if you have a hidden volume and you get a plausible excuse for encrypting it.

|4.23.08 @ 1:28PM|#

leaving your laptop behind until it's decrypted, or destroyed.

Or put up for sale on Ebay, to help fund the Global War on Scary Badguys. Or beer money.

|4.23.08 @ 1:40PM|#

No, they'll let you go on, leaving your laptop behind until it's decrypted, or destroyed. Or, you can give them the password, it's your choice.

In looking at TrueCrypt (which looks sweet), there is a way around this.

TSA bimbos are unlikely, imho, to figure this all out.

Edit: in preview, Bingo beat me to it. :p

|4.23.08 @ 1:46PM|#

Awesome looking program, but I suspect that the NSA's code breaking mainframes in the basement would make mincemeat of the virtual encryption

Yeah, lets see how well the NSA's code breaking mainframes work on a one time pad, shall we?!?!

Actually, I wouldn't put it past the government to adopt the default attitude "if it's encrypted, it's probably illegal and proof that you need to be detained."

How will they even know that there is encrypted data on a machine? How is encrypted data different than say unencrypted data? It is all just ones and zeros.

|4.23.08 @ 2:01PM|#

IIRC there is a precedent for the use of encryption in a child porn case being part of the *evidence* of a trial. I guess much like the "if you've got nothing to hide, then what does it matter" argument, if you're using encryption, then you must have something to hide.

|4.23.08 @ 2:05PM|#

Yeah, lets see how well the NSA's code breaking mainframes work on a one time pad, shall we?!?!

They'll just subpoena your pads

How will they even know that there is encrypted data on a machine? How is encrypted data different than say unencrypted data? It is all just ones and zeros.

TSA wouldn't know their ass from a hole in the ground, but is possible to tell if something is encrypted. Most files even programs will have some type of plaintext in it. header files, constants, etc. Encrypted files are pure 'gibberish' for lack of a better term.

Jerry|4.23.08 @ 2:06PM|#

"...has failed to distinguish how the search of his laptop and its electronic contents is logically any different from the suspicionless border searches of travelers' luggage that the Supreme Court and we have allowed..."

So if I put my laptop in my suitcase, can they still search the laptop? Or can they only look at it and determine it's value from a catalogue?

bill|4.23.08 @ 2:18PM|#

The big question is can they force you to reveal or enter your password to open an encrypted volume? What about if you have your Windows password on? Can they make you enter it just to even be able to get into OS?

Kolohe|4.23.08 @ 2:25PM|#

As part of this side disgression, didn't "they" try in the 90's to make it illegal to possess anything other than authorized encryption technology? The 'clipper chip' or something like that? (TLTG - thanks for the acronym J sub D!)

|4.23.08 @ 2:31PM|#

They'll just subpoena your pads

How will they know that a one time pad is even being used?.

TSA wouldn't know their ass from a hole in the ground, but is possible to tell if something is encrypted. Most files even programs will have some type of plaintext in it. header files, constants, etc. Encrypted files are pure 'gibberish' for lack of a better term.

Here is an example of what someone can do:

Take a family photo (or more likely multiple photographs) with a digital camera, and take their encrypted data... then take each bit of that encrypted data, and add 1 or zero to the red channel of that pixel, corresponding to the bit from the encrypted file.

The photographs with the encrypted data will be indistinguishable from a normal photograph, as that one bit is below the noise level of digital cameras.

You copy these photographs to your laptop and travel to the U.S.. Meanwhile, your contact in the U.S. has a version of these photographs without the encrypted file superimposed. Diff the files, and you have that encrypted file again.

You can do it with any sort of file (sound, images, etc.). Do it with a music file in your iPod, which is unlikely ever to be searched, and even if it is, they have only discovered a perfectly normal audio file.

And what I am giving as an example is a gross simplification. There are much more sophisticated ways to hide the data. But basically, very smart people work very hard to hide data from national intelligence services, let alone from the idiots at the TSA. It is possible to hide and encrypt data such that virtually no-one will know that you have encrypted data, let alone be able to unencrypted it.

|4.23.08 @ 3:09PM|#

It is possible to hide and encrypt data such that virtually no-one will know that you have encrypted data, let alone be able to unencrypted it.

Homeland Security must be issued massive electro-magnets to scramble the memory of every electronic data storage device which crosses the border in either direction. That way, it will be impossible for Islamoterrorverts to transfer information from one part of the world to another.

|4.23.08 @ 3:16PM|#

Just set your laptop to boot from a drive that does not exist before you come and go "freely." When nothing happens but Hard Disk not found you can just say the laptop just crapped out and look depressed.

From the looks of those the government employs for these jobs getting past them should not be difficult at all.

Boot passwords, OS passwords, Encryption passwords not to mention whole partitions of data not visible if you run a dual boot setup.

Face it if those folks had 1/2 the computer skills to get around all that they would not be working where they are now.

It is true that collecting data seems great on the face of it but there comes a point where you have more data than you can manage and make sense from. Someone has to sift through the data at sometime and even cursory searches of really large volumes of data will yield really large quantities of information. They can't keep track of anything hardly now as it stands yet they seem to think collecting more is the answer. To what I have no idea other than someones desire for a total police state.

|4.23.08 @ 3:28PM|#

Mac users, go to System Preferences, Security, FileVault. Turn it on. Problem solved.

-jcr

T|4.23.08 @ 3:49PM|#

I actually wondered what they would do if you simply look at them and say you don't have the password. Company policy prohibits me giving out my password. What do I care if TSA confiscates the laptop? It ain't my laptop. I'll hand IT a receipt and say "Gimme new laptop."

Ali|4.23.08 @ 3:58PM|#

I wonder if TSA is reading this blog entry.

|4.23.08 @ 4:30PM|#

The fact is TSA are probably not the sharpest tools in their shed, so resorting to something like Steganography or even encryption is ridiculous. You could easily set up a innocuous looking partition to be your default boot drive and then when you wanted to get to your kiddie pr0n, nuclear device plans, or source code to Diebold's voting machines, just boot from that partition.

Just looked, Dee beat me to this idea, so yeah, what (s)he said...

|4.23.08 @ 5:12PM|#

# Your Good Buddy Johnny Clarke | April 23, 2008, 11:57am | #

# Y'know, I don't have a huge issue with people
# being cavity searched when they cross the
# border. That's just the way it works.

But where in the Constitution does this permission to forgo warrants reside? In the word "unreasonable"? I thought a "reasonable" search was a warranted one, or one that, because of serious and exceptional "exigent circumstances" could not wait for a warrant.

How do routine Customs searches qualify? I think this is another power that the courts simply made up, pretty much as they made up the "immigration" power out of whole cloth as "an inherent power of nations," without recourse to any specific language in the Constitution (which takes pains to make explicit other "inherent powers," such as taxation, for example, and then to say that anything not explicitly permitted for the Federal government to do was forbidden to it).

Just because we may have become used to "routine" Customs searches doesn't mean they are right, even if the Justices have (mistakenly) said so in years past. I hope this guy appeals.

gr|4.23.08 @ 6:07PM|#

"Probably good for the external drive and web hosting industries, though."

Using the same logic as this ruling they can probably search your hard drives and media that you bring with you too.

TallDave|4.23.08 @ 9:37PM|#

Sheesh, this is awful.


They might as well put up a sign:

"You Are Now Entering America. Please Check Your Rights At The Border."

TallDave|4.23.08 @ 9:37PM|#

Using the same logic as this ruling they can probably search your hard drives and media that you bring with you too.

I have faith the average border guard can't be bothered to figure out a USB connection.

LarryA|4.24.08 @ 3:47PM|#

One laptop - $800
100 Firefly flash drives - $900
Look on TSAguy's face - Priceless

Clackalackin|4.27.08 @ 3:39PM|#

You go through US Customs and Border Patrol at the border Ports of entry. They are Federal Officers and can arrest you at the border. Totally, different than TSA.

Presenting yourself at the border is all it takes to satisfy any 4th amendment issues. Like it or not that's the facts.

Go ahead and believe they don't know about USB ports, encryption software, phone chips, sim cards or your box of 25 Cubans.