Bestand wählen
Merken

Protecting Your Privacy at the Border

Zitierlink des Filmsegments
Embed Code

Automatisierte Medienanalyse

Beta
Erkannte Entitäten
Sprachtranskript
the ANNs and
the and and and the and locate them let's get down to business this is cleared up so the General Council of the 5th on here the list it at the end there is no William bodies in the technologies we use and the and the the topic is you all know but let's say the game just for principal sake protecting your privacy at the border so that's a and so the this a good up so and William but a good thank you you very much thank you all for coming here this evening we are here to talk about protecting your privacy at the border and as you mentioned were with the Electronic Frontier Foundation where the organization dedicated to defending your your rights online and 1 of the rights were concerned about is privacy and 1 of the places where your privacy so can be very impacted is when you travel across a border especially well with your digital devices so I
think many people probably understand this already but will start out with a why is it important why do we care about security and privacy in your digital devices well they are a window into
your soul what you can see a digital devices every aspect of your life the correspondence you the website you been searching the the financial records your medical records these are the sorts of things that if you give over control of your device someone can look into and that they often will have credentials someone can look into other aspects of your life that are there in the cloud and other servers so it has a lot of very sensitive information and
it into the in the information that you may feel a very private incentive for yourself is also some information which for a very long time in democratic societies has been recognized is not just sensitive not just private information but things that are outside of the scope of what would be properly obtained by the government things like communications with your attorney communications between you and your doctor and your reporter or source communications between those 2 and these are fundamental principles that still have a lot of value at the border that we don't wanna sacrifice these human rights in these values are just because you're exercising a right to travel go across the border of so
for purposes of discussion what is a border so that the many with thing about of water and we're just talking about the political borders like when you go from here over to the netherlands you probably are not going to pass through a custom search point and then I can be an implicated with some of the issues that we're raising here today and so it's not just the political borders because the points of entry into out into his own like this engine zone and oftentimes these things are actually not exactly on the border for example an airport on convening hundreds of miles from the physical border but is treated as a border cause at the port of entry but also in some cases how the water is actually the departure airport so that the water can be set up to go through that before transferring onto the plane into the destination countries so this or we're talking about in terms of borders and at
these points the government asserts more power and authority to conduct searches and they do throughout the rest of the country however how these these these governmental authorities are not beyond the power of human rights law and policy on some of these right so I have quoted here coming from the UN Declaration of Human Rights and from the European Convention on Human Rights that respecting you're you're the privacy your autonomy you correspondence these are things are widely recognized as fundamental rights so here in the European Union
and they have this sort of at a 2 standard system of for EU citizens and others who over a right of travel within the European Union are you go through a minimum check and then if you're from a from a non EU country you're subject to a thorough check
on this is usually done in the 2 to 4 stages of there will be pre border checks so if you are traveling on an airline the airline will pass through some some information about the passengers are in some cases that information may also lead to a check or there uh I check on the airline itself and then when you get to your destination will be the 1st line checking problem all gone through this where you show your password have usually a short conversation with the border agents and then if all goes well you go on your your way but but but sometimes it goes to a 2nd lunch at a more thorough check whether a dual but further on investigation of some of the triggers that
lead to the 2nd line checked on it there's some issues in that that short conversation that you've had a if that they don't like the the the way that things were answered that and communication difficulties on if there are any irregularities in your documentation and you have your visa what does it have the right data the media is different spelling of the name on the the of the passport and perhaps most importantly they will do a database check they'll put your information into the denoised and see if it comes back with signals all authors any mismatch with the computers information with the documentation you have with you when these may lead to how a 2nd line check and and and in that 2nd check is where you might undergo the more for research to the chart up here showing the percentage of people who once they got the 2nd line had a more thorough search now this is not just a by searches is any kind of the more thorough search because he is actually quite a bit of a difference in Charles de Gaulle this was in 2012 of 48 per cent of those who were the 2nd line got the additional searching while at the Frankfurt at the low number of only 7 % of the war for a while searching
and also just give a sense of how that might go on with a chart showing also from 2012 or how long it might be so far less than 5 minutes up to well 1 to 2 hours and you can see the various percentage therefore for the airports in a lot of it being centered in the 5 to 15 minute range but if they find something interesting here we wanna go through device search you're probably looking more the wanted to our range now the once you're at a particular
airport is national law that is enough to define the rules for what kind of search is permitted whether they're allowed to demand your password but there are some fundamental principles of the EU EU Agency for Fundamental Rights has put forth the reasons that would justify of these additional searches at the border point 1 is to verify your identity uh where you're coming from what nationality is seeing if you're a proper person to be admitted in the 2nd reason would be to search for dangerous objects like drugs or weapons or to see if there's any evidence of criminal activity and if that last 1 that is the most likely 1 could be the basis for a search of device to look for some sort of evidence to bolster a criminal activity or in some cases terrorism and which brings us to
our example from the European Union of the United Kingdom or that the new for for the time being but where they have scheduled 7 of the Terrorism Act and this is a very broad power that has been granted to the authorities in the United Kingdom I it is limited by having a nexus to terrorism it was also on the the UK court of appeal found out some limitations under the European Charter convention for human rights and this came out of the case involving David Miranda who was traveling between meeting Edward Snowden in Moscow and Glenn Greenwald in Brazil but was detained under section 7 at the Heathrow Airport I and brought a challenge to that of the core ultimately did find that the detention and interrogation were OK but said that the section 7 did not have sufficient protections for the right of free expression but because he didn't have the property exceptions that would allow for journalists to communicate for sources so this shows that while it is a powerful act it can be tempered by the convention on human rights however subsequently how the the border of the police in the UK have been asserting the right to demand passwords and more recently about a year ago a man by the name of Muhammad Rimini that was uh has to provide is password he refused to provide was arrested for that and earlier this year at September that conviction was upheld he plans to appeal but this will be a very important case and sort of determining whether the kingdom they truly do have the power to invoke this law and for no other reason than than suspecting they want see if there's any terrorism connections but be able to demand a password and look for all of your devices so turning our so a little more
broadly around the world a couple countries to to highlight here 1st in the in the commonwealth of Canada and Australia are both countries did you claim on a right to demand your passwords and go through your devices and laptops at the border the the courts have not yet ruled on whether this is authorized under that those countries laws and so was at some point there may be a challenge but to test this case but in the in the interim that's something that you might face when passing over these borders are 1 thing of of note is the canadian border police and they have a policy to restrict this to information that is on the device and not on the class but I know if somebody violates a policy usually you don't have much of a remedy about it but it's a nice to know that they do have that that policy and and then uh turning a
subtle but more further afield to authoritarian regimes and in this case is that uh if they wanna searcher device at a border they probably can do so with relative impunity so if you will be traveling to the Russia China and some them more authoritarian countries in the Middle East and Turkey and this will be a time to take some of the more maximum of precautions if you think they have any reason to go through devices that will uh discover behind me might figure that out later on because these countries may not be beholden to the international human rights norms and there might not be very much of it you can do to stop it all when the reason I want a highlight Turkey and here was that they have detained up up to 75 thousand people for having a encrypted messaging app on their phones simply for having the AP not because they were accused of doing anything particular with the AP but this was by Locke was the name of this messaging at and so if you were to travel over the border and they look through your phone and found by a lot that alone could be a reason for further detention and so and if he founded and there was uh liberal discover was recently deleted that also might be considered suspicious and turned to
the United States in the United States these days the when you come there the customs agents might ask you some questions like ask you to unlock your device other provided device password to disclose your social media handles so they can do public of searches about them and and how you can react to this depends a little bit on who you are but if you are a US citizen then they cannot refuse entry into the country and so what they may seize the device but ultimately you would be able to travel on to destination for permanent rested a resident also would be able to come into the country but there would be a little bit of after effects because this could raise questions about whether you be able to keep that status as a permanent residence and for everybody else here perhaps the majority of the room with you or not 1 of these 2 categories and you'll be asked his questions in a situation where if you say no they can deny entry until you have to turn around and go back to where you came from which puts a tremendous amount of pressure on to provide that access and to give up a little bit of your privacy rights but
so how often this is happening well at an increasing rate of over the last 3 years they have gone from under 5 thousand electronic media searches to on pace so this year for over 30 thousand to a substantial increase the 1 thing to keep in mind is this is out of 400 million of border crossings silicon a purely statistical level the odds are pretty low that a random person will have their own device search before so this is not actually random so whether you know your particular rods will will vary In
addition the US as a started undertake a program called extreme vetting of the last several years they have been collecting social media handles alias and search results and then providing that to the Customs and Border Patrol to ask questions about what they find and uh Donald Trump has as the DHS to expand this program by just about a month ago and this will expand to looking at things like of your sponsors and public hearings of speech is you may have given at conferences academic their website where you may have published a paper and this stuff instances of fair game to be questioned about as you cross the border and 1 time this was focused on people who were coming in with immigrant visas ones who were planning to stay for a period of time but they have expanded their 2 or more brief of travellers so how does this
work within the constitutional and legal framework well constitutional provisions do applied the US border but there is a somewhat known as the border search exception the exception that proves the rule routine searches do not require a warrant or individualized suspicion but routine searches do need an additional level of suspicions so what is a nonroutine search wealth to find something which is highly intrusive that impacts your dignity and privacy interest or is conducted in a particularly offensive manner so how does
that break down with device searches electronic searches well a couple years ago in 2013 a court of appeal found that a forensic search did require this additional level of legal process this is a frantic search is when they take your device Hogan up to machine of copy the data on it to some analytics are but a manual search you know they pick it up you flip through it on uh just with the border region right there that did not so that was the dividing line and 2013 but in 2014 there's a Supreme Court case where vs. California where the core was looking at searches of phones the government there was arguing that warrants were not necessary to search the phones and the court ruled otherwise they said that they were they recognize that there was a lot of sensitive data on the phone and that it was intrusive search that require a warrant and we believe that that precedent should be applied to border searches we file the case earlier this year Al-Assad verses Duke along with the issue you to challenge the warrantless searches at the border they Trump administration is filed a motion to dismiss a case which we're now litigating so hopefully will be able to use that taste and establish a precedent that you do need to have additional process to go through the devices at the border
few 1 thing where there has been some some limited progress on its access to the cloud so in the Riley case the court recognizes a great metaphor they said the government argument would be saying that it's like finding a key in the suspect's pocket and arguing it allowed law-enforcement to unlock and search your house and that's actually pretty good metaphor for what's on your phone because you a lot of credentials saved passwords of which are essentially keys that allow the phone your your computer to unlock information you have stored elsewhere on the cloud it shouldn't be because you're carrying in your pocket that this opens up your entire life to to the investigatory agent and the Customs and Border Patrol has a set as a policy is only a look at information this physically resident on the device RGB mind still do public searches for information about the social media handles again like with the Canadians this is a policy and so was very important with the establishes the law but starting point it is good they have the policy another
important thing to understand about uh US lot I think this could be applied elsewhere as well is the difference between passwords and from prince so many devices these days are using fingerprints as a method of unlocking it's very convenient and it does allow you to I don't have to type in your password evidence for it can be the law distinguishes between password because a lot of laws in the United States and actually many other countries to provide you with the right to remain silent and not answer questions from law-enforcement they ever do their investigations but you can't be forced to answer and you those laws are basis for argument you have to provide your password but some cases have found that there are less protections for the information that's on your finger In addition besides the different legal protections some practical 1 if you're at the border Europe device can be unlocked with the finger on the border region to grab your finger just shut it down the phone and that's a lot be arguing later about where they should have had access and whether instead of whether they can have access and finally it's if they're really interested in the government may have access to your fingerprints from other sources and they may be able to try get the phone using that information the cells
as you're approaching the border into I think how should I approach this how to work for me is going to depend a lot on who you are and how you that how you want react to the situation so things about who you are you a citizen ship your residences immigration status of will will affect your thinking and what your chances are of getting searched and ice react to it while you're more likely to be submitted depending on your travel history if you've been to countries that are associated with terrorism for example of your history with law enforcement of an arrest record if you have convictions these will increase the likelihood of being subjected to a search and then when you try to decide how you would deal with search you have to weigh some factors about your tolerance for hassle and delay forces your desire to make a statement to stand up for your rights in these can be very tough personal choices if you make the decision to push back on a search you may suffer some some consequences the year I have to have to deal with the 2nd way we should be
looking at it when you're when you're deciding how to react were what to do is think about the information you're carrying with you on how sensitive is that and what is the risk that you would face if the data was seized both the risk that if they if the government and access to that data and also your risk of having a loss of access to that of you never back up for example indeed indeed a device back do you need the information when you get to the far side of the border on or if you have the information and you can put it on the cloud will you be able to get that information through the network that will be available on the far side of the board of the quality both in terms of how fast they are or where like and in some cases there heavy government surveillance on those networks
so before you arrive at the border of the through some these issues and want talk with your employer about your work devices they may have policies about whether you should be taking it over border may have severe some information to be deleted may say you should or shouldn't provide passwords if asked of anything about protecting what you carry whether a little bit more this when we get the bill section tactile protections that things like back up encryption strong passwords then think about your online presence of 4 forward you devices logout removed credentials so that if they don't have a policy about to in the cloud they would have to at least to require or ask for passwords before they can do it so it's tamper evident that way also was to use and private browsing mode so they're looking through your web history they will be there but you also may consider looking at your publicly available information and shifting it to a private and make new friends only on Facebook or I go to a private account on Twitter and most importantly
don't bring in if they don't have it they can't take it at the border of so consider leaving your devices at all if you like and need them maybe even if you need a computer but you don't need your home computer considering a temporary device the Chromebook Roberta phone if you don't do you need the data that's on your device deleted if you do need the data consider moving it to the cloud and picking it up when you get to the far side then as you
come to the border it's important 1st to plan ahead have an idea of what you wanna do their how you would react to various scenarios to you're not making a decision when under this very uh uh a tough situation where under a lot of pressure of making a decision on the fly but have a good idea what you wanna do when you're having the interactions can be polite and respectful uh escalating the situation can lead to to further problems that are necessary importantly don't lie to the border agents there are a lot of countries probably almost all will have separate crimes for giving false information or lying to the governmental authorities and that means that they'll have something of over you even if there's nothing nothing else they have for telling something that was untrue talking to the border region but don't physically interfere with the search it's probably not gonna work out they have a lot of ability of some physical interference of perhaps you're a Jason Bourne uh and uh your rights for 1 that will talk about content in a 2nd but if they seize your devices with from you it's hard to say that you consented to give it to you and you can help preserve the rights and there's something does happen is it's going down anyone do something about it later documented give names patch numbers agencies a receipt for the property still give you the more power to do something about it later the the now i wanna turn to the consent
1st of all to something that often happens when other border regions are talking to you phrase things in the form of 0 . question you know we like to give your password can I see your device all and if you handed over in response to that they'll say well it was considered you have waived your rights you unintelligible every well you you give it out of the cell uh in some cases you might wanna clarified well is that of order MI required to do this or that a request that they say it's a request and no thank you this it's in order to well then you can I get to choose your own adventure you can choose to comply with the order and this will mean that access to your device uh you have more limited legal options later be more about trying to get them to delete the data or remove it from the systems as opposed to not get in the 1st place of you'll probably be able to much more quickly go on your way make your connecting flight to go to the conference to your going to attend How or you can refuse to comply stand up for your rights and that can provide you greater legal options were because you can challenge their ability to so they can tell us the ability to get into rights by not providing the password until has been adjudicated in a court a lot but this comes with consequences this may escalate the situation the device may be seized future troubled electron you're going over border so the the difficult choices it will depend on your particular circumstance and then after the
border again document what has happened and some uh appears freedom of information laws in your jurisdiction might wanna use those to get more information about what happens to a public records could be provided and the important thing if you did make that choice to hand over your password changes they will keep their password and will be available to them for future border crossings at it's a password to publicly available on the web sites they may use it to go on there to change any passwords they may have gotten access to as soon as you get your this is again and without turn over overbuilt talk little more about technical measures to protect yourself
has the about of the and yeah so in addition to the legal that you have at the border there are some technical measures that you can take to protect yourself but in general as group said that the best thing is to not bring a device with you if you don't have a device with you in the 1st place and there's no data that they can get from it in addition you'll have the benefit of not being able to be contacted by the boss and you can also use temporary devices and thereby also provide some protection you don't have legal measures and you have you of your house there's installing a device logged into the various accounts like Twitter are more of these work then they can't you know for sure of order that device and have your information immediately but but you know if you do you choose to actually bring your device with you then there are some things some measures that you can take it but if you do them right to protect the data that's on those devices so just kind of go into
some of the capabilities of technical abilities is that are on the border regions are able to get from your device this is a slide from a company's website called cell right and celebrate is a forensic analysis company what they do is they you know basically we create software for law enforcement due injury devices and use GT-AG interface to image those devices and get data off of them that not only do they do this for law-enforcement where they say right on the website that they're operating in 100 countries across the world have been working with Porter patrols to do this so we know that they're doing this at the border as well it
and you can see the kind of different categories is an actual so bright a report that added generated from an image from my cell phone and I you know you can this is categorized by calendar call logs these different things that they can get from your device after imaging and analyzing it but is important to kind of look at the right side of the column because you can see that there are numerous categories that have deleted items to not only can they get the files to contact the events that you have currently stored on your device but they can also get those that you deleted in the past and will go over some protections against that as well so the most
powerful thing you can do in general protective devices when crossing the border is employing folders encryption and it's an extremely powerful measure and to you have your devices encoded as you cross the border in general and the important part is that this it protects your data at rest it does not protect your data when you're transferring it over you know website and that the differ mechanism so this is encrypting all files on a device that when you're crossing the border from all that divide the dices files and and you know is only as important as it always as as secure as the power of the pass-phrase you choose to about device with but in most cases be a screen all logic is a different pass-phrase from the from the uh the fullest encryption batteries so you need to be aware of that this is especially true with a desktop devices and a not so much with mobile devices in general and so
serene devices have this this separate co-processor that actually in increases the security that you have at boot time so when you're entering your dis encryption pass-phrase 1 thing is that they can do is they can uh basically throttle the number of attempts that's a 3rd party can use when they're guessing when they're actually trying to go through the guesses of your device pass-phrase again you know like in the amount of time that it takes after each of the subsequent try and and slow it down if you have numerous in incorrect uh attempts at all so I can walk the device after a certain number of tries thing is that with IOS it's about 10 dries up and that make it that device a you not actually capable of unleashing the contents of uh and uh walking device that this is due to a piece of a a coprocessor that's on every iPhones and the 5 s called the secure enclave with a secure enclave does is it takes that pain or phrase that you have chosen and entangles it or mixes it with several different things that are stored in a secure enclave itself and these resources of uh this is key material that is stored in the UID that's burned into user currently that manufacture time as well as the GID which is uh basically flash and you can change but you can read the contact contends off of the secure unclear from and that's where this kind of X so X filtration resistance property comes from so we want choose
a good pass-phrase you really want to look for a strong up about that because these are critical for actually securing the device in a proper way and in modern situations with modern hardware trillions and trillions of gasses can be tried in a very very short period of time and the use you were listened come by the majority and to make it so that they can improve force you're pass-phrase and get at the contents so what we recommend is using 5 or 6 random words in order to choose your pass-phrase this is pretty resilient against those brute-force attacks from and again thinking had of the very memorable freeze to year 5 or 6 different words then you can create a story with a story about how the pass-phrase works and a great example is xk CDs correct course battery sepal comic that you probably are familiar with the in
addition you can kind of look at a website and get a huge list of dies phrase passwords that you can use and within the methodology of how to generate the stuff phrases so with device
encryption others mobile support across the border for device encryption pretty much at this point I enjoyed has so a partial supports since 2013 106 . 0 a year implemented its but only a few out enabled to basically since a enjoyed stock is an open source of ring system anyone intake and but you have Google Apps installed the devices a contractual obligation to add to actually implement as secure and folders encryption and I was had it for a long time since ever since the iPhone 3 GS and and iPod touches habit of the 3rd
generation later this is gonna with what looks like and different OEM is on the left we have an Amazon of fire the tended in on the right we have a 5 acts device emitting had there are different you acts indicators that your phone it has full encryption and in
general and not desktop OS environments so you can see that ever since 2013 this has been widely supported by Windows and Mac OS and also when x is headed for a very long time and in most distribution that's been available ever since the mid 2000
so the important thing to know when you're using disk conclusion is not to you grew up again your pass-phrase because if you forget your batteries in most cases you actually are going to build access the data in general that story on that device and some tools like BitLocker on Windows will allow you to add to can transfer your to windows and uh due to at Microsoft know what it is and you know that means of course that is fueling Microsoft noted is and they can unlock the contents of your laptop so but you should know that if you want to use this keep in mind that you have to be really comfortable with Microsoft being able to access all your data but 1 thing that you can do is also to turn off the thing of analog as period mentioned but you know 1 thing that is probably more effective is actually during your device off and when you turn your device off and then bring it back up the you know you can turn it off before you cross the border freer back up when you cross the border and it'll prompt you again a for your folders encryption pass-phrase it'll bypass the of the of the screen a lot that you in your fingerprint but this also means that it's going to rent yeah DNA attacks and direct-memory-access attacks or 0 days on the screen of logic programs but of course this really only works if you have a password
set them out all and you may remember this so
moving on from the folders encryption about freezes and and and this encryption there's also a mechanism called trusted beauty and as a way to ensure that the boot process in general is verified entrusted by the operating system so it's in it goes all the way from you know the previewed sequence to operators some loading loading itself and this requires some kind of a hardware trusted platform module or equivalent piece of hardware and that's built into the device that separate from the CPU and this year verifies the boot sequence all the way to DOS of a can kind of provide this neat thing called remote attestation that lets you know as a user that's the boot process has been secured about 1 of the most clever mentations untrusted view of what was uh was demonstrated by channel Hudson of last year CCC and uses this thing called a trusted platform module the time 1 time password what this does this is an
example of it and you have the season for the 1 tied the QGP that's actually included in the M and then it it has to be processed generate a one-time password which you can verify with an Android app like Google Authenticator I thought was a really cool implantation there's
mobile support for trusted root as well and there's I was low-level order which I which bootstraps side view which which in the operations itself an injury 4 . later it's called verified do and uses the trusted execution environment and intra devices in some cases where the available so you could check if your device has this and I and is equivalent to trusted view that 1 thing you in mind about that is that officer for for trusted beauty is only available in 2 but different injury offering systems 1 is stock and driven to had OS which has a very high level of security if you're using something like linear as you won't get the benefits of trusted beauty and on the right here we have had a graph which shows a what the boot process looks like in these various different configurations and if you of her party ROM so you know
entrusted with of support for Windows 8 has a single secure route with the room for the given mind about security is that was in you 5 standard and that Windows users and is not trusted viewed by doesn't secure against local attackers trusted do does a when there's a new and the security mechanism really doesn't is not intended to on its good against remote attacks but it's not you know going to protect you much if you're at the border but Linux supports various different that just rows that have trusted beauty and that available for them you can use all find use in many cases we should check on hardware support is available for you growers had this building since the beginning end of it is in the form of that verified viewed just like it's available in the injured verify dude has gotten better over time against local attacks and Mac OS has secured route available on my Mac Pro and later at the border and and access are really used for travel very much unless you're very audacious so
secure deletion and you can kind of see this secure deletion method that Elliott on Mr. robot users by migrating is hard drives around but if you're not as enterprising as Eliot and you might wanna bring us devices the border then you can use secure
deletion of and what's important here is that secure deletion yeah chain is this very different from simple deletion you simply delete a file on your hard drive then it's not going to do much just changes just erases the lines around it saying this is a file all the data in those files are actually still there so you know border regions have is complicated forensic tool in even simple tools can get those files back but border regions of have things like right as I mentioned before making recover the deleted files e-mails contacted several uh and so secure deletion should really be used if you want to remove those files and then there are various tools that you can use to do it but there are also some caveats but then you
when we're talking about secure deletion heating up you have things like factory reset or formatting battery reset it depends it may or may not actually remove the data securely from your device that depends on your OS and it depends on if you have folders encryption enabled in the 1st place that's that's important you mind factory reset and often doesn't cover things like if you have for instance a a s-st that entered into your phone and do factory reset is not going to oftentimes delete the data in the phone so that's that have something that you keep in mind that secure deletion it is quite easy laptops would sometimes it's hard to find tools that work well on mobile platforms or tablets yeah
but in addition uh we're talking about USB flash drives assess these memory cards more like what they meant something called wear leveling which means that when you're doing writes and reads tutors cards but they can spread them across the solid state and that means that the OS has no way to introspect to learn about where on the SST those bytes are being actually stored so they can you can use programs that do securely chemise to that kind of something that you know you can reliably due of for us these memory cards alike and yet we're talking about formatting by the 2 definitions of formatting 2 different things were talking about and there's something called a high-level format which does not delete the data that you want to securely delete and then there's low-level formatting which by large will lead the data that we really want to get rid of
and some the tools and data deletion and there's there's a distinction between the individual files might wanted to leave and there's free space that you want to delete a Linux as tools like scrabble and scrubbers did with their dash X argument you and on an override all the free space and with with zeros 0 at that free space and any also use use Rangel files why there's another tool and global both Linux and Windows has a utility called bleach bit by which we can delete that not only individual files but also the thing is the man I even think about like a browser history thumbnails that share of of you know different programs you have installed and so this is this kind of a good way to take it down to the thing is that you might forget about them but again it might be imperfect usage look into how well it works and
finally for mobile devices anything the the the best thing is to actually use disk encryption and this can be used as a kind of weighted you secure deletion so if you have your folders encrypted than you actually you know make it unreadable unless you have you for instance that pass-phrase them off in the way that disk encryption works is the use of pass-phrase around you on walking assured uh yes key in the beginning of a petition and then like go and actually uses that then to decrypt the entire drive around but if you use you want that decryption key in the beginning of the drive then uh this'll make the data fully unavailable and so that's 1 way to actually make sure that your files are securely deleted but this is kind of built into that was called factories that my last and also power wash on Chromebooks in Linux and this can be achieved by format your hard drive and I just reinstalling it from you know another copy of it it
and finally quot cloud storage of storage is a good way to basically physically move those vital files off a device that you want and you be somewhere else and often is the case that if you uploaded to the cloud and you have less legal protections than having under device but when you're crossing the border this actually might be the reverse you might have better protections we're crossing the border but if you have your that your contents of various files on the cloud instead so this is kind of a process of the minimization of and and you know you had a high the files from board odds and also get that makes it better for a theft when traveling abroad it but of
course there is no cloud there's other people's computers and cloud-storage you have
risks you have the risk of a government coming and issue a subpoena to a 3rd party due to your cloud provider and it's them saying fork over the data and that can be a very dangerous that actually get your data to the government actors don't disappear they can descend into the cloud servers in it that deal themselves but and also very unfortunate that is that most cloud providers only offer encryption when uploading it in transit to you know something like Dropbox and it's just sitting there for all to see that in the in the server side when you have actually on job much itself
so you know there are some services that offer client side encryption where you think about files on your local devised before ever sending it up to the class and this is often called 0 knowledge in the industry as Canada we're terminology because it's different from a zero-knowledge proof that he might mean no from topography and it provides protection against again as governments and hackers and the you should really remember to back up the remember you're the material and pass-phrase if you're using this method so here's a shot of the
different services that offer a client side encryption and do not offer it you'll notice that the most popular services I don't actually offer planting captioning have to use at some a lesser-known services in order to tell you really get the best production and for your back ups and finally you can
use a self-hosted services like ownCloud annexed cloud and if you're not trusting cloud services in general and just wanted poster own way to back up here your files and this comes with some of
the advantages and disadvantages of 1 advantage is that I called subpoena resilience which means that you will have the subpoena come to you directly so you actually know about it whereas your cloud service provider might actually never tell you and any other thing is that we have their own cloud in next class they have an I service that allows you to use client-side encryption as of next 11 which is coming out in some point next year they're going to offer encryption as a default so that 2nd category by the way to the predictor data by yourself in a way that you control but once you have the really employing consideration take minus that you what he she GPS enabled on your server when you're using the Scott services by yourself watching so so the takeaways from
this is that the have thus offenses not to bring a device with you and you know you might kind of deal the less stressed out of just don't have the device with in the 1st place and secondly if you you Tuesday you bring your advice with you useful this encryption user trusted Butte near the computer of that enables trusted root has evolved in an end you know employ some data minimization practices that it offers a harbor full protections afforded data in general and so without thanks very much energy return over to you questions
the thank you thank you thank you the well thank you there was great advice OK will have a short any we have about 8 minutes so um people queuing up on the mike yeah here you are signed excuse me so 1st 1 number 3 please 1 sentence with a question mark at the end right about devices being stopped at the border so broke problems putting on it yeah so if you have some kind of atrocities mechanism and if they can get in the operating system level and you know some spyware that is all the operations level they can actually get you in the 1st place so that's a good production OK Hang on there's a question on the internet yes thank you do you think it's a good idea to have them a dummy account or dummy profile on the device 1 of the challenges with having a academic our dummy profile is that in the context of discussing it while you may be put in a position where you will be giving false information to the border agent and then it was discovered that there was a different account and then you would have uh potentially open yourself up to a penalty for giving a false information that then could be used to give tremendous from pressure upon you to access the rest of the vise as you might be facing some of the jails OK let's try the mike on the left side and he's you could you use that do not lie to border agents and the what of bottom-up claiming I just went out of my passwords and what about saying it's 200 characters on a random seed of pay by my bed well 1 thing to do would be to actually not know your password right so if you are as and I still stand by don't lie the border regions but you if you actually don't know your password you can truthfully say that and then that perhaps we get to the far side I have some other mechanism of getting that 200 character password to you see that unlike your device so that may enable you to be truthful about it and not be able to give up the information but keep in mind that if you're in a situation where if they don't like your answers they can refuse to have you come into the country they may do so even though you say you don't you don't have them care why you can give it to them but the dissatisfied enough to turn your OK thank you Aaron please come on SST from erasing I just wanted come and that's if you delete a file and then write a random file over the whole disk you will get most of the funds state data covered and replaced but might so question is do you know if there are already forensics tools that can retrieve the date of its thought all 5 the trimmed by data and it's still on the farthest stateside on the US Steve I've can I read that out by Tribune believe no I mean when I delete my files the Trent system will just tell the SST that these blocks are not used anymore but they're still treat the set on the fullest stateside soul Noll dif ferent ICT with can actually ask the SST state attorney what's hidden there that do not deleted but would you still have programmed in so that I can retrieve the data but if that would be available then I wouldn't have to do with the extra weight that just the explore over right that I just suggest yet and so I'm not aware of any tools like that 1 thing to know about SST is that they have embedded firmware themselves so that you can continue see but as as the card that actually can axle traits uh any data you right to it to some kind of hidden actor petition they body wearing actually summaries of research on that your work and that that that's a good place to start OK thank you another question from the internet thank you for supporting CommOnt umbrella protesting missed on your list of encryption to its and then the question do you know was your knowledge about client afloat the common cloud provider maybe even open source literature can see that actually interests to a former that common and cloud providers that uses client-side encryption and you know the the main ones that you might have heard of that you know your whole there were about about I don't really offer in general but if you have a system of 4 in our units use by ropes and programs and they are a kind of a well validated the system for for doing client-side encryption on the back of the class OK thank you 1 more question from the left side here so my question is a less technical maybe more legal oppose honoring regarding being careful about sense and had using your own adventure is there a distinction any meaningful distinction between complying with a search and consenting can you say you know I understand that you're ordering me to you know submit a passwords Vitaphone but I'm going to comply with that under you know under duress not not consenting to keep your legal options available in the future yeah I think there there there are important distinctions I think in the truth is that even if somebody gives what appears to be considered under the circumstances this X is a pretty good argument that that's not freely given consent you're under tremendous pressure you're being are kept away from other forms of communications but it is a situation in which the US have tremendous power over you and so I think that even if you if you said that you know I'm not consenting but here you go I you could certainly argue that that wasn't consent and thing and they're all circumstances we elect fine you know you could say that you were really consenting to that but the more clearly you say that you're not consenting or more clearly you clarified whether it is a request for an order that could help your situation later especially if you were able to clarify that it is just a request and thereby so I think it will take the 1 final question just before all the frustration breaks out the Kurds in Williamson and and being so if if standard which is a little plus 1 and the C C so the few people have questions to ask you will take sorry 1 final question on the right side of the yes setting on top of the on question I'd like to us if you can recommend a program that automatically dust which these accounts based on which path but I enter into my device yes so plausible liability schema but I believe that there are a there is there is out there but the thinker away as an opinion about whether you should use of a lot of it is the same issue as before you you're taking a risk by trying to do that that is the risk that if that is discovered that is really suspicious to them and so that that highly escalates the matter so you're you're trading off this this I'll possibility that you'll be able to appear to be cooperative and not have them access to the the true information against the the possibility that are they discover there's something funny is going on in after they put it through the cell right or what not see there's a lot of data that they're not able to access and then the consequences of ratchet up so I I think that it's a relatively high uh high risk if something goes wrong that he will be treated as a very suspicious person that there is a a little bit of work on that backtracking uses that if you enter a certain what what's pass-throughs middle and steadily the contents of the rise of again and not the border there analysts to reading with this have to say is out there OK thank you and I'm afraid we have to close this now let's give a final began in the time of a what to what to do
if you if the you see that a lot of use it and that it took place and the 2
Datenmissbrauch
Digitalsignal
Selbst organisierendes System
Spieltheorie
Rechter Winkel
XML
Mailing-Liste
Datenmissbrauch
Videospiel
Telekommunikation
Datenmissbrauch
Web Site
Multifunktion
Computersicherheit
Web Site
Quellcode
Information
Bildschirmfenster
Datenmissbrauch
Quick-Sort
Datensatz
Digitalsignal
Rechter Winkel
Client
Computersicherheit
Gamecontroller
Server
Notebook-Computer
Information
Verkehrsinformation
Streuungsdiagramm
Ebene
Autorisierung
Datenmissbrauch
Multifunktion
Punkt
Physikalischer Effekt
Wasserdampftafel
Zeitzone
Term
Gesetz <Physik>
Datenmissbrauch
Rechter Winkel
Multifunktion
Punkt
Zeitzone
Leistung <Physik>
Dualitätstheorie
Umsetzung <Informatik>
Schmelze
Erweitertes Übergangsnetzwerk
Rechter Winkel
Korrelation
Passwort
Information
Physikalisches System
Extrempunkt
Gerade
Standardabweichung
Autorisierung
Telekommunikation
Bit
Subtraktion
Umsetzung <Informatik>
Datenhaltung
Zahlenbereich
Telekommunikation
Computerunterstütztes Verfahren
Gerade
Datenhaltung
Spannweite <Stochastik>
Hypermedia
Information
Gerade
Objekt <Kategorie>
Punkt
Freeware
Programmverifikation
Programmschema
Identitätsverwaltung
Gesetz <Physik>
Arithmetischer Ausdruck
Nichtunterscheidbarkeit
Inverser Limes
Passwort
Passwort
Metropolitan area network
Leistung <Physik>
Autorisierung
Einfach zusammenhängender Raum
Kategorie <Mathematik>
Schlussregel
Ausnahmebehandlung
Quellcode
Quick-Sort
Schlussregel
Objekt <Kategorie>
Fundamentalsatz der Algebra
Verbandstheorie
Rechter Winkel
Basisvektor
Garbentheorie
Speicherabzug
Streuungsdiagramm
Chipkarte
App <Programm>
Punkt
Extrempunkt
Klasse <Mathematik>
Extrempunkt
Gesetz <Physik>
Chiffrierung
Rechter Winkel
Notebook-Computer
Notebook-Computer
Information
Passwort
Normalvektor
Message-Passing
Normalvektor
Soundverarbeitung
Horizontale
Datenmissbrauch
Bit
Telekommunikation
Permanente
Soziale Software
Übergang
Hypermedia
Druckverlauf
Rechter Winkel
Hypermedia
Permanente
Passwort
Passwort
Brennen <Datenverarbeitung>
Programm
Resultante
Koroutine
Addition
Aliasing
Datenmissbrauch
Web Site
Ausnahmebehandlung
Schlussregel
Sprachsynthese
Ausnahmebehandlung
Frequenz
Datenmissbrauch
Soziale Software
Framework <Informatik>
Übergang
Eins
Extreme programming
Spieltheorie
Koroutine
Hypermedia
Computersicherheit
Optimierung
Instantiierung
Telekommunikation
Sensitivitätsanalyse
Prozess <Physik>
Punkt
Aggregatzustand
Analytische Menge
Computer
Information
Gesetz <Physik>
Übergang
Virtuelle Maschine
Arithmetische Folge
Passwort
Gerade
Streuungsdiagramm
Addition
Videospiel
Parametersystem
Güte der Anpassung
Systemverwaltung
Soziale Software
Menge
Hypermedia
Speicherabzug
Übertrag
Information
Schlüsselverwaltung
Streuungsdiagramm
Addition
Parametersystem
Befehl <Informatik>
Subtraktion
Likelihood-Funktion
Zellularer Automat
Befehl <Informatik>
Quellcode
Gesetz <Physik>
Teilbarkeit
Entscheidungstheorie
Datensatz
Forcing
Rechter Winkel
Basisvektor
Datentyp
Elektronischer Fingerabdruck
Elektronischer Fingerabdruck
Passwort
Passwort
Information
Modelltheorie
PRINCE2
Auswahlaxiom
ATM
Facebook
Einfügungsdämpfung
Bit
Datennetz
Information
Datensicherung
Term
Soziale Software
Whiteboard
Chiffrierung
Benutzerbeteiligung
Chiffrierung
Twitter <Softwareplattform>
Datennetz
ATM
Sensitivitätsanalyse
Passwort
Garbentheorie
Passwort
Information
Modelltheorie
Einfügungsdämpfung
Streuungsdiagramm
Streuungsdiagramm
Autorisierung
Kategorie <Mathematik>
Zahlenbereich
Interaktives Fernsehen
Computer
Entscheidungstheorie
Patch <Software>
Druckverlauf
Rechter Winkel
Zahlenbereich
Theoretische Physik
Kategorie <Mathematik>
Inhalt <Mathematik>
Information
Streuungsdiagramm
Lie-Gruppe
Leistung <Physik>
Telekommunikation
Web Site
Konfiguration <Informatik>
Mathematisierung
Abenteuerspiel
Mathematisierung
Zellularer Automat
Physikalisches System
Information
Gesetz <Physik>
Dialekt
Abenteuerspiel
Konfiguration <Informatik>
Datensatz
Bildschirmmaske
Rechter Winkel
Endogene Variable
Passwort
Passwort
Information
Ordnung <Mathematik>
Ordnung <Mathematik>
Einflussgröße
Auswahlaxiom
Nichtlinearer Operator
Addition
Web Site
Computerforensik
Sampler <Musikinstrument>
Weg <Topologie>
Gruppenkeim
Zellularer Automat
Kraft
Dienst <Informatik>
Dialekt
Gruppenoperation
Rechenschieber
Twitter <Softwareplattform>
Benutzerschnittstellenverwaltungssystem
Software
Rechter Winkel
Information
Ordnung <Mathematik>
Bildgebendes Verfahren
Einflussgröße
Schnittstelle
Kraftfahrzeugmechatroniker
Subtraktion
Kategorie <Mathematik>
Ablöseblase
Systemaufruf
Elektronische Publikation
Mathematische Logik
Mechanismus-Design-Theorie
Ereignishorizont
Chiffrierung
Advanced Encryption Standard
Chiffrierung
Touchscreen
Mereologie
Verkehrsinformation
Bildgebendes Verfahren
Einflussgröße
Touchscreen
Leistung <Physik>
Gefrieren
Zahlenbereich
Flash-Speicher
Chiffrierung
Mailing-Liste
Zufallszahlen
Randomisierung
Computersicherheit
Data Dictionary
Passwort
Coprozessor
Inhalt <Mathematik>
Booten
Kombinatorik
Hardware
Gammafunktion
Hardware
Booten
Kategorie <Mathematik>
Computersicherheit
Ein-Ausgabe
Frequenz
Chiffrierung
Forcing
Wort <Informatik>
Ordnung <Mathematik>
Eigentliche Abbildung
Humanoider Roboter
Addition
Maschinenschreiben
App <Programm>
Punkt
App <Programm>
Open Source
Mobiles Internet
Partielle Differentiation
Mailing-Liste
Chiffrierung
Chiffrierung
iPod touch
Mobiles Internet
Passwort
Proxy Server
Distributionstheorie
Logische Programmiersprache
Chiffrierung
Proxy Server
Netzbetriebssystem
Mini-Disc
Notebook-Computer
Bildschirmfenster
Elektronischer Fingerabdruck
Passwort
Indexberechnung
Inhalt <Mathematik>
Passwort
Analogieschluss
Touchscreen
Streuungsdiagramm
Elektronische Publikation
Frequenz
Generator <Informatik>
Touchscreen
Rechter Winkel
Einheit <Mathematik>
Elektronischer Fingerabdruck
Makrobefehl
Mini-Disc
Programmierumgebung
Versionsverwaltung
Speicherverwaltung
Offene Menge
Folge <Mathematik>
Konfiguration <Informatik>
Äquivalenzklasse
Zentraleinheit
Systemplattform
Physikalisches System
Gruppentheorie
Netzbetriebssystem
Passwort
Passwort
Booten
Hardware
Trennungsaxiom
Folge <Mathematik>
Kraftfahrzeugmechatroniker
Nichtlinearer Operator
Äquivalenzklasse
Hardware
Sichtenkonzept
Booten
Prozess <Informatik>
Mathematisierung
Arbeitsplatzcomputer
Modul
Chiffrierung
Login
Humanoider Roboter
App <Programm>
Nichtlinearer Operator
Sichtenkonzept
Graph
Booten
Computersicherheit
Übergang
Humanoider Roboter
Physikalisches System
Linearisierung
Übergang
Software
Rechter Winkel
Mobiles Internet
Authentifikation
Passwort
Anwendungsdienstanbieter
Booten
Wurzel <Mathematik>
Ordnung <Mathematik>
Programmierumgebung
Kraftfahrzeugmechatroniker
Hardware
Schlüsselverwaltung
Computersicherheit
Gebäude <Mathematik>
Stellenring
Routing
Bildschirmmaske
Datensatz
RPC
Bildschirmfenster
Computersicherheit
Booten
Benutzerführung
Standardabweichung
Hardware
Festplattenlaufwerk
Elektronische Publikation
Verkettung <Informatik>
Computersicherheit
E-Mail
Elektronische Publikation
Betriebsmittelverwaltung
Dialekt
Gerade
Wiederherstellung <Informatik>
Roboter
Chipkarte
ROM <Informatik>
Systemplattform
Übergang
Überlagerung <Mathematik>
Chiffrierung
Hypermedia
Notebook-Computer
Speicherkarte
Faktor <Algebra>
Optimierung
Addition
Computersicherheit
Mobiles Internet
Tablet PC
Dateiformat
Chipkarte
Chiffrierung
Tablet PC
Dateiformat
Faktor <Algebra>
Notebook-Computer
Mini-Disc
Instantiierung
Aggregatzustand
Parametersystem
Bit
Schlüsselverwaltung
Raum-Zeit
Browser
Mobiles Internet
Thumbnail
Browser
Softwarewerkzeug
Elektronische Publikation
Chiffrierung
Festplattenlaufwerk
Chiffrierung
Funktion <Mathematik>
Faktor <Algebra>
Mini-Disc
Bildschirmfenster
Dateiformat
Faktor <Algebra>
Mini-Disc
Optimierung
Schlüsselverwaltung
Metropolitan area network
Funktion <Mathematik>
Leistung <Physik>
Streuungsdiagramm
Prozess <Physik>
Reverse Engineering
Speicher <Informatik>
Computerunterstütztes Verfahren
Inhalt <Mathematik>
Speicher <Informatik>
Elektronische Publikation
Kontextbezogenes System
Whiteboard
Brennen <Datenverarbeitung>
Streuungsdiagramm
Streuungsdiagramm
Subtraktion
Elektronische Publikation
Gruppenoperation
Klasse <Mathematik>
Speicher <Informatik>
Dienst <Informatik>
Elektronische Publikation
Cloud Computing
Chiffrierung
Client
Dienst <Informatik>
Chiffrierung
Prozess <Informatik>
Beweistheorie
Client
Computersicherheit
Server
Passwort
Hacker
Hacker
Streuungsdiagramm
Server
Punkt
Klasse <Mathematik>
Dienst <Informatik>
Datensicherung
Service provider
Chiffrierung
Client
Dateisystem
Computersicherheit
Default
Streuungsdiagramm
Kategorie <Mathematik>
Konfigurationsraum
Speicher <Informatik>
Elektronische Publikation
Cloud Computing
Dienst <Informatik>
Software
Chiffrierung
Server
Client
Ordnung <Mathematik>
Mini-Disc
Streuungsdiagramm
Bit
Computer
Internetworking
Übergang
Eins
Client
Einheit <Mathematik>
Geometrische Frustration
Randomisierung
Wurzel <Mathematik>
Ratsche <Physik>
Computerforensik
Parametersystem
Kraftfahrzeugmechatroniker
Nichtlinearer Operator
Extremwert
Güte der Anpassung
Profil <Aerodynamik>
p-Block
Kontextbezogenes System
Biprodukt
Dialekt
Druckverlauf
Chiffrierung
Rechter Winkel
Digitale Videotechnik
Information
Ordnung <Mathematik>
Aggregatzustand
Telekommunikation
Gewicht <Mathematik>
Ortsoperator
Klasse <Mathematik>
Zellularer Automat
Zahlenbereich
Abenteuerspiel
Chiffrierung
Bildschirmmaske
Netzbetriebssystem
Mini-Disc
Passwort
Booten
Spyware
Inhalt <Mathematik>
Optimierung
Leistung <Physik>
Open Source
Mailing-Liste
Physikalisches System
Elektronische Publikation
Cloud Computing
Chipkarte
Energiedichte
Zahlzeichen
Mini-Disc
Lie-Gruppe
Hypermedia
Medianwert
Systemprogrammierung

Metadaten

Formale Metadaten

Titel Protecting Your Privacy at the Border
Untertitel Traveling with Digital Devices in the Golden Age of Surveillance
Serientitel 34th Chaos Communication Congress
Autor Opsahl, Kurt
Budington, William
Lizenz CC-Namensnennung 4.0 International:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
DOI 10.5446/34861
Herausgeber Chaos Computer Club e.V.
Erscheinungsjahr 2017
Sprache Englisch

Inhaltliche Metadaten

Fachgebiet Informatik
Abstract Our lives are on our laptops – family photos, medical documents, banking information, details about what websites we visit, and so much more. Digital searches at national borders can reach our personal correspondence, health information, and financial records, allowing an affront to privacy and dignity which is inconsistent with the values of a free society. While privacy and security is important for any traveler, this has become a critical issue for international conferences and their attendees, who shouldn’t need to trade off an invasive search for participating in important conversations. This talk will discuss the both the legal and policy issues with border searches, as well as technological measures people can use in an effort to protect their data.
Schlagwörter Ethics, Society & Politics

Zugehöriges Material

Video wird in der folgenden Ressource zitiert

Ähnliche Filme

Loading...
Feedback