Having your laptop computer confiscated by agents of the U.S. Immigration and Customs Enforcement can be an intimidating experience. A recent course case has confirmed the right of the government to perform this inspection. Fortunately, you can secure the data on your computer against government intrusion, and I am going to explain how.
First, having worked in forensic analysis of electronic information I can tell you that most of the time untrained users try to hide data they fail. That’s because the first thing the analyst will do is take the hard drive out of your computer, and make an image for analysis. If you installed some kind of boot password, then at this point it’s useless. Also, the passwords for any encryption programs are likely floating around in the virtual memory file of Windows.
Here is a portable example of the kind of device used by analysts.
The only way you can protect your laptop is with Full Disk Encryption, a secure algorithm and a very complex pass phrase. Once a computer with full disk encryption has been powered down, then the information on the hard drive is secure. Any image that an analyst tries to make of the hard drive will be of encrypted data. A good example of this principle in action is the case of Brazian banker Daniel Dantas.
For most users, I recommend Truecrypt, which works well on Windows 7. You should choose to encrypt your entire hard disk, and use a password between 30 to 50 characters in length that includes numbers, special characters and differences in case. Don’t use any portion of the password anywhere else and if you have to, write it down on a piece of paper until you have it memorized. Be sure to destroy the paper once you commit it to memory.
Microsoft offers an encryption program called Bitlocker, which although effective is difficult for most people to use effectively. In Windows 7, it doesn’t allow the user to employ a pass-phrase without a crypto chip. Bitlocker may be better on Windows 8, but there are things like changing security policy that may trick up the average user. Some speculate the Microsoft did this to accommodate the U.S. government.
Finally be sure to completely power down your laptop computer before the flight lands. If you simply put it into to sleep mode or hibernate, then it may be vulnerable.
Although you can secure your laptop, there is little, if nothing that you can be done in all cases to effectively secure a smart phone or digital camera. I recommend that you use a digital camera instead of a smart phone and destroy the memory card, after transferring the images to your encrypted laptop. The cards are cheap enough that this should not be much of a problem. Before destroying the card you might take a few hundred photos of your empty hotel room to clear out any memory buffer that may remain in the camera.
Of course I assume and hope that everyone is obeying the law to begin with. However, even law abiding citizens needs to protect themselves from the United States government. For example, the data on your hard drive may be retained indefinitely (remember that image). The government could use it to target your friends or establish probable cause to investigate you further. Not having any data to work with makes you safer.
In my next article, I will deal with how to backup your encrypted data securely and in the cloud.