Apple exec detained and searched at SFO CBP checkpoint

(Simon) #1

In his own words:

The ACLU is now suing CBP. I can only hope they are ultimately successful in reversing this complete farce. There is absolutely no reason why the US Constitution, that applies to every single other LE agency in this country, should not apply to CBP. I find it abhorrent that the CBP has been allowed to invent legal loopholes (complete nonsense along the lines of “CBP checkpoints are technically not part of the US and hence the 4th Amendment does not apply”) that enable them to circumvent the Bill of Rights.

1 Like

(Doug Miller) #2

First, I am not an attorney. However, while I agree with you about what the law should say, there is established court rulings on the rights of travelers at the border of the US. This article summarizes our rights at the border and these cases well, I think: https://www.elsevier.com/connect/what-are-your-rights-at-airport-screenings-and-checkpoints

1 Like

(Seth Anderson) #3

The regulations establishing the 100-mile border zone were adopted by the U.S. Department of Justice in 1953—without any public comments or debate. At the time, there were fewer than 1,100 Border Patrol agents nationwide; today, there are over 21,000.

via

0 Likes

(Adam Engst) #4

Geoff Duncan wrote a great piece about this for us a while back:

1 Like

(Simon) #5

Here’s an idea. How about Apple allows us to set two admin passwords on our Macs and iOS devices? One would be the same password we’ve always had and we’d use it in the exact same way as always.

The other would be a password that immediately deletes the file vault key thereby rendering the internal disk to nothing but an assembly of random bit noise. When CBP asks for a password you give them the second. The Mac will then at best boot into recovery mode and offer to install a fresh copy of macOS. The authorities will find nothing and ideally you’ll have your Mac back shortly. You have done nothing wrong since of course before you travel you always wipe your Mac (never know what a terrorist might otherwise do with it if you get hijacked) and that’s what they agents will then be looking at.

Sure, you’ll be facing complete data loss so you’ll have to rely on a backup to restore your Mac or iOS device when you get back from the airport. But considering trade secrets and their immense value, I’m sure most companies would gladly provide for that kind of backup to ensure that only their employees have access to their data. Why extend any trust at all to an authority that choses not to operate under the Constitution?

1 Like

(blm) #6

A while ago I looked at adding something similar to TrueCrypt, except instead of effectively trashing a volume, the second (much simpler or even nonexistent) password would mount an innocuous volume, which you could populate with solitaire games and pictures of your kids–enough to make it look like an actual volume, but nothing incriminating. It wouldn’t stand up to any real forensic analysis, but would be enough to fool someone just casually inspecting a computer. Of course real work got in the way and builtin solutions from Windows and Apple killed TrueCrypt so I didn’t get very far, but I still think it would be a good idea.

0 Likes

(Doug Miller) #7

I don’t think that was the reason. TrueCrypt was always available for use for free, so there was no lost licensing fees or anything. The anonymous developer(s) of TrueCrypt simply chose to stop developing it without explaining why (though more about that in a bit). TrueCrypt was forked by a couple of projects, and one that has continued development is VeraCrypt, which has all of the features of TrueCrypt and supports opening TrueCrypt volumes, including the “plausible deniability” of hidden volumes, allowing two different passwords to unlock two different storage containers. However, the full disk encryption remains a feature only of Windows - you can’t do that with a Mac. See https://www.veracrypt.fr/en/VeraCrypt%20Hidden%20Operating%20System.html

I continue to use VeraCrypt for a few things, though not for full disk encryption. However, if you want this feature for a travel computer and you can use a Windows PC, it is an available option if you feel that you are at risk of having your technology searched at the border.

As for the explanation of the stopped development of TrueCrypt, a couple of years ago Atavist Magazine did a series of articles detailing a man named Paul LeRoux, who was part of a money laundering drug cartel, and suggesting that he was the author of TrueCrypt. It was an interesting series and I believe that the timing of his arrest does coincide with the end of development announcement. The series is here: https://magazine.atavist.com/the-mastermind but I believe it was Part 3 of the series that had the most details about LeRoux and the suggestion that he was the developer behind TrueCrypt.

0 Likes

(David Ross) #8

It’s one thing to be incensed at customs demanding to rummage through your files. (I’ve always felt if I didn’t want that I would just erase the devices before we landed or docked.)

But telling a lie to a customs agent or even misleading them, if caught, could make for a miserable few years or decades. At a minimum you’ll likely be flagged for SSSS screening from then on and likely become ineligible for TSA precheck and similar. And likely get to pay more than a few dollars to a lawyer or few.

0 Likes