Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If I were him, I'd be tempted to make an image of his drive, and compare that to an image made after the agents tampered with it, to see what changes occurred in the process.

But like he said, he couldn't even trust them physically. I'd be tempted to just toss them in the trash, if I could afford to easily replace them.



I'd just start FedEx'ing things and just take a book... Perhaps travel with just a SIM card and pickup a new phone when I landed.

That's about the only thing you could really start to do.


I've heard that this is SOP for international lawyers. They don't want some border agent sniffing around confidential legal files.


Yes, you heard correctly. I remember a talk at a past LegalTech conference where the panelists urged anyone doing a lot of traveling (especially to 'sensitive' parts of the world) to simply travel with a 'spare' laptop, and keep everything important on encrypted USB drives, which can be sent through the mail in tamper-resistant packaging. It solves several problems:

1. Confidential data won't be compromised during a border search, theft, accident, etc..

2. You avoid the issue of being forced to give up your passwords to law enforcement.

3. If the laptop is confiscated, it can take months to get it back, so you wouldn't want that to happen to your main work machine.


You'll have to buy toner cartridges at your destination too, probably not a good idea to ship those anymore.


There's approximately 16 zillion places to stash code on a modern PC. You don't need to touch the hardware to make disk imaging ineffective.


Can you explain?


I'm guessing he's referring to the possibility of putting code in one of the following places:

  motherboard BIOS (http://arstechnica.com/security/news/2009/03/researchers-demonstrate-bios-level-rootkit-attack.ars)

  other peripheral BIOS (keyboard anyone? http://www.semiaccurate.com/2009/07/31/apple-keyboard-firmware-hack-demonstrated/)

  additional hidden attached solid-state storage
etc...

Although, this does involve touching the hardware, just not the harddisk so perhaps I misunderstand also.


http://blog.ksplice.com/2010/10/hosting-backdoors-in-hardwar... is interesting


I'd rather consider using truecrypt and do plausible deniability, and own hardware I don't have to get too emotional about keeping.


Sure, but the OS itself still has to be unencrypted, or at least the boot sector, right? Can't trust that, either, right?


Yes, some code has to be unencrypted to use the passphrase to decrypt the rest of the disk. People who are serious about security will boot off a known-good USB drive or CD.


Or just sell them, make back some of his investment, and have the people on the other end wonder why he's trading recipes or saying "OMG did you see that dress Kaitlin was wearing???".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: