[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] Re: Peter Swire: No, You Can't Search My Laptop
________________________________________ From: Jeff Nye [jpn213@gmail.com] Sent: Monday, August 04, 2008 5:01 PM To: gordon@twiceasgood.net Cc: David Farber Subject: Re: [IP] Re: Peter Swire: No, You Can't Search My Laptop Hi Gordon, If you're willing to expose a port on your home network, then from your destination you could use scp to transfer the VM to your location using password authentication. Then you do not have to trust a third party. I still don't understand the goal of the CBP search policy. Suppose I arrive at the border with a laptop or 100 DVDs full of random looking data. That data could be noise or it could be encrypted nuclear secrets. As far as I can tell, CBP has no way to distinguish between the two cases because the data could have been XORed with a one time pad. If CBP asks me whether the DVDs contain any encrypted data, they lose because I can (a) lie, or (b) correctly answer "yes" and provide a "key" that is the XOR of my data with a stream of zeros. I don't see an effective response from CBP for either choice. So I'm puzzled why they're putting people through the hassle. Jeff On Mon, Aug 4, 2008 at 3:17 PM, David Farber <dave@farber.net> wrote: > > ________________________________________ > From: Gordon Syme [gordon@twiceasgood.net] > Sent: Monday, August 04, 2008 2:58 PM > To: David Farber > Subject: Re: [IP] Re: Peter Swire: No, You Can't Search My Laptop > > I'm starting to think that the only "safe" way to get your laptop into the US > would be to create a VM containing your chosen OS and data and then leave this > at home. Travel without a laptop until you arrive at your destination. > > At this point you can acquire a machine, generate a keypair and export the > public key. A trusted third party then encrypts the VM and makes it available > for download, probably with a service like Amazon's S3. > > The VM can contain all your actual data contained in encrypted volumes to > minimise the risk of having to trust a third party (though this would require > transporting a private key inside the VM). > > This way you avoid the problem of taking data through the border and also of > taking a password through with you, the keys don't exist yet so how could you > reveal the password? Nothing carried through and nothing concealed. > > It's an awful lot of work to get around the risk of border searches (and the > associated data grabbing) and skirts around the problem rather than tackling it > head-on through legal means. I suspect that there are definite business cases > for going to this effort though. > > -Gordon -------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC