Ask HN: How screwed is a 17-year-old trying to enter US with encrypted laptop?
So, I'm a 17 year old high school student from one of the countries participating in the US Visa Waiver Program, and I'm planning to go to the US to participate in a summer math program (unrelated to crypto, security or anything else like that).
The thing is, my only laptop has Linux installed with full disk encryption using LUKS, so turning it on first reveals GRUB, and then the passphrase prompt. I would imagine that this could seem rather suspicious to a border official, which (judging from all the horror stories I've heard about US border officials) could lead to a detention, extended questioning, confiscation of the laptop, etc etc. The laptop doesn't really have anything that illegal, but I wouldn't expect them to take my word for it.
I realise that my best course of action would be to just leave my laptop at home, but that would be very inconvenient. I could also replace the hard drive temporarily and just install plain Windows, but I don't really have a spare hard drive.
My question, therefore, would be: how likely is it that anyone at the US border will actually want to examine my laptop, and, if they happen to find that it runs Linux and is completely encrypted, how screwed am I?
25 comments
[ 8.1 ms ] story [ 145 ms ] threadStay out.
https://www.eff.org/document/defending-privacy-us-border-gui...
Why make your life harder?
Make gz image of the drive. Upload it somewhere, wipe laptop, when inside the US just download it and unzip from live cd on the fly.
Happy times.
Not very likely.
So you're probably fine.
Nobody ever asked me to look at my laptop or my external hdd. Two times they looked through my larger suitcase, but not my carry-on where I have my laptop.
Make regular backups that you do not carry with the laptop.
That protects you against both hardware defects and overly-aggressive border personnel.
I think the first is way more likely than the second. I have never had to show that a laptop actually was a laptop, not even when traveling with two laptops, an Ethernet switch, a few lengths of cat-5 cable, some JTAG stuff, a prototype device, a few screwdrivers, and a box containing the innards of a GSM phone that came with a power brick and a 2 feet or so plug-in antenna (that was before 9-11, though)
And VISA waiver/ESTA means that the U.S. got early warning about you, so chances are they already checked whether you are considered a risk before you show up at the border.
Also, many business laptops 'boot' into a pre-Windows environment that requests a password.
If you still are worried, would running Windows on a second, small, partition be an option? Alternatively, make the laptop login directly from booting into a demo account that shows some GUI with overlapping windows (could also be a different Linux OS on another partition)
Almost 70 million people enter the USA every year - that's over 190,000 per day. We hear about 2 or 3 horrible stories and it seems like every tourist who enters the country is harassed by immigration. I totally understand the concern when one hears these stories though, it's important to keep in mind how incredibly rarely they have occurred.
I would say your chances of immigration even looking twice at your laptop are extremely small. When they want to look at any electronic device, generally the only thing they want to see is for you to turn on the power to prove that it is an actual working device and not just an empty case with explosive materials inside it. They have no interest in whatever data you have on the device.
Exceptions might be if you are involved in high profile, anti-US politics or you suspect there is some reason you would be a person of interest to the US homeland security. Or if you are entering illegally, planning to overstay your visa or doing anything which you feel you will have to lie to immigration as you enter the country. In those cases I would be concerned entering any country, not just the US.
IMO, the problem in this case is not the encryption itself, but the act of hiding something, if you try to hide somenthing, then you could be in problems.
If you login to your pc, they are not going to know if it is encrypted ;-)
Most of the time the people that have problems are arrogant. I see people trying to lecture agents and other oneupman-ship, you win nothing from this. If you are polite, and maybe even act a bit clueless no one will bother you.
The chance of them making trouble is small, but I would try to implement some measure others suggested just in case (having a Windows dual-boot or something).
All the people posting "I've never been stopped" are just saying "I have not been selected".
Perhaps ask yourself the better question, "is it likely I have been selected?"
If you have something that is perfectly legal where you are, but illegal where you are going, you have not broken the law where you are going if you don't take the illegal thing with you. If you do take it, and you DON'T get away with crossing with it, the very best you can hope for is that you won't be jailed. Instead, you can expect to have your computer seized and destroyed, yourself deported and legally barred from ever returning to that country. Oh, and kiss your airfare goodbye, too. Or, all those unpleasant things could happen to you AFTER you spend a period of time in jail.
Not sure whether something really is illegal in the US, best advice is to ask a US lawyer. Second best is to ask a lawyer in your country who is knowledgeable in US law. Third best might be the US Consulate in your country. You can always ask HN, but in that case you get what you get and most of us are not lawyers.
Good luck in your travels, have a great time at the math program, and try real hard not to wind up in Gitmo.
Having said that: your rights to privacy are basically at their nadir in this situation: you're opting into air travel, which gives the US administrative search privileges; you're crossing borders, which virtually every country in the world believes gives them the sovereign right to invade your privacy as a condition of entrance; you're interacting with customs, whose job it is to find reasons to hassle people.
So: not the craziest idea in the world to take your sensitive stuff, put it on a USB drive, encrypt that, and just Fedex it to wherever you're going.
You won't need to go through that trouble, but it might make you feel better, and it's cheap insurance.