Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Protecting your data when entering the US

131 Aufrufe

Veröffentlicht am

How to make sure you can give away your passwords to the DHS agents and still protect your personal and company data

Veröffentlicht in: Ingenieurwesen
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Protecting your data when entering the US

  1. 1. The Trump Era
  2. 2. Who am I? ● Chief System Architect of ● I teach Network Security and Linux System Administration
  3. 3. ● Slashdot 08.Feb.2017 US Visitors May Have to Hand Over Social Media Passwords: DHS ● Slashdot 12.Feb.2017 US-Born NASA Scientist Detained At The Border Until He Unlocked His Phone
  4. 4. ● Slashdot 18.May.2017 US and EU Reject Expanding Laptop Ban To Flights From Europe
  5. 5. ● Slashdot 18.May.2017 US and EU Reject Expanding Laptop Ban To Flights From Europe ● What does this actually mean?
  6. 6. ● Now a simple trip to the US becomes threat to your personal life and company data ● You do not have rights under the US law, because technically you haven't entered the US ● The DHS agents may decide to copy all your data, without notifying you.
  7. 7. ● By giving away your passwords to the DHS you may violate the contract with your company and immediately become liable under the laws of your own country ● EU privacy laws state that customer data, such as names, addresses, IDs and so on, should be stored only on EU soil. If for whatever strange reason you had left any such data on machine that is searched by the DHS, you and your company are liable under EU privacy laws – EU GDPR
  8. 8. ● Why would you unlock your laptop/phone – you may be detained until you provide your passwords – you will miss all your appointments – you will lose the money for this whole trip – you will lose potential customers – miss conference or training
  9. 9. ● So what can YOU do? – encrypt the data on your computer ● cripple on purpose your encrypted storage ● leave the beginning of your encrypted storage at home or at any other third party, that you can relay on ● make sure there is NO WAY for YOU to recover the encrypted data, without that part, that is NOT with you
  10. 10. ● Why would you leave most of your data on the laptop and only cripple the encrypted storage? – Internet in the US is actually BAD... VERY BAD – Downloading 10-15GB of data may not even finish for one night :( – leaving most of your data on your PC means faster restore time
  11. 11. ● What to encrypt – all private data – browser profile – emails and email profiles – all downloads – all instant messaging logs – settings of your applications
  12. 12. ● If you have a VPN, keep its keys in the encrypted storage, so DHS would not have access to them ● It is also a good idea to disable your VPN keys/accounts while you are traveling to/from the US. – setup a simple and effective way to enable your VPN once you have passed the border control
  13. 13. ● Keep all your passwords and keys encrypted – make sure you can not retrieve them without a third person that is NOT in the US right now – this way you will NOT lie to a polygraph test and you may hope for faster entry in the US
  14. 14. Phone ● Wipe your phone before boarding the flight to the US ● Remove all facebook/google/slack/twitter and etc. accounts ● Move all your private data to encrypted SD card and remove it from your phone before boarding the flight – I'm sorry iPhone users... for you, you can backup everything to the iCloud ● Once you are at the hotel, recover your phone from your PC
  15. 15. What am I doing ● eCryptfs ● LUKS over a loop device ● Keep all passwords, including the one for the eCryptfs on the LUKS ● Cripple the LUKS ● My wife has the important 5MB from the image and she will tell me where she uploaded them once I enter the US
  16. 16. Thank you!