The US & some other jurisdictions are making a practice of opening or copying smartphones when people travel inbound - not for all passengers but it’s becoming increasingly common. They can’t force you to give up your password but CAN force use of a fingerprint scanner to open a phone & decrypt it. On phones that can’t be opened immediately they can copy the contents so the NSA can decrypt later if that appears warranted.
I have no reason politically to worry, but could have sensitive client HR data onboard & need to exercise best efforts under privacy laws to ensure sensitive data isn’t breached. This to minimize my legal exposure, to respect others’ data privacy rights, and because knowledge my contacts - executives of publicly-traded firms - are talking to a headhunter, could constitute info material to a firms’ stock price, meaning there’s theoretically SEC exposure. It’s all a bit theoretical & esoteric, but negligence under privacy laws is still untested & nebulous & I’d rather not ever be a test case.
I confess writing this I feel a tad paranoid. But others traveling to places like China would have greater concerns, esp. if journalists.
I gather Apple’s iPhones can be hardened with mirroring disabled so a desktop system can’t be used to reinitialize (if that’s the hack). I gather iPhones are especially secure against decryption at present. I believe Android phones are considerably less secure.
A warrant trumps any hardening measures of course: if the authorities have reasonable cause & obtain a warrant they can & should have access to the phone’s contents. We’re really just trying to limit causeless fishing trips.
Can a BraX3 phone be turned off & hardened against access & decryption while traveling through customs as well or better than a current iPhone? A Samsung Android phone?
I would disagree that iPhones are more secure from the threat you are describing than Android devices. Your best bet to guard against unwanted intrusions into your device is to use long PIN codes or alphanumeric passwords and also to turn the device off prior to entry and reentry into your destination country.
The reason turning your device off is so important is because of the way in which Forensic tools extract data from mobile phones. There are 2 kinds of device extractions, Before First Unlock (BFU) and After First Unlock (AFU). The difference between BFU and AFU extractions is the amount of data that can be extracted.
A device in BFU mode has the majority of the user data stored in an encrypted state. Forensic tools can only extract a small amount of information from a BFU device, and often the BFU extraction contains minimal or no communications like text messages.
After you power on your device and enter the PIN the first time, your device will be in AFU mode. The user data will be decrypted at this point which makes devices in AFU mode subject to a full forensic extraction, which will include user data like messages.
Your specific phone model will determine whether or not your device is supported for a full forensic extraction. In reality, because of the popularity of iPhones, those devices are more likely to be supported by forensic tools. The same is true of popular Android devices like Samsung Galaxy phones. More obscure devices like cheap, burner Androids, are often not supported by forensic tools due to the lack of development by companies like Cellebrite.
I would argue that the BraX3 phone is going to be very secure from forensic tools because of its obscurity and relative rarity among smartphones. So long as you set up a long PIN code (at least 8 digits) and keep your device off during border crossings, your BraX3 phone will most likely be safe.
I’m glad you mentioned this. This is the reason Apple recently introduced the routine of rebooting a device if it had not been used in a couple of days.
The other consideration with this is that this data (your data) will then be kept by the government or agency concerned forever once copied - so it’s always there for future access.
If encryption is average (or passwords poor, etc) it might mean in future it’s eventually easily decrypted, even if it’s not now.
And more importantly it’s sitting somewhere outside your control that bad actors could get hold of it if they gained access to the government or agency system where it’s stored… (and IMO an alternative example is that already appears to have been happening enmasse in the U.S. recently with DOGE, where data from many government systems and departments is being accessed by or shared with non-government organisations, businesses and/or individuals).
I do not disagree that 3 letter agencies probably have resources to make this happen, but known and available phone forensic technology does not do this. When a device is not supported on Cellebrite or other tools, there is NO extraction completed. This is because it cannot gain access to the data whatsoever.
In my mind, the only way that this threat is possible is if you are a specific target of of the government, CIA, deep state, or whatever shadow organization you have wronged. If you are simply crossing a boarder and get selected for a random check, in all likelihood the boarder agency has standard forensic tools like Cellebrite and if your phone is not supported for extraction, there will be NO extraction.
Also, forensic tools have a workaround for the automatic reboot. That is why it is imperative that you actually turn your device OFF during a crossing if you do not want your device to be dumped without cause.
That is a good idea for a manual review of your device. The question would be whether once you have logged into Profile B, does the data in Profile A remain encrypted, or is it encrypted? This would be important because once the device is encrypted with the PIN code, it could be hooked up to a forensic device for a full data extraction if the government agent decides they want it.
If you slow the process, border guards will likely move to the next person unless they are looking for you. Some methods to slow the process:
Walk through customs with the battery thoroughly drained. They will not usually want to wait until the battery gets going. Turn the flashlight, screen, wifi, bluetooth, and data on if you need to drain it quickly, or do some intensive processing.
Use two profiles, populate one with social media of you and lots of junk data and the other with sensitive data (perhaps called “kids”), and walk through customs with the battery thoroughly drained. By the time you show them the profile with social media, they will be tired of you when you tell them you can’t remember the kids/nephews passcode.
Another option is to entirely use e2ee cloud resources (Mega.nz, NExtcloud, Cryptpad.fr, but there are many more) that you don´t keep on your phone or laptop, so nothing is saved besides the keepassXC (keepassDX on android) file, which can be any file at all in your OS, so it will take a more thorough investigation to figure out where you are storing all your passwords even if they get the data on the device. Before going through customs, remove the last login of keepass so it isn´t obvious where the keepass file is or login with a keepass file with passwords to social media accounts.
Another option is simply not to keep sensitive data on a phone. Have a laptop with windows, populated with huge amounts of data so extraction is very slow, and use a bootable OS for the sensitive data, either on a very small USB drive or microSD card, and reconfigure the BIOS when you go through customs so it doesn’t boot to the correct OS. if they get the date from your phone and laptop they will probably stop there.
