Phone screening at the border

Hacker

Hacker

Professional
Messages
1,044
Reaction score
828
Points
113
f301619141df05f787568.png


A smartphone is a personal device that is always with us. The smartphone even knows things about us that we may not know about ourselves. Letting outsiders in is a good chance of getting a long-term headache or legal complications.

Content
  • Protecting your personal information on Android
  • Protection with fake backups
  • Protecting your Personal Information on iOS
  • Legal methods of counteraction
  • Conclusion

Protecting your personal information on Android
The first and most important thing is protection against physical data extraction. The border guard has every right to request any item from your luggage or personal belongings for inspection.
Having received an Android smartphone, border guards can simply use the service mode (EDL, 9006/9008 modes for Qualcomm, LG UP for LG smartphones, and so on) to access information. And you know what the most interesting part is? In 85% of cases, this will be quite enough: according to the latest data, only about 15% of Android devices use data partition encryption.

If you have an idea that there is no qualified specialist at the border to extract information from the device, I have to disappoint you a little: modern solutions allow you to do everything even for a cleaner. Animated instructions with pictures of what to press on the phone and in what order and where to stick the cord appear directly on the computer screen. However, you can also confiscate the device (there were precedents), after which the data will be extracted in a calm environment. The moral? Finally enable the native Android encryption feature!
In Android, there are numerous unsafe unlocking methods available, united by the common name Smart Lock. If, for example, you use a fitness tracker or watch and have set up unlocking when there is a Bluetooth connection with this device, then you don't need to read more.
Also, there is no force that could prevent the border guard from photographing your face (another stone in the direction of Smart Lock). In many models, the reliability of unlocking with a fingerprint sensor is also doubtful. Conclusion: disable Smart Lock and make sure that you can only unlock your phone with a PIN code, preferably a complex one.

Unlike iOS, where almost everything gets backed up, but the backup itself can be protected once and for all with a password, in Android, backups are created either in the cloud or via ADB. A fairly limited amount of data is stored in backups; you can't encrypt it. However, authentication tokens (tokens) from many popular instant messengers and social networks are perfectly included in backups, so this point should be kept in mind.

If a backup copy is taken from your phone via ADB, it may include:
  • passwords for Wi-Fi networks, system settings;
  • photos, videos, and internal storage content;
  • installed apps (APKs);
  • application data that supports backup (including authentication tokens).

Among other things, Google is the king and god of Android smartphones. Google collects a huge amount of data, which is transmitted directly to the server. If you are required to provide a password for your account and the border guard manages to log in (for example, if you still don't have two-factor authentication configured), the phone itself will no longer be needed: your Google account has everything and even a little more.

What should I do about it?
Delete your Google account from your phone before boarding the plane and log in to the newly created one. Fortunately, unlike the iPhone, this action doesn't require you to reset your phone. Oh, and don't forget to clear your app data - at least contacts, photos, Google Maps, and Chrome browser data. Tails are likely to remain, but if the device does not arouse suspicion, then there may not be a more detailed study.

What should I do with my photos?
If you need access to your photo and video library on your trip, but you don't want to keep them in the device itself, then you can use the cloud again (hint: you can delete the Dropbox app from your phone) or a hidden nested container on your computer. After all, you can also store photos in the Google Photos account that you are going to delete from your phone before traveling (just keep in mind that by default, smaller and "optimized" files go there).
Finally, users with custom Recovery (TWRP) can create an encrypted backup of the data section, which can also be saved in a nested container on their computer. Its subsequent recovery is a matter of a few minutes. However, it is also a bad idea to cross the border with a "naked", non - configured device: in the eyes of a border guard, you will look very suspicious.

Phone Search: Playing with backups
Oddly enough, a smartphone without active encryption can greatly facilitate border crossing. The fact is that modern smartphones that came out of the factory with Android 6.0+ on board are required to encrypt data and often store the encryption key in the hardware module TEE (Trusted Execution Environment). On the one hand, this is good, but on the other hand, it prevents the ability to make/restore a full backup of the system using TWRP.
But if encryption is disabled and there is an opportunity to make a backup, you have the opportunity to very deftly circumvent the inspectors around your finger. The essence of the method: you install a custom TWRP recovery on your smartphone, upload to it, make a android backup of the system and data sections (they contain the OS itself and your data/applications, respectively), extract the backup from your smartphone (it is stored in the TWRP directory on the memory card) and save it, for example, in Dropbox.
As a result, you will have two backups: one will be your main system, and the second will be Potemkin's. All you have to do is restore the second, fake backup before the trip, go through the border, and then restore the main one. At the same time, all your settings, software and everything else up to the location of icons on the desktop will remain in its original form.

Protecting personal information on iOS
In general, protecting your iPhone will be easier than protecting your Android smartphone. But first things first.
Have you already decided on your strategy? If you are going to take a step forward to protect your data, you have several options.

First, you can set a long (six-digit or alphanumeric) password, and then simply turn off the phone. It will be completely impossible to open it until you provide this password. But if your iPhone is equipped with a fingerprint sensor and you forgot to turn off the phone before crossing the border, then the border guard will only need to order you to put your finger to the scanner to unlock the device. This method of unlocking devices does not require any special warrants or permits from law enforcement agencies. So-turn off your phone!

A logical question: what prevents the border guards from locking you up and not letting you out until you give (remember, enter) the unlock password? On the one hand, nothing seems to interfere: in a well-known case, a NASA employee, an American citizen, by the way, was detained by border guards and "pressed" (quote) until he issued a PIN code from a smartphone. On the other hand, such cases are extremely rare, they are the exception rather than the rule.

The border guard may "ask" you to unlock your phone with a password. If this is a request (in official terminology), then you have the right to politely refuse. No one will lock you up (but there may be other consequences). But if it is an order ,then you will have no choice. But the border guard can only order to enter or report a password if there are "reasonable suspicions", in exceptional cases. At the same time, both border guards and the police can quickly unlock the fingerprint (here again the "gray zone").

Secondly, you can reset your device and set it up again using a fresh Apple ID before traveling. It is not a shame to present such a device to the border guard. After crossing the border, you simply connect to Wi-Fi, reset the phone again, and restore from a cloud backup (of course, you should have such a backup in principle, and the wireless connection should be fast, stable, and allow the transfer of several gigabytes of data).
Please note an important point with two-step Apple authentication: to log in to your own Apple ID, you will need to have a second authentication factor with you (for example, a SIM card with a trusted phone number, to which you can receive an SMS with a one-time code). If you don't think this through in advance, you may find yourself cut off from your own iCloud account and data.

If you take a computer with you, you can also create a backup locally, on a hidden container in TrueCrypt format or one of its "heirs". The container itself can be safely presented for analysis and even provide a password - it is impossible to detect the presence of a hidden disk. However, the topic of nested cryptocurrencies deserves a separate article; we will not develop it here. (Don't forget the backup password!)
If you don't want to go to the principle or reset the phone because of the scanty (0.08%) chance of its inspection, consider other options.
If you have an iPhone with the latest version of iOS, and you didn't install jailbreak, then you're in luck: you can't remove a physical image of the device. The only analysis method available to border guards, other than running apps on the phone manually, is to make a backup copy via iTunes or a specialized application (Elcomsoft iOS Forensic Toolkit or similar). It is also very easy to counteract this: it is enough to take care of setting a password for backups in advance. To do this, launch iTunes and activate the Encrypt iPhone backup option:

Phone search. Encrypt iPhone backup
Next, you will need to specify a password:
We recommend generating a long, random, complex password of 10-12 characters, including all possible variations of letters, numbers, and special characters. Generate it, print it out on a piece of paper, and install it on your phone. Hide the paper at home, don't take it with you. If you are asked to provide a backup password, it will explain that you do not use offline backups, so for security reasons, the password was set long and random, and it is not intended to be remembered. Since this password is not needed in everyday life, this scenario is quite likely.

Do you want to protect your passwords? Turn off keychain and iCloud Keychain on your phone. Passwords will be deleted from your device and won't be pulled from the cloud until you explicitly activate iCloud Keychain. The browser history and search queries are deleted in the same way:
Until recently, these actions would not have fully protected you, as Apple stored the deleted browser history on its servers for an indefinite period of time. After the company "Elcomsoft" released an application that extracts deleted records, Apple caught on and closed the hole.
However, the browser history will still be stored in iCloud for at least two weeks after deletion. To finally "nail down the tails", you will need to disable data synchronization with the cloud (you can always re-enable it after crossing the border). For more information on how to do this, see the official KB:
You can also store device backups in the cloud. However, the mechanisms of access to cloud data are already regulated by other legislative acts, and at the time of crossing the border, data from cloud backups is not currently extracted. You can calm your inner voice and turn off cloud backups (as well as delete already created ones), but this makes little practical sense.
Finally, you can disable iCloud completely. However, we do not recommend doing this -at least when you turn off iCloud, you lose the protection against theft of iCloud Lock and Find My Phone.

Legal methods of counteraction
Currently, the border patrol officer has the right to ask the applicant for entry to the United States to unlock the device and hand it over for analysis. In some cases (such as reasonable suspicion, being included in the list of potentially dangerous or undesirable persons), the officer has the right to request that the device be unlocked.
The difference between a" request "and a" demand " is difficult to grasp for an unprepared, tired from a long flight and, perhaps, a passenger in a hurry to transfer, but nevertheless it is there.
Ignoring the order will not work, and the consequences can be very unpleasant. But a request can be politely declined; if you can argue for a refusal, so much the better. Yes, you may not be allowed into the country, and yes, you may be detained indefinitely, but from the point of view of American law, you have not yet committed a crime.

Conclusions
You need to understand that border guards have the right, if not the right, then the possibility of interpreting the law in their favor, brute physical force and methods of coercion, which they do not hesitate to use. The use of coercive methods is only growing from year to year.
From the point of view of your own security, you should not object to the border guards. Also, do not lie, cheat and dodge: all this will lead to additional complications of an already acute situation. It will be much more effective to use a set of technical protection methods that we have described in this article.

Remember: you can't extract something from your smartphone that isn't physically present on it, and you can get any password from you if you want.
 
You must log in or register to reply here.

Similar threads

Cloned Boy
How the secret services are watching you
Replies
0
Views
396
Cloned Boy
Cloned Boy
Mutt
Is Telegram Spying on You? The Truth About Anonymity and How to Protect Your Data!
Replies
0
Views
336
Mutt
Mutt
Professor
Antidetect browser GeeLark
Replies
0
Views
200
Professor
Professor
Cloned Boy
The Dark Side of the Internet That They Keep Silent About
Replies
0
Views
351
Cloned Boy
Cloned Boy
Cloned Boy
Your phone is spying on you! How does the FSB conduct surveillance?
Replies
0
Views
402
Cloned Boy
Cloned Boy
Back
Top