Data Privacy

The mild furor over the U.S. government’s self-asserted right to snoop through the laptops and other electronic devices of travelers entering the country raises an important issue that deserves more widespread attention outside of the context of people crossing the border – that of plausibly hiding your personal data on computers and the like.

As far as I’m aware, there’s not much you can do to hide the contents of your cellphone’s SIM card except to, well, hide the SIM card itself. Don’t want snoopy government officials to get your list of contact numbers, or the saucy text messages between you and those special someones? When you travel, swap out the “real” SIM card for a cheap – and “sterile” prepaid one. The real SIM card you can stash in your checked luggage, concealed however you see fit – taped to the inside of the door that covers your laptop’s RAM bay, for example.

Laptops, on the other hand, present some better options. The best is probably DriveCrypt Plus Pack, which allows you to, among many other things, have an encrypted, password-protected laptop which can dual-boot into different, independent operating system environments depending on which passphrase you enter. One password gets you your “real” XP desktop, for instance, complete with all your work documents, downloaded pr0n, et cetera – and the other password you give the nice people with guns gets you the “other” XP desktop, for example – a fairly sterile base install whose browser has only ever visited lolcat sites, and whose most recently-opened documents are all grocery lists…

A less-powerful but free option is to use Truecrypt, a fairly nifty file (and device) encryption tool favored by the really, really paranoid. You can have a hidden, encrypted second partition on your hard drive, on which all your “real” files exist.

Truecrypt is also nice to use with external hard drives. Get yourself a, say, 80GB laptop hard drive, and one of those cheap generic bus-powered external enclosures to put it in. Now, create a 32GB (or smaller, like 20GB) FAT32 partition on the drive, and use Truecrypt to make an encrypted device on the remaining space, into which you put whatever it is you’d like to hide; the encrypted volume will still appear as unallocated space, just like you’d expect. If confronted as to why your drive is an odd size, say that you formatted it to use to transfer files between a Windows machine and a Linux machine, and that Windows only lets you format FAT32 partitions up to 32GB. (Which is basically true.) Throw lots of boring stuff – downloaded YouTube videos, emo photos from your MySpace page, lolcat pictures, or whatever – on the “real”, FAT32, partition.

If you use Truecrypt, it might be worth creating a little flash drive – or just a few containers on your hard drive – encrypted with the program, and which contain important-looking stuff you can “give up” should you be pressed to do so. I, for instance, have an old 128MB flash drive that’s entirely encrypted with Truecrypt, and which contains: A copy of Firefox Portable, with a long history of browsing local news, weather, and reference sites; A copy of Thunderbird Portable, with no messages saved in any folders, and settings for a nonexistent POP3 and SMTP server (huh, guess the server is offline, officer…); PGP/GPG keyrings containing completely spurious keys I never have nor will use; and a small collection of free MP3s from commercial artists. If it ever came to be that I was pressed to explain why I had Truecrypt installed on my computer, I’d happily hand this drive over – and give up the password – to be seen to be “cooperative”. What, do I look like I want to be waterboarded?

Other, even simpler places to hide data from prying eyes when traveling: On a flash card in your digital camera (odds are the government snoops will just turn the camera on, browse through the photos, if any, and move on to the next item), as mis-named MP3 files on your music player (what, they’re going to listen to everything? I don’t think so), and on Linux ISO CDs and DVDs (see, officer? Knoppix. It’s a type of Linux. That’s an operating system. For computers, yes. Yes, like Windows. Sort of.).

It’s simple stuff like this which demonstrates how ill-thought-out this absurd search-and-seizure policy is. The people with stuff to hide are going to be savvy enough to keep it hidden; it is not, after all, hard to do so. As much fun as the government might have invading the privacy of people with nothing to hide… don’t they have better things to be doing?

Published in: Geekiness, General, Security | on February 8th, 2008| 1 Comment »

Both comments and pings are currently closed.

One Comment

  1. On 2/9/2008 at 1:48 am m Said:

    That’s the whole point. Fear. The fascists just want to mess with us. They are never going to find anyone with anything that is really ‘subversive’ or ‘dangerous’. They just need to rattle our cages a little more.