Interesting People mailing list archives
Re: Peter Swire: No, You Can't Search My Laptop
From: David Farber <dave () farber net>
Date: Mon, 4 Aug 2008 12:17:18 -0700
________________________________________ From: Gordon Syme [gordon () twiceasgood net] Sent: Monday, August 04, 2008 2:58 PM To: David Farber Subject: Re: [IP] Re: Peter Swire: No, You Can't Search My Laptop Prof. Farber, for IP if you wish David Farber wrote:
________________________________________ From: Steven M. Bellovin [smb () cs columbia edu] Sent: Sunday, August 03, 2008 11:05 PM To: David Farber Cc: rca53 () columbia edu Subject: Re: [IP] Re: Peter Swire: No, You Can't Search My Laptop On Sun, 3 Aug 2008 17:09:55 -0700 David Farber <dave () farber net> wrote:But you raise, perhaps unintentionally, the more likely (inevitable?) and interesting controversy: if Customs can search your information stored on physical media at the border without a warrant, why do they need a warrant to search it at the "electronic border" as you transmit the same information it to and from your server when you are abroad?This is precisely my concern; I blogged about it last month (http://www.cs.columbia.edu/~smb/blog/2008-07/2008-07-10.html). The issue of disclosure of keys may also be different. Just as people have no right to conceal physical objects when crossing a border, is there a right to conceal information you are importing or exporting? This is a very different question than ordinary criminal cases.
I'm starting to think that the only "safe" way to get your laptop into the US would be to create a VM containing your chosen OS and data and then leave this at home. Travel without a laptop until you arrive at your destination. At this point you can acquire a machine, generate a keypair and export the public key. A trusted third party then encrypts the VM and makes it available for download, probably with a service like Amazon's S3. The VM can contain all your actual data contained in encrypted volumes to minimise the risk of having to trust a third party (though this would require transporting a private key inside the VM). This way you avoid the problem of taking data through the border and also of taking a password through with you, the keys don't exist yet so how could you reveal the password? Nothing carried through and nothing concealed. It's an awful lot of work to get around the risk of border searches (and the associated data grabbing) and skirts around the problem rather than tackling it head-on through legal means. I suspect that there are definite business cases for going to this effort though. -Gordon ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Peter Swire: No, You Can't Search My Laptop David Farber (Aug 02)
- <Possible follow-ups>
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 02)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 02)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 02)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 03)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 03)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 03)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 04)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 04)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 04)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 04)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 06)
- Re: Peter Swire: No, You Can't Search My Laptop David Farber (Aug 07)