Fingerprints have a different and weaker legal standard than passwords to protect them
> Use an Android phone.
It may be possible to get a secure Android phone, however, it is unlikely that the one you have is. Varying levels of quality for disk crypto and TPM key storage will do you in.
> Take the devices you work on across the US border
Any data or passwords you have on you is data you could lose, get forced to cough up, etc.
> Assuming I have to carry my laptop and phone across the border, what precautions can I take to minimize the potential privacy violations?
Put an encrypted blob on [name a cloud provider]. Download it once you cross through customs.
> why is Firefox not recommended?
Because Firefox has no sandbox and gets routinely exploited by Law Enforcement
> It's used in the Tor browser
The Tor Browser is an abomination.
> I have not heard of any major security incident recently with Firefox.
You have not been paying attention. Maybe consider accepting the advice of experts?
It would be great to have a few of these issues sourced in the comment (and your comments on the Tor Browser expanded with some reasoning) just so everyone is on the same page. I've seen some exploits with Tor Browser but I thought they'd be mostly sorted out.
I get that Chrome has some more mature sandboxing code, but I must admit I'm not a fan of how it handles a lot of things including download behaviour (http://security.stackexchange.com/q/145808 and https://scarybeastsecurity.blogspot.co.uk/2016/11/0day-poc-r...), Firefox at least does a better job here.
I agree with the advice for border passage, only thing that makes this difficult is the state of upload speeds.
Don't use Tor Browser.
Do you have any links you can share to best practices for setting up this secure TOR client instead of using the insecure TBB as explained above?
The TBB has the Tor client and a browser (a slightly tweaked Firefox) configured to connect via the Tor SOCKS proxy rather than via the standard network.
Nothing on the article's website suggests an affiliation or particular interest with security issues. This kind of patronising tone directed at people asking for help is the single most unpleasant part of the IT security industry.