How does one determine whether something is pirated in these cases? All the music I've bought in the past few months has been distributed to me DRM-free so there exists no difference between it and a pirated copy other than a receipt. To make a long story short, having to proved that I have licenses for everything on my computer is utter crap.
If you run a company that's the rules. If you can't prove that you are licensed to use every single piece of software that you have on your computer then you can have your whole computer (or just the hard drive) confiscated and held for indefinite amount of time by the police probably long enough to technology become obsolete and your withheld data to become meaningless. At least that's how it looks in Poland.
Using any non opensource software is so scary that I wonder why would anyone pay and take the risk.
There was even one case when polish company purchased software directly from the US but polish distributor of this software insisted that it was pirated because they didn't sell it. Police went in. Confiscated computers and media for investigation. Software was essential for operation of this company so the company died.
To be fair, the goal of that law is to allow arbitrary detention of computers without any kind of justification.
I wonder however how they would confiscate my laptop running only free software. Well, they could always pretend it is stolen : I usually don't have the receipt of it while travelling.
> I wonder however how they would confiscate my laptop running only free software.
No one knows a priori what software you have on your laptop. They either have to take your word for it or analyse the contents of the disk -- and that's a reason to withhold your equipment.
> Using any non opensource software is so scary that I wonder why would anyone pay and take the risk.
In Romania, businesses must fill each month online statements, but such fillings can only be done with Microsoft Internet Explorer, and there's no option to fill them in person. So you're forced to use non opensource software.
"NOTE: IF YOU DO NOT HAVE A VALID EULA FOR ANY
"OS PRODUCT" (INCLUDING, WITHOUT LIMITATION,
MICROSOFT WINDOWS 98, MICROSOFT WINDOWS NT 4.0,
MICROSOFT WINDOWS 2000, MICROSOFT MILLENNIUM
EDITION, MICROSOFT WINDOWS XP, OR ANY OTHER
MICROSOFT OPERATING SYSTEM THAT IS A SUCCESSOR
TO ANY OF THE FOREGOING OPERATING SYSTEMS) YOU
ARE NOT AUTHORIZED TO INSTALL, COPY, OR OTHERWISE
USE THE OS COMPONENTS AND YOU HAVE NO RIGHTS
UNDER THIS SUPPLEMENTAL EULA."
What strikes me most strongly about all this is how utterly weird it is.
Border guards give 'enhanced pat downs' to a middle class suburban family and find no weapons or contraband, but then open the family computer to find an unlicensed Finding Nemo avi, and haul them all off to jail.
It's just such a bizarre mix of nanny-state and fascism. I know it's a pointless rhetorical question, but... how on earth has it come to this??
First they came for the communists,
and I didn't speak out because I wasn't a communist.
Then they came for the trade unionists,
and I didn't speak out because I wasn't a trade unionist.
Then they came for the Jews,
and I didn't speak out because I wasn't a Jew.
Then they came for the Catholics,
and I didn't speak out because I was Protestant.
Then they came for me
and there was no one left to speak out for me.
It has come to this one small step at a time. That is how politicians work. They know that the "whole" is to scary for voters to accept all at once. So they find just what they can get away with this year, then grab a tiny bit more next year, and so on. Eventually, everyone looks back and thinks "how on earth has it come to this??"
And it's not politicians --those are mostly puppets.
America is/is becoming a corporate state, and corporatism was the very essence of Mussolini's fascism.
The very notion of lobbyist groups is fascistic (Mussolini himself partitioned the power system in Italy to consist of various group interests in a great extend).
Power and law become then an exchange between groups (lobbying), experts (often paid lackeys of said groups), and politicians, and democracy goes out of the window.
The democratic alternative would have been several opposed political parties, so that the play for power is open to the general masses --the population that supports them-- directly, and is carried out as a public struggle for the vote.
But the differences between Republicans and Democrats in most matters are mostly marginal or a joke, and mainly in issues that don't matter to the actual power play
--- like playing pro or against "gay marriage" to appeal to conservative or progressive voters, the same voters that both parties pass laws to make them poorer and more controlled in every possible way.
You're being way too reductionist, buying the anti-capitalist propaganda. To be sure, there's plenty of bad things to be said about corporations. But it's tremendously naive to believe that it's corporations that are calling all the shots.
Remember, the corporations looking for these perks are every bit as dependent on the power of government as the government is on corporate donations. So directing ire at corporations for trying to get rents out of the government, without simultaneously excoriating government officials for selling out, is misguided.
In fact, I'd go so far as to say that the only viable strategy to combat this is to combat the government abuses.
The corporations are doing what's natural: find places where they can get advantages over competitors, and take them to maximize shareholder value. But the government officials are more culpable. They are making promises that they (seem to) have no intention of keeping, and in doing so are blatantly violating their oaths of office. While the negative end results is the result of each, I believe that the members of the government are more immoral, and more deserving of our anger.
And the answer is not greater legislation to control corporations. That's just giving the government more power that they can sell to the highest bidder. The answer is to strip away the government's power. This may seem counterintuitive, because it appears to leave us unprotected against corporate abuse. But when the vehicle to that abuse is through government power, then curtaining that power leaves the corporations themselves unarmed against us.
This is really quite analogous to the arguments for/against gun control. Sure, demanding licensing of guns, etc., keeps the weapons out of the hands of much of the public. But the bad guys still get the guns, and the poor law-abiding citizens are then left defenseless. It's better, in my mind, to ensure that we can all compete on a level playing field, rather than handicap the citizenry so that the bad guys (or the corporations) get the power.
...You're being way too reductionist, buying the anti-regulation propaganda. To be sure, there's plenty of bad things to be said about regulations. But it's tremendously naive to believe that a lack of regulations - a case which we have recently experienced with the deregulation of the finance markets and of Wall Street, and the subsequent financial melt-down - will cure our ills.
There is ample evidence of corporate fraud in recent years, not the least of which is around the mortgage securitization processes.
We need a level playing field, with known, equitable rules, and with enforcement, and with judicial review.
Commit to regulation and a pro-governance model? Lose.
Commit to a corporate model and a pro-corporate model? Lose.
it's tremendously naive to believe that a lack of regulations ... will cure our ills. ... It's about balance.
You'll have to first account for two words: "regulatory capture".
Until you can find a miracle to get around that problem, regulation is in the long run destined to be turned inside-out and used to sustain the industries. Look no farther than the current debates about various IP problems for an example.
This is one of the better reasoned comments I've read in a while.
There is an old Milton Friedman video floating around which dates back to the 1970s. At the time he was spending a lot of time trying to convince people that oversized governments weren't a good thing.
One of the very salient points he makes to a detractor is that if you limit the size of the government, you - by nature - limit the power a corporation can obtain. If the government has limited powers, so it goes that a corporation can gain limited powers - it should be impossible for a corporation to gain more power than a government.
It's the essential point that everyone skips over - they see government powers failing to check corporate growth, and so want more government power. If you take this to the argument by absurdity, you end up with a fascist government that exerts total control over the people, and then licences that control out to selected corporations in return for cash and favors.
The problem is human nature - and the solution must be to design a system that makes the assumption that humans will try and gather power and abuse it. It's the same concept as term limits but applied across a much broader spectrum.
People still invoke Milton Friedman like some guru to be respected? They guy's theories were the cause of the worst economic fiascos in the history of fiascos (in general, not just economic ones).
Consider this "very salient point": "if you limit the size of the government, you - by nature - limit the power a corporation can obtain. If the government has limited powers, so it goes that a corporation can gain limited powers - it should be impossible for a corporation to gain more power than a government".
This point is BS. There are places where corporations (or even one corporation) have more power than the government everywhere around the world, especially in Africa and Asia. There are entire countries where the government is just paid lackeys and a front for some mega-corporation. There is even a term for those, they are called "banana republics".
The limiting of the argument to "one corporation" is especially BS, since even if a single corporation cannot get "bigger than the government" in a place like the US, the "corporate interests" can and do get bigger than the government.
Despite fighting in the market (and that, only if they are serving the same market, which, say, Google, Exxon and GE do not), corporations also agree on a lot of things. For example media companies agree on SOPA and PIPA and a thousand other things (drm everywhere, destroy cinematographers unions, etc). And all corporate interest's also converge on a lot of things, like tax deductions, being able to fire any employee at will, lower minimum wages, unpaid overtime, etc.
Consider a country where there is no public health coverage. What will happen will not be "competing health services for the benefit of the customer" but an emergence of a health industry cartel and the total dependence of the people in it. Things that need big scale and resources, like building, buying equipment, and running a hospital or a bank or an insurance company, have been seen time and again to build cartels with "competitors" and kill competition to maximize profits.
(See also: http://www.technologyreview.com/blog/arxiv/27512/ , but one can also see it from experience, if one follows the political/social history of more than one country --something easy to do in Europe).
People talking about the limiting of the power of government always have in mind the equation "government = some politicians who abuse their power", and never "government = the only power body that is elected and somewhat controlled by the general public".
> America is/is becoming a corporate state, and corporatism was the very essence of Mussolini's fascism.
Not the same thing. 'Corporatism' in the Italian Fascism sense does not mean what you think it means. It means all society is organized 'corporations' controlled by the state.
All society is turning to "organized corporations" controlled by the state.
That's why in my comment above, I did not only talk about corporations as such ("Microsoft", "Google", "Apple", "GE", etc), but also about lobbies in general.
All those (actual companies, and aggregate lobbying entities like the health lobby, the christian lobby, the gay lobby, the gun lobby, the press lobby) etc are the equivalent of fascism corporations.
1) You go to 2 wars with the dumbest of excuses by the dumbest of presidents in order for some mega-corps in the industrial-military complex to profit.
-- said president probably got elected due to electoral fraud in the first place, anyway--
2) You have para-police security personnel do naked scans of you and cup your genitals in airpots.
3) You have laws that invalidate due process, like the Patriot Act.
4) You have mass electronic surveillance, security agencies installing backdoors in public platforms, etc.
5) You give ~ 1 trillion dollar bailout to mass financial companies that brought the economy to a halt through deregulation and greed.
6) They try to pass 2-3 laws (PIPA, SOPA, ACTA) to control the internet, including censoring whole websites.
and "there is no evidence of this". Except in my head. Right.
How is this head-in-the-sand thing working for you?
First, I can't down-vote, my account is quite new still and doesn't have the capability (see the green color on my name?). Probably other people disagreeing with you have down-voted you. I happens, you know.
Second, I resort to ad-hominen? Really? Because, besides the "head in the sand" comment, my reply included SIX (count 'em!), numbered, counter arguments. It boggles the mind how one can manage to miss them.
And all those six (count 'em) arguments, in order to reply to your sans-argument ad-hominen that it's all "only in [my] mind. There is no evidence of this outside [my] head".
Do you realize how many people will find it offensive that you are using this quote to compare a treaty to the holocaust? There is a big difference between a treaty which may infringe on civil liberties and killing people based on their beliefs or ethnicity.
It's okay to make slippery slope arguments, but let's not get into Godwin territory.
I think it would be sad if Niemoller's point, that one must speak up for the rights of others, or no one will speak up for yours, was decided to be inapplicable in all situations, since his experience involved Nazis.
I realise this is always a sensitive area, but please consider that there are in fact laws on the books and government policies in many Western countries today that are every bit as evil as the kind of thing that was going on in Germany at that time.
We have detention without trial for extended periods, or indefinitely if you mutter the magic word "terrorism".
We have outright torture of detainees, and people dying in prisons.
If a suspect does get to trial, it might be in a secretive court where they have no opportunity to confront their accuser or see and challenge all of the evidence against them.
We have laws that allow government agents to infringe on almost every fundamental civil liberty by one kind of executive order or another, some of which are strikingly similar to the Enabling Act in their effect even if the intent was not necessarily the same.
We have routine invasion of privacy and monitoring of the general populace without any reasonable grounds for suspicion/probable cause/whatever you like to call it. There are well-documented cases of routine national surveillance being set up by police or security services without any oversight or consent from elected governments.
We have seen far too many cases of obvious abuse of peaceful protesters (or simply those caught in the wrong place at the wrong time) and in some cases we have seen courts accept a defence of the indefensible.
We have seen deaths at the hands of police actions that were later shown to be completely unjustified and an operational screw-up from start to finish, for which no-one has ever been held accountable.
The biggest difference between the situation today and the situation in Germany around the Second World War is a matter of scale, nothing more. And I think that is exactly the lesson that Pastor Niemoeller was trying to teach. While matters of intellectual property are hardly the stuff of revolutions, when you get into things like routine searches of private matters without justification, which in turn build on other obvious abuses that have been going in in the interests of "security" at transport hubs in recent years, I think you're way over the line into "why haven't we stopped this madness yet".
pwg's point is that the road to any sort of catastrophic illiberal state-sponsored action is paved slowly and incrementally. Not that we are living in mini 1930s Germany. The situations in their substance or scale are not comparable.
Saying that "government policies in many Western countries today that are every bit as evil as the kind of thing that was going on in Germany at that time" is very ignorant. Who are our Jews and Gypsies? Where is our Kristallnacht? Where is our Triumph of the Will? Where is our 'Der Ewige Jew'? Where are our massive crowds doing what is our sieg heil?
In fact a fundamental difference between America 2012 and Germany 1938 (among many) is that we have massive amounts of people vocally and publicly against the laws our politicians are pushing and the state of the country. In 1938 Germany you had the exact opposite.
> Who are our Jews and Gypsies? Where is our Kristallnacht? Where is our Triumph of the Will? Where is our 'Der Ewige Jew'? Where are our massive crowds doing what is our sieg heil?
Fortunately the situation nowadays still is different in many points. However consider that several hundred thousands Iraqis have died for no good reason at all. That two countries are under military occupation.
The main contrast, as you mentioned, is people utter apathy. Instead of rabid nazis, we're seeing only paralysed sheep; instead of angry people wanting revenge from the entire world (read about the treaty of Versailles), we have frightened people afraid of losing their material comfort.
That doesn't make ACTA and other similar laws any better, unfortunately. Now more than ever westerners look like Elois under the control of Morlocks.
Please don't turn this into a US-centric discussion. We are talking about ACTA, which is a global deal, and my post was about the current situation in the West in general. I don't really want to go off on an extended off-topic debate anyway, since as I noted before ACTA itself is hardly on the same level as what we're talking about in this side-track.
> Who are our Jews and Gypsies?
Islamophobia is widespread since 9/11. In England and Wales, black people are thirty times as likely to be subject to a stop-and-search by the police as white people. Don't kid yourself that we don't have rampant discrimination just because you aren't in a group that gets discriminated against.
Obviously no-one credible is equating the seriousness of police abuse of stop-and-search powers with gas chamber mass executions. But there really are extreme cases with consequences not so far from the concentration camps even today. There's a little US military base in Cuba you've probably heard of, for example, and if you don't know why they chose to use that particular base for what they now use it for, you should really look up the history. Once again, the scale is very different, but what is the difference in principle?
One can draw similar parallels with some of the other things you mentioned.
We might not have Kristallnacht, but we are increasingly living in surveillance states, and we have increasingly paramilitary police weapons and tactics, and we have military units being deployed on home soil. We are eroding the fundamental concept of due process and basic legal principles like habeas corpus. I don't really believe we're about to see the violent subjugation of an entire section of our society or that our current political leaders have any ambition to act in that way, but that's not the point. The mechanisms for such abuse should never even be created in a free country.
We might not have Triumph of the Will, but modern political machines are propagandists unrivalled in the history of humanity. For example, for several years in the early 2000s, as the most recent Iraq War was building momentum, about half of the US population thought the Hussein regime was responsible for the 9/11 attacks. That support was used to justify a war that has cost hundreds of thousands of lives and taken a staggering amount of time and money out of Western governments that could have been spent on far more constructive purposes.
> In fact a fundamental difference between America 2012 and Germany 1938 (among many) is that we have massive amounts of people vocally and publicly against the laws our politicians are pushing and the state of the country.
And the really scary thing in all of this is that you have massive amounts more who are openly complying and think it's all being done for their safety and well-being. As I said, modern political machines are propagandists without equal. They're just more subtle about it than they were 75 years ago.
Kristalnacht, 'Der Ewige Jew', Triumph of the Will, the death camps and concentration camps, these were all concerted campaigns against the 'undesirables' of Germany in order to promote racial purity.
You have given examples of parallels to these things but there is no commonality of purpose behind them.
'Der Ewige Jude' was not a campaign to create a 'common enemy' or hoodwink the German people as I assume you believe Islamophobia is (I can only assume you believe Islamophobia can be explained by media promotion rather than an emergent feeling among the populace in response to 9/11). It was done with the express purpose of dehumanizing Jews so the populace would be complacent with the gas chambers.
So please, show me a commonality of purpose behind all these parallels you have shown. All you have are disparate events to which you have identified a certain aspect which is similar to what Nazi Germany did.
I don't think there is much commonality of purpose with many of the legal/governmental trends today, other than acting out of fear of some perceived bogeyman (though not necessarily the same one in each case) or in the interests of a powerful minority at the expense of the majority (ditto).
Still, it doesn't matter to a black kid in London whether he's being excessively hassled because a senior officer made an active decision to employ racial profiling or because of institutional racism within the Met. The consequence is still the same.
Moreover, in most of the worst cases today, there really is someone actively making those decisions. Guantanamo Bay did not become what it is by accident. The West did not invade Iraq by accident, and the Blair administration did not fail to notice the two million citizens marching in protest to demonstrate that the war did not have popular support. More recently, the police did not detain peaceful protestors in London in a restricted area for hours without food, water or toilet facilities by accident, and the courts that condoned such behaviour did not reach their decision without looking at the evidence to establish the facts of what really happened and why.
These actions all had different victims, and obviously some had much more serious consequences than others. The one thing they all have in common is authorities that are granted powers in law that most of us don't get using those powers in ways that conflict with what we used to consider basic human rights and getting away with it. However well-intentioned they might have been in their actions, however they rationalised those decisions in their own minds, some rights and freedoms should be above interference by the administration of the day, whoever the victims are and however small their number, and any decent human being ought to stand up for those rights and freedoms wherever they are threatened. As I said, I think that is exactly the warning Pastor Niemoeller was trying to give us.
So the only difference between Western governments and the Nazis is a matter of scale and your evidence for this is that Western governments are abusing their power.
All governments past and present abuse their power. Sometimes in large ways. Sometimes in small ways. That alone is not sufficient to warrant a comparison to Nazi Germany which carries more historical baggage than it's clear you realize.
You are cheapening your position by resorting to hyperbole.
You are reading things into my posts that are not there. I am commenting only on objective things like laws that are being passed and practical policies being adopted today. Those laws and policies have very serious consequences for a relatively small number of people today, but for now only much less serious consequences for the wider population. However, they could be exploited by an undesirable administration at some future point to have serious consequences much more widely.
Please notice that at no point in this discussion have I suggested that any current Western administration is behaving like the Nazi party of 1930s Germany, equated any current leader with Hitler, suggested that the motivation for these laws was genocide, or anything similar. I have criticised only specific measures already taken that pose a much wider threat to basic human rights and freedoms than has yet been realised, and I have been careful to acknowledge that I am considering only the end results and that the motivations for such measures are probably very different.
Regardless of ACTA, I have already established a personal policy to:
1) encrypt my partitions (other than root, to make upgrades and reinstalls easier; I use LUKS)
2) copy the essential first megabytes of each LUKS partition to my server or shell account somewhere, encrypted with GPG
3) fill that space with random data
4) travel and go through customs
5) access the GPG encrypted LUKS blocks over internet, decrypt and copy them over
6) boot back into my system
If at 4) "they" require me to decrypt the partitions, I can honestly say I can't: for security reasons I don't have the decryption keys with me. If my equipment gets confiscated when they hear I won't and can't decrypt the partitions, I will have to clean the physical laptop to remove any keyloggers, or just replace it before proceeding to restore my encrypted setup. If "they" find out about my encrypted LUKS blocks, I can also ask my friend to provide half of the GPG passphrase, so that I can honestly claim I don't have the passphrase to unlock the blocks.
To be fair, when they bring out the wrench, you know (at least for a few moments before the impending brain trauma) someone is trying to get your data. If your disk is encrypted, you can be fairly certain that no one will get at your data while your laptop is out of your hands (back room bag searches, etc.)
Unfortunately, if the goal of the exercise is to extract information then they won't hit you on the head and they certainly won't want you going unconscious. :-(
- I don't find it reasonable for "them" to grill me too much. I don't need to hide my encrypted partitions or use hidden partitions. I'm not a target of any interest to any three-letter agencies or customs officials. But I don't want to start discussing unlocking my laptop with anyone, I want to make it a matter of "can't" instead of "won't".
- The friend scheme might not be necessary or a good choice. I could just say I have the decryption keys at home which is entirely true. I can still use the machine: I have just deselected a few partitions out of use permanently until I return home
A shadow partition would be more effective at bypassing customs. For real boots, you use a copy of grub on a usb dongle. When grub is missing, you boot into a honeypot Windows XP partition that was installed only for that purpose.
No. "Only for that purpose" means that you never use it. This is trivially detected: the OS event logs will report that it hasn't been booted in 6 months, and no files have changed in that time. It's obvious that you haven't been using that system in the time you were out of the country; why did you have it with you?
For this to work, you need to actually use the dummy partition for non-sensitive matters -- and be absolutely religious about separating the sensitive tasks from non-sensitive, which is much more difficult than it first sounds.
I actually carry a lighter computer when travelling than the one I use most often. So yes, it may have gone months unused and it may have just a few tools on it, and little to no content.
> If "they" find out about my encrypted LUKS blocks, I can also ask my friend to provide half of the GPG passphrase, so that I can honestly claim I don't have the passphrase to unlock the blocks.
This won't help you legally. You may honestly claim that you don't have the passphrase, but you cannot honestly claim that you cannot decrypt the contents. You just have to call and ask your friend while you're detained at customs.
If they want the key from you, they're going to get the key. That's what will happen.
Ask the inverse: they decide to detain you, indefinitely, until you produce the encryption key or admit that there's some base level of contraband on your computer that you're responsible for. What happens in that case?
Maybe as a Canadian I see this differently. At least as an American you will have certain rights that you can hope to depend on in your own country. But I forfeit all those rights when I cross the border. What's to stop these guys from detaining me as an international terrorist?
That's NOT a solution. Be aware that this is explicitly discouraged by EFF:
Although TrueCrypt hidden volumes may have some practical applications, we think they are unlikely to be useful in the border search context because they are most helpful when lying to someone about whether there is additional hidden data on a disk. Lying to border agents is not advisable, because it can be a serious crime. [PDF: https://www.eff.org/sites/default/files/filenode/EFF-border-...]
If an authority is convinced there's a hidden volume with information they want and that you are not providing access, having arbitrary hidden volumes is not doing you any good legally in the US and likely elsewhere. There are technical and non-technical ways to determine the probable presence of hidden volumes. Hidden volumes do not provide plausible deniability.
Might hidden volumes help you pass a cursory check? Sure. But if someone really wants your data it's not likely going to keep you out of a contempt of court charge.
wonderful thing about encrypted information, with the right key it can be decrypted to say whatever you want. So if government has decided that you have plans for the al Qaeda attack on your laptop... well, you do.
Now all that you have to do is prove that you either don't know or have forgotten the key that decrypts your random bits into a plan they will accept. How hard do you think it will be to convince an aggressive prosecutor/judge that you are innocent when you have no evidence (can't prove a negative) and the government has reasonable suspicion?
You should never lie to a border agent about whether you or your friend can decrypt a device. You can decline to answer any question, and you do NOT have to provide passwords or keys. Only a judge can compell you to decrypt your drive. That said, border agents can make your life miserable so it's advisable to avoid confrontation.
Not a lawyer here, but I've heard some BS laws about encryption. In some cases if you refuse to decrypt or are unable, you can be at fault and still be detained. Needs citation though.
They are definitely going after full-disk encryption hard, claiming it makes it impossible to prosecute child pornographers and should therefore be illegal.
I think you are overstating the problems with hidden volumes.
The EFF advice is as follows:
Although TrueCrypt hidden volumes may have some practical applications, we think they are unlikely to be useful in the border search context because they are most helpful when lying to someone about whether there is additional hidden data on a disk. Lying to border agents is not advisable, because it can be a serious crime.
Lying to border agents clearly is a serious offence, but as far as I can see that is the "only" major problem with hidden volumes. Given many of the suggestions so far involve lying to border agents along with weird schemes that are less technically secure than hidden volumes it would appear hidden volumes have two things going for them:
1) No worse than other options (assuming you have to carry data with you somehow)
2) Give you a higher possibility that you won't need to lie to border agents (failing to tell them about your additional layer of security will get you in trouble, but is more defensible in court than outright lying)
If this becomes a reality and the powers that be actually care about doing things more or less right then I imagine they would write an easy to use piece of software that border agents can run which automates checks for all those things and many more.
>How many border protection agents look into your /etc/fstab and know fdisk, mount and cryptsetup?
They don't need to. Microsoft and other companies have been providing software on bootable CDs and USB keys to do quick 'security' audits of PCs for years to various police forces. I'd be extremely surprised if detecting encrypted/hidden partitions wasn't a common feature.
it would be very useful to know exactly what tools and techniques the border agents are using.
Is there software that detect HDDs that are disabled via BIOS? Do the border agents reset the BIOS? Are they looking at individual files and encrypted archives?
It's underkill, almost. My partitions are already encrypted, all I need is to save + trash + restore the physical LUKS blocks. I don't need to reconfigure my system or do anything differently when I'm not travelling. It's a low-mod hack that I can even explain to the customs people: I'm afraid someone might try to steal my online banking or financial credentials or something, so I chose to disable my personal partitions temporarily instead of being vulnerable to being threatened. I can't be made to move my money to some criminal's account if I can't access mine.
ARTICLE 14: SMALL CONSIGNMENTS AND PERSONAL LUGGAGE
1. Each Party shall include in the application of this Section goods of a commercial
nature sent in small consignments.
2. A Party may exclude from the application of this Section small quantities of
goods of a non-commercial nature contained in travellers’ personal luggage.
Note it is may exclude and as such it's up to the individual countries on how they implement this. I've contacted my government representatives (Australia) to find out their position on this section.
Haha! That is a strange coincidence indeed but not altogether surprising given the subject matter. It's possible someone read your post and submitted it.
Just to clarify, raphman did post his link before it was submitted as a story should anyone be wondering once this moves out of the resolution of a day.
raphman 7 hours ago
[link]
Defending Privacy at the U.S. Border...
144 points by llambda 5 hours ago
If true, this has to be one of the more bizarre ways to counteract piracy I have ever seen. I don't know what percentage of piracy is enabled by people carrying hard drives full of pirated movies across borders, but I'm sure it is vanishingly small - that is, after all, what pirates use the _internet_ for.
It is not to stop piracy. It is to detect and punish people who have pirated content in their possession.
You can't invade people's homes but you can search them thoroughly while crossing the border. People are used to having their privacy invaded while crossing the border.
The problem is that I have signed a contract with my company that says I must keep the data on my company laptop private and encrypted. There are trade secrets in there. What should I do ? Only have blank laptops to cross the border and download everything through ssh once on the other side ?
If from overseas, would it help to have a business own the laptop, and its data? You can then legitimately say the business owns the illegal data, or deny knowledge of a hidden partition, or say you have no access to a key?
[Posted using my own account... not a US citizen and not hoping to travel there. If I were extradited i guess i wouldnt take any equipment or data!]
An interesting question is that if someone were to travel (non-commercially) across borders with a fake gucci bag, could that person could be held liable under ACTA for the case that a) they were aware of the product was counterfeit and/or b) the case in which they were unaware?
It's beginning to sound like it's dangerous to buy anything whose essential feature is IP: movies, music, fancy luggage, watches.
I think the safest thing is to not buy these things. Buy the most serviceable and reliable vanilla physical products (a watch, not a Rolex). Don't buy music, and certainly don't have music or movies on your laptop when you cross borders.
Anything protected by commercial IP is becoming too dangerous to have around, legally obtained or not.
Yes. Near the French / Italian border there are targeted controls for counterfeited products. Common sense should tell you you can't get a Gucci bag for 200$, or anywhere outside of a luxury shop ;) And yes, you are also liable if you were unaware - but most people are actually aware.
Common sense should tell you you can't get a Gucci bag for 200$, or anywhere outside of a luxury shop
Where would a person learn this? I've heard the brand name Gucci before, but I had no idea it was so expensive. Naturally, I'm not the sort of person who would buy such things because of the name of the company who made them, but it also wouldn't seem strange to me to see a given brand on sale outside of a luxury store.
I guess we each have our own set of assumptions about what the "average person" should consider common knowledge.
I agree- I had no idea. $200 sounds expensive to me, so if someone offered one for that and I wanted to buy it for my wife I probably would. I've bought "Coach" brand for about that at the mall, so an approximately equivalent price wouldn't set off any alarms in my head.
Who cares. IP protection trumps basic common sense and basic human rights. And even though we all have to abide by inane protectionism schemes, we should not be allowed to directly vote on them, because direct democracy would make uninformed people make impulsive decisions and possibly introduce theocracies everywhere. So to prevent theocracy, we have to prevent direct democracy, which means we cant vote on copyright, which means we have to swallow down our pride and just abide by any IP protectionism scheme the informed overlords make in agreement with the industrial stake holders. There sadly is no middle way. It is either theocracy or IP protectionism. Pick one.
There is a lot of FUD about ACTA (such as this submission). There was a very good post on Reddit a few hours ago that goes into great detail about what it ACTUALLY does:
To me, the following passage from the link demonstrates the dire situation in the US:
In July 2008, the United States Department of Homeland
Security disclosed that its border search policies allow
U.S. Customs and Border Protection agents to conduct
random searches of electronic devices for "information
concerning terrorism, narcotics smuggling, and other
national security matters; alien admissibility;
contraband including child pornography, monetary
instruments, and information in violation of copyright
or trademark laws; and evidence of embargo violations
or other import or export control laws."[61][62] US
Senator Russell Feingold called the policies "truly
alarming" and proposed to introduce legislation to
require reasonable suspicion of illegality and to
prohibit racial profiling.[61] The Ninth Circuit
Court of Appeals has previously upheld the
constitutionality of laptop searches without reasonable
suspicion at border crossings.[61]
Sure, Feingold could introduce new legislation already covered by the 4th amendment. But if the government isn't going to pay attention to a founding document of the US, what makes him think they're going to pay attention to his piddly law?
1) Feingold can't introduce anything anymore, since he is no longer a Senator. (This tells you how long it has been since this section of the wikipedia article has been edited).
2) Even for US citizens, there is no right for people to bring whatever they want into the country. Once you leave the country, you lose 4th amendment protections. So, if you don't want to be searched, don't bring anything with you. It has nothing to do with the Constitution since the Constitution stops at the border.
You're right that US citizens still have rights when dealing with the government wherever we might be. However, the 4th amendment protects US citizens against unreasonable search and seizure. But crossing the border gives the gov't a reason to search...
We could argue that either way, but it just illustrates my original point again: it illustrates the sad reality of our government and its interference into our lives.
Lets take this seriously for a second. Say we're actually trying to catch cyber criminals and child pornographers and we're discussing enacting this law. Someone speaks up and says, "For all the discomfort and trouble we're putting innocent people through, the real criminals will just store their data online and travel with cleaned computers." How do you continue enacting this legislation? I'm trying to be as serious as possible.
How does any legislator look at the people they represent and come to the conclusion that this is a good idea?
In my opinion this is exactly like SOPA, a corporation-sponsored bill. Why would any government care if you "pirate" a movie? There is no tax on cinemas, but you pay an tax + extra fees if you're buying blank CD/DVDs -- because they presume you're going to write ("burn") illegal content.
Put copyright aside for a sec and lets try to actually frame it in the case of child porn or drug trafficking. How can any legislator conclude that disrupting the public like this is acceptable after having a reasonable discussion about how easy it would be for criminals to circumvent?
The hugely ironic part of all of this is that laws like this don't make moving data harder for criminals. It just forces them to use better data-securing practices in their day to day lives which make it harder for local law enforcement to get their job done.
The only impact I can see this legislation having is making law abiding citizens upset with their democracy.
Put copyright aside for a sec and lets try to actually frame it in the case of child porn or drug trafficking. How can any legislator conclude that disrupting the public like this is acceptable after having a reasonable discussion about how easy it would be for criminals to circumvent?
Did you see the excerpts from the SOPA hearings? The legislators can conclude that this degree of disruption is acceptable because they are morons.
Have a second laptop you use for travelling and treat it as unsecure. Any time a laptop is out of your control, especially when it's held by (any)government, you might as well assume it has had spyware installed on it. Plus you're at a much higher risk of theft while travelling abroad so you definitely should avoid having confidential business documents, etc. on it.
I use a netbook for travelling which gets a blanket format & reinstall before and after it goes travelling. Even then there's a risk that it might have had a hardware keylogger installed on it (this has happened to business people travelling to China in the past).
You use the netbook (or cheap laptop) because it's cheap to replace/lose if confiscated.
Your business or other legal data is encrypted in the cloud. If your business or other operation would not be harmed by customs having the data, have it also on the netbook for you convenience. Your encrypted data in the cloud isn't there to keep it sekrit from the government, it's there so you can get it at the other end.
If your netbook is not confiscated, or out of your sight for a suspicious period, then great.
If it's gone for a suspicious time, don't use it on the plane and get rid of it on the other end after wiping it.
If the netbook is confiscated or otherwise compromised, get a cheap netbook on the other end, download your clouded data, and biz on.
Repeat as necessary.
This doesn't protect your illegal (or impossible to prove legal) data, it just allows you to continue to operate after traveling through a bad neighborhood (the airport).
If detained at the border, and all your storage is encrypted, many countries have laws that require you to reveal your passphrase.
OK.
But, what about key escrow? What if I gave the keys to my attorney? Can I be compelled to lie to my attorney about whether I'm under arrest?
Or Jacob Appelbaum, who carries USB drives with the Bill of Rights encoded on them. If the remaining blocks were noise, would he have to somehow prove they weren't encrypted data?
Encryption or no encryption, or any of these other little games won't do anything.
Look, if border patrol is in the wrong mood and you try to pull a "well, I'd let you see it but it's encrypted and I don't have the key!" they're going to detain you until they have the information they want. So what's the point? That's the real issue here: we've given more authority to uneducated, power-hungry citizens to mistreat others at will.
Really? Are politicians and the entertainment industry this dependent on each other? It seems like the battle cry of both parties is "we're too lazy to come up with our own safe guards, so let's just do the most unnecessary thing that comes to mind. Wait, why are we doing this? Oh right, money." It's downright pathetic to see those in control having panic attacks in the form of legislation. Next google search: the finer points of being an expatriate.
This particular wikipedia article focuses more on the development of ACTA, and public comment and rumour during its development, than it does on the actual text of ACTA, a public document.
I haven't read the actual text, and I imagine that the issue of whether or not ACTA will force border searches is definitively answered by the treaty itself. The Wikipedia passage in question appears to have been written in response to rumours and leaks dating back to 2009.
I've done some more reading since, and my arm-chair legal review seems to indicate that most, if not all, search and seizure happening in this area is due to U.S. policy and legislation and not ACTA. i.e. DHS, etc. have their own policies rooted in US law that seems to permit this type of search and seizure.
I didn't do a thorough analysis, nor am I am lawyer, nor am I an ACTA supporter, and I think that the wikipedia article referenced is poorly written and not thoroughly representative of the current status of ACTA, its powers and effect.
(edit: it looks like some of the other commenters have picked up on this as well - definitely worth a thorough read of all the comments for a more current view of what we're actually getting with ACTA, I found this post especially helpful [1] http://news.ycombinator.com/item?id=3496277)
Yes. They can also take your property away to search it, returning it months later.
The final decision of entry to a country(at that point) lies with the immigration officer. I imagine you can ask nicely for a review after you've been flown back to your point of origin.
I'll dig up some links, but seizure of non-citizen's computers at US borders is possible and scary. I treat the US border like a hackers conference - take a freshly imaged device, and refresh it on your return.
They can't really deny you entry if you have a US passport.
Yes they can charge you/confiscate if you don't cooperate/unlock your data. You might be better off hiding it in plain view, it's not like they're going to do much more than a cursory glance.
Whether or not that's a good idea is up to you and certainly (as a non-US citizen) I'd be very reluctant to start making a fuss - if I had anything sufficiently sensitive that a long flight home seemed the less-bad option, I would have just sent it in parallel.
FWIW I'm a Canadian citizen and when returning to that country I refuse, politely, to answer any questions whatsoever (which have become really quite intrusive) on the grounds that there is no legal requirement to answer. It often leads to a customs screen (which is a ten minute delay/irritation) but there, and I assume in the US, there is no right to deny entry to someone holding valid travel documents.
I have never been arrested, never investigated. But recent events, have instigated in me a fear of those in power. The Megavideo seizure was a wake up call.
I wont even post comments like this under my normal HN account.
I haven't read the whole thing yet, but a quick glance through shows Article 11:
ARTICLE 11: INFORMATION RELATED TO INFRINGEMENT
Without prejudice to its law governing privilege, the protection of
confidentiality of information sources, or the processing of personal data, each Party
shall provide that, in civil judicial proceedings concerning the enforcement of
intellectual property rights, its judicial authorities have the authority, upon a justified
request of the right holder, to order the infringer or, in the alternative, the alleged
infringer, to provide to the right holder or to the judicial authorities, at least for the
purpose of collecting evidence, relevant information as provided for in its applicable
laws and regulations that the infringer or alleged infringer possesses or controls. Such
information may include information regarding any person involved in any aspect of the
infringement or alleged infringement and regarding the means of production or the
channels of distribution of the infringing or allegedly infringing goods or services,
including the identification of third persons alleged to be involved in the production and
distribution of such goods or services and of their channels of distribution.
It seems like this might cover a court ordering you to provide the password to determine infringement. However the first sentence might get you off the hook if you're a doctor or lawyer or other similarly privileged professional who has information about your clients on your laptop. I'll update this when I finish reading it tomorrow if I find anything more specific.
There's also that clause "upon a justified request of the right holder", which implies the rights holder has to provide some evidence to indicate there are infringing files.
Be aware that this is explicitly discouraged by EFF:
Although TrueCrypt hidden volumes may have some practical applications, we think they are unlikely to be useful in the border search context because they are most helpful when lying to someone about whether there is additional hidden data on a disk. Lying to border agents is not advisable, because it can be a serious crime. [PDF: https://www.eff.org/sites/default/files/filenode/EFF-border-...]
PD: Sorry to re-post it here, but I add it, for anyone reading this later. You can get in serious trouble.
And to make it worse:
If you refuse to provide information or assistance upon request, the border agent may seize your device for further inspection or consider you uncooperative, which the agent may take into consideration when deciding whether to allow you to enter the United States.
Or use an online storage service (e.g. DropBox), and uninstall the client before going through customs. Kind of a hassle, but avoids the issues of have encrypted content on your system.
Is there something like this for Android? I have to travel to the US a few times for work assignments, and I guess I'd be screwed when someone finds 8GB of pirated music.
Allegedly pirated music. Which makes me wonder, how would they figure out whether something is pirated or not?
This is no news, I heard about this years ago from friends going to the US as exchange students. There were random laptop harddisk searches, luckily they were spared.
This is, of course, ridiculous. But I think SOPA has some missing the broader point. It looks to me like the target of this is drug smugglers and other "organized criminals", not some family on vacation in Canada or your linux laptop. It gives law enforcement an easy excuse to dig into the laptops of suspected smugglers and thugs.
And that kind of thinking is very, very dangerous. Much worse than SOPA - which, to be frank, was going to be used much like patents are - as a corporate bludgeon in a war for profits (in my opinon- obviously this is speculation). This idea is a direct violation individual freedoms with no greater goal than to exert control over the populace.
It's also a signal that the concept of trade restriction is deeply and dangerously flawed.
Never store anything important on a laptop hard drive, ever. Erase all hard discs with dban before going through customs. Upload to a safe place before you leave, download when you get back.
On another note. How long before tools come out that "fidget" with media files on your computer so you can defeat CRC match scans of media on your computer? "Well the file is Finding Nemo.avi, but it doesn't match any of the known pirated copies of that movie."
Finally, how is this not a gross violation of the right to privacy? This has about as much chance of standing up in SCOTUS as a new law reinstating slavery IMHO.
I tend to think otherwise with the recent Megauploads situation; plenty of people lost their personal data with no warning and through no fault of their own.
The "no fault of their own" part is obviously being challenged by those who claim that the data should have been saved in multiple places. Though I think this just avoids the real issue of the bust having negatively affected users that had legitimate use cases for the service.
Surely you'd be better off having an empty netbook and using RDP to connect to a home server? At least then nothing is encrypted, they are free to look at the hard drive and could happily confiscate it without you having any issues. Worst comes to the worst, if you use dynDNS, you could just change the URL you use to connect.
I really do wonder what they would do if they saw a linux laptop, especially if you are using a simple window manager, and only had a terminal available. Would they flag you for being 'suspicious'? Dual booting handles most of it though, changing it to boot instantly while going through the airport.
What's the general consensus on services like iTunes Match, and Google Music where you're essentially exposing your audio collection to a 3rd party? Couldn't this library be subjected to the same type of review?
Hasn't this been in effect since 2008? I have probably entered the US 100 times since then and have never had anyone show any interest in searching any of my devices, nor have I noticed them looking at anybody else's devices. Or did I miss something that is going to make them start doing this actively now? It is still scary as hell that this is possible at all, of course.
Not sure how thorough their searches are, but could you leave a fairly boring drive in your laptop, and carry the real one externally, perhaps partly disguised (phone maybe)? "Oh, this old thing? Stopped working the other week. Seeing if my friend can fix it for me - I think the battery has failed."
Not working is no good. The only kind of inspection of electronics I've had so far is firing them up to see whether they actually are what they look like (of course it would be easy to circumvent that, but hey).
I'm travelling to the states next week. I have a lot of pirated content (books and music) on my hidden encrypted partition on my laptop and external HD. Should I be worried, and what are my options if I do get stopped? (I'm actually a regular user - this is a throwaway account for obvious reasons).
I'm not an expert on this, but judging from the discussion above based on the EFF guide, it sounds like hidden partitions aren't recommended. The consensus seems to be that they may have ways of detecting hidden partitions and may ask you if you have any, placing you in a situation where you have to decide whether or not to lie to them. If you do, you could get busted for lying. If you don't lie, then it's the same as having full-disk encryption except it's slightly more suspicious and you'll be in the situation where you're not obliged to tell them the password, but they will take it into consideration in deciding whether or not to let you into the US.
I don't know how long you're planning to stay in the States, but it might be wise to bring an empty laptop and certainly not an external HD if it's for a short visit.
While I appreciate the concern over ACTA, this is a wikipedia article.
The particular section cites: a) a Vancouver Sun article from 2008; b) a blog post from 2009; c) a Globe and Mail article from 2008; and d) a Washington Post article from 2008. All of these are somewhat speculative. It also cites a Customs and Border Patrol policy paper which affirms that customs has the right to search people as they enter the country.
Also part of the wikipedia entry is a quote from a European Commission fact sheet that directly counters the notion that ACTA will lead to the wide-spread searching of iPods of consumers.
If you want to argue that something is draconian and will force (not merely allow) searches, then at least come up with something more substantial than wikipedia.
All my drives are already TrueCrypted. I have nothing to hide, but I do not want to be treated like a criminal for doing something as simple as crossing the US border.
Please stop saying "I have nothing to hide" after talking about crypto. You imply that most people who use crypto have somthing to hide, witch is not the case.
You might have to, but the experience is questionable due to American customs having no respect whatsoever for privacy or personal belongings.
All your luggage are belongs to them, in other words.
Compare with Europe/Schengen where that simply is not a problem.
And that clumsiness and ignorance gets copied into international treaties.
That's why nobody wants to come to USA any more.
I have to respectfully disagree. The amount of people (mainly Europeans) I meet who tell me they want to move to the US is still very substantial. In my experience, the perception of the American dream is still very real in a large portion of the world's eyes.
As long as America continues to present it's theater politics through it's media outlets, people won't know what actually happens.
You're American, I presume? I will also assume that, being on Hacker News, you're in the computer field? If that's the case, of course most Europeans you talk to want to move to the US. California (possibly New York) is kind of appealing like that. But as a non-American, I can tell you that very few people I meet believe America is where it's at, mainly because of social policies like this one.
As a counterpoint I'll offer that I'm from Europe, lived in the States, came back home, and have no wish to return stateside (not really even for a visit). I can work remotely.
Yes, I'm American and I live in Europe. The people I'm referring to are not in the software field. For example, the number of women I meet who say they want to move to NYC is astounding. These are generally women in all fields.
They want to move into USA for whatever reason, but the process is getting there isn't very fun, so I've heard.
Also, sometimes people have to move into USA, instead of "want".
Also, if we're talking about software developers and startup founders, you can't bullshit this kind of people for a long period of time. They'd figure it out. Well, they did.
USA is behind it, they're almost the only ones who really want it, they write it and also their world view gets into it and then imposed on the other countries.
Prove it. Isn't it about time Europeans started to take responsibility for their ("democratic") governments? Why did your government sign the dotted line? If answer is "US made us", then news flash: You do not live in a democracy. If you insist you Europeans have your act together (where as we boobs in US don't) then clearly it is your own government that is behind it.
Thanks to Wikileaks and other sources we do have evidence of long running pressure and threats by the US to influence or in some cases directly write other countries laws in respect to copyright. One recent example about piracy: http://www.guardian.co.uk/technology/2012/jan/05/us-pressure...
Is it (remotely) possible that the Guardian has an agenda (gasp) to misdirect its global readers?
Spain? What about the European powers? Does that mean UK (nuclear power), France (nuclear power), Germany (fine ~occupied, but still a major economic power), are broken democracies subject to "threats" from, and cowering before, United States of America? (Poodles, one and all?)
America is the scape goat of the /Global/ oligarchy. My opinion, of course. You may wish to continue to trust in The Guardian (of Truth).
USA would profit from it when it would be made a law, USA is the primary driver of it. Other countries might accept it once it's ready but it's USA who are making it.
It's a different matter, but yes, I don't go to the USA anymore because of border control. It used to be a nice country to visit but it's just not worth it to me with all the stupid interviews and security theatre. I guess I'm more bitchy than the average person but I'd need a very strong incentive to go now.
I find it amusing about how this comment thread turned all about technical solutions (from hidden partitions, to encryption, to steganography, to dual booting, etc).
Now, I understand that as "hackers" we are likely to go on about technical measures to avert this kind of search. But, that's not the point. The point is they should not violate your privacy in the first place. And that is a political problem.
It would be nice if most of the comments were about how to avert ACTA in the first place. You, know, like SOPA, but even better.
If you're talking about me regarding other comments in this thread, I'm not from parts of the world that need to be pointed to some online article for the history of fascism. On top of this, I have read extensively on the subject, from Adorno to Isaiah Berlin, including fringe cases like dr. Wilhelm Reich and his "Mass Psychology of Fascism".
I'm not using it as a "general-purpose pejorative" (as in: "oh, the cop hit me in the demonstration, fascism!", or "TSA cupped my privates, oh, the fascism!"). I'm making an exact analogy to the actual historical form fascism, which you may agree or disagree with.
This is annoying, especially since I might very well want to rip the DVDs I own to my laptop so I can watch them on the plane without fumbling with shitty disks.
Also, are TSA agents now capable of understanding what is fair use now since they have trouble with the volume of liquid I am able to bring?
What if someone has a bunch of legally licensed AVIs ? You get side-lined for a 3-4 hours. They should open a little MPAA lawyer's office in the airport. He'll help you negotiate a settlement before you get on the next leg of your flight to Houston.
Supposedly, if your hard drive is encrypted, customs agents can hold your computer indefinitely if you refuse to provide the password. The irony is that gigabytes of encrypted data cross national borders every second -- over the internet. So dump your important data in an encrypted file and put it on a file sharing web site, or a VPS, or whatever, and download it again when you get across the border. Nobody with "interesting" data (and half a brain) will be physically bringing it across a border. The searches are useless.
Like cassette recording an album in ye olden analogue days. To stop vinyl wear-and-tear. That was certainly perfectly legal as long as it wasn't distributed.
Sigh. I'm a criminal and don't even know it.
I'm fucking sick of paying taxes and yet still being labelled a criminal by people who don't even know me. I'm sure I'm not alone.
I believe it's because DVDs do have a trivial copyright protection scheme on them - ripping the DVD involves breaking this and it's this part that causes the real trouble:
From the article you linked: "This case made clear that manufacturing and distribution of circumvention tools was illegal, but use of those tools for non-infringing purposes, including fair use purposes, was not."
So it is legal to rip a DVD, it is illegal to make or distribute a tool that allows DVD ripping. Yes, the law is insane like that.
Silly of me to have forgotten the trivial CP scheme.
Considering I've probably paid £10 per person to have seen it in the cinema and then have bought the over-priced DVD as well. How many times do they expect me to pay for the same-old-same-old?
I've paid two, maybe three times for the same product. Fair Use isn't a crime and I'll please myself. Either that or simply stop participating and stop buying their product entirely.
May as well be hung for a sheep as for a lamb, eh?