6

This question (Prevention measures against laptop seizure at US borders) addresses a number of techniques for securing data while crossing borders. Perhaps the most useful advice was to simply not have any sensitive data stored on the device, and to have ways of retrieving the data (via VPN or whatever) after you have crossed the border.

My concern is the risk that a seized device will be compromised with spyware before being returned to its owner. Is there a significant risk of this occurring, and if so, what would be the appropriate countermeasures? Is it sufficient to re-image the OS once it is returned, or should one be concerned about hardware spyware?

Rahs
  • 69
  • 2
  • 1
    If your device is seized at the border, there's a low chance it will ever be returned. Consider it lost. If they do return it, sell it on eBay and purchase a new one. – ThoriumBR May 11 '15 at 18:26
  • 3
    I think the portion of this question regarding "significant risk" is going to be somewhat difficult to answer. Otherwise the rest of your question can be covered under [Where God went wrong](http://security.stackexchange.com/q/4776/52676), [Some More of God's Greatest Mistakes](http://security.stackexchange.com/q/44208/52676), and [Who Is This God Person, Anyway?](http://security.stackexchange.com/q/24400/52676) – RoraΖ May 11 '15 at 18:28
  • 1
    Please don't sell your seized hardware on ebay, don't make some poor soul become one more botnet in the NSA network, how can someone give such a stupid and egoist advice? – Freedo May 12 '15 at 23:28

3 Answers3

4

Though you might expect this if traveling to certain countries, this question hinges on whether we should trust the authorities (or a specific person, still an opinion) and somewhat separately known capabilities (which are broad).

An essential answer is the risk you're willing to accept. You could say you can't trust your device if it ever leaves your sight, or for how long, or sometimes even if you never lose track of it. Hardware exploits can (and do) pivot from zero days, but you may never encounter one.

If you're travelling in a normal, uninteresting way (where one way to be interesting is to be/act suspicious of authority) generally I'd say no, don't worry about it.

ǝɲǝɲbρɯͽ
  • 429
  • 2
  • 8
  • I'm thinking of the format on the stack sites; that some questions tend to generate opinion-based answers. There's some opinion here but it's meant to redirect to your tolerance to risk. – ǝɲǝɲbρɯͽ May 11 '15 at 18:33
3

Unfortunately I would have to agree with the poster named "Freedom" who has made the observation that you cannot trust U.S.-manufacturered, -owned or -designed systems. The Snowden revelations proved far beyond a reasonable doubt that not only the NSA (but a long list of other "alphabet-soup" U.S. surveillance state entities), long ago declared war against the most basic elements of Internet trust... one of the most important of which, obviously, is "trust in endpoint (e.g. computer / smartphone / server / network) integrity". The fact that they have been caught not only pre-compromising Cisco routers but also the microcode on hard drive controller firmware, is a (limited) glimpse at the scale and extent of this unfocused, shockingly irresponsible attack on Internet trust, security and privacy.

And then (speaking to the issue at hand), it is proposed that you "trust" an endpoint (e.g. a laptop) that has already been seized by agents of the U.S. surveillance state, been in their unsupervised control for hours to days, and then given back to you with a friendly smile on the agent's face. Only someone with child-like naivete and trust in authority figures, wouldn't conclude that the laptop is now riddled with back-doors, Trojans and other U.S. surveillance state trickery... and remember (per Snowden's NSA "ANT" revelations), this stuff is carefully engineered so as to be undetectable by any anti-virus or security tools.

So sorry, my friend. Take your laptop out to the trash can, because "trash" is what it's now worth. Don't sell it on eBay and make some poor, unsuspecting citizen an unwitting dupe in the NSA's army of botnets and "plausible deniability" attack springboards.

This is the world that we live in, because generations of U.S. politicians have voted for it (just listen to Jeb Bush's happy endorsement, a week or so ago). Don't like it? Too bad. America isn't listening.

user53510
  • 800
  • 5
  • 3
2

Yes the risk is very big.

here

NSA is know to put spyware on hardware before shipping (see here), NSA is know to ignore the US constitutions and spy on calls and internet activity of US citizens so do you really think they care about foreigners? If they seize your laptop and you ever get your hands back on it, throw it on the trash its junk now.

I can bet that from 10 agents borders, 5 are agents from NSA. After all who is scanning and checking the hardware? I doubt that is normal immigration agents. If they ever seize any electronic device from you trash them, i must really empathize that after they put the hands on your hardware you will never be able to trust it again.

Even if you dismount your laptop and check every piece, they can flash a malware on your bios that will survive even if you format your OS and flash the bios again, you just can't remove a malware on bios.

Do not trust US government and don't trust US companies either(most of the world don't trust anymore)...

China has banned Windows OS on government computers and world trust on any US company is nonexistent and this is already causing loss to US economy as you can see here.

What i'm trying to say is, never trust then under any situation.

Edit: yes, i do not trust anything related to US and privacy together but you should not think that just because a random person on internet told you that, but because there is thousands of documented proof that show you should not trust.

And i forgot to say that anyone can flash a BIOS in less than 5 minutes and its very easy usually just click on a .exe file and "ok" "ok" "next" laptop reboots and done, so even if the border agents only stay with your hardware for 10 minutes is enough to compromise it.

Freedo
  • 2,253
  • 5
  • 19
  • 28
  • 4
    While I didn't downvote, Stack Exchange doesn't require explanations on downvotes; while you could politely ask why you were downvoted, leaving comments making negative assumptions about the motivation of downvoters is not very constructive. – cpast May 12 '15 at 02:06
  • 3
    90% of your answer is speculative, which is not what an SE is supposed to be. – RoraΖ May 12 '15 at 12:56
  • 2
    @Freedom I downvoted because you do not include anything relevant to the question, but a lot of speculation and suspicion and blanket anti-American sentiment, which is inappropriate. And, no, I'm not American. Americans are people, just like you. Some are good, some are not so good. – schroeder May 12 '15 at 18:36
  • 2
    Downvotes do not require comment. The tooltip for the downvote button simply says: "This answer is not useful". If I thought the question could be improved, I would have commented to help you do that. – schroeder May 12 '15 at 18:40
  • I'm not anti-american i'm anti-mass surveillance and right now the U.S one of the few countries with documented proof of tampering with hardware and it's of course i don't trust them and that is my opinion, but i can link thousand of proofs of **why** you should not trust U.S gov or companies but can you give me just one that says you can? I guess no, and second who will be scanning the hardware seized? The agent borders? Haha i doubt that they would have the expertise to simple find a hidden truecrypt volume – Freedo May 12 '15 at 23:10
  • Especially if you are foreigner what i think the OP is, if U.S does not respect its own constitution regarding the privacy of their citizens so why would anyone expect them to respect of foreigners? **Especially if you are doing a business travel from a foreigner company**? If i was a IT manager and someone got their hardware seized and after that used it on company network i would recommend firing this stupid person – Freedo May 12 '15 at 23:15
  • And you are always free to post a better answer if you think mine is too opinion based(based on documented proofs but hell yeah who cares) for you taste – Freedo May 12 '15 at 23:30