blog.vrypan.net
archive about
archive about
— Sunny 13°C — Chandigarh, India — #en #howto #privacy

A kill switch to countermeasure border controls?

Creating a kill switch that will wipe sensitive data from my computer if asked to unlock it.

My job involves a lot of traveling, most of it in places that have weaker privacy laws compared to the EU. But even when entering countries where privacy is protected more than my home country, it seems that during border controls the authorities have the right to ask you to unlock your computer and give them access to your data.

I'm not be paranoid about this, but on the other hand, accessing my laptop would give someone access to almost everything I've done in my life, and in some cases access to other people's lives: From private thoughts, to personal secrets shared with me by dear friends, to confidential documents I had access to during my previous jobs (that I have the right and interest to keep in my possession), to my on line accounts.

And in any case, I consider my laptop to be one of my very personal and sacred spaces, and giving some random authority full access to it just because I happened to pass the country (even worst, my country?) borders feels as intrusive as being pulled over for a DUI and asked to give the officer my keys to search my house and go through all my personal belongings, my emails, my bank statements and my family photo albums.

My hard disk is encrypted, for all the obvious reasons but mostly because I would feel even more violated if all this was given to the random thief that stole it. However, it seems that there is not much one can do if detained during a border control and asked to unlock their computer to be released.

So, I was thinking: is there a way to implement a "kill switch"? Something I could use to silently wipe my laptop clean during such an inspection?

Here is how I would do it on my MacBook Pro:

  1. Create a new user. For reference lets call this user "user2".
  2. Create a script that deletes all sensitive data from my laptop: the home directory the user I normally use and any other directories that contain sensitive data.
  3. Make this script is in the startup items of user2, so it runs automatically when user2 logs in.

Then I would make sure that my laptop is turned off before going through a border control, and if asked to unlock it, I would login as user2 (which would trigger the wipe-it-clean script). Given that I always keep multiple backups back home, this would be a huge inconvenience, but I can always restore my laptop to it's previous state later.

And if I want to secure my iPhone too, before traveling I would back it up on my laptop's hard disk, delete any app or personal data I wouldn't feel comfortable being in someone else's hands and then restore it to it's original state when I reach my final destination.

What do you think?

Photo by wlodi.