In these troubled times, business travellers occasionally have to cross borders where the border guards have significant powers to seize your electronic devices, and even compel you to unlock them or provide passwords. You have the difficult choice between refusing, and perhaps not getting into the country, or complying, and having sensitive data put at risk.
It is possible to avoid storing confidential data on your device if it’s all in the cloud, but then your browser is logged into (or has stored passwords for) various important systems which have lots of sensitive data, so anyone who has access to your machine has access to that data. And simply deleting all these passwords and cookies is a) a pain, and b) hard to recover from.
What might be very cool is a Firefox Secure Travel addon where you press a “Travelling Now” button and it:
- Disconnects you from Sync
- Deletes all cookies for a defined list of domains
- Deletes all stored passwords for the same defined list of domains
Then when you arrive, you can log back in to Sync and get your passwords back (assuming it doesn’t propagate the deletions!), and log back in to the services.
I guess the border authorities can always ask for your Sync password but there’s a good chance they might not think to do that. A super-paranoid version of the above would also:
- Generate a random password
- Submit it securely to a company-run web service
- On receiving acknowledgement of receipt, change your Sync password to
the random password
Then, on arrival, you just need to call your IT department (who would ID you e.g. by voice or in person) to get the random password from them, and you are up and running. In the mean time, your data is genuinely out of your reach. You can unlock your device and tell them any passwords you know, and they won’t get your data.
> assuming it doesn’t propagate the deletions!
Yeah. Better talk to the sync team about that first. :)
Make sure we’ve got Sync-as-backup locked in.
This is something I’ve been thinking about for Tofino, which has the potential to offer a much more complete data movement ability. It would be difficult for Sync. The tricky thing, of course, is that CBP can always ask, and then this applies:
Set up a VeraCrypt partition and you have not to worry about the lying agencies.
an empty laptop or web browser is also an argument for the border patrol to refuse you entry/etc. thats the problem with these solutions often times.
“It’s company policy”.