https://www.schneier.com/blog/archives/2025/04/cell-phone-op...
Adding context on the image thing-
I have old 32 bit apps for some of my hardware cameras / other devices that attach to Android Phones, that will not be backed up with all their settings, and that worries me as even though I've extracted their APKs for preserve, each install requires reaching out to a server for first activation and one day there won't be a response when the companies that made those hardware cameras end support - and I won't be able to do that first activation which is all they need.
A Full image theoretically would make this a non-factor- but the built in Backup method for Android doesn't do this. This would be the same if had the Apple variant of these cameras. And while things like TWRP exist which could attempt it fully- that involves unlocking the bootloader which is what one does not want when there is a chance of a casual forensic search.
Random and targeted checks have always existed at borders. They would go through your stuff and move on to the next target if they didn't find anything suspicious. If you had folders, envelopes, etc. in your trunk or luggage, then they would go through them as well so, if you didn't want them to go through your most sensitive stuff, then you didn't bring that stuff with you. It's as simple as that.
But "privacy minded" people had it easy, back then, because they didn't travel with 20 years of correspondance or porn search history in their luggage.
Just leave your gadgets at home if you are worried about what could be found on them.
- If you really need to bring _your_ laptop, then image it anew before leaving.
- If it is a work laptop, then let your employer's IT department deal with the issue. You don't have personal stuff on it, do you?
- If you only need _a_ laptop, then buy the cheapest you can find upon arrival.
- Get a cheap SIM card and a disposable phone upon your arrival.
Please don't try to minimize the egregiousness of having your personal documents searched for the sake of security theater.
Well, those are _basic_ OPSEC for people whose life/safety/freedom would actually be threatened by a search ("good guys", "bad guys", it doesn't matter). If the only things threatened by a search are your pride/moral principles, then yeah, those might seem unreasonable.
> Please don't try to minimize the egregiousness of having your personal documents searched for the sake of security theater.
I don't know if that term has been coined before, but "privacy theater" is also a thing, and it is just as grotesque as the other theater.
A 256Gb microSD hiddden in luggage with a fully updated MX-Linux installed.
Create a snapshot of the updated system on a MX-Linux live CD including all the programs you would normally use, VPN etc, save it to a usb drive and write that to your microsd card.
sudo dd if=snapshot.iso of=/dev/mmcblk0 bs=1M status=progress
meanwhile, install a new HDD drive on an old laptop. wipe it and install any new linux distro. you wont be using this at all
at your destination, input your microsd card into laptop, change boot order and boot into your new microsd card,
The microsd card leaves no traces, it runs in memory.
A freshly installed Lineage on an older phone.
you wont have to unlock anything, you will have nothing on your laptop or phone
border force can access everything. there is nothing to see!
get a trusted friend to send you any important files via signal or any other encrypted messaging or email service
At your destination, login into your emails and messaging services etc
Your worst enemy here is a thought that they are stupid and that you can confidently lie in a tight room, surrounded by police officers. Neither is true.
The temporary OS must keep some personal data in tact, otherwise you'll end up with a full search. So the "not so private data" has to be discoverable.
That would be tails on steroids, and help a lot of journalists and reporters while crossing borders.
Flashing the BIOS would probably be the hardest part, considering that libreboot will raise suspicions.
A better approach would be to backup your OS and make it available online over SSH/VPN for example. Then install windows or any other default OS on all devices with some amount of believable but not too personal data. Once you are over the boarder wipe all devices and download your real OS and data over the internet to your devices.
[0] https://newrepublic.com/post/192946/french-scientist-denied-...
Call ahead to the hotel one is staying at and arrange for the box to show up with the instructions that if travel plans change they are to open the box. Inside will be another box with a FedEx label that returns the box to its origin. Attach a page on the inner box that explains this as well. Sometimes communication is poor at hotels among staff. Attach a coffee gift card to the note on the inside and annotate the card is for whomever is shipping the box back to its origin.
Android, ymmv may vary as different models, carriers and versions vary.
Lying to the police, being clever with stenography, etc is stupid.