Us Americans have been taught exceptionalism all our lives. The people consider themselves to have built and to live in the freest and generally most superlative country that ever was.

We were pretty "soft" (dislike the term) on the land borders and on immigration. Fairly easy to enter, to claim asylum, to live and work on different sides, and so on.

I don't have an answer for the question of if we should be making our border security as intense as it can be elsewhere, but I don't love the story of just doing as other countries do. We're exceptional, right?

I don't think this is a great comment I'm writing, but it's how I feel about things right now.

Nope, based on fact: https://arstechnica.com/tech-policy/2023/12/apple-admits-to-...

[flagged]

For now.

https://www.vanityfair.com/news/story/trump-deporting-us-cit...

We get to choose between allowing government agents to go through our files or losing our expensive hardware.

This is a lot better than the choice between allowing them to go through our files or not entering the country, but it's still pretty gross.

dizhn is free, for example, to lick as many boots as he desires. No one can take that away.

Poor reply. I want America to be free for anyone who is on our soil. Not just for me and those lucky enough to have been born here, and not just for the political aristocracy and their Israeli darlings. Some Americans welcome a master it seems, when it speaks Hebrew

We know that there are also Israelis calling for the genocide of Palestinians. None are being deported. I'd be willing to believe that some of the students being deported have called for genocide, but the government must produce evidence. https://www.pbs.org/newshour/politics/court-tells-government...

Your phone could become damaged and inoperable every day. From dropping it in the toilet, being stolen, a house fire, etc. If you're "petrified" of losing your data, it's worth the work to ensure your data backup procedures are adequate.

IMO if you are so concerned about it, then just buy a second phone, and leave the "first" phone at a family member, or at least someone that you trust. If something fails to restore, just call them to read you the OTP code or whatever.

If you're worried about your backup data being correct, you don't have a backup.

> I’m petrified of the restore being imperfect in some way.

A lot of this is from anchoring important things to your phone. I practice, and strong recommend, avoiding that as much as possible. Your phone should be entirely disposable. If you drop it in the ocean, would you care (other than the monetary loss)? If yes, find way to detach those things from the phone. There should be nothing important on a phone.

I am in a similar pickle.

This is an issue I face- I have a collection of thermal cameras that use apps to control them- after every install onto a phone, they then reach out t oa server to authenticate.

Here's the issue- though I have a few older phones- these apps are 32 bit ones, so no modern phone after Android 13 will run them. And they are all now not on the app store anymore,as they all came out about around 2016. i did use a APK extractor to pull the APKs to store them - but the native backup functionality wouldn't capture that authorization in the future, I might rob myself of my ability to use some extremely expensive, and long-term invested capable hardware, by backing up and restoring-

I suspect a full image would solve this problem, but I don't think one can do that outside of things like TWRP- but that requires unlocking the bootloader, and if you do that it wipes your device- AND is more vulnerable to Custom's usage of Cellebrite and etc, to my undertanding.

I don't have this issue with laptops ,as I can fully image them and wipe and restore ahavend have a perfect replica/ no issues. But my thermal cameras do not run off of PC and th eform factor wouldn't work if they did

This is like sticking your head in the sand. Okay, maybe the backup is imperfect? What’s your plan if you phone is lost, damaged, or stolen?

This is why testing recovery is a critical part of any backup plan.

Having your $1000 device stolen by the government as an acceptable outcome is something only a fatcat on HN with their cushy salary would be able to tolerate. I'm not a FAANG employee, and don't make that kind of salary. Loosing a $1k anything would not be something I could just shrug my shoulders and just turn around and immediately replace it.

Even if you do sue the gov't, it'll be at least a year before any kind of resolution that results in the return of that device. Them keeping my phone would be one thing, but if they also kept my laptop, I'd be screwed. My laptop is much more than $1k, and there's no free laptop with contract cell service I could use to replace it. Now I'd be without a means of working.

These kinds of situations make me really yearn for the days of replacing the internal hard drive of a laptop. I could swap out my daily use drive for a travel drive, which would be much less of a hassle than the options on offer for modern laptops.

>Welp, today has become tomorrow, and yeah, I'd _absolutely_ rather just have my devices seized than have the contents of my phone dumped into a database that can be searched without a warrant, for the next 15 years.

You're totally ignoring the option of wiping your phone prior to crossing, and avoiding both fates.

>Rights (like the 4th amendment) that are not exercised are not upheld. I'm sure the threat of having one's devices stolen (let's be clear, that's what this is), is enough to deter many people. For myself, my next course of action would be to contact the ACLU and sue the government for violating the 4th amendment.

This already has been litigated, and the courts have affirmed CBP can deny entry or seize your phone. By all means, try to affect change by writing to your senator or whatever, but displays of civil disobedience is mostly pointless. ACLU won't even take on your case because it's been settled, and the chance of it being overturned is slim.

China

I would definitely come across as suspicious to any border inspection. I have no Google apps, I have no social media apps. I have very few apps at all. I definitely qualify as someone that would be the type to wipe their phone. Also, my photos would definitely look like something someone staged to show activity, as the vast majority of my photos are of my fur babies. I don't do selfies, so that would be sus too. My browser history would also appear to them to be wiped, because I simply do not browse the web on the phone. I doubt it would be a quick conversation of me convincing them I'm really just that boring.

I think their point is that you have plausible deniability because they wouldn't know you have a backup.

> If they can compel you to divulge the password, then they can compel you to restore from backup in front of them.

Of course, if your backup is to a US-based cloud service, they already have full access to it.

they can't if they don't know you have a backup.

if they're really out to target you and they've got you under investigation, then maybe they know what your primary email account is and that your phone isn't signed in to it. but the advice here is for the traveller who just doesn't want to be hassled at the border by the guard who wants to flex their power.

Well since the phone is wiped just don't be logged into your real account and don't have any cloud backups to backup from?

don't have your backup online

The ACLU has authoritative advice [1]. The article about electronic device searches [2] explains that the government claims the right to search devices without a warrant at the border.

> U.S. citizens cannot be denied entry to the United States for refusing to provide passwords or unlocking devices. Refusal to do so might lead to delay, additional questioning, and/or officers seizing your device for further inspection. [...] If an officer searches and/or confiscates your laptop or cell phone, get a receipt for your property.

[1]: https://www.aclu.org/know-your-rights/what-do-when-encounter...

[2]: https://www.aclu.org/news/privacy-technology/can-border-agen...

I am not a lawyer, though I am a US citizen.

First, it's the fourth amendment that protects against unreasonable search. Fifth amendment is protection against self-incrimination.

My understanding is that fourth amendment protections effectively do not apply at the border [1] because the border is inherently a reasonable place to search people.

In regards to being compelled to unlock your phone, CBP maintains the position [2] that in order to uphold their duties they're inherently able to compel you. Anecdotally, if you don't unlock your device, they may (a) confiscate it (and possibly apply all sorts of cracking tech to it), or (b) refuse you entry. That said, a random law firm [3] cites that you can withhold a password-based lock, but CBP can compel you to provide biometric unlocking [3].

To me, this is a case of https://xkcd.com/538/ ; you may have a legal basis to refuse, but in the current iteration of the administration I find it unlikely that it would be a positive experience if you were to stand on it. (Not that CBP is going to beat you with a pipe wrench, but if they want in your phone, they're gonna get in your phone.)

[1] https://law.justia.com/constitution/us/amendment-04/19-borde... [2] https://www.cbp.gov/travel/cbp-search-authority/border-searc... [3] https://borderslawfirm.com/border-search-computers/

It's my experience that once you get sent to secondary they have already decided to fuck you, they are just deciding which flimsy excuse they will use to do it. My totally non-legal conjecture (and livid experience) is if you are a citizen they will play mind games with you in secondary or a holding cell for hours to a day or so and then eventually reluctantly release you after muttering threats about revoking your passport and/or not letting you in.

undefined

> I really just want a Linux that optimizes for a phone-factor touchscreen

I'm writing this from a GNU/Linux phone, Librem 5, which offers the full freedom of a desktop (including a full desktop mode when you connect it to a keyboard and screen). My daily driver.

> No cell radio.

Librem 5 has a hardware kill switch for that.

Have you considered using an Android emulator to run these apps? It should be much easier to make full image backups that way.

I did for years. Custom roms and all. Then over time there was just less and less of a need for me to do so, and more and more of a hassle if I did (banking apps breaking, etc).

If anyone starts, it's pretty easy to trot out some story about how CBP caught a drug smuggler or human trafficker or terrorist because of the searches and then the matter is quickly silenced.

Hopefully the absolutely bonkers level of irony that these policies have been put in place by people insisting to be "free speech absolutists" is not lost on them.

Recent enough Androids have this "Work Profile" feature. You get two app stores, and work apps get little "work" overlay. There are separate lock settings and sound/notification settings for work profiles too - I think this means you can have simple pincode for personal stuff and more complex for work one. And you can turn off all work apps at once with a single button press. And if your admin gives "remote wipe" command, only work apps are wiped.

Sadly this is automatic, which means regular people can't use it. You workspace admin got to enable MDM, and then phone will prompt you if you want a work profile when you try to install it.

The ability to set up multiple user accounts has existed for a long time: https://support.google.com/android/answer/2865483?hl=en#zipp...

Side note: The sibling comments talk about creating a work profile which is different in that it still lives within the same user account and is not fully isolated.

This is built into Android as Work Profiles.

I really want to respond to the dead comment under this.

Setting a duress password is not tedious.

AFAIK the justification for them to say "don't rely on adblockers for security/privacy" is that you can be more easily fingerprinted and those adblock lists are a moving target, vs. having better sandbox capabilities in the browser.

The rest is conjecture I don't have the motivation to debate at the moment.

As for the rest of the article... just get a second phone if this is a major concern, or wipe the phone and have it be perfectly clean when you go through customs. The only thing you need to remember is the password + a single TOTP backup code (write that one down maybe) to restore your cloud password safe (which you should have) then you can get access to all your other data from there.

[dead]

GrapheneOS has the duress password feature [1]. I have it enabled, but have never needed to use it.

[1] https://grapheneos.org/features#duress

Veracrypt. It's successor, keeps this feature - of allowing for a truly hidden OS- but there's a HUGE flaw everyone missed- it requires your laptop to be setup as MBR-= which only allows for 4 partitions, and you can't have more than like 2 TB of filespace on it total.

We need a similar solution for UEFI- that allows for truly hidden, foolproof hidden OS installs.

On newer Android, holding down power apparently just launches Gemini's AI assistant. You can change it back in settings, or just hold down power + volume up to get to the old menu that has the Lockdown button.

(Not to be confused with power + volume down which takes a screenshot).

This is not really a checkmate. If the border officials are suspicious, disabling biometrics is not going stop them. What are they going to say? "Ohh! Drat! You foiled us! We can't compel you to enter your passcode! Go on, have a nice day!"

Oh yes, this is one of the possible solutions with common sense. This is what I decided to do BTW.

Some of the college students with revoked visas just happened to be in the vicinity of a protest (near commute to their apartment ) against Israel killing so many civilians, and then there’s the batch who had speeding tickets. They are hellbent on deporting criminals of any level and thought criminals to meet quota. So I would not trust anything to be benign when viewed by US agents.

Yeah, be careful about going to Thailand: https://www.bbc.com/news/articles/cqx48egpgq1o

[flagged]

"With more than 300 student visas revoked, international scholars worry as the government expands reasons for deportation": https://www.cnn.com/2025/04/09/us/us-immigration-student-vis... (www.cnn.com/2025/04/09/us/us-immigration-student-visas-revoked/index.html)

So did I - and I kinda liked the place (not the border police, it seemed as if they hated me and hated the fact that I was coming to spend money there).

Would you elaborate why? (without being vague) I assume it's not common sense just because you did it?

Issues with border patrol can happen in any country. If they have bad mood, or you suddenly decided to piss them off, they will do their best to make your life harder. The US is not the best or worst to that matter. People who chose working as border patrol are not the smartest people out there (otherwise it is unlikely they would choose working at border patrol).

So I understand all precautions but saying its "common sense" not traveling there is a huge stretch IMHO.

Who came for you? You want to go to the US (or any other country) and therefore you align with their rules.

Nobody forces you to go there, and especially play secret agent. If you go, you know that what you have can be searched so have nothing, or have something that is not controversial.

The same applies to all the countries in the world.

Wouldn’t that look suspicious these days?

The nutso thing is this idea that there is no freedom of speech for non-citizens. Now that we're eliminating birthright citizenship and allowing people to be deported to El Salvador with no due process it's pretty easy to just declare someone a non-citizen because they can't provide their great-great-great-great-grandmother's birth certificate from 1783 that proves that they have citizenship going back to the founding of the country, then just put you on a flight to wherever they want so that you can't hire a lawyer in the US to fight for you. The only reason that hairdresser has anyone speaking for him at the moment is because he has family in the US and they have been able to find a lawyer.

In principle? As long as they don't make a quote-unquote "mistake" and rush you out of the country to their little El Salvador gulag before anybody can stop them or you can prove your citizenship.

I'm not sure information sharing with the US is going to last at this rate.

They have always been assholes. I was detained by CBP back in 1997 returning from Europe (through O'Hare airport), even though all my papers were in order (I am a natural-born citizen and I had my passport) because I was overheard speaking Spanish (I was returning from a study-abroad trip to Spain). Someone actually demanded to know where in Mexico I was born, even though, as I said, I had my passport, state ID, and birth cert all right there with me. They just dumped me in a waiting room for 90m (long enough to miss my flight), then told me to go with no explanation or apology. On the way out someone laughed and told me they didn't know why I was detained but I "looked like a terrorist" (I had a full beard at the time). Mind you, this was before 9/11 so I'm sure it's worse now.

> might as well assert your rights

I wonder what could happen to citizens who weren’t born in the US

Given what we’ve seen recently. Could it be possible they would refer these people to the state department to revoke their citizenships?

> they just threaten to revoke your passport which is also a lie

Insofar as the current regime has little or no respect for the rule of law, particularly due process, I can imagine them revoking someone's passport. The Secretary of State could certify that you have engaged in activities abroad that are opposed to U.S. foreign policy. On paper, the conditions for revocation are rather narrow. In practice with an adverse administration and a largely captured judicial branch, who knows? Either way, personally I don't care. No warrant - no looksies.

> Also, restoring a phone takes a seriously long time (8-10hrs?) and some things might not restore

2FA is a pain to recover, but it shouldn't that _that_ long to restore a backup unless you don't have decent internet access. All of my important data and apps usually take maybe 2 hours to get back (including flashing the OS), 3 if you include 2FA recovery.

Local backups is kind of an interesting risk/reward situation. My phone usually spends most of its time downloading apps from Google Play when recovering, the data recovery itself is very quick. Just backing up the APKs (which do not contain anything interesting) would probably cut down my backup recovery time to less than half an hour. Of course, my pictures and music are all stored in self-hosted cloud services, if you care to keep a local copy then things will take longer.

Maybe it's suspicious in Silicon Valley, but I know plenty of people who make minimal use of their phone. In Japan, flip phones are supposed to still be fairly popular.

US customs on mail parcels cannot 1) compel you to unlock your device 2) threaten you with deportation for non-compliance

not to mention that there are rooms and people trained in every airport to scan your phone as a routine component of their daily function WHEREAS customs on mail are 90% concerned about duties and 10% concerned about smuggling. 0% on what kinda sms you send to your buddies

Maybe I can tattoo a US flag on my bicep. Or did I go too far?

Obviously not, but locking down your phone is just not practical for most people. Of course, avoiding travel to the u.s. is the safest approach, but it's not that simple for many of us who have spouses, siblings, parents etc who were not born in the u.s.

Then don't travel, in many countries the penalty for disparaging the leader of that country is quite severe.

A totally rational choice and certainly the safest one. However, some people are are willing to take the risk in order to be with their loved ones.

Yeah this is why I don't travel in most of Europe

Americans really like to criticize America and have no idea how things are in other countries

Fingerprints are known to not be unique. Matches have been found between two people.

My family has a large bottle of wine my mother took from Italy to New York in the 90s. Wild how the times change.

I gave the example of the U.K., a dystopian privacy violator. The U.K. is in Europe.

The entirety of Europe would not come close to making a majority of countries. Even if I grant you the "entirety of Europe", I bet I'm still right that most (i.e., more than half) of countries reserve the right to search your device at the border, and will compel you to give the password.

For instances where the authorities wish to suspect you of a crime, looks like France was prepared to compel you to give a password in 2022: https://www.fairtrials.org/articles/news/french-court-rules-...

EU-wide, 2024: https://www.politico.eu/article/police-can-access-mobile-pho...

In the U.S., I believe you are covered by your 5th Amendment self-incrimination protections. I have some recollection that there are situations where authorities will compel you, like if you're not the one being accused of the crime.

It's incomprehensible to most citizens of the US as well, which is why it's an important article by a major newspaper and we're discussing it.