Episode: 771
Title: HPR0771: Mischief Managed
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0771/hpr0771.mp3
Transcribed: 2025-10-08 02:09:07

---

.
Hi, my name is Gordon Sinclair, I'm known on IRC as Thysolweb.
Now, this HPR episode is about customs.
It's about how to get your laptop, your netbook through customs
with your data at the other side and effectively hidden from the copyright
cops. Sorry, the customs officers who are these days basically working at the
behest of the entertainment mafia and who have all sorts of rights and
excuses to go rifling through your private data looking for downloaded MP3s and
movies and stuff like that. So you've got different ways to do it.
The last thing you want to do is to try to pretend that the laptop
isn't working. I'll never buy that. What you've the idea is to cooperate
and let them see what they think is everything when you know it's not.
So you've got different ways to do it. I think of this as the
security when you walk through the metal detector, your
luggage goes through separately when it's actually adding stuff like that.
And there's certain there's the security customs officer there and
obviously the things like your keys will trigger the detector.
You take them off and you go through again. So you've got to find a way to
get your data from one side of this barrier to the other while keeping it
hidden or keeping it away from the customs officers. So there's different
ways to do this. You've got the first one is using some sort of cloud
service whereby you upload your home folder to some cloud service.
And then once you're through customs, you go through with a blank laptop
or a blank netbook and you get your hotel at the other side,
you connect then on it and you download it all from that server.
And then they say the reverse on the way back as well.
Before you're ready to return home, you connect to that server again,
upload your home folder again, delete it and come through customs,
download it when you're back home again. Now there's issues with that.
If you're a business traveler, then that's less of a hassle because
chances are it's going to be your company's server you connect to and
it will be your, it will be secure, presumably it will be secure,
the connection will be secure and the cost of uploading through wireless
dongles or whatever, local connections, that's all going to be covered by your
company. The issue here is for home users, for domestic users,
when you take your machine on holiday with you, then you're looking at
something, most likely it's going to be a third party cloud service like Amazon
or Google or God help you, Microsoft, some server somewhere.
But the problem with that is you're putting your own personal,
excuse me, your own personal data onto a third party server.
There's all sorts of privacy concerns with that.
It will be mined for all sorts of information about you so that they can then
target you with other services and you know, Google put, Google
have algorithms to scan inside your Google Mail to pick out keywords and
inject RVERS based on those keywords. It's not a human being but it is
still an algorithm that's helping to build up a profile on you.
So that's one concern is that it's, you're putting your private stuff in
that cloud, a third party cloud, it's not entirely private.
The second issue is with that is once you put it in the cloud,
a lot of the cloud solutions are American based.
So as soon as you put it there, the various departments of American
government then decide, oh, that falls under our jurisdiction.
It's a company on our soils, a server on our soils registered as a dot com.
We have legal access to that and they don't even have to ask you if
the third going for a fishing expedition, they want to find out what data
they have on a user. They can just go to Amazon or they can go to Google or
Microsoft or whoever the provider is and they'll roll over and sell you
out essentially and you'll never know about it.
So that's another concern. The other one, if you can get around
that, I'm assuming you don't have anything that's really that troubling.
If you can get around that, the other concern is about cost because if
you're going on holiday, you don't want to be, you're not going to get a
quote value for money on quote, ISP package when you're across in this in
this country. If you're only there for two or three weeks, then you're
going to buy a local ISP's Dungle, USB Dungle. If I go to America, I'm not
going to, I'm not going to sign up to a two year contract with AT&T.
I'm going to buy like a year of paying gold, USB Dungle.
That's a throwaway thing that I'm only going to use it and maybe top it
up if I have to and it's a throwaway thing. So when you're, if you have
to download your home folder through this, this USB Dungle per megabyte,
that's going to be expensive or it could be expensive. And then the same
worth going for putting it back up the way before you come back home again.
The other concern with that is if you're asked by a customer's
officer to open your laptop and your network and switch it on and log in,
which is the whole point of this episode is how you can do it without
keeping your private stuff intact. So if you're going to be asked that
anyway, then it looks suspicious. If you've got an empty laptop with nothing
on it, it looks suspicious. And that's, these people are looking for
any excuse to, to huckle you away at the side and call you a terrorist
or whatever and use all sorts of powers to seize and do a
do-hole forensics on your, on your machine. The whole point is you
want to go through and let them see everything or at least what they
think is everything. So going through with an empty laptop would
raise suspicions. You'd at least be asked why. Now you could get away
with it for a company. They say, look, this is a business laptop.
It's company policy that we don't have any sensitive information on
here that we be forced by all sorts of data protection laws to keep
consumer data secret and all this. You can use all that for a
corporate, but you're not going to get away with that as an individual
holding maker. So that's the cloud. And what I mean by a cloud is
basically a server somewhere. You could have your own FTP server
or whatever. So it's just the idea of putting it up to some other
server and back down has its issues. The other way to do it or
an other way to do it would be to have a decoy user account.
Now for this, it would mean that you would have to make sure
your login manager does not show the user list so that when you're
asked by a customs officer, could you switch your machine on and
log in please? Certainly officer, not a problem. And you can log in
with the fake username and the fake password. And for that, you
would have to prepare it beforehand. Prepare the account beforehand
to make it look like a regular lived in home rather than a show
home. So for that, you could do a lot of things, excuse me.
You could do a lot of things like going download a few
podcasts, a few creative commons, audio books, create a few
fake documents, word documents that are like, you know,
let us do your local council or something to say or the
trash hasn't been collected. I'm paying my taxes. What's
all this? So do stuff like that. Prepare it in advance. Change
the wallpaper. Have things open by default, like a media
player owned by default. Have your web browser, bookmark
some pages, some YouTube videos, some flicker pages, some
blog posts, subscribe to a few RSS feeds. You get the idea,
make it feel like a genuine home so that it looks authentic
when you sign into it. Now, because if you've, you've always
got the possibility of when you log in, there's a lot of RSS
feeds that are marked as fresh. They've not been read yet.
You might think that would look suspicious. I don't agree.
Because you've always, especially with a netbook, you've always
got the argument of, well, you know, and if there's updates
as well to come, you can always say, well, look, I've
actually got my regular laptop, when I'm at home, or my regular
desktop, when I'm at home, my netbook only gets used to
in a trouble. So it can be switched off for months and
months at a time, and then just charged before a leaf home
when I go on holiday. And that's just the condition it was
in the last time I switched it on. I sometimes remember to
switch it on every two or three weeks and do updates.
Sometimes I don't. It's no biggie, really. So that's
very, very plausible in that situation. So that's one,
that's another way that the issue I see with that, though, is
when you, when the whole point of this is to let the
officers give the officers full cooperation, and the thing
with that is you cannot rely on being the one that clicks
around in different places. You've got to be able to stand
back and let the officer go, wherever they want to go, if
they want to click on something, they click on it. It's
entirely possible that they would go in the file manager,
they would click on up from the home folder, which leads
you to seeing the home folders for every account on the
install. So with that, it's just a double-clicking in
another folder and they're into your private stuff that
you're trying to sneak past them. So that defeats the
purpose. That's the flaw in that plan. The way there's
another way to do it as well. And that is to have a decoy
distribution. Now, if you go traveling quite a lot, it
would be worth actually setting your laptop up and your net
boot up like this with a decoy distribution. And for that,
I would say don't go with a known distribution or a KDE
distribution, not because they're bad, but because features
in Nautilus and I believe Dolphin as well, would actually
count against you here. When I don't use Dolphin very
much, so as far as I remember, this happens in Dolphin as
well. Nautilus, it picks up partitions that are on your
disk and it helpsfully mounts them and puts them on the
sidebar, which is great. It's really handy, but in this
case, you don't want that because the officer is just a
click away from your home folder, your real home folder, which
is the whole point of trying to hide that. So I would suggest
going for something that's light, that doesn't use Nautilus
or doesn't use Dolphin. Thunar is a good bit, so something
like that XFCE or even CrunchBank uses Thunar as well.
So if you set it up to dual boot and put your
your main distribution as you would normally install it,
believe say a 10 gig partition at the end of the drive for your
decoy partition and install whatever that happens to be,
it might be CrunchBank, it might be something else.
And put that on the remaining 10 gig. And again, the same
thing happens, the same thing applies, make sure that you
prepare it in advance, change the wallpaper, set up
bookmarks, RSS feeds, some decoy documents, make it
look like a genuine home. And then when you're asked to
boot up the laptop, well you've got something to go into
that's not going to see and not going to mount your normal
stuff. So the problem, the next thing is here, well, if
you're dual booting, then surely the, you would get the
grab menu in the office or would see that and see that there's
two operating systems and would want to see both. Well,
here's the trick, if you install, make sure grab is
controlled from the decoy operating system. When you are
about to go on holiday, when you're about to travel and you
know that you might get built out of line and being asked to
switch the machine on, what you do it basically is log in to
the decoy operating system, the decoy distribution, you
know what, you could even do your updates and better before
you, where we are there. But open up grub and change a couple
of things in the grub file. So it would be pseudo space,
G-Edit space, slash boot, slash grub, slash grub.cfg,
that will open it as root obviously and needs to be root
with G-Edit and use your editor of choice. And the two
things you're looking to change here, first of all is the set
default equals zero. That means that it's, it's always the
one that's right at the top of the list that ensures that when
you get a new kernel, it boots into that because that appears
at the top of the list. Now, if you count down the number to
the one that's the actual decoy and set that as your default,
obviously it starts at zero. So if your decoy is fourth
on the list, then that would be set default equals three,
zero, one, two, three. So you might need a bit of trial and
error to get the correct default as your decoy one is a
default. So I would set that first and then reboot,
don't touch it, I'll let the timer count down and see where it
goes. Once you've got the right distribution or the right
one, then go back into grub again and change the next thing
you're looking for is the timer. So it's set timer equals five
or ten or whatever that's in seconds. So change that to zero.
And if you do this, since you do that, you don't see grub.
The next time you reboot, you don't see grub, it goes straight
in your default, as if that's the only thing on the
disk. So that's basically it. When you walk through
customs and you're pulled out a line, could you power your laptop
off, please? Certainly, officer, not a problem. And you power
it up, your grub doesn't show it goes straight in the decoy.
You sign in, as you'd expect to sign in and happily stand
to the side and let the officer click away to their hearts
content. You are in the model of a cooperative citizen known
fine well, that your data is actually on the machine
they are touching, but they'll never see it. It is basically
invisible ink. The other way to look at it, I'm not the
under the whole wall analogy, is it is the tunnel underneath.
Excuse me, it is the great escape. As your data travels
underneath their feet, and they are completely oblivious to
it. So that's that's how we do that. The other way you can
do with grub is have it to automatically reboot into the
last used, the last used install. I wouldn't trust that
because just in the off chance that you forget which one was
the last one and you end up booting into the real partition
you're left with no choice, but they'll log in and give away
all your data. So I wouldn't do that. I would certainly
set a fixed default and do that. So that's it. If you are
regularly going through customs, you can get your stuff
assuming you can keep a straight face known that the officers
are completely oblivious. You can get your private stuff
through customs right under their noses and they'll be
done the wiser. Obviously it's not going to do anything for
forensic searches, but the whole point is you are the model of
cooperation, so they have no reason to suspect there's
anything up. That's the whole point. The other side to
this would be encrypting your normal data, but that's
I'm going to do separate screencasts about that. The whole
point is just to keep it away from the search at customs.
So that's it for this episode and if you have a need
for that, then I hope it's helped you and if you do so
and get caught, ain't nothing to do with me. As usual,
it's the whole lyrics thing. Use it your own risk.
So thanks for listening. I'm Gordon Sinclair. I'm on the
IRC as Thistleweb. You can contact me if you like.
That's Gordon at Thistleweb.co.uk.
I'm going to tell the next episode. Goodbye.
.