[Infowarrior] - More on....Appeals Court: Border electronics searches are okay

Sat Apr 26 13:37:51 UTC 2008

------ Forwarded Message
From: Dave Crocker <dhc2 at dcrocker.net>
Date: Thu, 24 Apr 2008 09:39:14 -0700
To: <dave at farber.net>
Cc: ip <ip at v2.listbox.com>, <EEkid at aol.com>, Richard Forno
<rforno at infowarrior.org>
Subject: Re: [IP] Re:   Appeals Court: Border electronics searches are okay

Folks,

Worrying about inspections at borders is titillating but probably distracts
discussion from the larger and more pervasive examples of unwanted
inspection of data on a laptop: physical theft or loss.

Protect against that, in a way that is viable on a daily basis, and the
border concern is automatically also dealt with.

So it's fine to have concern over border inspection serve to motivate
efforts at protecting mobile data privacy, but it probably should not guide
design.

We've seen the same distinction for developing trust-based mechanisms to
"fight" spam and other abuse.  Good for motivation, bad for design.

The design needs to solve things in a way that fits into daily use, rather
than being tailored too specifically for special use cases.  And no matter
how much you cross borders, it's a special case, compared with the rest of
your laptop use.

As with so many other security issues, in the case of laptop privacy, the
core technical challenge is almost certainly a human factors one.

Keeping data on a peripheral that is removed is inconvenient and really
doesn't solve the problem, since the peripheral is also subject to
inspection. And for a large enough amount of data, the i/o rate is not good
enough or the storage choices are too limtied.  Or both. So it is not likely
to scale into widespread use.

Having file or disk encryption performed automatically certainly sounds
appealing, but it creates the question of how the data are unlocked.  If it
is convenient enough for daily use by mass-market users, does it really
provide meaningful protection?

So, for example, having login (boot-time or waking from sleep/hibernation)
also unlock the data is extremely appealing, since it creates no new
human-factors effort.  But does it provide protection against a laptop
stolen when you step away from it for a few seconds?  Does it need to?

I think this translates into the question of granularity for the user
activity that controls the crypto.  Does the human factors check take place
at the right times to be useful while still being tolerable?