I just read @unruly's post about the US considering denying entry to UK citizens who don't give up their passwords.
This is not a new problem in the US. In fact, it affects US citizens too. A couple of months ago, I started using an email service (cock.li), the owner of which is US citizen who has had his devices and servers seized by various authorities in Germany and the US. He lives in Romania, and when he travelled to the US, they seized all of his devices and requested that he decrypt them. He refused, and they still haven't been returned to him.
So what do you do if you can have your shit taken or be denied entry to a country if you refuse to give your passwords away?
Use Veracrypt. It is free encryption software that you can either use to fully encrypt a laptop, or just encrypt certain files. If I wanted to encrypt my music library, for example, all I need to do is add the files to a virtual Veracrypt drive. To view the files, I enter my chosen passphrase and the files are decrypted allowing almost instant access to them. It uses various different encryption algorithms, but the default is AES 256 bit encryption (which isn't going to be cracked anytime soon).
The reason I mention it is I recently discovered it has a feature which can help in a situation where you are forced to give up your password. The same feature exists in some bitcoin wallets. You can mount a fake drive.
Basically:
- You get stopped at the airport in the US and are asked to give up the password to decrypt your laptop.
- Instead of entering the real password that decrypts the laptop, you enter another password, and your laptop is decrypted.
- The files on the laptop are not your real files. It is a decoy drive that was decrypted instead of your actual files.
To border protection, it looks as though you have fully decrypted your device for them, but really its just a fake, and your real information is still protected. In bitcoin wallets, a decoy password will open up a wallet that has less bitcoin in it than your real wallet, so if someone is forcing you to open it you aren't going to give all of your bitcoin away.
Depressing that you need to go to these lengths to protect your shit, but at least there is a way to do it.
Awesome, thank you for the tip!
It's a lot better than the 4chan hack of deleting system32