It's not a "guess". The last Android release that lacked support for block-device-level encryption was KitKat, which shipped in 2013. Any device being advertised with the "Android" trademark (to be fair: AOSP-based clone OSes like Amazon's have been slower to evolve) over the last two years has that support.
Please don't hijack an important security discussion to engage in meaningless platform flamage. Users with Android phones have this available and they should enable it, not be told that they need to "guess".
Also the parent post was talking about usage, not availability of encryption. So while recent Android versions most certainly offer encryption, it might not be enabled. iOS encrypted by default, as it should be.
I frequently see people with KitKat devices. Just because they aren't being sold by big parties now doesn't mean people don't have them, I can't make a global statement about Android devices the same I can about iOS ones.
I have some questions actually. Is it something you need to enable on Android? I seem to understand from the comment above yours that iOS has this enabled by default. If so, how do you actually enable it?
Yes, it's impossible to disable the disk encryption on iOS. If you don't set a passcode, the disk is still encrypted (but only with a per device key), this prevents recovery of data after an erase.
All Apple devices are AES encrypted with a combination of a key on flash in the CPU, and a unique static key in the CPU core. "Erasing" the phone just removes the key, rendering the bulk flash storage completely useless. There's never any data stored which is not encrypted.
The area you are frog marched into is strictly no devices allowed, if they see you with any electronics in your hand you will be pounced upon. This is very obviously because people try to destroy evidence they have on their devices once they discover they are screwed.
Nah, I'm sayin the area leading up to passport control or in the baggage claim area. I realize once you're sure something sketchy is happening, there's no actions left to take anymore. I pretty much have my phone out and in my left hand 100% of the time I'm in airports/planes, so nothing suspicious about right as someone's coming up to you or right as you walk up to a CBP officer you just tap a button.
They claim to be device free, but yet everyone has their phones out texting and doing email as they wait in line. I've never seen a border agent even say anything, much less march someone away.
As long as you aren't taking pictures of the procedures they don't really care.
The waiting line for immigration/customs is not the area I'm talking about, this area is where you go once you fail the initial screening. In some international airports like Sydney you will receive a $300 on the spot fine if you have your phone in your hand, they're serious about it.
Australia does have some outrageous laws, so I suppose they want you not to be destroying the things that are governed by those laws on your phone. But I'd rather take the fine than have them find out, if I had such things.
What is the felony charge? I keep seeing the word "felony" bandied about in this thread. I get it, it's a scary, attention-getting word. Is it really a charge with a minimum 1-year sentence?
18 U.S. Code § 1001 - Statements or entries generally
Current through Pub. L. 114-38. (See Public Laws for the current Congress.)
(a) Except as otherwise provided in this section, whoever, in any matter
within the jurisdiction of the executive, legislative, or judicial branch
of the Government of the United States, knowingly and willfully—
(1) falsifies, conceals, or covers up by any trick, scheme, or device a material fact;
(2) makes any materially false, fictitious, or fraudulent statement or representation; or
(3) makes or uses any false writing or document knowing the same to
contain any materially false, fictitious, or fraudulent statement or entry;
shall be fined under this title, imprisoned not more than 5 years or, if
the offense involves international or domestic terrorism (as defined in
section 2331), imprisoned not more than 8 years, or both. If the matter
relates to an offense under chapter 109A, 109B, 110, or 117, or section
1591, then the term of imprisonment imposed under this section shall be
not more than 8 years.
Option 2: If you're at the US border and a US citizen, "Sir, I'm an American citizen and just want want to get home" -- citizens can't be blocked from re-entering at the border.
Option 1, why did you bring decoys? You should probably sit here in this cell for a bit while we work out what the fuck you're doing.
Option 2, they can't stop you from entering but they can make you enter directly into a jail cell, or generally make your life miserable. See the owner of cock.li, who had all of his electronics seized twice.
I've been party to discussions like this, I know how it goes. Once you're shoved in a small room indefinitely, all of your possessions and shoes taken so you don't kill yourself, and had questions dumped on you, a lot of these cute actions people are suggesting are pretty ridiculous. A seriously stupid move would be to try something like erasing your data, or trying to mislead the offers would simple prolong the experience. You get that treatment even if you haven't done anything wrong, god knows what happens if you have.
Citizens may, indeed, not be barred from re-entering, but there's absolutely nothing, anywhere that says we can't be made to wait unconscionably long before entry, or that we can be allowed to re-enter without our devices.
That constitutes de facto detention and yes, there's absolutely something that governs it.
Unfortunately ICE/CBP has policies [1] in place to require the phone's password that they believe are legitimate per 8 USC § 1357(a) (3). It's likely that only a court ruling weighing the policy regarding this statute against the bill of rights would make them change.
Define "blocked". Because Sidd Bikkannavar's recent experience tells a different story[0].
"The document given to Bikkannavar listed a series of consequences for failure to offer information that would allow CBP to copy the contents of the device. “I didn’t really want to explore all those consequences,” he says. “It mentioned detention and seizure.”"
You may be subject to an inspection for a variety of reasons, some of which include: [...] you have been selected for a random search."
You’re receiving this sheet because your electronic device(s) has been detained for further
examination, which may include copying.
CBP may retain documents or information relating to immigration, customs, and other enforcement matters only if such retention is consistent with the privacy and data protection standards of the system in which such information is retained. Otherwise, if after reviewing the information, there exists no probable cause to seize it, CBP will not retain any copies.
Tech bro citizens need to intentionally travel in order to step up and volunteer to say "No" to all entreaties for their data. They have money for lawyers, and PTO for time.
>citizens can't be blocked from re-entering at the border.
Well, sort of. They have to let you in, but you can be held more or less indefinitely if you're suspected of committing a crime, or not complying with the border agent.
"Okay, then please give me your Facebook and Twitter usernames and passwords."
If you lie, and then they do a search and find you, then you're going to be in bigger trouble.
I don't know those passwords because I use a password management solution allowing me to use very strong gobbledygook passwords. Access to my password management solution is bio-locked on a device I don't have presently.
I'm based in the EU (until Brexit anyway) and often do calls with mainland Europe. Never had that problem. Seen a high CPU warning a couple of times but it goes away. Overall I'm a fan. I have friends who use it for virtual conferences even.
I use the free version out of the box to onboard new people (mostly independent coaches/consultants from around the world) as partners - see https://www.agendashift.com/partners to get a feel of geographic coverage
I guess like every option mentioned here they all suck for someone. We have used Uberconference and the audio quality is terrible. And it's not uniformly terrible either which is even more frustrating. Some of the attendees won't be able to understand some people and other attendees everything sounds fine (although it always sounds like a poor quality cellphone conversation).
With Google Hangouts we have poor quality audio as well and at least once per day we have someone that their audio won't come thorough unless they restart their Mac.
I'm secretary for an org. We're trying to use uberconference for our executive board meetings. I like that remotes can call into conference bridge via phone.
I bought a SABRA bluetooth thingie for the room. Seems to work well.
Our results are mixed. We test out the conf room before the meeting starts. Good to go. Then weird stuff happens. People being muted. Their icon shows them talking, but no sound. People being dropped.
I don't mind the unreliability so much. 7 laws of networking and so forth.
I frikkin hate that I don't know what's broken, so can't hope to fix it. Especially DURING the frikkin meeting.
I've used Uberconference (pro) over fiber for a couple of years, and it's been rock solid. In cases where one caller is bad, the web interface will show you who is killing the call quality and lets you mute them.
Except in rare cases, I find the problems you're describing are usually a problem with the end-user, their equipment, or their network. Cheap phones, bad cell connection, bad voip, etc. An unmuted speakerphone with a noisy background can bring most calls to their knees.
We too have used Uberconference, I forget why we ditched that as well, might have been down to the cost of the thing. I actually quite liked it, the web application was solid and it encourages ad-hoc meetings.
If they ask you "is there any hidden data on this device", you would have to respond in the affirmative. Lying to a border guard is a felony, there's no cute technical solution to this. They will, according to their own paperwork, make copies of any data they find interesting for future analysis.
Hmm, what if we keep some encrypted porn in the shell OS? "Yep, there is hidden data. Do I really need to decrypt my special folder because I really wouldn't like to? OK then, the password is.."
Disclaimer: this is all being speculative, of course. I'm not suggesting to lie to or misdirect a border guard in a real-life situation.
This is a perfect example of why the correct place to fight this is at the judiciary.
Trying to outsmart the border guards essentially makes you a smuggler. Sure you're trying to smuggle your own personal data rather anything nefarious, but either way - you're trying to beat them at their own game, on their own turf, where they have every advantage, constant practice, and effectively get to write their own rules.
Every fantastic example you dream up, you have to pray no-one's thought of it before. The game's rigged.
The only real way to win is to double down on the legal position of such searches.
TrueCrypt supported plausibly deniable encrypted partitions. When using something like this it'd be possible to deny the existence of encrypted data and lab analysis wouldn't turn anything up. Or so they claimed.
The documentation that comes when you are compelled to give over keys mentions that they will retain complete copies of any disks, drives, flash card, any piece of data until it is no longer relevant (read, forever).
> To me having several pseudonyms and also using throwaways is part of standard information hygiene. I also have multiple email addresses, some are set to forward to others (one-way of course), others aren't. I don't know why people aren't teaching that to their children.
For aliens (people entering under ESTA, visas, etc), you are compelled to reveal any aliases or pseudonyms you operate under. There's a two page document for you to fill the details out under ESTA, presumably under under a visa as well. Lying to a border guard, or on these forms is a felony.
That must be new. It wasn't part of esta two years ago. I would be totally unable to produce all my aliases in all the services I have accounts. I wouldn't even be able to remember all the services.
I believe it's supposed to be only names you've gone under, calling yourself horsemaster88 on youtube wouldn't be included, but calling yourself Jerry Fink, lord of horses would be included. With the new laws going into place for giving up social media names I wouldn't be surprised if online pseudonyms will be included in the future though.
