[itstotallykyle]

It's wild, I have worked internationally for a long-time and the rule when going to certain countries was bring a burner device. Going to China essentially meant the device was nuked on return to the States, now it is the same feeling to/from the US.

[abujazar]

That's exactly what European governments and corporations will have to start doing. Adding the US to the same list as Russia, China, Israel, Iran etc.

[Caarticles]

The list of countries where you need a burner phone will likely grow longer. Canada, Australia, UK, some developing countries, etc...

[jandrewrogers]

Governments maintain formal lists of countries for these types of things. I think people would be surprised how many diverse countries are on the formal lists. A number of European countries have been on them for years.

[antiframe]

I would like to be surprised. Can you share a list?

[866-RON-0-FEZ]

Australia's been doing this forever.

[smdyc1]

We have? My international relatives have never been searched to that degree, if at all.

That said, the whole thing is overreach in any democratic society.

[TimJRobinson]

I've had a full shakedown at the airport in Brisbane asking for passwords for phone/laptop and they will confiscate for 2 weeks if you don't comply. I'm an Australian citizen. They also didn't let me call anyone so my wife was left waiting for 3 hours wondering where I was.

[866-RON-0-FEZ]

I've binge watched enough Australian Border Patrol videos to know that:

1. You don't fuck around with Australian customs agents. Ever.

2. They make every other country look like complete lightweights, Americans and EU included. These guys will fine you AU $500 for half an eaten apple in your bag.

[angry_octet]

They may fine you for attempting to import a plant, but they won't imprison you in El Salvador for having liked a meme they don't like on US social media.

[jscho]

They're fined because they lied on their declaration forms. Our customs agents are generally pretty fair and reasonable, but they do take their jobs very seriously.

Tip for travelers to Australia/New Zealand: If you have something that is stated on the declaration form, just answer yes. Provided it's not some totally illegal substance, they'll inspect the items and if it's not allowed past the border it'll be seized without penalty. Someone will correct me if I'm wrong, but I believe in some few cases, you can even pick it up on your return.

If it's something like large amounts of cash, goods, alcohol or cigarettes, you may have to pay a tax or import fee and answer a few questions. Just don't be a dimwit.

[smdyc1]

Yes, it's a basic function of any customs and quarantine organisation. Australian Border Force don't care if you have memes mocking our PM or DJT. Inspection of electronic devices only happens when there's evidence of a crime.

[kelnos]

> These guys will fine you AU $500 for half an eaten apple in your bag.

That seems entirely appropriate, no? Produce crossing international borders like that can be a huge problem.

[Spooky23]

Read the stories about people who actually have this happen. You can usually figure out why they are targeted. That may not be just. But it is.

Customs agents are always given broad discretion and generally care about something.

Most normal folks will never intact with these issues. The last time I travelled internationally, they weren’t even doing secondary customs screening upon return to the US.

[gonzalohm]

Someone should make an app to offload all your data to a personal cloud before going to the airport and then reload it into the phone after going through customs

[bdcravens]

In the case of Apple, couldn't you reset the phone, sign in to a backup iCloud account, and then repeat the process with your real account once you're clear? Not a fast process, but most people have GBs of personal data so nothing would be quick anyways.

[gonzalohm]

In theory that could work (although I have never owned an iPhone) but usually there is stuff that doesn't backup (specially settings for apps, logged accounts, etc.) and it becomes tedious to have to sign in manually.

Ideally we should be able to just snapshot everything and then restore from that state. Kind of like EC2 or Digital Ocean

[angry_octet]

It's impossible to log in with just a password, you need to okay it on an Apple device. If ICE has that Apple device and a person who knows the password they can do the same.

Also they'll detain you for having a suspicious burner phone and interrogate you about your social media etc.

[ZiiS]

All backup apps work, no special requirements. Seedvault for my LiniageOS.

[XorNot]

They don't work well in my experience.

What I want is to get my home screen back exactly as I left it: I've not found anything able to pull it off on Android though.

Ideally it would be an exact flash image of the phone.

[stavros]

Adb backup exists, though I haven't tried it, and Google cloud backup does this. However, if you trust Google, you probably already trust the US.

Unfortunately, I don't know of any other app that does this on an unrooted phone.

[tgsovlerkhgsel]

Nothing works on Android. Not even for basic app data. The biggest problem is keystore keys and e.g. bank authenticator apps tied to them.

AFAIK iPhone backups, if restored on the exact same device (i.e. a CPU with the correct decryption key embedded in it) will restore almost everything, including authenticator apps.

The only realistic option for Android is a separate "burner" device.

[gruez]

>Adb backup exists, though I haven't tried it,

It's very patchy, and many (most?) apps opt out, so it's functionally useless.

[XorNot]

Google cloud backup has never done this for me. It seems like it'll restore a whole lot of stuff, but details like getting my Nova Launcher screen back (version pinned to before it was sold - alternatives just aren't good enough yet) or a bunch of the little logins and details has never done it for me.

[ZiiS]

NANDroid dose the exact flash image, but with modern hardware rooted encryption it stopped being useful.

[ZiiS]

I agree they could be better; though I do get my home screen restored.

[aucisson_masque]

Seedvault doesn't work half of the time.

[chasd00]

Going to China means your devices are owned when the plane touches down if not before. That’s why you bring a burner device (including laptop and anything else), never log into anything, and throw it in the trash when you leave.

[gruez]

>Going to China means your devices are owned when the plane touches down if not before.

???

Are American made operating systems (Android, iOS, Windows, Mac) so full of 0days that the Chinese are burning them on random travelers? This just feels like either severe paranoia and/or chinese/american psyop, making people think that China has some magic hacking power.

[paulsen]

I wouldn't say your devices are owned, but you should expect being monitored and your communications being recorded.

You could make an argument about the security of the modem of your devices, as that was often a target due to it not being particularly secure and it having wide access to your device, but I believe that started changing some years ago when this started being a more widely reported issue.

[NoImmatureAdHom]

This is cray.

Protections at the U.S. border and within the U.S. are actually pretty good. Much of Europe isn't as good. Hell, the British will throw you in jail for refusing to unlock.

[jazz9k]

China installs malware to spy on you. The US doesn't do this. Totally different situation.

This also happens in many other countries

[gruez]

>China installs malware to spy on you. The US doesn't do this.

Source? Are we talking on random travelers, or targeted individuals? I seriously doubt china is doing the former, and I also seriously doubt the US doesn't engage in the latter.

[Spooky23]

There are many well cited examples.

I believe in politically sensitive areas like Xinjiang it happens to everyone. A past employer gave specific advice regarding Hong Kong as well.

I think the key thing as a traveller isn’t the righteousness of China vs. US. It’s the chilling effect on travel and trade.

We really depend on these devices that have access to vast scopes of personal and other data. That sexy text you got a year ago is still in your text message store and may be a problem in some places.

[gruez]

If we're talking about targeted hacks, are we sure the US doesn't do this? Is US soil off limits for hacks somehow? What plausible exploits could be done when someone is on US soil, but not over the internet, especially on modern phones where the baseband is isolated?

[Spooky23]

I'm not making any subjective or moral judgement. I'm an american who lives and works in the US, so there are a wide variety of ways law enforcement or others can get data from me, and a variety of legal protections that make certain risks unlikely.

TBH, I don't know what the US does or doesn't do, and if I was visiting the US as a citizen of another country, I'd think about risks from the perspective of my experience.

[swiftcoder]

Malware seems somewhat implausible. Why would they bother, when they have access to the carrier logs? Knowing your exact location at all times, and who you communicate isn't enough?

[antman]

Had the same guidance for many years for visiting the US given by the large US firm that employed me

[simoncion]

I heard that soon after the extent of NSA's domestic surveillance programs were revealed to the public, at least one FAANG changed its US border-crossing policy to those used for countries known to tamper with your computers during border crossings. That is, bring a blank computer that you connect to the corporate VPN and load after you arrive at work on the far side of your trip, let IT wipe that computer before you travel back to the US (or just leave it behind), and assume that computer is compromised if it leaves your sight at a checkpoint for longer than it takes to run it through the x-ray scanner.

So, yeah, savvy companies have had these policies for like twenty years now.

[Kim_Bruning]

For GDPR reasons alone it's probably not a good idea to take a business phone across certain borders. You run the risk of disclosing customer data to a 3rd party, if only because the customer data in your phone book counts as PII.

So long as only a few countries are doing this, it might seems doable. If everyone starts doing it, international travel becomes rather annoying to say the least. Realistically I think at some point a detente might want to be reached, with everyone agreeing not to search everyone else's electronics.

[gruez]

>For GDPR reasons alone it's probably not a good idea to take a business phone across certain borders. You run the risk of disclosing customer data to a 3rd party, if only because the customer data in your phone book counts as PII.

But "law enforcement" is specifically exempt?

https://en.wikipedia.org/wiki/General_Data_Protection_Regula...

[buzer]

Law enforcement refers to EU member states law enforcement and processing by them in their context. But even in the EU controller needs legal basis to disclose personal data to law enforcement inside the EU. Normally that is handled by local law, but it's not carte blanche, that law still needs to take e.g. rights granted by EU Charter in account.

Search by border officers may very well be GDPR breach for that controller if there was data of EU data subjects, but I don't think there is currently any case law around it.