Feel bad writing a new post on a discussed topic but I didn’t want to necrobump an old thread. But I’m suddenly traveling abroad and wanted some advise on handling border inspections while protecting my personal devices.
So I have done my due diligence first and read through some recent forum posts. And the common advice I found was: Either use a disposable/backup phone while traveling or back up your phone, factory-reset it beforehand, then restore the backup afterward.
I can’t afford a second phone. I have only recently bought a Pixel and flashed it with GOS, so I’ll be attempting the backup-and-reset approach.
I’m not thrilled at the idea to let agents inspect my device. As I don’t want some random person to see or copy family photos, messages, or other private data.
My plan then, from the forum advice would be to:
Back up all personal data to the cloud and remove it from the device.
Replace personal files with benign images (memes, nature photos) so the device doesn’t look suspiciously empty.
Remove apps that may raise questions (Tor Browser, crypto wallets, etc.).
My Questions: If customs or border agents take my device to copy it’s contents, is there any legitimate concern they might tamper with it, or am I being paranoid?
If this not the case, would a factory reset be sufficient, or should I take additional steps?
Would disabling the phones USB port to say Charge Only be a good deterrent? Or would this likely risk escalating a conflict?
I apologise if this seems all very paranoid, but first time flying and just want to make sure I’m not unwittingly doing anything stupid.
If you use GOS, you don’t need a second phone since switching profile will clear the profile memory (unless you enabled the profile to run in the background). You can create another profile for this threat model. Install apps that are necessary for your travels, add some “benign” images if you think it would reduce suspicion, and keep your phone on that profile until you land at your destination. If you think certain apps will raise suspicion, you can uninstall them if you think it would take no effort to reinstall (such as Tor Browser). Of course, backup your personal data in case you need to reset your device.
Recently, there were news articles about the U.S. checking social media history of travelers who applied for ESTA, but apparently, it’s optional. IF it’s optional, I guess it makes sense because I don’t know how this would be enforced, but that’s also a threat model to think about as well.
That an interesting idea I’ve not seen. I know you can sort of make it less obvious that the device has multiple users in the settings by disabling Allow User Switch.
If the phone was taken away and imaged would there be any risk that could try and access it?
Yeah without giving too much info away, one of my concerns is I have not used social media in probably 6-7 years. And for my age bracket if I was asked and I say, “I have no social media” is gonna be a red flag, even though its true.
Has there been any reported case that you are aware of, that border agents of any country tamper with devices that they image?
Isn’t it a bit risky to create a separate user account and only provide that one? If they have questions or other requests, isn’t there a risk of coming across as someone who tried to lie or hide something?
That’s probably a question you should ask or find on GrapheneOS forum, but I would say think about what you have to lose in worst case scenarios. If it’s possible for airport security to create a system image of your phone and somehow gain access to all of your data across all of your profiles, you shouldn’t think about losing anything. In which case, go with the first option “Back up all personal data to the cloud and remove it from the device”. If you use Proton Drive for example, back-up family photos, messages, or other private data, log out of all sensitive apps (e-mails, social media, etc.) and log back in once you land. I have not seen any reported cases like this, and even if I did, it would require a nuanced understanding of how it works and what they’re able or unable to access.
How? I mean, with an “old” smartphone, there’s no way for them to know I have another, real smartphone at home… they can guess or assume it, but they can’t prove it in any way. I was wondering, instead, if providing a specially created profile might be riskier because if they figure out there are other profiles on the phone (which might contain personal data), they could think they were hidden on purpose and might ask to see them.
I think the risk needs to be identified. For example, if my backup phone has minimal data, wouldn’t that raise as much suspicion? If the answer is to put enough disposable data to avoid raising suspicion, you can do that with GrapheneOS. The real phone vs. backup phone would be irrelevant here.
There’s no law that requires you to have a phone let alone travel with it. You could hand them a factory reset burner and tell them you don’t travel with your main phone because you’re forgetful and often lose it. There’s nothing they can do. Let’s not give these clowns more power than they actually have.
You said what I was thinking better than I could
That’s exactly what I meant: there’s no authority or authorization telling me that “I have to have everything on my smartphone,” while (I imagine) it could be frowned upon to hand over a smartphone without mentioning that “there are other profiles” on it.
If you’re not concerned about raising suspicion with carrying a blank phone, then there’s no suspicion with carry a grapheneOS phone with a blank profile if it’s only “frowned upon”. If the risk is they ask you to unlock your other profile (as if airport security would know what that is), then just use one profile. They could backup and restore with Seedvault, which the OP already suggested. But you can also refuse and tell them they don’t have “more power than they actually have.”
Your approach requires people to purposefully mislead government officials in a way that will be very easy for them to prove. It is a much higher risk legally. If you’re able and willing to travel with a recently reset phone, why not? Reinstalling apps is very easy once you’re through.
Yes you are being paranoid. Unless you are up to something that would arouse sufficient suspicion airport security will have no interest in your phone other than telling you to put it in the plastic tray.
I think it’s worth taking a spare, you can get a 6a cheap as chips and if you lose or break your phone you’ll want to replace it quickly.
I would add that the chance of border agents wanting to seize or inspect your phone is very, very remote.
Generally speaking there needs to be some other factor involved. Are you affiliated with any political groups the U.S. might find concerning or are you traveling from a country known for criminal/terrorist related groups (El Salvador, Lebanon, Nigeria, etc)?
If you are not an activist and are coming from a close ally like NATO, Japan, or South Korea there is little chance anything more than a long line to inprocess will happen.
I don’t know if you’re american, but the perception of the United States here in Europe right now is more or less like traveling to China or other dictatorships. Of course, one hopes this perception is wrong or exaggerated, but based on the news we’re getting, if I were forced to go to the United States today, I would definitely bring a wiped smartphone!
That perception is 150% understandable. As an American I can only apologize for…well a lot that’s happened in the last 12 months.
However, while things have gotten worse they have not gotten as bad as an actual authoritarian country. I don’t blame anyone for avoiding travel to the U.S. right now but it’s worth pointing out that millions of foreigners came and went from the U.S. in 2025 with no issue,
This is an accurate perception. “Rights" essentially no longer exist in the us because the law is whatever clarence thomas and his fascist, fraudster buddies say it is. Take steps to protect yourself no matter what this other person in the thread is saying.
Foreigners are not allowed entry to the us if they refuse to open their phone when asked by border agents. So, the issue wouldn’t be whether or not they’ve tampered with your os, it would be whether or not they detained you, confiscated your phone, and sent you home (which they have done and are doing).
