Security researcher phone and laptop were searched by US CBP for 3 hours

https://xcancel.com/DefuseSec/status/1812363732670189743#m

My phone and laptop were searched for 3 hours by US CBP at a land border crossing. I tried to refuse and return to Canada but I was not allowed to. If anyone has any advice on forensic analysis I can do to my own device to see what they did I would be grateful for it.

I was heavily pressured to divulge passwords (“you can write down your password and we can do this the easy way or we can do it the long and hard way”) which I did and I was ultimately allowed into the US after the search.

The security research is author of https://defuse.ca/.

It started with Terrorists, children and now journalists and security researchers.

1 Like

I would usually not bring my main devices to US customs. They have a history of abuse of their powers , even against their own citizens. Instead I would recommend bringing either no devices or clean devices over the border, and then remotely use your actual devices once over the border (ssh into your desktop/login into your cloud provider). This is a privacy issue that can only be resolved at government level and almost no personal action can prevent/stop it, although you can try. Also, hopefully no one here will argue that it is a valid practice for security