This is the way to create and edit a video for mass consumption. No clickbait. No teasing. All meat and potatoes. Great work!

Good to know that they're even scanning, I try to keep my phone clean of as much data as possible since I pretty much hate these devices, I have nothing to hide but I value my privacy and there's no such thing as a benevolent govt.

Keep this in mind. Although you have the ability to put up many layers of security, the border agent at the international border also has certain rights and responsibilities. If you try to block access to your device, you may find yourself refused entry to the country you’re trying to visit. Once you cross into the border area, you lose many of your rights. For example, how badly do you want to go skiing in Canada? Most practical solution might be to obtain another device does for traveling, and limit access to most of your accounts, whether work or personal.

Another masterpiece on this channel, so glad I found it. Thank you for making us aware of all those attacks on our privacy and the easy-to-understand explanations on how to prevent them.

Probably best to have a phone just for travel that has no security but nothing of value. If they see you’ve taken a lot of steps to secure your phone they may get more suspicious and want to keep you longer.

Or another idea: 1) Make sure your device is synced with the cloud and all of your data is backed up. 2) Perform a factory reset and go through customs with the wiped device. 3) Once your through customs, factory reset again, log back in and resync with the cloud, bringing all your data and apps back down again.

All great points Naomi! I would only add enabling the sim lock feature. This way even if you're phones off, they can't take your SIM card out and spoof it to one of their devices. Which is the next step when they only have a few tries left before the pin lock factory reset kicks in. 🤘 I remember you spoke about it years ago when simswapping first started happening.

Secondary phone is the one! Always keep a separate travel phone, which you can let them keep. Schedule 7 in the UK is brutal. Brilliant content on your channel BTW!

1. You’re beautiful. 2. I consider myself fairly savvy but you’ve opened my eyes to some issues here. Mainly copying raw or encrypted data to analyze later. What kind of a power trip witch hunt world have we come to… 3. Thank you for the great video, lots of key points and very direct. I’ll poke around your playlist now that I’ve found you. Have a nice day!

Graphene OS has been a major step for me and my privacy and security. I can just put the device in lockdown and with the hardened kernel and other hardened firmware or software it's gonna be real hard for people to take my data without wiping it.

1) Use a privacy protecting and respecting browser on your phone and make sure your browser is set to delete all data when the browser is closed 2) If there is a website or a web app, then you don't need the app. Use social media like twitter in your browser instead of downloading the app

These tip videos could be main staples in an edc kit I swear. Ranking somewhere between med kit and ammo 😄👍🏾🇺🇸

I’m definitely going to do this ASAP. To both of my phones. Thank you so much.

you can post the devices to yourself beforehand and keep the SIM cards, just choose express and pay the extra fee, then you can meet the courier and retrieve your unmolested devices.

I want my device to understand a "coercion password" which basically nukes it when you enter it on the password screen, or logs into an unencrypted enclave with just minimum stuff, all the encrypted stuff never being decrypted because you real password never entered.

Thanks Naomi for keeping this simple, short and to the point

Naomi, I came here after seeing one of your recent featured speakers on Around the Blockchain expecting to see a bunch of the same crypto stuff but I was absolutely floored by the amount of excellent content here. Not only does it show your passion for crypto but also highlights how many more issues are out there which directly and indirectly relate to crypto. I can't thank you enough for the info you bring in a straight-forward and fact-based approach. I've already relayed your channel to some of my friends and they're equally impressed. Keep up the AMAZING work!!!

I was not aware of this... Thank you! Great, as always!

Do not use biometrics to unlock your phone since they can just press your finger to it or show the phone your face. Convenience is not as cheap as you thought. This was done to a friend of mine by police in Texas. They had an unrelated officer walk up to him and hold his phone out like they were returning it and the face recognition was just that quick.

Also shutting down Windows doesn’t always power it down completely. Data can still be stored in RAM. They do it for faster restarts. You have to go into settings to turn this off.

Thanks for always explaining in a way even my mom would understand ^^ great video I feel like from an average joes perspective the full disk encryption part could have been emphasized a bit more, though I guess if you're a journalist or whistleblower thats something that you should already know

The number one thing to do is to have a separate phone for travel. Log into accounts via the web browser, NOT apps. Use it like a public terminal, put the apps you want on it before you leave and wipe the phone when you get home. Authorities may still be able to access the vendor partition, we don't know if they can do this or not, so you won't be able to wipe it completely, ever. Of course state actors can and will access your devices if they wish. The binary blobs in the radio are starting to be hacked, you can bet state actors have already done this or have access granted by the manufacturer, once again they will get in if they want but practicing good opsec will protect your data from the TSA and thieves. I could easily write chapters on this, what to do and what not to do and it's all relevant, just be smart about what you do. Also, unpair everything and delete all wifi accounts before going through the airport or travelling. They increase your threat surface and your wifi will look for saved networks, transmitting the SSID's, allowing someone to find where you live, work, etc. Turn off USB debugging before travelling and if your bootloader is unlocked make sure everything is encrypted or they don't even need your password, they can download everything. They can also delete the phone's lock from TWRP if your phone is not encrypted, it takes less than 30 seconds. Some devices also have settings which define when USB devices can connect, being before unlock/at anytime, once unlocked or never, obviously set that to never before going through the airport.

God, I love this channel. Thanks to you and your guest.

Canadian customs have been increasingly hostile toward American travelers. They did the standard open your laptops. (mine has whole disk encryption) and mine was powered off. But Customs decided to completely empty my families bags and inspect each and every item before letting us through. Taking well over an hour making us nearly miss our flight. Thankfully we didn't bring our phones into Canada.

“…absolutely brilliant Naomi, have a blessed weekend.” 🙏🏾👍🏾😃

Leave it to Naomi to hook it up with all things privacy 👏👏👏👏👏👏

Great post Naomi. You are the BEST 🥰💛

I personally don't travel to any shithole that allows such arbitrary seizure of property in the first place, but this was informative none the less

Brilliant! Massive amount of info, still every point is valid and important!

I have a great idea that will work wonders. Before you leave home fully back up your phone then send a backup to a cloud account. Then factory reset your phone. Then once you're through security restore it from the backup. If there's nothing on the phone there's nothing for them to steal.

Wow this video is actually factually correct and contains some great privacy minded advice!

Only travel with a new phone that you've only just put some information into. A little flip phone with no browser is ideal.

Another good idea with hardware authentication is to travel separately with a trusted partner and hand them the key while you keep the device, so that even if they confiscate the device and compelled you to open it, they would have no idea you're partner has the key; though it would require minimizing contact with them till you're safe so TSA doesn't catch on.

Also note that as new exploits are found, older OS versions won't be protected with security updates. That leaves them more vulnerable to hacks and attacks. Some manufactures are better about update releases than others, so their update polices are definitely something to consider when buying a new device.

I use a hidden encrypted partition on my laptop's hard drive. It is not detectable from regular random hard drive data in an empty area. This partition contains a virtual machine which itself is also encrypted with a 64 character password which I remember by heart by now, and that is what I use for real work and sensitive work data. I will happily give my operating system password if requested by border agents, all they will find is a few recipes for pies, and a browsing history for a handful of news sites. Otherwise a clean computer. I don't have the encryption software installed in the laptop, I will download it on a flash drive in my destination and use from the there, then completely wipe the flash drive when need to travel again. Sounds like a lot of work, however really it is not. Thus, in a border check I will be the most open and helpful person, I clearly seem to have nothing to hide. If asked why the laptop has not much of anything, I can always say that I do not use my laptop often, I use a desktop at home which is where the juicy confidential data that they are looking for is located, and I just take the laptop with me when I travel, in case I need to do something. All this cannot be proved otherwise, so there is no plausible reason for them to not believe me. If the place I am travelling to has a good Internet connection, I use my desktop in my country from the laptop remotely via AnyDesk completely, so I don't always even need to have my data actually with me.

Many years back, I came up with and implemented a trick on a PC that could perhaps be implemented on am Android device. Here is the basic idea: With the normal device driver for the storage, a chunk of the storage looks all messed up. The part you can see is full of cat videos and people singing etc. This is what someone sees if they don't know the secret. You start it up and other than being messed up the system looks harmless. The secret thing does a bit of a slight of hand. You run the magic app and it asks you for a password without saying "password". If the password you enter is correct it then does some tricky thing that swaps the driver for storage for a different one and reboots the device from that instead. You now have a machine with a different set of all messed up but also your private information. The trick is that the storage you are now using is encrypted differently from what is used without the tricky app.

All devices can be cracked! The trick is to make the data obsolete by the time it’s retrieved. As an example in the military we gave fire missions (artillery fire) in clear, the reason is because by the time enemy has reacted it’s too late (a fire mission might take 5 minutes, a troop movement might take 30 minutes).

We click fast and with pride when Naomi shows up.

The pendulum swings in both directions. Having a backup of your data is even more critical if you enable pair locking. If you enable it and then your phone is damaged no data recovery companies will be able to recovery your data unless you give them both your damaged phone and your working computer that you pair locked it too. So you will have no phone and no computer for potentially weeks since data recovery can take a while.

OMG really good video! I love the tips! But really phone pairing in the next video? when? next week or two? :(

Keep Up THE Good work Naomi 👌🔥🍾

When will the surveillance of private citizens get to much maybe it has gone past that point allready. Just as well some good sorts are looking out for all of us with this type of content. It's a quiet revolution but a very necessary one , good work 00Naomi on too your next mission. Seeya.

TY, very good tips. I never really thought about that. The data on my phone or tablet would be pretty boring, but it's a matter of principle. In case my phone would be seized, after securing my data if needed, I would not just make a factory reset but wipe the phone and completely flash the OS anew from scratch. (As far as my Samsung-phone is concerned, don't know it that works for iOS.) I would do the same, if I ever have to leave it at a repair shop, except, that I also would wipe it beforehand.

This is gold! Thanks for the great informative video.

Great info Naomi, thank you.

I always wondered about, so long as you have a decent data speed at your destination, just factory reset your phone and set it up with a junk Gmail account. Once you get past the security and have access to fast data again, friends home wifi, then reset the phone and restore the actual Gmail account.

In the day of the mobile phone, everyone can be a journalist.

Be mindful that in some jurisdictions you can be jailed for not providing your password; and in others, the authorities have the right to withhold your device for as long as they want, they might not ever give it back to you. The only safe solution is to travel with a clean burner, and not log with your important accounts during the trip as the phone may still be confiscated on your way back home.

Great video, can‘t wait for the next one. Thank you!!

In the UK you can face jail time if customs requests a password... Only method is to cloud store and take a blank device

There's so many (Near as damn it) secure VPN software options these days that it's safer to keep any sensitive data on a second low powered "Always on" computer at home or the office, and almost use your phone/laptop as a dumb terminal. As long as you set it up so you need to manually make the connection, and use unique authentication to make the connection AND to log onto the remote PC there shouldn't be too much risk of data loss. Back when I used to need access to sensitive data while in customers sites, but couldn't risk it getting into the wild via a stolen phone/laptop, I went a tad further with this. I had a small "Data storage" PC hidden in the roof space of my office. This computer was only accessible via MY desktop PC there. I'd have to remotely connect to my desktop using a VPN desktop viewer, then manually connect that PC to the data storage PC's file system before either using the data directly on the main PC, or copying it to a temp folder on the device I had with me (Yeah, I'm a geek who worked in IT. :D). It wasn't a quick process, but the penalty for customer data getting into anyone else's hands was ridiculously high. This did mean that I had to leave my desks PC running while I was away from the office, and the storage PC was powered up almost permanently, but as we were also not allowed to store this data on any 3rd party cloud networks, this was the most convenient way I could have access to the data and still show that I'd taken all reasonable precautions to ensure it's safety. It also meant that if my office got burgled and all the PC's stolen it would be unlikely that the hidden data storage computer would be found, and the information lost. The only time I ever got into a panic using this system was once when I suddenly couldn't remotely access ANYTHING on the network. I raced back to the office with images of the place in the middle of being ransacked by thieves, or the whole building in a ball of flames ! But when I got there it was just a power outage covering the whole area )I remember sitting at my desk in the dark for about 20 minutes, with so much unneccecery adrenaline pumping through my veins that I was almost crying. :D). I did have an interesting idea about using a Raspberry Pi and relay board inside my desktop PC to make the power to a second data hard drive controllable. The idea was that I could remotely connect to the PC, use that to tell the Pi to power up the extra SATA drive via a consul command, and then use the disc like any normal hot swappable drive. In the end my need for remote access to the data finished before I got around to trying this, and more importantly, it would have brought the data into a locally housed drive, so making it more susceptible to being lost if the whole PC was stolen. It was an interesting job, but the penalties if customer data ever got out was always nagging in the back of my mind. If it had ever happened it would have instantly bankrupt our company !

I used to travel all over the world on business. The only thing I ever saw was occasionally being asked to turn on a device, to show that the battery wasn't plastic explosive or something. After the shoe bomber, presumably due to my English accent. I did have my shoes taken away at Chicago O'Hare, but I got them back after ten minutes or so.

My approach: create in advance a google account and use it in a cheap second hand phone. Make sure the google backup is turned on so that your vacation photos will be safe if that garbage phone breaks down. Give the border agents everything they ask for, even the vacation password. They'll have the immense pleasure of going through a bunch of newsletters and spam that gathered since the last vacation.

Wait wait wait. EU here. So you guys can just have your property taken away and done with whatever they feel like? And your data? For using what is basically just public transport? This sounds like just literally living in a huge prison. Wtf. Here's one more reason to having your devices protected and not accessible apart from being a whistleblower or a journalist: breathing. If you are alive at this moment your right by default is or at least should be to not have anyone, country or corporation or a private person accessing YOUR property and YOUR data.

Have 2 devices, one You use at home. Second you take abroad Backup first device, wipe the second one. Once you cross the border restore the data from first account onto second one, then wipe again before going back

Can’t wait for the tutorial vid on phone pair locking!

Awesome tips Naomi, thank you so much.

Great tutorial!

this just isnt about privacy anymore i literally have bank apps and authenticators for important accounts that have money tied to them or paid services. letting someone else sift though that is literally a no go at this point. thats also not to say that privacy is not important too i could have ultra personal stuff stored on there like medical history or information on other people that could be sensative or expose them to danger. for us modern day people a phone is litteraly everything about us, and letting someone else take everything from it is litteraly an extremely over zealous privacy invasion and i would stop them right there. that is to say. i havent traveled by plane in a while but do they really do this in some places?

When did this become a thing? I haven't travelled since COVID started, but this has never happened to me anywhere. How is this even legal?

Question, with all of the sketchy electronic devices out there would you help us find a good external two factor authentication key?

Excellent tips. Thanks.

Is there a "full" version of the interview with Michael Perklin? Great channel!

Good video, id go with a dumb phone or a smartphone that has just been reset and quickly set it up when over there.

TSA often require you to power on your device if it’s flagged going thru X-ray…

Sending this to a mate who is about to jump on a plane to a dodgey country. Thanks!

What excuse is given for this invasion of privacy? I would expect it to be illegal without a search warrant and evidence of a crime.

I never use my employers devices for personal use. 1. There is no way I want my employer to be able to use my activities against me. 2. It is unsafe for my employer and me to co-mingle activities. 3. I don't pair anything while traveling and go analog as much as I can such as requesting a paper ticket & bring a good old book and mag. I also Hotspot and use VPN. Passwords should be 16 digits long at least., if allowed.

I only travel with my Princess Phone. In all these years it's data has never been compromised, it's security has never been breached. Years ago someone placed a keylogger on it but it fell off as soon as I left the terminal.

What I have been looking for is virtual compartmentalizations, like when people create hidden encrypted disks that they can turn on when the data is needed, but is fully encrypted and effectively hidden when not activated. This seems to be an impossible feature to find. I want to have apps hidden, or even a virtualized phone “front end” so I can hand my phone to someone to inspect while giving no data. It would be even nicer to be able to give the phone where no one can copy my protected data, even if the phone is powered on, as long as the fake phone is active.

This is outrageous.

From a analytical point the similest fool proof system is the more likely to be secure. Taking wetware out of the equation helps a lot. Simply never take the data with you, do not take a device that can access the online data, take a cheap clean phone with new accounts if there is no access to your data they cant get your data. You also do not look like you are trying to hide data by not having the phone in the inspections even first time travel on a new passport makes you a target

Best place for Useful info!

If anyone else did this they would be in jail, but since its the government, its cool

Is there a phone pair locking feature for Android phones?

Simple solution. Carry a $50 feature phone when travelling or a cheap disposable blank Android phone with a uSD card slot. Keep all your data on an encrypted uSD card and restore the phone at your destination.

Time it takes to entirely get the contents from a computer? Think of it as a two step process. First they will put a type of keylogger onto the device. They could also download "enough" in just five minutes to do some real damage. Next steps, also effected by what type of hard drive, and even if there might be an optical drive. IF there is an optical CD or DVD drive - you are effectively done. If a platter hard drive, great - it would take them forever. Anything else for a hard drive is volumes faster.

I am curious, where does this happen and since when?

@Naomi Brockwell: NBTV - I had a one plus that I traveled with where I had shut off the USB port in the bottom of the phone. With the device being encrypted and a 16 character password made up of old license plates, when they checked my phone it just would not read and I would not start it for them. I played dumb and told them they broke it. Nothing ever came of it... But in the hardware underneath the operating system, you can turn off the USB so the port is just for charging.

Thanks for sharing!

Here in Canada they're trying to pass a bill that if you're at customs and they ask for your password to unlock your phone or other various devices and you refuse you face a big fine or jail time or both...

What about doing a full backup before leaving to the airport and before going through security, you do a factory reset. Would that work?.

Maybe you could do segment specific for the big brands in the Android world? Obviously with priority for Samsung, since that is what I use :). And another segment for Windows.

Let's be clear: once that phone or laptop is out of your sight, and in someone else's hands, you can never trust it again! Physical security is the only surety!

Frankly speaking that will not work in many countries. If you refuse give up your data, they will not try to hack into your device, instead they will apply to you enhanced interrogation technics. So the best way is to hide data, not to protect it. Don't just crypt your disk volume, but make it invisible. Don't protect your social media acc with the strongest password -- make sure that border guards will not find that you have one or have an alternative identity. Don't disable port via software -- just break it with screwdriver. Don't expose any fancy software or any traces of it which may induce an interest, try to look as normal as you can. long PC password -- red flag Signal/Briar/Matrix on phone -- red flag Port disabled via software -- big red flag Configured Knox on your Samsung -- red flag Refusing to enter your password -- red flag Cryptography software (key generators, tools for public key cryptography) -- big red flag Terminal emulator on the phone -- red flag Yubikey -- big red flag Old cell phone instead of smartfone -- huge red flag. Again. Don't try to show off, act as normie.

Some password managers also have the ability to temporarily delete your passwords for travel, so that if they demand access, they won't find anything

Could you do a vid on Samsung Knox? Pros and cons, cracks, effects on data recovery?

If your data is that sensitive, leave the thing at home. Buy a disposable when you get to where you’re going.

5:46 HRC certainly and knowingly compromised this advice! 🤣🇺🇸

Keep on good work

My security measure relies on 500GB of Simpsons episodes.. sometimes encrypted.

These searches sound illegal and like an invasion of privacy.

This isn't the issue. The issue for 99% is that they will cave to unlock it due to threats being made.

Powering off the device just forces them to collect a BFU extraction. Also powering off the device is okay but depending on what they are using, they may just get the password of the device then extract the data without your knowledge. Best advice would be don't bring your device. Buy a new phone that is blank and has the bare minimum you need and use that device. The default pin setting doesn't matter to forensic tools. The device will not wipe if they use forensic tools. Also none of this applies to China devices.

Thanks naomi 👍😎

The most simple way to enter the US without letting you Notebook/Mobile scanned: Use OneDrive, Google Drive/Fotos, iCloud... 🙂 If you need to travel to places like (I ignore the current situation) Belarus, Russia etc. Better use a second hand device with other another account and leave your real mobile/notebook at home. So only the most needed contacts etc. are stored on the mobile.

Can something similar to "phone pair locking" be achieved, in Graphene OS, by choosing the option "Deny new USB peripherals"?

A Yubikey is more important than ever Encrypting the drive is also very important, as stated in this video My work computer is only used for work, including personal browsing. I never browse non work sites on a work device This video is really good in explaining how your data can be lifted against your wishes

I just strap an anti personnel mine to the back of my phone whenever I'm flying. Good luck getting into my stuff TSA Xd

Canadian border agents require the password for all electronic devices upon entry to Canada from the United States.