In the wake of the plan floated by the US Government to demand
passwords to social media accounts from people wanting to enter the
is a discussion of some likely countermeasures that should still give
the cover of plausible deniability.
Show replies by thread
Juha Saarinen offers a different view:
There's no way out of this either if you want to travel. Arriving
with no devices, and closing down social media accounts beforehand
is a red flag that shows you really do have something to hide.
Showing up with clean devices and anodyne social media postings is
likely to arouse suspicion because that's not how people behave
In fact, it could be seen as lying to border authorities on
arrival, which you should never do, ever.
The only realistic fix is not to travel, or to minimise overseas
trips. Security researchers, and yes they are more paranoid than
most, already avoid US airports for that reason.
And now The Register
has chimed in with some tips:
If you are coming in on a green card, visa or a visa-waiver, you
technically don't have to give up passwords or encryption keys.
However, the CBP doesn't have to let you into the country if you
refuse – it's up to the discretion of the CBP officer at the time.
If you are refused entry, you'll be put in a holding cell and sent
home. If you're lucky, the airline will let you change your return
ticket – if not you'll have to pay for another one. Being ejected
will show up as a big red flag next time you try to enter the US.
"If, by happenstance, you've set up your security so that you
cannot access what they need yourself, this in my opinion is far
better than simply telling someone that you don't have a social
media account. 'My Twitter account only works from my home
computer' is an honest and accurate response, and much better than
getting caught in a lie later on about not having a social media
Above all, don't panic. If you appear vaguely Middle Eastern or
have a Middle Eastern name, expect some questioning at the border,
and prepare your devices for seizure.
Plausible deniability is key:
If asked, you can now honestly say that you don't know or have
access to any of your passwords. If pressed, you can explain that
your passwords are stored in a password vault precisely so that you
cannot be compelled to divulge them, if, for example, you were
abducted while travelling.