Traveling overseas? You'll need a visa and might need to disable your computer's encryption

: @orinthomas

A New York Times article recently told me something I didn't know about crossing borders with encrypted hard disks - namely that "both China and Russia prohibit travelers from entering the country with encrypted devices unless they have government permission" - http://nyti.ms/zVrGAE

The article itself is about the precautions that organizations take when sending their staff across to these countries. Essentially they give them a clean laptop expressly for the purpose of travelling to these countries. They put them on a separate remote access network when they are using remote access to communicate back whilst travelling within these countries. The organizations assume that the computers will be compromised during travel (even though they turn off items such as Bluetooth, the computer's microphone and cameras) and wipe the devices completely when the staff return to their point of origin.

[Clearly they should only use MacOS when travelling because it's so unhackable. *snerk*]

I'm wondering when the "no encryption" policy will become standard for all countries. I imagine the argument for it will be something about "protecting the borders from certain types of pornography" - but it certainly simplifies the process of customs installing keyloggers on your laptop if they don't have to worry about BitLocker protecting the boot environment. With the rumors of BitLocker on Windows Phone 8 swirling around, maybe the same policy will start to apply to phones as well.

The first rule of travelling with sensitive data probably should be "don't". If you must, there's no reason why you can't store an encrypted file somewhere in the cloud and keep the decryption key in a separate cloud. From the NYT article it sounds as though big business is taking the sort of approach you'd expect the characters in a Neal Stephenson novel to adopt. The precautions also doesn't sound too crazy, though it's always hard to tell the line between reasonable precaution and overt paranoia when it comes to computer security.

--

My book Windows Server 2008 R2 Secrets is for experienced Windows administrators who are new to Windows Server 2008 R2 and don't need a lot of basic introductory level material. If you are looking for a book on Windows Server 2008 R2 that will tell you stuff you don't know rather than reiterating stuff that you do, it might be right for you.