NZ customs can now demand phone or laptop passwords

[chainarong]

14 hours ago, welovesundaysatspace said:

Common practice in spy-nation #1 the UK. Just a fine? They can actually imprison you until you tell your password. That’ll be fun rotting in a prison cell because there’s an old zip file on your computer from years ago and you can’t remember the password. 

 

I’m glad I don’t have to live in one of those big brother systems that treat civil rights like shit. 

 Oz is big brother, not a thing you can't do that isn't traceable, the only diff btwn  China Russia and OZ, in  the land of Don't,  is you get a chance to change the voice of power and that voice continues on like a monotone dribble like its predecessor it replaced.

[Guest]

1 hour ago, car720 said:

But why would you keep anything on your hardware when you can store it in the clouds?  Access from anywhere at any time.

I was in a government office not all that long ago and they were still using XP.  How do these fools ever hope to keep up with the rest of the world let alone those of intelligence.

Cloud would not be good as in that case the data is accessible from the internet, even if there is strong encryption (which may or may not have backdoors) protecting it. The data must also be transferred in and out to be useful. 

 

Having only a local copy has the benefit that to access the data also requires physical access to the device which holds the data. Thus adding another, physical, layer of protection. This allows to do tricks like being able to delete the data in case someone wishes to take a peak.

 

Now those who say 'Why to use strong encryption, if you have nothing to hide from the authorities?'

 

Well, we tend to have all kind of sensitive data on our devices. Both private and business devices. There might be medical records, financial records, business plans, development ideas and plans etc. etc. 

 

What happens if the laptop is stolen by ordinary thiefs with technology advanced friends? I can see selling data, possible blackmail cases etc. 

 

At least the high-tech company I used to work for, had already 20+ years back a very strict policy not to let a laptop leave the office premises, until it's whole hard drive was fully encrypted with strong encryption. This took hours and was quite of annoyance when we got new laptops ????

 

Here lies another problem of this 'Give me your password, or else' ideology. When traveling to another country, which officials ask for a password to a laptop with business sensitive data, would you give your password? I would assume many companies have a policy that if the fine is $5000, then simply pay the fine instead of give access to the data inside the laptop.

 

If the password is asked too many times, the country, which requires the passwords, might not be such an good place to do business with after all.. 

 

Data security is not always simple. 

 

 

Edited October 3, 2018 by Guest
added few highlights for readability - bold fonts don't work

[Guest]

14 hours ago, VBF said:

With the right software (not easily available to the public), taking an image of a hard drive has always been possible. Once you have the image, if you know what you're doing, you can write it back to another drive and, as you say, can play with it in your own time. 

Actually 'dd' which can do block level copy of an hard drive has been shipped with Unix-like operating systems since 1974 ???? It's a standard software with any Unix/Linux, including OSX.

https://en.wikipedia.org/wiki/Dd_(Unix)

 

dd if=/dev/sda1 of=disk-copy.img # is (simplified) all what it takes to copy a disk.

 

Folks who repair hard drives and restore data from 'deleted' files do that as one of their first steps of the process. 

 

 

[natway09]

A lot of interesting replies on here.

They are welcome to check mine anytime they want.

yes, maybe some pics of unwrapped  ladies, but they are not looking for that

[car720]

2 hours ago, oilinki said:

Cloud would not be good as in that case the data is accessible from the internet, even if there is strong encryption (which may or may not have backdoors) protecting it. The data must also be transferred in and out to be useful. 

 

Having only a local copy has the benefit that to access the data also requires physical access to the device which holds the data. Thus adding another, physical, layer of protection. This allows to do tricks like being able to delete the data in case someone wishes to take a peak.

 

Now those who say 'Why to use strong encryption, if you have nothing to hide from the authorities?'

 

Well, we tend to have all kind of sensitive data on our devices. Both private and business devices. There might be medical records, financial records, business plans, development ideas and plans etc. etc. 

 

What happens if the laptop is stolen by ordinary thiefs with technology advanced friends? I can see selling data, possible blackmail cases etc. 

 

At least the high-tech company I used to work for, had already 20+ years back a very strict policy not to let a laptop leave the office premises, until it's whole hard drive was fully encrypted with strong encryption. This took hours and was quite of annoyance when we got new laptops ????

 

Here lies another problem of this 'Give me your password, or else' ideology. When traveling to another country, which officials ask for a password to a laptop with business sensitive data, would you give your password? I would assume many companies have a policy that if the fine is $5000, then simply pay the fine instead of give access to the data inside the laptop.

 

If the password is asked too many times, the country, which requires the passwords, might not be such an good place to do business with after all.. 

 

Data security is not always simple. 

 

 

Precisely.  Could you see the Chinese getting away with this with some multinational company's executive doing business in China.  Wow, they would have a field day.

No, this is invasion of privacy at the utmost.

Also absolute laziness. 

[VBF]

2 hours ago, oilinki said:

Actually 'dd' which can do block level copy of an hard drive has been shipped with Unix-like operating systems since 1974 ???? It's a standard software with any Unix/Linux, including OSX.

https://en.wikipedia.org/wiki/Dd_(Unix)

 

dd if=/dev/sda1 of=disk-copy.img # is (simplified) all what it takes to copy a disk.

 

Folks who repair hard drives and restore data from 'deleted' files do that as one of their first steps of the process. 

 

 

Indeed but you will probably agree that those of us who are prepared to get into Unix commands are in a minority compared to people who use Windows. I was aiming my reply at the majority - for we Geeks there are several solutions to most issues???? 

[Srikcir]

3 hours ago, oilinki said:

I would assume many companies have a policy that if the fine is $5000, then simply pay the fine instead of give access to the data inside the laptop.

If the traveler was a terrorist or insurgent, the $5,000 is a minor price to avoid detection.

[Mansell]

Passing through Vancouver from Thailand to USA and they went through my iPad pics looking for pedaphile pics. I said, " I'll show you pics of kids." And showed her videos of me petting baby whales in Baja, California. She smiled and let me go.

[KhunFred]

If you still store incriminating evidence on your phone or laptop, you might be STUPID. The authorities are welcome to look at all my cat videos and boring personal correspondence. I feel I owe them the pleasure.

[how241]

If you really had something bad to hid,  would you just accept the fine ?  "slapped with a NZ$5,000 fine."  Strange law, as the terrorist would just refuse to cooperate and pay the fine and move on with his plans. 

[Morch]

2 hours ago, how241 said:

If you really had something bad to hid,  would you just accept the fine ?  "slapped with a NZ$5,000 fine."  Strange law, as the terrorist would just refuse to cooperate and pay the fine and move on with his plans. 

 

I doubt it works this way. Probably more like paying the fine, and then further steps taken.

Edited October 3, 2018 by Morch

[Srikcir]

8 minutes ago, Morch said:

 

I doubt it works this way. Probably more like paying the fine, and then further steps taken.

The article is short on details.

• Customs officers must have "reasonable cause" to suspect a traveller is involved in criminal acts in order to carry out a digital search.
• In a preliminary search Customs officials would search files stored on the device, and would not investigate anything the person may have stored in the Cloud.
• if they believe the person to be guilty they will commence a "forensic search" which would go more in-depth, including Cloud storage.
• if someone does refuse to allow officers access to their device, that device could then be confiscated.
• Failing to comply with the new legislation could result in a $5000 fine.

https://www.newshub.co.nz/home/new-zealand/2018/10/customs-to-fine-travellers-who-dont-hand-over-device-passwords.html

The fine appears to be a penalty for refusing cooperation and not an alternative to cooperation.

See also section 221 of the Customs & Excise Act of 2018.

http://www.legislation.govt.nz/act/public/2018/0004/latest/DLM7038955.html?src=qs

[Guest]

11 minutes ago, Srikcir said:

The fine appears to be a penalty for refusing cooperation and not an alternative to cooperation.

 

I'm wondering what purpose does this law services? As I explained earlier, it's technically not that difficult to execute destruct the sensitive data, if need be. It's also possible to do in the way that the inspector doesn't notice there ever was any data.

 

MNC business travellers possible carry with them access to data which is potentially worth of billions and are hopefully educated not to give it to foreign officials. Leaks do happen. 

 

So who are they going to catch with this law? Petty criminals with records of their acts, pedophiles with photos of their acts, extremely stupid bankers with criminating financial records with them, similarly stupid extremists who wish to detonate themselves in a crowd?

 

 While this law might be targeted to those groups, the reality of it is, the rest of the population suffers. "I'd like to take a sexy photo of my wife, during our wonderful honeymoon, but why risk it? The photo could become viral in a Line Group of 'investigators' " 

 

 While that is still, at the moment, hopefully stretching the reality in the more restricted world, is it so far from the reality for example in Thailand, Philippines or Indonesia?

 

There is much more to privacy and to the right to be anonymous, than what is actually observed. The feeling of being observed, matters. 

 

But this is more of philosophy than real life, right?

[blackhorse]

 
I'm wondering what purpose does this law services? As I explained earlier, it's technically not that difficult to execute destruct the sensitive data, if need be. It's also possible to do in the way that the inspector doesn't notice there ever was any data.
 
MNC business travellers possible carry with them access to data which is potentially worth of billions and are hopefully educated not to give it to foreign officials. Leaks do happen. 
 
So who are they going to catch with this law? Petty criminals with records of their acts, pedophiles with photos of their acts, extremely stupid bankers with criminating financial records with them, similarly stupid extremists who wish to detonate themselves in a crowd?
 
 While this law might be targeted to those groups, the reality of it is, the rest of the population suffers. "I'd like to take a sexy photo of my wife, during our wonderful honeymoon, but why risk it? The photo could become viral in a Line Group of 'investigators' " 
 
 While that is still, at the moment, hopefully stretching the reality in the more restricted world, is it so far from the reality for example in Thailand, Philippines or Indonesia?
 
There is much more to privacy and to the right to be anonymous, than what is actually observed. The feeling of being observed, matters. 
 
But this is more of philosophy than real life, right?

What's the big deal. They ask you give. They are not going to spend hours on financial forensics but they are looking for kiddy porn. What's the problem with that?

They won't catch the IT expert but there are plenty of stupid pedos to nab a few

[Guest]

46 minutes ago, blackhorse said:

What's the big deal. They ask you give. They are not going to spend hours on financial forensics but they are looking for kiddy porn. What's the problem with that?

They won't catch the IT expert but there are plenty of stupid pedos to nab a few

The big deal is: They ask.

 

"But what about the kids" is old and rather sleazy way to reason about anything. That question has been abused so much that the kids, we were supposed to think about, have already died of old age. 

 

 

[blackhorse]

The big deal is: They ask.
 
"But what about the kids" is old and rather sleazy way to reason about anything. That question has been abused so much that the kids, we were supposed to think about, have already died of old age. 
 
 

Sounds pretty sleazy to even question what about the kids. That will NEVER get old.

[Guest]

1 minute ago, blackhorse said:

4 minutes ago, oilinki said:

The big deal is: They ask.
 
"But what about the kids" is old and rather sleazy way to reason about anything. That question has been abused so much that the kids, we were supposed to think about, have already died of old age. 
 
 

Sounds pretty sleazy to even question what about the kids. That will NEVER get old.

No. I'm not Damerican. I don't have to chant the obvious, like some people have to.

 

This topic is, or it used to be about personal privacy and how technology can or can not keep the borders safe.

 

This topic is not about how Damericans have an utterly moronic reasons to chant the slogans they have been told to yell in their own groups, without ability to think even one chess move further. That's you in that Damerican mirror, H. 

[jrjrjr]

A new shlthole where I am sure that I won't go !

 

 

[thaibeachlovers]

They can KMA, but good to know, as now I'll just not take a computer with anything on it with me on the flight back to NZ, and my phone is too old to have a password. Everything can be transferred to a flash drive and the device wiped.

Big brother is becoming a fact, and the sheeple are just accepting the loss of their rights to privacy. If customs can get passwords, it's obvious that anyone can get that information by hacking them, and the bad people on the internet are way more clever than the government guys.

 

It's just stupid anyway, as any real bad person would not put anything on an accessible device. Memory cards are the size of my thumbnail now- are they going to search everyone to the inch to see if they are hiding one?

[thaibeachlovers]

I'm confused by the OP. Are they asking for passwords to every site we use, like e mail and TVF, or is it a password to the device only, to see what is on it?

How the h*** would they be able to search everyone's computer anyway? I have many thousands of photos of Thailand on my computer- are they going to spend weeks looking at just my computer to check every photo? Multiply that by thousands of computers coming through the airport every week, and it's impossible.

[thaibeachlovers]

20 hours ago, BestB said:

But what is the reason for it? What are they looking for. 

 

NZ is neutral so it’s not terrorism , child porn? 

Probably the latter. Government busybodies are obsessed with other people's sexual activity. If they could, they'd ban everything, and criminalise everyone. Seems they are well on the way to doing so.

[thaibeachlovers]

16 hours ago, natway09 said:

A lot of interesting replies on here.

They are welcome to check mine anytime they want.

yes, maybe some pics of unwrapped  ladies, but they are not looking for that

You know they are not looking for that because?????

Here's a scenario. They copy everyone's device, which of course is forever. Someone becomes a candidate for high office. Some clerk in the government storage facility checks the copy and finds embarrassing pics, then sells them to people that don't want that candidate elected, and bingo, they are either blackmailed or embarrassed into withdrawing from the position.

Not a good situation.

[thaibeachlovers]

13 hours ago, Mansell said:

Passing through Vancouver from Thailand to USA and they went through my iPad pics looking for pedaphile pics. I said, " I'll show you pics of kids." And showed her videos of me petting baby whales in Baja, California. She smiled and let me go.

How long would they have detained you if you had 500,000 pics of Thailand on there? I've probably got nearly that many.

[thaibeachlovers]

19 hours ago, car720 said:

But why would you keep anything on your hardware when you can store it in the clouds?  Access from anywhere at any time.

I was in a government office not all that long ago and they were still using XP.  How do these fools ever hope to keep up with the rest of the world let alone those of intelligence.

IMO it's not about what they say it's about. It's actually, IMO, about control of the population. Once they get the cashless society, control will be complete. I'm quite happy I won't be around then, and that I didn't produce any children to suffer. Onward the sheeple going into slavery without as much as a whimper of protest.

[Jdiddy]

What if i set up an alternative password that when entered resets my phone?

 

Or opens up a porn video at max volume ????

Edited October 3, 2018 by Jdiddy

[Credo]

20 minutes ago, Jdiddy said:

What if i set up an alternative password that when entered resets my phone?

 

Or opens up a porn video at max volume ????

If it opens to porn, then you will have to sit their until they are done with the porn, or done doing whatever they do when they watch porn.   

 

Why not have it open to a traditional Catholic Mass in Latin?  (Be sure and tell them to keep a close eye on the altar boys).

[Srikcir]

What I think most TVers are missing is 'Customs officers must have "reasonable cause" to suspect a traveler is involved in criminal acts in order to carry out a digital search.' That's not only a judicial requirement but a practical need.

Most government bureaucracies have minimal manpower to conduct their missions. It's not like the military that can flood an area with troops to do full population investigations. When an international flight lands with 300 people each having cell phones, NZ Customs is very unlikely to do a 100% electronic device examination.

NZ Customs will want to focus its resources on the 'best bang for the buck.' That means using intel, behavioral patterns, profiling, informants, inter-service and international resources, etc. to select 'persons of interest' for electronic device scrutiny.

[attrayant]

What if devices are in the checked luggage?  By the time you're waiting for your luggage to come around on that conveyor belt, you're already well past all security checks.

 

I guess if I have to fly internationally, I'll wipe my devices before I leave and restore them after I'm safely out of the airport.

[car720]

6 hours ago, thaibeachlovers said:

IMO it's not about what they say it's about. It's actually, IMO, about control of the population. Once they get the cashless society, control will be complete. I'm quite happy I won't be around then, and that I didn't produce any children to suffer. Onward the sheeple going into slavery without as much as a whimper of protest.

and it gets even more interesting when we delve into who  is controlling.