Airport Security: All your data are belong to us

If you recently took a plane at the Schiphol airport (Amsterdam), it would have been possible that the data from your mobile phone, laptops, USB sticks or other media would have been copied and "searched". The reason: searching for distribution of childporn. (Source: security.nl)

It was only a pilot project because passengers are alleged to transport them physically out of fear for detection on the internet. Especially tourists that have been to Thailand, Brazil, Sri Lanka and Vietnam were under the loop.

The border police didn't tell what the search criteria were but they confirmed that laptops, digital cameras and cd-roms were inspected.

I already knew that they did these 'digital' searches at the US borders. It's seem to be spreading to other countries now. At least, they didn't use the terrorism wildcard.

I don't condone child porn at all but this practice has consequences. I have signed a NDA with my clients and I have a contractual and legal obligation to not disclose their information. I probably cannot refuse these kind of searches since that would also put me between a rock and a hard place.

The only alternative is that I can only travel with a cleanly installed laptop and use a (SSL) VPN to access my data. But with the prices of hotspots (in hotels), that's a pricey way of working.

This is so easy to circumvent. Just solder an USB flash chip to the PCB of your laptop and make it look a part of the laptop. It's of course not electronically connected and I doubt that they will disassemble the laptop and inspect it. Afterwards, remove and resolder the chip back onto the pendrive PCB. Maybe not the best example but these things are so small, that they seem easy to hide.

Does your IT staff has spare laptops ready for your travelers? Do you have a security policy that takes this into account? These kind of search practices has a major impact on the protection of our confidential information and the way our mobile users work.