It’s still an excellent idea to power off your phone whenever you are in the vicinity of a border guard and never voluntarily unlock it anywhere close to the border. You can’t (generally) be compelled to unlock your phone but you absolutely can have an unlocked phone grabbed out of your hands by a border guard with no legal right to lock it.
I believe it’s 100 miles from the border including coastlines but does not include a 100 mile radius around international airports. I don’t remember the source but Ive seen a map that represented it that way.
Also worth noting, this ruling only benefits citizens in that specific district, as other districts aren’t bound by its rulings. Personally I’d recommend having a 2nd device you can use to record your interactions because if they violate your rights your chances of getting their body cam video of it aren’t great.
To add, the Great Lakes count as coastline because you can navigate to an international boarder from any of them. That’s how you cover the vast majority of the US population with this loophole.
I’d rather be in Ohio than Indiana. They’re both terrible but in slightly different ways. I always cringe a little when I go into Indiana but I have been to some great concerts around Indianapolis.
This is important - power OFF your phone. Your phone is more secure before you unlock it for the first time after booting. Use a strong password as well.
You can also force your device into Lockdown mode, which does the same thing, without needing to shut it down or restart it. It’s easy to do quickly once you know how.
On Android it’s enabled by default, you just hold the power button and press Lockdown.
Iphones have a way to disable biometrics as well with a button combo, but its more a side effect of activating Emergency SOS, not a dedicated feature and how you activate it varies depending on your device model.
Lockdown mode is NOT the same. This disables biometrics, notifications, etc. But what FULLY rebooting does is protect against more sophisticated attacks like those of Cellebrite which is a company that sells devices to law enforcement that break into phones. I know border crossings often have access to a device of this type.
Your device is encrypted pretty strongly, and before you put in your password for the first time after boot your data is essentially useless. But after that first time your device keeps the decryption key in memory so that it can be useful even while locked, serving you app notifications and processing in the background. This leaves your device open to many more exploits that could get around your lockscreen and into your unencrypted data. Leaked documents show that Cellebrite can very often get into devices after first unlock, but in the “before first unlock” state they can often only use brute force which you can protect against by having a cryptographically secure password.
Looking at lockdown mode it’s pretty clear that it isn’t resetting to the more secure “before first unlock” state because it unlocks instantly with your password whereas after first boot there’s a small pause.
I don’t think the lockdown mode is the same. It looks like it just disables biometric unlocking. I just tried, and it was far too quick to unlock, so it must keep the encrypted partition unlocked.
It’s still an excellent idea to power off your phone whenever you are in the vicinity of a border guard and never voluntarily unlock it anywhere close to the border. You can’t (generally) be compelled to unlock your phone but you absolutely can have an unlocked phone grabbed out of your hands by a border guard with no legal right to lock it.
Isn’t that defined as 100 mile from the border (including international airports)
I believe it’s 100 miles from the border including coastlines but does not include a 100 mile radius around international airports. I don’t remember the source but Ive seen a map that represented it that way.
Also worth noting, this ruling only benefits citizens in that specific district, as other districts aren’t bound by its rulings. Personally I’d recommend having a 2nd device you can use to record your interactions because if they violate your rights your chances of getting their body cam video of it aren’t great.
100 miles from the border or coastline is like 90% of the population of the country. And I assume that’s a feature, not a bug.
To add, the Great Lakes count as coastline because you can navigate to an international boarder from any of them. That’s how you cover the vast majority of the US population with this loophole.
Not because nearly every major population center is next to a coast?
You get a lot of the population by that alone. You get 90% by including the Great Lakes.
So I should be glad I’m in Indiana for once?
I’ll take it.
About a quarter of Indiana is within that zone. https://www.aclu.org/know-your-rights/border-zone
I’m not in that quarter thankfully. Look, let me take my wins when I can. I’m in Indiana.
Hey, at least you’re not in Ohio.
I’d rather be in Ohio than Indiana. They’re both terrible but in slightly different ways. I always cringe a little when I go into Indiana but I have been to some great concerts around Indianapolis.
This is important - power OFF your phone. Your phone is more secure before you unlock it for the first time after booting. Use a strong password as well.
You can also force your device into Lockdown mode, which does the same thing, without needing to shut it down or restart it. It’s easy to do quickly once you know how.
On Android it’s enabled by default, you just hold the power button and press Lockdown.
https://www.lifewire.com/use-android-lockdown-mode-6287933
Iphones have a way to disable biometrics as well with a button combo, but its more a side effect of activating Emergency SOS, not a dedicated feature and how you activate it varies depending on your device model.
https://thenextweb.com/news/how-to-quickly-disable-biometrics-iphone
Lockdown mode is NOT the same. This disables biometrics, notifications, etc. But what FULLY rebooting does is protect against more sophisticated attacks like those of Cellebrite which is a company that sells devices to law enforcement that break into phones. I know border crossings often have access to a device of this type.
Your device is encrypted pretty strongly, and before you put in your password for the first time after boot your data is essentially useless. But after that first time your device keeps the decryption key in memory so that it can be useful even while locked, serving you app notifications and processing in the background. This leaves your device open to many more exploits that could get around your lockscreen and into your unencrypted data. Leaked documents show that Cellebrite can very often get into devices after first unlock, but in the “before first unlock” state they can often only use brute force which you can protect against by having a cryptographically secure password.
Looking at lockdown mode it’s pretty clear that it isn’t resetting to the more secure “before first unlock” state because it unlocks instantly with your password whereas after first boot there’s a small pause.
I don’t think the lockdown mode is the same. It looks like it just disables biometric unlocking. I just tried, and it was far too quick to unlock, so it must keep the encrypted partition unlocked.