[3243] in cryptography@c2.net mail archive
Re: Computer hard disc scanning by HM Customs & Excise
daemon@ATHENA.MIT.EDU (Ian Brown)
Tue Aug 25 14:03:49 1998
Date: Tue, 25 Aug 1998 18:38:02 +0100
From: Ian Brown <I.Brown@cs.ucl.ac.uk>
To: Vin McLellan <vin@shore.net>
CC: dcsb@ai.mit.edu, cryptography@c2.net, cypherpunks@algebra.com
I wonder, BTW, how this would work with my laptop Libretto that has no
floppy drive ;)
Date: Tue, 25 Aug 1998 14:39:20 +0100
From: Pete Bentley <pete@sorted.org>
To: ukcrypto@maillist.ox.ac.uk
At Tue, 25 Aug 1998 12:15:26 +0200, Paul Ashton writes:
>Nigel.Metheringham@ThePLAnet.net said:
>> So many questions... so few answers :-)
>
>Very true.
The lack of answers was bugging me too, so I took the liberty of
calling the HMC&E Press Office and spoke at some length to two
different spokespeople (my original contact was out when I called back
with followup questions :)
Some salient points that arose:-
* They assert that no data is copied off the laptop. The procedure
involves booting the system from a "scan disk". These disks are
supplied sealed from the manufacturer (who they would not name), the
seal is broken in the presence of the laptop owner and the disk is
thrown away once the scan is complete. The paranoid[*] could probably
concoct a scenario where a small amount of commercially sensitive data
is copied back onto the scan floppy, but in general the notion of
wholesale trawling for commercial information does not seem possible
with this search method.
* They would not discuss any technical details of the scan "for
operational reasons", but given the size constraints of a floppy disk
and the fact that a viewer (see below) and OS must be included as well
as the scan software, I would guess that the scan can be beaten by
simple encrytion, filename obfuscation, steganography, weirdo
partition layouts, non-DOS filesystems (ffs, ext2fs) etc etc
etc. Previous postings have already suggested they have no Mac version
of this software let alone OS/2, *BSD, Linux etc.
* The scanning is specifically targetted at pornography and in
particular paedophile material. One spokesperson said that "border
checks are developed in response to requirements from various
ministers". The requirement to search laptops as well as searching for
magazines etc came from the Home Office. The spokesman knew nothing
about any scanning for cryptographic materials and in fact seemed
unaware that some such materials would be illegal to move around
(which I guess means the relevance to this list is rapidly
diminishing).
* I was concerned about the possibility of false positives given the
limitations of their scan. After some pushing I managed to get an
unequivocable statement that "suspect" material was displayed on the
laptop's screen and no further action could be taken until the nature
of the material was verified by a customs officer. This suggests
another way to beat the scan -- have a laptop with weirdo display
hardware that their software will be unable to display images on.
Apparently images fall into three categories:-
+ Obviously obscene (eg paedophile) material. The image will
be destroyed (I didn't bother going into the specifics of this)
and further action (eg house searches) taken.
+ Borderline material, in which case they might decide to seize
the laptop until the courts could make a decision. Again, I
didn't go into the specifics of how they maintain the integrity
of the evidence.
+ Pornographic, but legal in the UK
To those I would add a fourth category
+ Non-pornographic images (yes, Virginia, some people do carry
those around)...I doubt many of these would be commercially
sensitive though (but it *is* a risk).
* I also asked about the scanning of loose media and was told that
"CDROM readers are available". No information on (eg) Zip disks or
Compact Flash though (and I didn't bother asking whether they checked
digital cameras to see if in fact the CF card in it contained images,
or 45M of smuggled cryptographic material :)
* When I asked about which ports these scans were taking place in,
again they refused to comment "for operational reasons" but suggested
that anywhere a business traveller might expect to be asked to open
his bags he may well be asked for a scan of his laptop.
* Apparently the proportion of paedophile material smugglers who are
people travelling on business is quite high. I guess that shouldn't
have surprised me, but it did.
Anyway, I guess as far as ukcrypto goes it's a bit of a
non-event. Yes, having HMC&E look at all the piccies they can find on
your hard disk is annoying and potentially embarassing, but not really
a whole lot worse than having them pick through the leather fetishwear
in your suitcase...(unless I've overlooked some gaping risk in their
scan as described to me).
Sorry for the length and general irrelevance to the list, but I
thought it would be good to try and put this one to bed as it was
generating quite a few messages.
Pete.
[*] myself included
