Advice regarding travelling with sensitive information on your phone.
That's interesting info - always thought it would delete the other profiles and never tried it for fear of that. Then Mr_Black suggestion would be a simple solution for the scenario mentioned here - as long as you set up the profiles so that the sensitive files are stored in secondary profiles.
A follow-up question if i may: Are other profiles forensically visible (I'm not referring to the possibility of extracting data from other profiles, just whether an attacker can tell that there are other profiles than the owner profile)?
Murcielago Are other profiles forensically visible (I'm not referring to the possibility of extracting data from other profiles, just whether an attacker can tell that there are other profiles than the owner profile)?
Yes and unfortunately it's not possible to hide that if someone examines the device.
Ok, thanks for the quick reply.
Still, it may be a possible solution if it's just to withstand a quick visual inspection.
In What countries besides the U.S. are they likely to request looking at your phone upon entering? I would think the best advice thought would be, if you are subject to this, as others mentioned above, to upload all data to a secure cloud, and don't have anything on the phone that you don't want anyone to see. However, the bigger question becomes, how do you know someone hasn't tampered with your phone while in their custody? If something like this occurred, I would be inclined to re-install GOS, and then back up from the cloud.
locked In What countries besides the U.S. are they likely to request looking at your phone upon entering?
Likely? Hard to say.
I suspect many countries can demand... I think this says Canada can: https://www.cbsa-asfc.gc.ca/travel-voyage/edd-ean-eng.html
Which countries cannot require inspection of device contents?
locked I had this happen to me years ago in a certain Asian country, they asked me to unlock my phone and computer (which I did back then since I was afraid, that country has no good human rights respecting image).
Hathaway_Noa You should tell us what country it was. Many countries don't have good human rights records these days, including The United States, so saying so does not really say much.
locked It was Singapore.
Hathaway_Noa I like the cloud solution (of a trusted cloud or your own, with an encrypted backup of course) or the hiding profiles idea from de0u.
If you're on a very high threat model or just feel like going way overboard, the safest way would probably either be to just use a secondary phone without sensitive data or fully wipe the phone and use it like a secondary phone during the journey (and only when you're back you restore a backup that you stored at home).
Second to that would be to make a backup on a local encrypted thumb drive or micro SD card that you take with you. Maybe put it in a laptop or camera case so it doesn't raise any suspicion. This way you avoid the security risk by using the cloud.
Not directly related, but if your journey is about holidays, maybe try just taking a cheap dumb phone with you for emergencies and leave your GOS phone at home. This way you can experience a more intense sabbatical kind of holidays and it might be worth it both security wise and for mental relaxation.
Overall it's depending on your threat model, just always make sure you have a plausible situation or story in case you raise suspicion, since your lack of data is unusual.
- Edited
locked Good advice. Perhaps use a throwaway phone in case of possible confiscation, and access that cloud via TOR. There used to be a TOR package for windows that did not install any files - simply an easily deleted executable and temporary file container. Delete and scratch remnants after using; download again when needed. Maybe there is something similar for android.
Do backups on GOS only save Apps and Files(If Selected)? Or do system settings, contacts and such backup too? I only see App Backup and Storage Backup (experimental). In the backup area as tabs.