Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security United States

Security Researcher Warns of Chilling Effect After Feds Search Phone At Airport (techcrunch.com) 97

SonicSpike shares a report: A U.S. security researcher is warning of a chilling effect after he was detained on arrival at a U.S. airport, his phone was searched, and was ordered to testify to a grand jury, only to have prosecutors reverse course and drop the investigation later. On Wednesday, Sam Curry, a security engineer at blockchain technology company Yuga Labs, said in a series of posts on X, formerly Twitter, that he was taken into secondary inspection by U.S. federal agents on September 15 after returning from a trip to Japan. Curry said agents with the Internal Revenue Service's Criminal Investigation (IRS-CI) unit and the Department of Homeland Security questioned him at Dulles International Airport in Washington DC about a "high profile phishing campaign," searched his unlocked phone, and served him with a grand jury subpoena to testify in New York the week after.

According to a photo of the subpoena that Curry posted, the grand jury was investigating wire fraud and money laundering. But Curry said he later received confirmation that the copy of his device data was deleted and the grand jury subpoena was canceled once prosecutors realized that Curry was investigating the theft of crypto, and not involved in it.

This discussion has been archived. No new comments can be posted.

Security Researcher Warns of Chilling Effect After Feds Search Phone At Airport

Comments Filter:
  • Security researcher? (Score:5, Informative)

    by AmiMoJo ( 196126 ) on Thursday September 28, 2023 @09:05AM (#63883183) Homepage Journal

    If this guy is a security researcher, surely he would have known to take the standard and basic precaution of wiping his phone prior to arrival in the US. Or just get a burner phone for the trip, and don't load any data onto it until after you get there.

    The US border is a lawless place. You have few rights. The same is broadly true for most borders. They have you over a barrel, normal rights don't apply.

    • by haruchai ( 17472 ) on Thursday September 28, 2023 @09:18AM (#63883227)

      "The US border is a lawless place"
      and is 100 miles wide
      https://kottke.org/15/01/the-u... [kottke.org]

      • "The US border is a lawless place"
        and is 100 miles wide
        https://kottke.org/15/01/the-u... [kottke.org]

        Isn't it that International Airports qualify as border with regard to the special border search exemptions?.

      • by sabri ( 584428 )

        100 miles wide

        No, law enforcement considers it 100 miles wide.

        The Supreme Court never ruled on this. Every time this came up, cases were plea bargained or dismissed.

        However, in this case, there is no doubt: the researcher crossed the border and fucked up by not wiping (or even locking) his phone.

        • by haruchai ( 17472 )

          100 miles wide

          No, law enforcement considers it 100 miles wide.

          The Supreme Court never ruled on this. Every time this came up, cases were plea bargained or dismissed.

          However, in this case, there is no doubt: the researcher crossed the border and fucked up by not wiping (or even locking) his phone.

          That still means being arrested & processed & having to go to court. Those are NOT small inconveniences, especially when so many states are "right-to-work" so you can be fired for missing work or even being late unless you have an employment contract that specifically protects you

    • by Scutter ( 18425 )

      The US border is a lawless place. You have few rights. The same is broadly true for most borders. They have you over a barrel, normal rights don't apply.

      The word you're looking for is "privileges". Rights are inalienable. They're not rights if they can be taken away on a whim.

      • by AmiMoJo ( 196126 ) on Thursday September 28, 2023 @09:54AM (#63883337) Homepage Journal

        We call things Human Rights even though they can be taken away. The point of doing so is to emphasis that they should be universal and always respected, and that any removal of them is a serious matter.

        • The point of doing so is to emphasis that they should be universal and always respected, and that any removal of them is a serious matter.

          Except Human Rights are only important when they are convenient. As soon as they become inconvenient, they are promptly ignored by even the most law abiding of citizens. We see violations of Human Rights every single day in every single town across the entire planet.

          "Oh no, something terrible has happened. We must suspend human rights while we torture these people for information!"

          "Oh no, someone did something terrible and this person right here was at the wrong place at the wrong time, hang him!"

          You and yo

      • by dryeo ( 100693 )

        Any "right" can be taken away. Extreme example, I could, if powerful enough, cut out your tongue removing your capability of speech.
        More realistic, the Supreme Court can decide that Free Speech does not apply to business speech allowing Congress to pass laws abridging speech, especially combined with a ruling that, lets say movies are not art but a business, which is how the government censored movies for some decades.
        There's also round about ways to limit speech, local government doesn't like what you're s

    • If this guy is a security researcher, surely he would have known to take the standard and basic precaution of wiping his phone prior to arrival in the US. Or just get a burner phone for the trip, and don't load any data onto it until after you get there.

      The US border is a lawless place. You have few rights. The same is broadly true for most borders. They have you over a barrel, normal rights don't apply.

      It isn't a bad idea for all of us. And if you think the USA is the worst, Um, no. Some countries do this to most everything as SOP.

      • Yes, I am surprised at the naivete of the "security researcher" and wonder if they just read an article about defcon and thought that sounded like a cool thing to be

        fyi, being a security researcher is one of the hardest things to be, it really involves "groking system guts that make mortal minds bleed" and frequently leads to amphetamine addiction because that is one of the few ways to overcome your mortal shell in the ways that are necessary

        • Yes, I am surprised at the naivete of the "security researcher" and wonder if they just read an article about defcon and thought that sounded like a cool thing to be

          fyi, being a security researcher is one of the hardest things to be, it really involves "groking system guts that make mortal minds bleed" and frequently leads to amphetamine addiction because that is one of the few ways to overcome your mortal shell in the ways that are necessary

          I don't doubt they get burned up and burn out.

          So I'm pretty much in agreement - this was no professional researcher. Or just a very bad one. Because if a person is a competent security person, they'd know this, and wouldn't even object to the action.

    • Re: (Score:3, Insightful)

      by keltor ( 99721 ) *
      As far as I can tell his rights weren't violated at all. They held him for questioning as part of an investigation and then gave him an grand jury summoning that was later cancelled because they had the wrong person. Cloning phones and the like as part of financial crime investigation is well within their abilities without violating your rights.
      • by AmiMoJo ( 196126 )

        What would have happened if he refused to unlock his phone for cloning?

        • by irving47 ( 73147 )

          Then he would have had an even worse day. Doesn't make it illegal.

          • by Anonymous Coward

            Sure, an important point to remember. But let's also remember that "was legal" is not exclusive with "is worth making news and reviewing for future legality".

            "It's legal" is not the end-all americans are taught to believe.

        • What would have happened if he refused to unlock his phone for cloning?

          It's not clear from the article whether he is a US Citizen or US Green Card holder, or a foreign visitor.

          If the former, keep his phone and let him go home. Possibly to await a court order requiring him to unlock his phone. But maybe not.

          If the latter, to be put back on a plane back home, perhaps with his phone, perhaps not.

      • by taustin ( 171655 )

        Cloning phones and the like as part of financial crime investigation is well within their abilities without violating your rights.

        And is hardly a new tactic. It's been complained about for 20 years, usually with as much mindless hysteria as this guy. While it's an egregious overstep without a warrant, any chilling effect it might have is . . . old enough to vote.

      • Re: (Score:2, Flamebait)

        by SvnLyrBrto ( 62138 )

        They attacked and detained an innocent man, stole his stuff, and tried to frame him up as "the perp" to take the blame for a crime he never committed. Now, I know all about the abomination that is qualified immunity that makes it nearly impossible to hold those crooks accountable and see them properly punished when they abuse the public like this. But that doesn't mean he wasn't violated at all. At a minimum, they should be named, shamed, and shunned.

        • Attacked?

          FYI, he was the one trying to cross a nations border, so technically he was already the attacker

          Furthermore, nations are not quiet about what they do and don't want crossing their borders, and have full rights to look for those things, if in fact the person carrying them is determined to cross that border

          Now, quit playing the victim and grow the fuck up

          • by tragedy ( 27079 )

            FYI, he was the one trying to cross a nations border, so technically he was already the attacker

            What kind of wacky degradation of understanding of basic concepts has led to the point where people think that crossing a border is an "attack" or invasion?

    • the standard and basic precaution of wiping his phone prior to arrival in the US.

      That is overkill. All he had to do was have a reasonable password and power off his phone before going through customs.

      He's a US citizen, so they have no authority to deny him entry.

      • by schwit1 ( 797399 ) on Thursday September 28, 2023 @10:31AM (#63883467)

        THEY keep your phone if you refuse to allow your phone to be cloned.
        https://www.cnn.com/2022/11/03... [cnn.com]

      • by Alascom ( 95042 )

        >He's a US citizen, so they have no authority to deny him entry.

        They did not deny him entry. They detained him on suspicion of criminal activity and investigated the suspected activity, the same way they would on the streets of any city within the U.S.

        There is a serious issue if they examine everyone's phone at the border, but if they have a person suspected of a crime and investigate appropriately (which appears to have happened here), I do not see any issues whatsoever.

        • They DIDN'T have a suspect though. They had what they THOUGHT was a suspect.
        • by ShanghaiBill ( 739463 ) on Thursday September 28, 2023 @02:34PM (#63884207)

          They detained him on suspicion of criminal activity

          They had no authority to do that unless the "crime" was directly related to crossing the border.

          the same way they would on the streets of any city within the U.S.

          The police do NOT have a general power to arrest suspects.

          Unless they witness a crime or fear the perp will flee, they must go to a judge, explain their suspicions, and get a warrant.

    • by guruevi ( 827432 )

      You can refuse to cooperate, you do have the right to not incriminate yourself, it sounds like he unlocked his phone and everything for them, so complaining after the fact, when he was cleared is a bit over the top.

      The answer is simple, you have the right to remain silent and the right to talk to a lawyer before you talk to the police. Don't tell the police anything except your name and address. Don't give any explanations, excuses, or stories. You can make your defense later, in court, based on what you an

      • by AmiMoJo ( 196126 )

        What happens if you refuse to unlock your phone?

        I'm guessing you don't get into the country.

        • by guruevi ( 827432 )

          No, he cannot be refused entry. The investigation goes to court without any further evidence where they can seek a warrant to unlock your phone. You cannot be 'punished' for not cooperating with law enforcement, again, 5th amendment states so.

          If the person is not a US citizen, they can be refused entry for various reasons if there is a positive identification of certain evidence. Not unlocking your phone is not evidence of anything. So if they already had evidence that he did something wrong, they could rej

          • No, they don't have to go to court to get a warrant. All they have to do is persuade a judge that the warrant's reasonable and justified enough to get a signature. Judges in large jurisdictions even take turns making themselves available late at night for emergencies. I won't say that getting a warrant signed is always trivial, but it's not as hard as you made it sound.
            • by guruevi ( 827432 )

              Judges have to at least apply the law when it comes to a warrant. Getting a warrant without much/any evidence of any crime won't pass. And plenty of law enforcement officers and court officers have been held personally liable when it comes to over-broad warrants, beyond the fact that all the evidence collected would be permanently rejected.

              • Judges don't just rubber stamp warrants, or at least they shouldn't. That's why I wrote that they have to persuade a judge that what they're asking for is reasonable and proper. It's just that getting a warrant signed doesn't usually require a court appearance.
          • You cannot be 'punished' for not cooperating with law enforcement, again, 5th amendment states so..

            I don't think you actually live in the USA if you believe that.

        • by taustin ( 171655 )

          You're guessing wrong, based on the years of anti-government propaganda you've been spoon fed all your life.

      • > The fact he had to go in front of a grand jury and the
        > case got dropped is just the system working
        > properly,

        No, the "system working properly" would be him never being attacked or detained or having his stuff or data stolen at all. Sorry, not sorry, but "close enough for government work" doesn't cut it when it comes to taking away someone's freedom... for ANY length of time... seizing their possessions, and falsely accusing them of a crime they did not, in fact, commit. And the "system working

        • by guruevi ( 827432 )

          First of all, he was not attacked, he was detained. His data was not stolen, he voluntarily handed it over. His possessions weren't seized, he once again, voluntarily handed it over. He could've just said no, I will exercise my 5th amendment rights and consult an attorney. He cooperated with the whole charade and then complains about it.

    • Hindsight is 20/20 for armchair experts
  • Lawyer up. And that means be big enough or be good enough to have the wherewithal to lawyer up.

    • Yea, thats it, spend more money for something that is appointed to you for free. I don't hire lawyers, I talk to the judge.

      I'm 0-1 with a lawyer, 12-0 without.

    • Why? Why should he hire a lawyer? The warrant was cancelled, the govt admitted it was a mistake.

      But Curry said he later received confirmation that the copy of his device data was deleted and the grand jury subpoena was canceled once prosecutors realized that Curry was investigating the theft of crypto, and not involved in it.

      What exactly will a lawyer do about a cancelled warrant?

      • Why? To ensure this is on the record, not an innocuous note in an obscure and ignored report, if any. Or to determine what harm was actually caused.

        Or to demand that the overzealous and/or inept investigators are correctly identified, retrained or educated as necessary, and properly supervised, to prevent this sort of behavior in the future. And that the rest of their fellow investigators are also made aware of this error, and so can be expected to avoid it themselves.

        As TFA stated, this victim was a resear

      • In his line of work, I'd expect him to keep a lawyer on retainer for times like this and just consider it a cost of doing business. It doesn't look like a lawyer could have helped in this case, but it might have sped the process up.
  • by DarkOx ( 621550 ) on Thursday September 28, 2023 @09:11AM (#63883211) Journal

    He spends his time nosing around what are effectively crime scenes and than is shocked when the authorities doing their own investigation spot (not literal) finger prints of his and at least initially suspect he might be involved?

    That seems like pretty obvious risk you run doing 'research' of this kind. Security 'research' is also a pretty good excuse to be used by someone who is actively searching for abuse-able situations for malicious rather than white hat motives.

    The authorities seem to have realized their error in this case and backed off too - so alls well that ends well I guess.

    This will be an unpopular opinion here on Slashdot but here we are now a decade and half or so into the world of free-for-all-infosec where people publish their tools, disclose both irresponsibly and responsibly, there has been a general permissiveness when it comes to 'nosing around' vs CFA slap down a lot of these people would have got in the middle 1990s and early 2000s. Has it made us safer? I am not convinced.

    • He spends his time nosing around what are effectively crime scenes and than is shocked when the authorities doing their own investigation spot (not literal) finger prints of his and at least initially suspect he might be involved?

      I am not shocked at all that multiple government agencies can't tell the difference between a computer security expert and a criminal. Their modus operandi is to find someone who *looks* enough like a criminal to prosecute them, thus justifying their existence.

      It's wonderful that they are going after phishing scams. I've seen Youtubers working out of their bedrooms with better track records of taking down those operations. The vast majority of them aren't flying into Dulles. The *vast* majority of them don'

      • by DarkOx ( 621550 )

        I'll be the first to agree the FEDs are not very good at a lot of this. The ones who actually are usually deep in the intel apparatus and are more interested in protecting their methods and keeping their actual capabilities secret than they are in dealing with crime.

        So should they just give up? Do we need to spend more money on it? Those are different conversations, but it does not change the fact that "infosec community" are mostly terrible people, with serious entitlement issues. At least the 'research

        • This is a case where yeah he was search and he was innocent of any wrong doing but they ALSO really did have legitimate probably cause!

          The community response will likely be "but they made a mistake" and will ignore that "they corrected the mistake" conclusion.

          He was detained, his device searched, and sent on his way.

          Was he inconvenienced? Sure.

          Did he miss a flight? No.

          Was he arrested? No.

          Should he get an apology? Possibly, depends on how this was handled...

          Should he sue? For what, exactly?

          • The fact that it's perfectly reasonable to consider him a suspect since a scammer dumb enough to post their private keys is absolutely, at face value, dumb enough to run their scam from their home IP address without network protections like even a basic VPN.

          • > Should he sue? For what, exactly?

            For precisely the same things you or I would be sued or prosecuted for if one of us decided to get our jollies one day by attacking an innocent person, holding them against their will, stealing their stuff, and nosing through their personal data. A badge should not be carte blanche for abusing the public and qualified immunity needs to be abolished so those who do so under the guise of "law enforcement" can be properly punished.

  • by Opportunist ( 166417 ) on Thursday September 28, 2023 @09:23AM (#63883251)

    Our company security management issued a standing order when going to a conference in the US:

    1. Wipe your laptops and install a plain Debian distri. DO NOT EVEN LOG ON before leaving the country.
    2. As soon as you're in the US, download the tools and configurations you need for the conference via encrypted channels.
    3. Before leaving the US, wipe your laptops and install a plain Debian distri. DO NOT EVEN LOG ON before leaving the country.

    We have been heeding religiously this requirement. We did not have any problems yet.

    • by kenh ( 9056 ) on Thursday September 28, 2023 @09:38AM (#63883275) Homepage Journal

      The real question is "Has anyone in your company ever, EVER, been pulled aside to have their devices searched at US Border? Probably not or you likely would have mentioned it.

      Here's the reality, no one in US border/intelligence community cares about your company's employees, you're not a target/on their radar, and all this drama of wiping devices and downloading tools over encrypted channels is little more than political cosplay as a result of your owners over-inflated view of their own organization.

      • by DarkOx ( 621550 )

        This was pretty much my thought too. We don't know, maybe he works for NSO group or some sanctioned Russian ISV or something. So its not entirely impossible there is some validity to what he is doing just very very unlikely there is.

        I have never been asked to do much more than show a device will power on at the airport. I would say unless you really do think you are likely US Intel or DOJ target (in which chase coming here is probably a bad idea in the first place) its probably enough to make sure your de

        • by taustin ( 171655 )

          I once went through airport security with a carry on briefcase full of cameras, a laptop, and a tablet, plus chargers. I was asked to open the briefcase so they could see the gear, but not turn any of it on.

          This was outgoing airport security in Iceland. US Customs didn't give a damn.

      • Re: (Score:2, Interesting)

        by Opportunist ( 166417 )

        I, at least, have.

        My crime was that I was late for arriving at the search point due to a mishap concerning the place I'd stay and the boarder guard was already bored because there wasn't anyone but me around to keep them busy.

        • Comment removed based on user account deletion
          • Re: (Score:2, Interesting)

            by Opportunist ( 166417 )

            Nah, I'm pretty sure I "won" that lottery because I was the ONLY person in the hallway and the border guard didn't have anything to do.

            I'm dead serious, I was the only person in the whole area who didn't work there.

            • Comment removed based on user account deletion
              • I find it funny that the only thing I ever win is the "we are going to search all of your stuff" lottery. Super random for sure. I have no criminal record or history of any issues at airports or anywhere else. They never find anything, but they keep looking, each and every time I travel. Someone with my same name, in the same city I used to live in, is/was on the No Fly list - real fun at the airport. TSA does whatever the fuck they want and could care less what you think about it.

                • Comment removed based on user account deletion
                  • Once, over 30 years ago, when leaving the UK the security guy didn't like the way I answered a question (about being a student vs studying in the UK). I was pulled into a special room where they went through all of my things. Ever since this time I'm searched every single time I travel internationally. There is no way I'm going to invite even more scrutiny by complaining about it.

                    You ignored my point that these searches are anything but random. There may be a random aspect to it but there is much more going

                  • I get searched about every other time I fly. Usually they think my protein bars are C4 or my peanut butter and jelly sandwich is a dark mass. Meanwhile I have unintentionally sailed through with bullets and water bottles. Every other trip to Jamaica on the way home my wife gets "additional screening" when boarding the plane. Obviously not TSA but always fun since she has extreme anxiety and flying is not easy for her. We do carryon only and they tear it down completely and swab crap usually while she's nea
              • That's not how it works if they're following procedure.

                I don't think you understand humans very much.

            • by taustin ( 171655 )

              In the earliest days of the TSA, I was in the airport in Kansas City waiting for my flight. A grandmotherly looking woman in the shiny new TSA uniform walked up and very politely asked if I'd mind if she wanded me, because she was bored and didn't anything to do. Turned out, I was just as bored.

    • We have been heeding religiously this requirement. We did not have any problems yet.

      Key word "religiously".

    • Self-important much? Granted if your company is doing shady things maybe there is a reason for their 'procedures'.

      This 'researcher' was poking their nose into other peoples' shady business while moving between countries, no red flags there at all. Nope.
      • Not exactly shady, but we're a security research company. Chances are that the reason anyone of us flies to the US is to go to a security conference, possibly to give a talk.

        Do you want to have a POC for a zero day on your laptop (or, worse, stick) when some TSA goon whose computer knowledge ends at turning it on and clicking on icons does so and starts the POC? Possibly while having it connected to their network and now you "attacked" the US with your exploit?

        Thanks, but no thanks.

    • by taustin ( 171655 ) on Thursday September 28, 2023 @11:44AM (#63883679) Homepage Journal

      We have been heeding religiously this requirement. We did not have any problems yet.

      Lisa Simpson has a tiger repelling rock [elasticpath.com] to sell you.

      • You'd like to explain why your laptop contains some malware code that you dissected some months ago and forgot to delete? I sure don't.

      • I'm sure if thrown at the right speed [xkcd.com], even with bad aim it would work fine to repel all tigers in the vicinity.
      • Lisa's tiger repelling rock doesn't add up here.

        There is no data for anyone to take or browse; therefore, it is guaranteed to work for the purpose of preventing data from getting handed to the 'authorities'.

    • by mjwx ( 966435 )

      Our company security management issued a standing order when going to a conference in the US:

      1. Wipe your laptops and install a plain Debian distri. DO NOT EVEN LOG ON before leaving the country.
      2. As soon as you're in the US, download the tools and configurations you need for the conference via encrypted channels.
      3. Before leaving the US, wipe your laptops and install a plain Debian distri. DO NOT EVEN LOG ON before leaving the country.

      We have been heeding religiously this requirement. We did not have any problems yet.

      I have to wonder what your company does to be that paranoid?

      I've worked for a European defence contractor and standard operating procedure is to store absolutely nothing on a local laptop. Just plain old Windows and a VPN client. You VPN in and do your work on a VDI (Virtual Desktop Infrastructure VM). Nothing touches local laptops unless it absolutely has to. The laptop has the standard security measures like MDM (remote wipe), full disk encryption, so on and so forth. The US Security Theatre Division c

      • Defence? Pah. Small fry. Way, way, worse: Security research and management for a large financial group. "Paranoid" isn't quite the word here... but there just ain't a stronger one. Or, in the eternal words of our CISO, "I want a rubber stamp with "it's for security" on it, it's the fast pass to a budget".

        We do have a bunch of stuff on our "test" environment simply because we need it, and because that stuff MUST NEVER appear on our corporate network. For good reason... But that means we have it in our test e

  • by DeplorableCodeMonkey ( 4828467 ) on Thursday September 28, 2023 @09:51AM (#63883331)

    He found the scammer's keys posted publicly.

    He cloned the wallet setup locally without a private VPN, corporate VPN or TOR.

    Gets Shocked Pikachu that the feds think a scammer dumb enough to post their keys on the open web might be dumb enough to act from his or her home network.

    This is a clear cut game of "play stupid games, win stupid prizes."

  • When the modern gestapo detains you and asks for your papers, the main purpose is to make you feel subservient. From the TSA to the local police to the Feds at the border, they want us to know we are under their control, under their eyes, and well in their reach. Behave or else is the message. And the definition of 'behave' can be changed at their whim.

    • When the modern gestapo detains you and asks for your papers, the main purpose is to make you feel subservient. From the TSA to the local police to the Feds at the border, they want us to know we are under their control, under their eyes, and well in their reach. Behave or else is the message. And the definition of 'behave' can be changed at their whim.

      That's when you need to do this. https://www.nbcnews.com/news/w... [nbcnews.com] Show that you're not feeling subservient, and make them the ones that are uncomfortable.

      • NUDITY IN AMERICA?

        That dude is so done for. You don't show flesh in America. We're still puritans here.

        • NUDITY IN AMERICA?

          That dude is so done for. You don't show flesh in America. We're still puritans here.

          Wrong. We constantly bombard society with sexual images, and then call them out when they feel sexy.

          • NUDITY IN AMERICA?

            That dude is so done for. You don't show flesh in America. We're still puritans here.

            Wrong. We constantly bombard society with sexual images, and then call them out when they feel sexy.

            Sexual images, as in tight clothing, sure. Nudity though? We damn near had to close the country down over the Stupor Bowl nip-slip. What really kills me is the people bitching about children seeing nipples. You know what kids think when they see nipples? "Lunch!" Kids mostly aren't as big a buncha pervs as the freakout brigade seem to be.

  • Mostly cromulent (Score:5, Interesting)

    by Chelloveck ( 14643 ) on Thursday September 28, 2023 @09:59AM (#63883355)

    On the one hand, I'm generally okay with this. Curry was targeted for a specific reason, this wasn't a blanket search of everyone. I wouldn't expect security researchers to get a free pass just because a crime is related to their research. That would be one heck of a get-out-of-jail-free card for any security researcher who turned to the dark side. So yeah, it sounds like proper investigative work.

    On the other hand, it sounds like he was confronted at the border specifically so they could play the "your rights don't apply at the border" game and not have to bother to get a warrant. That's dirty pool, but unfortunately the law.

    My overall take is that there's no reason a security researcher should be exempted from questioning when he's researching a crime scene. That part's fine. I'm concerned about the use of the border laws to bypass getting a search warrant (if that was, in fact, what happened). That needs to be changed by legislation. I can't fault the individual investigators too much for using an expedient and legal means to get the information they want. I fault the lawmakers who established this bone-headed rule in the first place.

    And jeez, dude. What kind of security researcher takes their own phone out of the country with them? You know the border exemption. That one's on you.

    • Re:Mostly cromulent (Score:5, Interesting)

      by 93 Escort Wagon ( 326346 ) on Thursday September 28, 2023 @10:26AM (#63883447)

      And jeez, dude. What kind of security researcher takes their own phone out of the country with them? You know the border exemption. That one's on you.

      He works for a "blockchain technology" company. I have to admit that, when I read that phrase in the TFA, it dramatically changed my perception of his likely level of ability and knowledge.

  • "But Curry said he later received confirmation that the copy of his device data was deleted..."

    That must be true, then. Government agents would never lie to a citizen who has no way of knowing if they are lying or not.

  • It is unfortunate that teh government is so over-reaching.
  • Pick up a burner phone before you fly.

To communicate is the beginning of understanding. -- AT&T

Working...