SOLVED Data privacy during travel

Status
Not open for further replies.

Scentle5S

Explorer
Joined
Sep 9, 2016
Messages
74
Hi,

I'm currently running FreeNAS-11.0-U4 with a single unencrypted pool composed of 6*4TB WD Red hard drives in RAID-Z2. The main use of my NAS is for Plex, and let's say that I have rather large libraries of content if you know what I mean. In the not too distant future, I will have to move my setup from Canada to France. I'm obviously thinking about taking the whole thing with me on the plane : the drives with me in the cabin luggage to prevent harsh manipulation, and the case and everything else in the checked in luggage). But I'm getting a bit paranoid about some agent willing to inspect the content of my drives and the fact that he could see all my "personnal content". Now I know that the probability that this happens is extremely low and that most likely nobody will bat an eye, but still.

All the following aims to protect my data, my privacy and myself. Therefore, I'm going to consider the worst case scenarios, which might raise a few eyebrows. But as the saying goes : "Better safe than sorry".

So the way I see this, I have three solutions :
  1. I decide to leave everything as it is and travel with all my data accessible to anybody willing to poke my drives.
  2. I send 4 of my drives in two distinct packages (2 drives in each) via mail, the second package being sent after the receiving the first, so that I can replace the drives and resilver in the event of a lost package. Finally the last 2 drives would travel with me on the plane. This way, there will never be the required number of drives to mount the pool (4) at the same time in one location (except the source and destination of course), and unless I'm extremely unlucky (3 drives failing during the whole process), my data should be safe at the arrival.
  3. I encrypt all my pool and travel with all the drives. So that even if someone really wants to see what's on the drives, I could say that they are empty / faulty / "insert_random_lie_here" drives. Heck I could even send the key and password to decrypt the drives to my destination by other means and travel without them, so that if someone at the airport doesn't believe me and tortures me to get access to the data, even I wouldn't be able to do it. What did you say ? I'm being too paranoid ? Anyway, for this solution, I found this very nice post about encrypting an existing pool and his little brother to do the reverse operation (if I ever want to decrypt the pool afterwards). This would be the only solution for me as I don't have a full backup of my 10TB+. This is bad I know, I definitely would do it if I could, but I can't afford one at the moment, so no "backup - erase - encrypt - restore" for me here : if I encrypt, I have to do it "live".
For each of these solutions, I have some interrogations :

For solution 1 :
  • What do you think is the likelihood that, at both the departure and arrival, somebody sees a NAS with 24TB worth of storage and wants to take a look at it ? I found a few topics talking about this and, from what I understood, unless you're traveling to the US, you'll mostly be fine.
  • Do they have the right to power the NAS on at the airport or plug the drives in another system to try and read the data that's on them ?
  • Do they have the right to confiscate your hardware to perform further analysis ? I found a topic about that but I still find this highly unlikely.
For solution 2 :
  • I read everywhere that if you loose more drives than what your redundancy layout allows (in my case 2), you loose the whole pool and you can't access your data anymore. In this case, I would use this to my advantage, so that the data cannot be accessed. But is this really true ? Especially since the drives aren't encrypted. What exactly will someone be able to see by plugging up to 3 of my drives with the appropriate OS and tools ?
For solution 3 :
  • Is the post I mentioned still valid for this version of FreeNAS ?
  • Is there a risk that, in the event that they find encrypted drives, I get "forced" to either decrypt them so they can check the content, or erase them ? Like "if we can't read them, you'll get them back sure, but erased".
  • According to this thread, my data wouldn't be entirely safe unless I securely erase the drives before the encryption process. Is it correct ? I thought this was a full drive encryption, so even empty space should be encrypted and nothing could be read until the pool is unlocked, right ?
  • I'm almost sure about this one but I'd like some confirmation regarding the encryption process used in solution 3. They talk about resilvering after encrypting a drive. This means that during the encryption, the drive is erased, right ? Otherwise there wouldn't be a need for resilvering, correct ?
Right now, here's how I'm considering the solutions :
  • Solution 1 is too "risky" for my privacy.
  • Solution 2 is too expensive and too risky for the integrity of my data : the packages will most likely be harshly manipulated.
  • Solution 3 is risky as well, especially since I don't have any backup of my data, but I tend to prefer this one anyway.
That's it. I'd love to hear your opinions regarding this situation, the solutions I exposed, and the interrogations I have. Obviously, any other personnal experience, comment, tip or anything will be highly appreciated

Thanks

Scentle5S
 

DrKK

FreeNAS Generalissimo
Joined
Oct 15, 2013
Messages
3,630
Sir:

I believe with extraordinary confidence that no one is going to look at your drives. People working at the airport are looking for terrorists. Not some dude with ZFS hard drives.

You have already spilled too much ink, and too much cerebral CPU cycles, on the question.

Pack the drives in your carry-on, pack the computer in the cargo, and proceed.
 

m0nkey_

MVP
Joined
Oct 27, 2015
Messages
2,739
Have to agree with @DrKK.

Having moved from the UK to Canada with a bunch of hard drives, the security at the airport didn't even raise an eyebrow. You're thinking way too much about this.
 

Scentle5S

Explorer
Joined
Sep 9, 2016
Messages
74
Thanks for your answers. You gave me a good laugh @DrKK, thank you ;-)

I'm definitely aware that I'm overreacting. But the fact that there is even the slightest chance that something like this happens kinda freaks me out. Here's a topic on this subject : if a student got his laptop, phone, and external drives checked, or even an Xbox (seriously ??) what could happen with a bunch of multi terabytes hard drives filled with "Plex content" ? Again I'm not traveling to the US, but still...
 

diedrichg

Wizard
Joined
Dec 4, 2012
Messages
1,319
As a person who knows the ins and outs of the airline industry, I highly suggest that you carry the drives with you in the cabin because the ground handlers ARE extremely rough with luggage. The rest of the computer will travel just fine as long as you do not have a tower CPU cooler, in which case, the cooler should be removed to take stress off the motherboard. The X-ray scanner shouldn't affect the drives, but if you are at the slightest concerned, you can request a hand/visual inspection. The airport security screeners simply do not have the resources to hook up a bunch of drivers to inspect their contents, you'll be fine. All you need to do is request the visual inspection citing that they are drives from your personal computer and that they contain all your valued documents, photos, and family videos and that's why you are carrying them onboard.
 

Scentle5S

Explorer
Joined
Sep 9, 2016
Messages
74
The X-ray scanner shouldn't affect the drives, but if you are at the slightest concerned, you can request a hand/visual inspection.
I'm not that concerned about X-rays damaging the drives and you confirmed it. Looking at all the laptops going through these in the airports, if X-rays could damage drives I think it would be known by now. That being said, since my concern is that nobody can / will look at my data, I think that I will simply let them pass through the X-rays and avoid drawing attention on me by asking a visual inspection and having to justify it with some lies, don't you think ?

Thanks to you guys I'm starting to feel really relieved about this. Let's just admit for a second that I'm entirely confident that no one is going to look at my drives, but that I'm still considering encrypting the data for the other advantages it offers (which I really am) : in my situation (no complete backup, disk by disk encryption with resilvering and so on), would you do it ? I know this could justify a separate thread, but it's still a bit related to the original question I guess.

Also, these questions are still "valid" and I'd like to know the answers to them (even out of curiosity) :
  • I read everywhere that if you loose more drives than what your redundancy layout allows (in my case 2), you loose the whole pool and you can't access your data anymore. In this case, I would use this to my advantage, so that the data cannot be accessed. But is this really true ? Especially since the drives aren't encrypted. What exactly will someone be able to see by plugging up to 3 of my drives with the appropriate OS and tools ?
  • Is the post I mentioned still valid for this version of FreeNAS ?
  • According to this thread, my data wouldn't be entirely safe unless I securely erase the drives before the encryption process. Is it correct ? I thought this was a full drive encryption, so even empty space should be encrypted and nothing could be read until the pool is unlocked, right ?
  • I'm almost sure about this one but I'd like some confirmation regarding the encryption process used in solution 3. They talk about resilvering after encrypting a drive. This means that during the encryption, the drive is erased, right ? Otherwise there wouldn't be a need for resilvering, correct ?
 

DrKK

FreeNAS Generalissimo
Joined
Oct 15, 2013
Messages
3,630
Dude, I am bowing out of this conversation. The level of paranoia you are producing is sufficiently great to be an actual physical threat to the integrity of your data pool. Encryption increases your risk of data loss, especially when you are not thinking clearly about technology. You may search the forum, at your convenience, to read the thousands of customers who have lost their pools because they encrypted their pools and were not thinking clearly.

You have, almost certainly, nothing that needs to be encrypted en masse. For most people, a TrueCrypt folder stored on the unencrypted pool is more than sufficiently encryption of the minority of files that anyone would give even 0.001 craps about.
 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,356
I also fail to understand the concern, but I can probably try to answer the questions in a bit more detail anyway.
What do you think is the likelihood that, at both the departure and arrival, somebody sees a NAS with 24TB worth of storage and wants to take a look at it ?
Very, very slim. Even in the US.
  • Do they have the right to power the NAS on at the airport or plug the drives in another system to try and read the data that's on them ?
  • Do they have the right to confiscate your hardware to perform further analysis ? I found a topic about that but I still find this highly unlikely.
You need to ask a French lawyer these questions, but my (American lawyer, but not representing you or anyone else in this thread) gut says "yes" to both.
I read everywhere that if you loose more drives than what your redundancy layout allows (in my case 2), you loose the whole pool and you can't access your data anymore. In this case, I would use this to my advantage, so that the data cannot be accessed. But is this really true ? Especially since the drives aren't encrypted. What exactly will someone be able to see by plugging up to 3 of my drives with the appropriate OS and tools?
They will be able to see that the disks are partitioned into a (by default) 2 GB FreeBSD swap partition, and a ZFS partition for the rest of the disk. If they get really into the weeds, they will probably be able to see fragments of your files. If you have some very small files, they might be able to recover the entire files. That would, in all likelihood, require a great deal of effort, which I wouldn't expect them to expend.
Is there a risk that, in the event that they find encrypted drives, I get "forced" to either decrypt them so they can check the content, or erase them ? Like "if we can't read them, you'll get them back sure, but erased".
As above, you'd really need to ask a French lawyer, but I'd think that either of these is possible. Likely, not so much, but possible.
in my situation (no complete backup, disk by disk encryption with resilvering and so on), would you do it?
No way.
 

Scentle5S

Explorer
Joined
Sep 9, 2016
Messages
74
@danb35 Thanks for taking the time to answer in more detail my questions, I appreciate it.

@DrKK No need to be so aggressive. I may be paranoid, but I don't think that I'm thinking that bad about technology. For starters, I didn't encrypt my pool in the first place because I did read the forums a lot before starting and I indeed read stories about people loosing their pools because of encryption. Then, when I had this fear about travelling with my drives, I did some research, and instead of blindly following the tutorial I mentioned, I gave it a second thought and wanted to have other opinions before doing anything that could cause me loosing my data. I don't call this "not thinking clearly", but you're free to think otherwise. Anyway, sorry if I annoyed you that much, believe it or not : this wasn't my intent. I'm just willing to improve, even if that implies looking like a fool by posting some paranoic threads like this one. Maybe other folks will be in the same situation in the future and this will avoid them to do a mistake and loose their pool. In that case, I'm glad I spent ink and cerebral CPU cycles on the question.

Thanks to all of you. I'm feeling much better and I promise that I'll do something about this paranoia of mine ;-)

And again, I'm sorry if I annoyed anybody with this.

The drives will travel with me in my carry-on unencrypted. I'm marking the thread as solved.
 

DrKK

FreeNAS Generalissimo
Joined
Oct 15, 2013
Messages
3,630
You haven't annoyed me, nor was I intending to be aggressive sir. I should have used less ungentle language, I apologize. Long day.
 
Status
Not open for further replies.
Top