Every week I read about another traveller that is hassled at the border to turn over his laptop, tablet or smartphone and their associated passwords. Knowing that a stranger has gone through your personal “stuff” feels dirty (similar to being robbed).

A question I get asked often by readers, friends and colleagues is “How do I travel through international borders without worrying that my life will be put on show for some stranger with a badge?”. You don’t believe that this can happen; here are some interesting articles:

Operational Security 101

The work of physical security and digital (cyber) security are merging fast and you cannot have one without the other. So what is a traveler to do?

Identify your sensitive data. Before travelling, conduct an extensive analysis of the data you will be crossing the border with. This doesn’t just include intellectual property or employee information but remember that once authorities have access to your email, without you present, they can figure out what social media accounts you have, they can reset your password for any site, they can build a social graph of all your contacts (using your email, instant messages and contacts), etc.
Prepare a lists of vulnerabilities you are subject to? You should consider everything from device theft to authorities riffling through your personal data with no regard for privacy.
Determine your risk level for each vulnerability. As long as you back up your data and your device is encrypted, then your risk after a theft is limited to the cost of replacing your device or scrambling to buy a new one while in transit. You will realize your risk level quickly rises when you consider the exponentially increasing risk of having your device analyzed at the border.
Design your countermeasure plan. For each vulnerability, design a mitigation or risk minimization plan. This is what the rest of the article will talk about.

Countermeasures

Like a broken record, I will now extol the virtues of the Chromebooks and why many security professionals rely solely on these devices when security is essential. I know many of you will email me to explain why Google is evil and shouldn’t be trusted. I respect everyone’s opinion, and if you believe using Google products and services doesn’t meet your security requirements, then, by all means, choose something else.

A Chromebook is designed to be reinitialized anytime and to restore its state very quickly. Log into a device connected to a respectable network, and within minutes, you are back up and running with your apps, extensions, bookmarks and settings. Your data is stored in the cloud, and local device storage is encrypted.

Theft

If some numskull steals your device, you will have to buy a new one but at least your data is safely stored in the cloud, and there is no unencrypted data locally to expose you. I have had my device stolen on a train in Europe (on my way to speak at a conference). At my destination, I bought a Chromebook, used the store's WIFI to restore my device, and I was up and running within 30 minutes.

Border inspection

Border inspection is a different beast because they have the authority to force you to turn over your passwords. In this case, the only protection strategy is trickery.

For people crossing the border with sensitive information, I recommend that you use a Chromebook and sync everything to the cloud. Before travelling, you Powerwash the Chromebook (aka set it back to factory default) and then log into it with a dummy Google account.

This Google account should have some emails, contacts, favourites, files stored on your Google drive, etc. It should look like it is an authentic and genuine account. When your device is inspected, it will have nothing of interest, and you will not endanger your “real” data.

Once you cross the border, find a WIFI network, Powerwash your device and log in with your “real” account.

What about your smartphone

I trust the Chromebook Powerwash process enough to reuse a Chromebook that was inspected by border security but not a smartphone. Smartphones (iPhone or Android) do not have the excellent backup and recovery properties of the Chromebook. In most cases, I travel with a real fully loaded smartphone and will destroy it if it is ever taken from me. I will immediately change all my passwords and implement honeypot style detection tools to see if they attempt to exploit me.

What are these detection techniques I am talking about? Well one example is to use the Free Canary Tokens to generate different honeypots in your work environment.

As an example, you create an easy to find (weaponized) Word or PDF file (stored in your Google drive) and phone that sends out a beacon when it is opened. Think of these tools as motion sensors warning you that your digital being is at risk and that you need to take extraordinary measures to protect yourself.

Conclusion

An article about traveller airport border crossing security (OPSEC) can be very long, but I wanted to give you a gentle introduction. If you are a journalist, politician or senior executive at risk, hire a good security consultant to guide you. The most expensive advice is free advice.

If you are a journalist with a reputable organization working on high-risk reporting and need security advice, I am always available to provide free guidance. I believe free and open journalism is a pillar of our modern democracy.

How to fix issues at hotels, airports and other public WIFI hotspots

August 3, 2018GeneralEdward Kiledjian

A captive portal is the intercept page you see when trying to log into most free public WIFI hotspots (e.g. airport, restaurant, hotel, etc.) You are normally shown a page that collects your email and then asks you to agree to the provider's terms of conditions.

As browsers adopt more secure protocols by defaults (iPhone, Android, Windows, Mac, iPad, etc.) there are situations when your device may not trigger the portal webpage correctly. The browser may block redirection to the portal page because it is typically transmitted using unsecured HTTP.

In some cases, devices will attempt to detect and open an unencrypted webpage to allow the public WIFI router to inject a redirect URL. WirelessPhreak has a good technical article that discusses why new more secure tech is causing this issue.

Each smartphone manufacturer uses a different non-SSL webpage to detect a captive portal:

Google Android: http://connectivitycheck.gstatic.com/generate_204
Apple iPhone & iPad: http://captive.apple.com/hotspot-detect.html

What do you do if that automated portal detection doesn't work? How to you trigger the captive portal?

Enter the webpage Never SSL. If you are connected to a public WIFI (that should work) but are not seeing the captive portal, open your browser of choice and navigate to http://neverssl.com/

This will fix your issue and you should be bathed in warm loving WIFI Internet.

Calgary airport offers the best WIFI performance in Canada

June 23, 2018GeneralEdward Kiledjian

Ookla, everyone's favourite speed test service has just published internet performance metrics for North American airports. Calgary Airport has been rated as the best performer of all Canadian airports and is the third best in North America.

Seattle Tacoma International
Denver International Airport
Calgary International

Montreal's Pierre Elliot Trudeau Airport was rated the worst. Toronto's expensive Toronto Pearson International Airport is rated 23rd.

Review of the Tom Bihn Synapse 25 EDC backpack

February 12, 2018GeneralEdward Kiledjian

If you have been reading my blog for a while, you know I evangelize the benefits of one bag travel. My go-to bag for the last ten years has been the RedOxx AirBoss, but I regularly get questions about Tom Bihn bags.

My 5-11 Rush 24 work backpack was starting to fall apart, and in my quest to find the "best" bag for me, I spend three months reviewing various bags. Here is my review of the Tom Bihn Synapse 25 backpack.

The Tom Bihn Synapse 25 should be considered an Every day Carry (EDC) type of bag. While reviewing the bag, I wanted to evaluate :

the capacity
will it last
the look
daily use experience

The bag

I own many RedOxx products, and they are all made from a super durable canvas like material. RedOxx bags have a particular look and are designed for adventure first and foremost. This comes through immediately when you see the bag's metal clips, crazy strong claw strap, YKK number 10 zippers and the incredible stitching.

Although the Tom Bihn looks more "conventional", the materials are all high quality, and you see this immediately with the zippers. The main section uses strong YKK #10 zippers Aquaguard, which are water resistant. The other compartments use YKK #8 Aquaguard. You immediately notice that every component was purposefully chosen for looks, use, and durability.

Color matched rubbery coating on the inside of the zippers.

Whereas my RedOxx bag zippers' chunkiness is immediately visible, the Tom Bihn Synapse 25 design blends them into the overall bag.

Most backpack manufacturers throw two external size bottle holders, and the Synapse 25 only holds one bottle, but you realize why. The designers created a special bottle holder pocket in the middle of the backpack (it expands outward, so you don't lose packing space). At first, I found this strange until I realized this was done to maintain the proper balance of your backpack. As you use this bag, you realize a lot of thought has gone into every aspect of it.

Right underneath the water bottle pocket is a smaller throw anything type pocket. When traveling, this is a great place to throw keys, your wallet, passport, small bud style headphones at the security checkpoint. When you realize how many personal items people forget at security checkpoints, you stop throwing your stuff in those plastic bins, and you want to shove them in these types of pockets. During daily use, I have a small personal first aid kit I carry here.

Each side has a medium sized longish pocket where I store my beloved Julbo sunglasses. The right-hand pocket has a small organizational sinch pocket. The left one has storage for pens and a small/medium multitool.

There is a bottom pocket that can be used to store (while traveling) packing cubes, small shoes, snacks, a jacket, toiletry bag or other items you may want quick access to. During my day to day use, I store my laptop power adapter and sizeable OmniCharge battery here with an assortment of cables.

Loops, loops, and more loops (aka O rings). All Tom Bihn products are made to work together, and these loops are the key. You can use the countless loops to attack their cubes, caches or organizer bags inside any of the pockets. The Tom Bihn laptop sleeve allows me to pull out the sleeve at a security checkpoint for review, without the risk of forgetting my precious laptop at the TSA checkpoint.

The Freudian Slip

First, you have to laugh at the name and acknowledge these designers have a sense of humor. The Synapse 25 was designed to go from an EDC office bag to a travel system but how do you organize your office knick-knacks without permanently sacrificing space when traveling? You make the office organizer removable.
The Freudian Slip 25 is designed to fit perfectly in your Synapse 25 and has 15 organizational pockets to store all of your stuff. It has two folder pockets, four open top pockets for small electronics, two mesh pockets, two pen pockets and of course a business card pocket.

It costs $50 but can be a real organizational dream for Every day Carry. I use mine every day to carry papers, a notebook, my Skyroam Global Wifi hotspot and more. There are so many pockets most of mine are empty but still a wonderful add-on I highly recommend.

The lighting

They sell an Action Lights Guardian light on a strap you can hang on the inside of your bag (so you can find your items even at night). I already own a couple of guardian lights and love them for their durability, but I think they chose the wrong light for internal illumination. Don't get me wrong, the Guardian light is good for internal illumination but the GloTube is much better. There is free advice to your Tom Bihn designers.

The bag also comes with an external strap that blends in and is invisible when not used, but allows you to strap an external Guardian light for visibility at night (walking, bicycling, etc.)

The details

Tom Bihn offers dozens of pouches, organizers, and straps that you can add to the Synapse 25 to customize it and make it your own. Evey accessory has a strap, hook or locking system that allows you to use it with every one of their products. These hooks are always robust and easy to use.

It is only after a couple of weeks of use that I started to realize how much thought and care was given to every aspect of the backpack. As you use the bag and realize all of the design decisions they have made to make your life a little bit better, you can't help but fall in love with the product.

The durability

In addition to very carefully thought out design, this bag is built durable without looking like it came from an Army Surplus store. I carried this bag into executive meetings and never felt out of place. This is especially surprising when you realize the quality of the components they have used.

Tom Bihn advertises the shell material as 400d Halcyon which is a 420 denier ultra-high-molecular polyethylene ripstop material coated with a light urethane to make it water resistant.

It feels like a soft high-quality nylon that can withstand being overstuffed and force zipped. The stitching is hidden where possible and where you can see it, it is high quality and you know it is going to be durable.

The straps are basic and nicely padded. It feels solid and is comfortable for extended use. Many of the tactical bags have more padding but even when loaded, the Synapse never felt uncomfortable.

This is the type of bag that will probably last for20 years without any issues.

The look

This is a bag designed for techies and not for ultra-modern style conscious turtleneck wearing millennials. Bags like the Minaal are much appropriate for those looking for stylish minimalist bags that can blend into the snobbish New York design scene.

The Synapse 25 isn't "sexy" because it doesn't have a "modern" look. It doesn't have any waxed canvas or leather accents.

The Synapse 25 is an ultra-utilitarian functionality first bag. Now to be clear. I carried the 5-11 Rush 24 tactical bag, so I am more concerned with usability than looks.

Regardless of the "lacking" looks, the bag is so wonderfully designed and put together that I am convinced you will fall in love with it. But look at the pictures and judge it for yourself. You will either love it or hate it.

When using this bag, you realize all of the small carefully thought out design decisions the Tom Bihn team made aligned with their design philosophy. This doesn't just feel like a $40 bag quickly put together to sell in bulk at Costco.

Every time I use this bag, it is like having a conversation with the designers and learning how to use it better. As you use it, you will change your carry model and realize they thought of optimizations you may not realize until you've carried this for a couple of weeks.

Daily use

To truly rate the usability of a bag, you have to carry it for at least a month. After a month of daily use, I can tell you that the Tom Bihn Synapse 25 is a delight to use.

Even when carrying it for hours across busy airports, it was comfortable.

The external organization pockets mean you can easily store and find your items without having to dig into a cavernous deep main pocket.

The bag is packed with innovation that will make travel and daily use a joy, all packed in a deceptively simple looking bag.

Recommendations

Handles on bags are important when you travel, and although the belt-like carry strap is durable, I wish it was a little more padded. For a bag that is so well designed, this top carry strap felt a little underwhelming.

Like the carry strap, the belt strap (which is removable) is a thin strap of webbing material IT will definitely last but isn't very comfortable to use. Luckily it isn't something I use often, and I disconnect it and leave it at home

As mentioned above, I would replace the internal light (which is back ordered as I write this) to a GloTube instead.

I bought the chest strap upgrade that includes a whistle but it is a pretty useless whistle. They should have made something that sounds more like a JetScreem whistle than a quacking duck.

Conclusions

Using this bag for a month convinced me that this is my new every day carry backpack (and not just something I test, review and forget about).

Every couple of days I slightly optimize my storage strategy and realize that this bag was conceived by incredibly talented designers, with strong knowledge of bag design, and that everything was done with intention.

Using this bag is like having a conversation with the designers. This is the best way I can describe it.

As long as the look pleases you, you will be delighted with this bag. Over the coming year, I hope to get my hands on more Tom Bihn products so I can review them for you.

When I bought my first RedOxx product, I felt like I started a relationship with the company because they had a design philosophy I agreed with and subscribed to.

Most bags since (even the Minaal, Tortuga, AER, etc. ) didn't have this special feeling. They felt like products.

Having used the Synapse 25 for over a month now, I feel the same attraction to Tom Bihn as I did (and do) for RedOxx. These are companies with strong design principles that permeate throughout their entire product line. If you agree with those principles (and you really should), the Synapse 25 may be the gateway drug that draws you deep into the Tom Bihn line.

So do I recommend it? Absolutely without any reservation.

7 airport lounge access secret you need to know

February 21, 2017GeneralEdward Kiledjian

1 - Buy day-passes online

Most airlines will allow passengers to buy a lounge access day-pass online.

As an example, you can buy a day-pass from Air Canada for access to their own lounge for $25 if you are travelling on a Latitude fare.

United Airlines offers airport lounge access day-pass for $50 here.

2 - Buy day-passes at the airport

Check directly with your airline. If if your airline doesn't own its own named lounge at the airport, they often have deals with private lounges offering them at competitive prices. As an example, Canadian airline Westjet has partnered with private lounge operators in the various regions it travels (Canada, Europe, Caribbean) to. Westjet offers airport lounge access at very competitive prices.

3 hour access to the Plaza Premium lounge costs $40 - 20% (Westjet discount) = $32.

Some vacation package wholesalers also offer (add-on) lounge access to their customers. As an example, Signature vacations (in Toronto, Vancouver, Edmonton & Winnipeg) sells lounge access to all vacation pass holders.

3 - Buy access to an independent airport lounge

Some airlines do not offer any type of (direct or indirect) lounge access. Other times companies buy the cheapest ticket they can find which means you may fly 10 different airlines and therefore not gain priority privilege access on any one particular airline. These are the times you may need to buy access to one of the independent lounges.

If you travel to different airports, you may want to join one of the independent airport lounge access networks like:

As an example, Priority Pass offers access to 1000 airport lounges worldwide. Priority Pass (sold in Canada) offers 3 levels of membership:

Standard($99 a year). Every access will cost $27 for the member or guests.
Standard Plus ($249 a year). Member receives 10 annual visits. Additional visits or guests cost $27 each.
Prestige ($399 a year). Member receives unlimited lounge access and guests can buy access for $27.

Some credit cards have standing agreements with these lounge access wholesalers and allow you to buy access without having to pay an annual membership fee. As an example, Diners Club Canada offers members access to worldwide lounges at affordable prices.

Here is an example of their Canadian airport lounges you can buy access to. Access to a lounge in Toronto is about $US30.

4 - Get a credit card with lounge access

If you travel a lot, it may make sense to use a travel credit card that includes access to airport lounge (either free or a pay per use without requiring an annual membership to a lounge network).

Credit Walk (Canada) has published an interesting article comparing various credit card lounge access programs.

Sleeping in Airports (USA) also has an article about credit cards offering lounge access.

5 - Buy a refundable business class ticket

Some travel forums (e.g. maphappy, boarding area, view from the wing ) recommend that you buy a full price refundable business class ticket for travel the same day as your regular discounted ticket, use the lounge and then refund the ticket.

I have never used this technique and you should make sure the ticket is still refundable if you use the lounge. I know airlines like United have started implementing lounge access software that will help curb this type of abuse but I know this still works on some airlines.

6 - Buy lounge access from other passengers

You can sometimes buy lounge access from other travelers on classified type sites at discounted rates (eBay, Craigslist, etc). Make sure you check any restrictions that may apply.

Someone selling 4 Air Canada Maple Leaf lounge access on eBay.

7 - Use a Smartphone App for lounge access

There are travel smartphone apps like Loungebuddy (IOS & Android) .

Loungebuddy offers on the spot lounge access purchased on your smartphone without requiring an annual subscription.

Operational security tips to safeguard your privacy when crossing a border