Security Christmas

Safe travels for the road warrior

A 3 minute read written by
Didrik Sæther
21.12.2019

Previous postNext post

In business travel, a road warrior is a person that uses mobile devices such as tablet, laptop, smartphone and internet connectivity while traveling to conduct business. The term spawns from the movie Mad Max 2, starring Mel Gibson.

This is in no way a definitive guide. Before you strap on your tinfoil-hat, rember that a few of these tricks perhaps are a little overboard. We try to provide you a guide for moderate to high security against the everyday band of marauders.

Use a VPN

VPN is a safe and easy way to protect yourself. Often your company will provide one, and if not, you can check out commercial alternatives. Stay clear of "free" alternatives, it is advisable to also check how long they preserve logs.
The point of a VPN is to generate a private network between you and a machine you trust, where your traffic is “tunneled” through this network.

Use your cellphone as a roaming hotspot

Instead of connecting to Free public Wi-Fi, which we know that in most cases are run by the bad guys and provides no security, you can use your cellphone as a roaming hotspot for your devices. Watch out for high data fees.

Disable biometric unlocking of device

If you know you are going to enter a country that allows the authorities to force you to give up your biometric credentials, like fingerprint or facial id, this should be disabled. You are still allowed to "forget" a PIN or password.

On a side note; some countries may not allow you to enter a device into the country which you cannot unlock, so this can result in you being denied access to the country.

The Mikado trick

If you at some point in your travels have to leave your laptop, let’s say for example in the hotel room. Take a bunch of Mikado sticks, drop them over your laptop, and snap a picture.

The randomness generated by the sticks are impossible to replicate and will provide an easy enough verification method to check if something has changed from when you left it.

When leaving your laptop, you should propably turn it off. Rob Fuller showed that with a 50$ device, anyone can extract creds from a locked laptop.

Password manager travel mode

If you are using a password manager (and you should!!), you can enable travel mode. This removes password vaults from your devices, except those that you mark as “safe for travel”. So, if you have access to a company password vault, you should perhaps remove that vault before entering a country that would like that information.
Last year Hans Kristian wrote about password managers, and why you should use one.

Buy it in the store

We know from the files Edward Snowden leaked that NSA has the capability to intercept a parcel from i.e. Amazon to do hardware modifications. This was shown with certain Cisco routers.

If you go to your local computer store, and buy the device there, and make sure that it does not leave your sight from when you pick it up, you can trust that it has not been tampered with.

Visiting places that are known as a bad place?

If you are visiting places or countries that puts you at high risk of information theft or hacking, you should use a dedicated phone/tablet/pc for travels that gets wiped after your visit.

Wait to turn on your devices until you have left the airport, as this is where intelligence services have the highest presence.

Use a USB-condom if you need to charge your phone. A public charger is never a good thing..

Final thoughts

  • Keep your devices updated with the latest security updates. This is important for OS, but also with updates for your apps.
  • Encrypt your devices, and do regular backup to a secure off-site location.
Read the next post