Unless you’re actively being targeted for some specific reason (NSA kind of reason) in practical terms it’s unheard of.
How risky is it for an American to import electronics from another country? Is customs gonna tamper with your stuff? (eg: a Fairphone 5... customs putting malware/keyloggers...)
Submitted 14 hours ago by throwawayacc0430@sh.itjust.works to [deleted]
Comments
Steve@communick.news 14 hours ago
stinerman@midwest.social 13 hours ago
Yes. If you’re a rando, sorry you’re just not that interesting.
If you’re someone the US considers an actual threat, then yeah don’t buy anything from the US (use a 3rd party). But if you’re that big of a threat you already know that.
Jimmycrackcrack@lemmy.ml 12 hours ago
Their question seems to be about buying their from outside the US rather than from. They’re asking about risks involved with importing stuff there.
WhyJiffie@sh.itjust.works 9 hours ago
if you are not white, are you closer to being a rando, or to being (perceived as) an actual threat?
Diddlydee@feddit.uk 3 hours ago
Who do you think customs are? All they care about is import duty and illegal substances.
Randomgal@lemmy.ca 7 hours ago
You need to touch some grass if you think the CIA is bugging your devices.
throwawayacc0430@sh.itjust.works 7 hours ago
CIA isn’t targeting me, but ICE certainly is.
towerful@programming.dev 13 hours ago
Your threat assessment is way off.
So, you import a phone. What sim do you use? Where do you use it? When do you use it? Who do you contact with it?
All of that is more valuable and easier to get for the police than some sort of modification of firmware or platform as it passes through customs.
If in doubt, flash your own firmware.If this is actually a threat assessment to you, asking on Lemmy is the wrong place. You need people with the same experience that an entire country has at their disposal.
If it’s a concern as opposed to an actual threat, buy some 2nd hand phones from random places and buy some prepaid sims (ideally via smurfs or black market means). And be aware of how you use them
themeatbridge@lemmy.world 12 hours ago
Customs isn’t the organization that does that. If you’re a target for espionage, someone at the NSA or CIA or somesuch organization will find ways to tap your devices, but they don’t do this to every phone imported to the country. Just consider the sheer volume of data that would produce, and the number of analysts who would need to review it. I wouldn’t assume privacy, though. Act like they are watching everything.
Sixtyforce@sh.itjust.works 13 hours ago
You’ll be fine for now so long as you’re not already a Person of Interest of a three letter agency.
Nemo@midwest.social 12 hours ago
MRW I’m on a list with the CIA and the NRA but it’s the Culinary Institute of America and the National Restaurant Association.
mdd@lemm.ee 11 hours ago
Now that you mention it I may be on the same CIA list (eaten there several times).
ragingHungryPanda@lemmy.zip 11 hours ago
If the CIA wanted to put a keylogger on your phone, it would be customs, the CIA would intercept it at some point, possibly in customs, then put it in the boot loader or on the SSD firmware or something so you’d never know it was there and wouldn’t reasonably be able to overwrite it no matter what.
That probably doesn’t help you though. If you want to be sure you’d have to reflash every bit of the phone, not just the OS.
mortalic@lemmy.world 12 hours ago
If you’re importing a FP5, just wipe it and put Murena /e/os on it. Then it won’t matter
dhork@lemmy.world 14 hours ago
There is a difference between customs and immigration. Customs cares about things (and import duties on those things), Immigration cares about people.
As a US citizen, you should be able to just enter as long as your paperwork is in order. (And if Immigration is interested in you beyond the formalities, it means you are probably on some sort of list, and good luck to you!)
Customs will care mainly that you are only bringing in personal goods, and not commercial goods you intend to sell. They will also care if you buy any goods abroad to take back, because you may owe import duties. So they will not care about your Fairphone unless you bought it while in your trip abroad). In normal times you will have an exemption that allows you to bring in some amount of goods duty-free the the world is all topsy turvy now so I would check what the duty-free allowance is before coming back.
They are used to people bringing in phones, laptops, camera equipment, and other personal effects. They won’t cate unless you have a lot of things, and they think you are not being truthful when you say none of it was purchased abroad.
angelmountain@feddit.nl 12 hours ago
Pretty sure all your electronics are imported from another country. That what the carrot is complaining about though, isn’t he?
severalkittens@ani.social 14 hours ago
I bought my Xperia from German Amazon since it’s not sold in the US. Had 0 problems.
irelephant@lemmy.dbzer0.com 12 hours ago
If you’re very paranoid, try flashing a custom ROM to it.
bacon_pdp@lemmy.world 13 hours ago
Who cares if you can flash the firmware (which will remove any thing that they might be able to do)
cecilkorik@lemmy.ca 12 hours ago
“remove any thing that they might be able to do” is a hilariously broad brush to apply to three letter agencies in this day and age that were doing things like this 50 years ago.
I’m not saying it’s realistic that OP is being targeted for such surveillance. But if they are, good fucking luck! Flashing your firmware ain’t going to do shit when they’ve just gone ahead and replaced the chips on your board with their own that act exactly like a normal chip but have extra code that doesn’t get flashed when they don’t want it to.
bacon_pdp@lemmy.world 10 hours ago
Well it is true hardware implants and hardware replacements can’t be fixed by flashing but they are detectable and they can only deploy so many of those before everything is a major news story and if you feel that the odds are that high, making one’s own hardware is an option but generally not a good one.
mortalic@lemmy.world 12 hours ago
Is this not true? Why the downvoters?
f4f4f4f4f4f4f4f4@sopuli.xyz 8 hours ago
Phones’ modems have their own firmware that gets flashed by the cell provider, so I think spies would target that.
deur@feddit.nl 13 hours ago
The fuck kind of question even is this? Customs installing a keylogger on your device? You are not only dumb as hell, but clearly far too stupid for a nation to ever care about you for even one single moment. Congrats on the immunity.
throwawayacc0430@sh.itjust.works 13 hours ago
Busy modlog you got there, buddy. 👀
paranoid@lemmy.world 13 hours ago
I agree the question is a bit far fetched, at best - but that’s no reason to be mean
loomy@lemy.lol 9 hours ago
trump gonna thump you
pulsewidth@lemmy.world 23 minutes ago
Its just as risky for a non-American buying from a US company. And despite what others have said, customs can be a point of interception. But it’s not customs you need to worry about, they hand-off to the spy agencies to do their thing when they get a valid order to do so. Example program:
arstechnica.com/…/photos-of-an-nsa-upgrade-factor…
Like others have said though, your threat model is what’s important. And if you are a person of interest to security agencies eg a whistleblower or journalist then you’d be wise to have someone you know make the purchase instead of you.
I’d be more concerned about Chinese products in general, as they have been caught again and again with pre-embedded untargeted malware. Meaning, everyone who ordered that model got a helping of malware, not just those under active surveillance by three letter agencies.
A few examples in this blog entry: georgetownsecuritystudiesreview.org/…/flawed-by-d…