Reading Time: 6 minutes

My recent travel to Canada couldn’t have been more normal. I drove up to the Ambassador Bridge border control with very few other cars from Canada. The person in front of me was in hijab and showed an ID as they entered the gate. They were waved through quickly and I took that as a good sign. I fielded the usual questions—on entering Canada, they had asked particularly about my status in the U.S.—about importing things, whose vehicle it was, and so on. Then I was across the border. Had I panicked? Or was I just prepared?

I think the latter. In fact, I’m pretty confident it was my preparedness that meant that, while I had been anxious in the days approaching, I was completely calm as I crossed the bridge. I had left my phone and my master passwords with my wife. She had a list of folks to contact in case she didn’t hear from me. I’d initiated some social media clean up. There really wasn’t any other prep I could do.

On the one hand, the risk was low. On the other, I didn’t want to have something go wrong and, given my family’s recent history, find that I had omitted some of the lessons I’d learned. Life has to be lived, even in dark times, and I don’t think that being prepared is the same as succumbing to the fear that the government is intent on generating.

The thing is that, even though it went well this time, the uncertainty around removal of American residents, increasingly without due process, remains. Maybe it wasn’t this time but maybe it will be the next. I am hoping to avoid any cross border travel now that the house is cleaned out for the new owner. But if I have to, I know I can now.

So, what worked and what would I change if I had to go again?

Burner Boy

The phone worked great. I wiped an old Samsung A10e that wouldn’t work on the U.S. network when I arrived back in 2022. Or so AT&T told me. I’m not sure if this is relevant, but we have not had phone contracts in perhaps 15 years. We used prepaid accounts in Canada and now in the US. So I’m not entirely sure when the warnings from the telecom company are worth heeding.

In this case, I decided to try the SIM chip by just swapping it out of one phone and into the other. There were instructions online about how to do it with a contract phone but, for prepaid phones, it sounded like you could just pop it out and reboot the new phone with it in. Ultra portable.

If I wasn’t already on a prepaid phone plan, I would invest in one just to have a burner phone with its own SIM. Worst case, you lose the phone and stop paying for the service (rather than having a contract for which you’d want to get a new phone).

That was what I found. In fact, I found that texting worked fine in the U.S. and I had a high degree of confidence that, given it was a Canadian phone, it would also be able to text in Canada (my plan allows for texting between US and Canada). This was the case, so I populated the contacts with my wife’s phone number and I was able to stay in contact the entire trip.

I installed Google Mail and set up a new Google account. This would allow me to send and receive email over wifi. This took a bit more planning but also worked fine. I found email addresses easy to remember, so I was able to email with a couple of people without having to create address records for them. Once I’d emailed, I deleted the emails I’d sent, and I deleted any they sent me.

There was plenty of wifi coverage. In fact, I don’t think I ever stopped and couldn’t find a free open wifi: McDonalds, Starbucks, the grocery stores. McDo was my go-to because it remembered the same SSID from location to location and was just that easier to access. But it was nice to have the ability to text and, I suppose, make a phone call in a pinch.

I am not going to engage in open resistance while I’m on a visa. But one resource I added to the phone was the Xfinity app which, since we’re customers, allows you to jump on their public mesh wifi. If you were in an urban or metro area with a wifi mesh, this sort of access might be nice to have. Of course, you wouldn’t want it connecting to wifi networks unwittingly, so the radio should be turned off until needed.

One thing that would have made this work better was to let them know about the new email address. It obviously didn’t identify me and, for at least one recipient, went into the spam folder. If I was talking to a lawyer about doing this, I would leave instructions with staff about this and email just with the staff. The staff could then relay the emails to the clients and back to the lawyer. In that way, they could keep a copy within the firm’s email servers even if the phone was wiped and the account deleted before crossing the border. I would still use a new email address each trip otherwise I think there would be a risk of leaving digital exhaust on a re-used account.

The ease of this setup hid from me one complication that I hadn’t really considered. What if I didn’t have the information—phone number, email address, etc.—with me? My use case was very simple, just one or two people to interact with. What if I needed to respond to a client issue? How would I bridge the gap and access my cloud accounts on a device that was meant not to leave traces.

Passwords and Multi-Factor

It was deceptively easy because, once I had set up the burner GMail account, the app never asks you to log in again. This is a risk with most apps; they don’t prompt as often, by default, as websites might. So I didn’t need my password manager to be able to send email. Or to check the internet for news. Or to text.

What about everything else, though? What if I needed to get into my own accounts, to get an unusual email address or check a calendar or look up contact information or something along those lines? I hadn’t prepared well enough for that.

I was only mostly clean on opsec.

This is partly due to how I am set up with my personal security. I use a password manager and I use multi-factor authentication. Even if I used SMS to receive authentication texts—which I don’t unless I can’t avoid it—I didn’t want to trigger that option. That was one risk of using the SIM for my primary phone number. Any SMS codes sent to that number would be accessible by anyone who had control of that device. In general, I only use my VOIP phone number (which is the number I give out to people outside my family) so that wasn’t an issue in this case. The VOIP number required a password and its own 2FA login.

I use Bitwarden for password management. This gives me a web-enabled app to access my password vault when I’m places like work where I may not be able to install an app. In the case of Bitwarden, they have a place to copy your multi-factor codes. You know, those ones you’re supposed to save in case you lose your MFA app access?

A screenshot of the new login screen in Bitwarden's web app. In the center is a form field for the Authenticator key. At the top is a title that says Login Credentials. Below that are form fields for username, password, authenticator key, and auto-fill options. A small tool tip overlays the image and says "Make 2-step verification seamless. Bitwarden can store and fill 2-step verification codes. Copy and paste the key into this field."
A screenshot of the new login screen in Bitwarden’s web app. In the center is a form field for the Authenticator key.

I am not a fan of storing the multi-factor key in the password manager. It seems like an unwise overlap of two processes that are intended to be kept separately. It feels like taping your PIN to your ATM card. However, if you were traveling and had a handful of accounts to access, this might be a good alternative. It would mean that, if you could access your password vault, you would also have a 2FA code to get into your secured website.

Of course, this is still chicken and egg. If I have authenticator codes in my Bitwarden vault, I still need an authentication code to get INTO my Bitwarden vault. But if I only need a few items, I can memorize some and write others down and keep them separate. No need to automate it.

It makes me wonder how law firms manage multi-factor backups for their staff. A lawyer may create 2FA on a site that the law firm doesn’t manage and then gets a list of codes. Does that go in their personal folder? Stored somewhere centrally, in case they are needed without the lawyer’s involvement (I’m assuming nothing nefarious, like a phone in a toilet or getting hit by a bus)?

That’s something I can crack in the future. You could temporarily disable 2FA for a short period of time. Or you could write down one or two codes without documenting which site they belong to. Or you could setup the account for an SMS code temporarily. Lots of ways to solve that problem without putting anyone else or your personal information at risk.

Too Much or Not Enough

We were riding in on the train to one of the #HandsOff protests in early April and the people on the train were discussing their protections: Faraday bagging and turning off their phones, turning off location, and so on. Someone said to me that, if the event they’re going to requires them to go to those extremes, they shouldn’t be going to it.

These measures are taken to try to ensure that people can participate in democracy as safely as possible. If the state has decided to make this more risky, it makes sense that people will deploy countermeasures to reduce that risk to themselves. I was glad that folks on the train were prepared. I am confident there are whole populations in other countries that take these sorts of precautions all the time. Hopefully that isn’t in the cards in America.

As I started off at the top, I feel like I found a pretty good balance. It’s important for someone to know how to access my phone and personal accounts should something happen to me. It doesn’t need to be state security black-bagging me. It could be a car accident or a heart attack.

I swung by our parents home on the way back to Chicago. As much to say hello as to show that I’d made it across. I know some folks they know were also worried about me. Hopefully it helps everyone to see that, even if we adapt, we can still go about our lives.