This would be useful beyond getting in and out of customs too. For instance, most people don't want to carry around a work phone and a personal phone, so we end up mixing two personas on one device, and it gets awful. For instance I keep two 2fa apps, one for work stuff and one for personal stuff. It would be so much easier if I could have a separate login that showed just my work apps. Like ... wouldn't it be nice to only have to see work slacks when you log in using a work persona?

Recent enough Androids have this "Work Profile" feature. You get two app stores, and work apps get little "work" overlay. There are separate lock settings and sound/notification settings for work profiles too - I think this means you can have simple pincode for personal stuff and more complex for work one. And you can turn off all work apps at once with a single button press. And if your admin gives "remote wipe" command, only work apps are wiped.

Sadly this is automatic, which means regular people can't use it. You workspace admin got to enable MDM, and then phone will prompt you if you want a work profile when you try to install it.

You can use Shelter to create your own work profile: https://f-droid.org/packages/net.typeblog.shelter/

Sadly it doesn't seem to work on all phones.

Second this! I use island which is pretty similar

it works on most flagships nowadays, so if you've got an okay phone, you're likely good

The ability to set up multiple user accounts has existed for a long time: https://support.google.com/android/answer/2865483?hl=en#zipp...

Side note: The sibling comments talk about creating a work profile which is different in that it still lives within the same user account and is not fully isolated.

Holy cow thanks for sharing this!

This is built into Android as Work Profiles.

If it’s built in they can request you to unlock both profiles.

Android 15 has a "Private Space" feature that can be somewhat hidden and used to sandbox apps/data. It will prompt for a secondary unlock if you know where to look.

"Private" in marketing terms only. Border agents have access to it all. If you refuse to turn over all of your passcodes and passwords for the access they're after (including social media profiles), they can detain you and seize your device.

Source? Even law enforcement are limited to grayshift and cellebrite for access.

Border Patrol is a step above most law enforcement when it comes to authority. The Fourth Amendment doesn't apply in the 100 mile border zone, or at least SCOTUS ruled Congress hasn't defined what happens if it is violated by border patrol (Egbert v Boule).

https://informationsecurity.princeton.edu/sites/g/files/toru...

https://www.aclu.org/news/privacy-technology/can-border-agen...

I assure you they know where to look.

Certainly doable, grapheneOS has it https://grapheneos.org/features#duress.

I really want to respond to the dead comment under this.

Setting a duress password is not tedious.

AFAIK the justification for them to say "don't rely on adblockers for security/privacy" is that you can be more easily fingerprinted and those adblock lists are a moving target, vs. having better sandbox capabilities in the browser.

The rest is conjecture I don't have the motivation to debate at the moment.

As for the rest of the article... just get a second phone if this is a major concern, or wipe the phone and have it be perfectly clean when you go through customs. The only thing you need to remember is the password + a single TOTP backup code (write that one down maybe) to restore your cloud password safe (which you should have) then you can get access to all your other data from there.

More easily fingerprinted by which blocked script or request? (Personally I prefer a whitelist on these.)

If they rely on phoning home, such as a comparison of requests on different access, that's some top notch log analysis. Expensive too, compared to just running JS.

Most android phones I use provide an option to wipe the device if the wrong passcode is entered too many times.

There was a lot of talk about duress passcodes several years ago, but I don't think any phones ever got it. Sure would be nice to have

GrapheneOS has the duress password feature [1]. I have it enabled, but have never needed to use it.

[1] https://grapheneos.org/features#duress

A duress password that booted into an innocuous "safe mode" without access to your full browser and chat history would be a whole lot less likely to get you into more trouble than one which wipes the phone...

Unfortunately your phone may get backdoored in that scenario anyway if it's known to have that feature. In graphene and most Android phones with unlocked flashing, easily achieved in a few minutes. (Special recovery. It's hard to catch if done right.)

There's no way around the wipe at least and better hope the bugger installed is not persistent in some firmware.

GrapheneOS explicitly supports and strongly recommendations locking the bootloader.

Truecrypt supported this decades ago, obviously not a full phone OS though.

Veracrypt. It's successor, keeps this feature - of allowing for a truly hidden OS- but there's a HUGE flaw everyone missed- it requires your laptop to be setup as MBR-= which only allows for 4 partitions, and you can't have more than like 2 TB of filespace on it total.

We need a similar solution for UEFI- that allows for truly hidden, foolproof hidden OS installs.

On Android you could add a second user which gets its own passcode and set of apps/accounts. If they know what they're doing they could see there are multiple users on the lock screen, but it may be enough.

It’s probably worth a review of 28 U.S.C. 1001 before you try this.