Introducing Travel Mode: Protect your data when crossing borders

We often get inspired to create new features based on feedback from our customers. Earlier this month, our friends at Basecamp made their Employee Handbook public. We were impressed to see they had a whole section about using 1Password, which included instructions for keeping work information off their devices when travelling internationally.

We knew right away that we wanted to make it easier for everyone to follow this great advice. So we hunkered down and built Travel Mode.

Travel Mode is a new feature we’re making available to everyone with a 1Password membership. It protects your 1Password data from unwarranted searches when you travel. When you turn on Travel Mode, every vault will be removed from your devices except for the ones marked “safe for travel.” All it takes is a single click to travel with confidence.

It’s important for me that my personal data be as secure and private as possible. I have data on my devices that’s ultimately a lot more sensitive than my personal data though. As one of the developers here at AgileBits I’m trusted with access to certain keys and services that we simply can’t take any risks with.

How it works

Let’s say I had an upcoming trip for a technology conference in San Jose. I hear the apples are especially delicious over there this time of year. :) Before Travel Mode, I would have had to sign out of all my 1Password accounts on all my devices. If I needed certain passwords with me, I had to create a temporary travel account. It was a lot of work and not worth it for most people.

Now all I have to do is make sure any of the items I need for travel are in a single vault. I then sign in to my account on, mark that vault as “safe for travel,” and turn on Travel Mode in my profile. I unlock 1Password on my devices so the vaults are removed, and I’m now ready for my trip. Off I go from sunny Winnipeg to hopefully-sunnier San Jose, ready to cross the border knowing that my iPhone and my Mac no longer contain the vast majority of my sensitive information.

After I arrive at my destination, I can sign in again and turn off Travel Mode. The vaults immediately show up on my devices, and I’m back in business.

Not just a magic trick

Your vaults aren’t just hidden; they’re completely removed from your devices as long as Travel Mode is on. That includes every item and all your encryption keys. There are no traces left for anyone to find. So even if you’re asked to unlock 1Password by someone at the border, there’s no way for them to tell that Travel Mode is even enabled.

In 1Password Teams, Travel Mode is even cooler. If you’re a team administrator, you have total control over which secrets your employees can travel with. You can turn Travel Mode on and off for your team members, so you can ensure that company information stays safe at all times.

Travel Mode is going to change how you use 1Password. It’s already changed the way we use it. When we gave a sneak peak to our friends at Basecamp, here’s what their founder, David Heinemeier Hansson, had to say:

International travel while maintaining your privacy (and dignity!) has become increasingly tough. We need better tools to help protect ourselves against unwarranted searches and the leakage of business and personal secrets. 1Password is taking a great step in that direction with their new Travel Mode. Bravo.

Travel Mode is available today, included in every 1Password membership. Give it a shot, and let us know how you travel with 1Password.

Learn how to use Travel Mode on our support site.

144 replies
Newer Comments »
  1. Rick Fillion
    Rick Fillion says:

    I suspect that a number of you are going to have the same question, so let’s see if I can answer it before it’s even asked: “Does this also work with Standalone vaults synced with Dropbox/iCloud?”

    Travel Mode is limited to accounts, and there’s no way to directly interact with it within the apps themselves. It’s an example of a feature that’s now possible with a centralized service that can coordinate everything for all of your devices, and provide a place to control settings outside of the apps themselves.

    It’s exciting to see the door open up for features like this. In fact, Travel Mode was built without having our apps needing to be aware of it at all. And that’s a good thing.

    • Sam
      Sam says:

      Maybe I’m just dumb, but I don’t see how AB’s centralized server has anything to do with the feasibility of this feature.

      It seems like it would be simple enough to let me tick a checkbox on my workstation that says “this machine never travels”, and then have “travel mode” treat that as my “centralized server” for the purposes of this feature. When I enable “travel mode”, it can wipe vaults from my laptop and tablet, knowing they’re safe on my workstation.

      I’ve been a happy 1Password user for many years, but it’s getting difficult to see the recent offerings as anything but “please stop using the standalone app, and start paying us a monthly fee to store all your passwords online”.

    • Rick Fillion
      Rick Fillion says:

      Hi Sam,

      Always nice to hear from a long term user. :) Let’s take a quick look at this.

      We could come pretty close to this feature with WLAN sync, I think. In the case of WLAN sync you have your “centralized server” (the desktop), and you’ve got the other devices that sync based on it. You could enable Travel Mode from the desktop which would cause the WLAN Server to stop serving up those vaults. That’s a good start. Now we’ve got a couple problem. The biggest issue is that you can’t re-enable it until you’re back around your desktop. The second issue is that your desktop is likely to travel with you. I know mine does.

      With Dropbox/iCloud sync, there just isn’t a relationship between vaults, nor between devices to fascilitate this. You can approximate it by going to each device and removing unnecessary vaults (and making sure that you remember their passwords). Then when safe you can re-add those vaults. It’s doable, but that lack of relationship makes it tedious. And then which device controls all of it? The basic idea in standalone vaults is that it’s all peer to peer, and that’s great for a lot of things. It also has its limitations though.

      I hope this helps explain things. Blog comments are a little hard for long form answers. If you ping me on our forum or via email I’d love to discuss this in depth with you.



    • Tom S
      Tom S says:


      While I can’t speak for the AgileBits team, the major theme behind Travel Mode seems to be the fact that the data isn’t present on your device and that there’s no possible way to get around it. Even if a comparable, modified approach could be managed by splitting up vault files, all of that data could still be accessed indirectly via Dropbox/iCloud. There’s no way around that without third-party access.

      That’s the unavoidable issue that likely dictated how Travel Mode was implemented. While the data stored on Dropbox/iCloud might be encrypted, that’s not a defense to the problem Travel Mode and other precautions are meant to resolve. The purpose is to ensure that the travel unfriendly data can’t be accessed because it’s not present to be accessed.

      Unless you logout of Dropbox on your phone/laptop/other devices, trash the 1Password files in your ~/Dropbox folder on your laptop, and remove your Dropbox info from 1Password, the data is still indirectly accessible. And as such, border agents have a viable—albeit indirect—route to access it.

      Do I think it’s likely that border agents will recognize that you’re using a Dropbox-synced vault and that there’s a way to get you to access it indirectly via Dropbox? Not at all, unless you’re being targeted specifically. In which case, you have much bigger concerns. But Agile Bits couldn’t market Travel Mode as they do if the possibility existed.

      I’ve used the standalone app, synced through Dropbox, for years. I love it, but it sacrifices some functionality (teams and families, etc.) because of limitations on how that functionality can be implemented. That might be unfortunate, but it’s made clear from the beginning.

    • Marcel
      Marcel says:

      This is an interesting feature that is potentially very useful to me. Sadly I wasn’t aware of it because I’m on the subscription-less service…

      Can you nonetheless explain how/why 1Password’s cloud storage is different from Dropbox or iCloud storage? That is to say, I completely agree with the comment that Tom S. makes above. At the same time I’m asking myself what stops a border guard from asking me to (or hitting me over the head with a hammer until I) hand over my password to the 1Passsword cloud. This would allow the border guard to switch off travel mode after which all my password automagically (or rather automatically as you put it) reappear on my device…

    • Kate Sebald
      Kate Sebald says:

      Hey Marcel! The relevant difference really is the complete absence of that data. As Tom S. mentioned your data (though encrypted) is still present when syncing via Dropbox or iCloud, it’s just not in your 1Password app. Arguably, on a mobile device, Dropbox and iCloud data is exclusively in the cloud as well since Dropbox doesn’t have a folder on your mobile devices like it does on a laptop or desktop, but with + Travel Mode removed data is cloud-only no matter what device you’re using. With Travel Mode enabled, your data is simply nowhere on your local device.

      So why does this matter? I’m going to stick to U.S. law as it’s what I know, but I’d not be surprised if other countries are similar. Here in the U.S. current guidance from Homeland Security draws a distinction between data stored locally and data stored on the cloud. Border Security could theoretically ask you to unlock a locally stored Dropbox vault on a laptop, for example, whereas they’d need to get permission from a supervisor and show some sort of cause to download data from the cloud. It may seem like a piddly distinction, but for now it’s one that matters. This is a very nebulous area of law so it’s something we and all those concerned need to keep an eye on, but for the moment this is something that makes Travel Mode stand out as a means to protect your private information with as little risk of exposure as we can muster without being obstructionist.

    • Virginia Velleca
      Virginia Velleca says:

      I wanted to share this information with my son, but when I pinch either Facebook or mail, nothing happens.

      I was looking for a way to ask another question, couldn’t find it so I am using this. I have had 1Password on 3 computers and I thought on my iPhone. I now have only 1 computer and it doesn’t appear on my iPhone. Is there anyway I can install it on my iPhone again?

      One more thing. This new travel app, if ie you wanted to remove bank information for travel, but then needed it while away, can it be retrieved for a short time?

      Many thanks

    • Kate Sebald
      Kate Sebald says:

      Hey Virgina! The share links at the bottom of the post work fine when I tap them on Android, but do seem to be a bit fussy on iOS. I had to tap a second time at first, then it seemed to clear up. I’ll admit, I have been slow to learn and adopt some of this new 3D touch stuff Apple has come up with, but a tap (or possibly two) seems to work at least.

      For your question about installing 1Password on your iPhone, that would probably be best handled via e-mail as we’ll want to make sure we’re advising you to install the proper application and set up the right way for how you’re using 1Password on other devices. This might require a bit of back and forth the blog comments aren’t well suited for. If it’s okay with you, I can ask someone from our support team to reach out to you at the e-mail provided here, or you can contact us yourself and we’ll get back to you in a jiffy. 😊

      As for Travel Mode, these items will remain available on with Travel Mode enabled, so you can always access them there. What Travel Mode does is it removes the vaults that aren’t marked “Safe for Travel” from your apps so that you can unlock 1Password if asked to without exposing that data, but keeps them available on You can disable Travel Mode at any time on, or you can just take a quick peek at that data in your browser if you only need it momentarily and aren’t ready for it to be back in your apps just yet. 👍

      My advice when traveling is to always have your Emergency Kit handy. This way you have everything you need to access, just in case, and don’t need to rely exclusively on your apps. This can be helpful when you don’t want to disable Travel Mode just yet as well. I keep mine on a password-protected USB drive on my keychain so it’s safely off my devices, but still accessible.

      I hope you’re able to share this post with your son and that he enjoys reading it. And, of course, if it would help for me to have one of the support team reach out about your iPhone, just let me know. 😊

    • Erik
      Erik says:

      I’m with Sam on this one. The reason I use, and the major differentiation between the other password managers out there, is being in complete control of my vaults. It’s not even a money thing, it’s the one feature nobody else offers.

      I have my own system to scrub my devices before travel I’ve been using for years so this isn’t by any means a necessary feature but I want to remind the awesome 1Password team two blocks away why 1Password and not lastpass et al. A feature race is a race to the bottom. If you need a revenue stream charge a subscription fee but don’t dare force me to store my data on your servers or it’s over between us.

    • Jeffrey Goldberg
      Jeffrey Goldberg says:

      We also want you to have control of your data. It’s your data, Erik. It’s not ours.

      That is why we built the service the way we have. We worked hard to design it in such a way that you remain in control of your data. We don’t lock you out of your own data if you cancel your subscription, and we have greatly limited our capacity to learn about you, your data, and what you do with your date. Please read about our Security design and perhaps dive into the gory details in our 1Password Security Design white paper.

      I think you will agree that WiFi sync (if that is what you are using to maintain “complete control” of your data) is not for everyone. Most people have been using some remote service not under their control for synching their data. So as I get into a bit more below, we have built something that is designed from the ground up to support the security needs of 1Password data. (More below).

      Features are not a list of checkboxes
      As you noted, it does give us the ability to offer features. But this is not, as you say “a feature race to the bottom.” These are features that I use every day. A lot of people need secure sharing within families for example. A lot of people like to be able to use and manage their data from any platform that supports a modern web browser. All of this is done without us having the ability learn about what sites you visit.

      You may not need those (yet), but these are capabilities that we wanted for ourselves as well as knowing that there was demand for them. This isn’t some feature catchup or checkbox ticking. The fact that we started doing this more recently than others in the market is because we wanted to do it right, and sticking to our principles that your data is yours.

      But those are not the only reasons we started offering a subscription service

      You are the customer, not your operating system

      A subscription system isn’t so much about smoothing out a revenue scheme as you suggested. There certainly are advantages to us to having a smoother income stream than what happens by doing the sporadic paid update, but I don’t think that those advantages are compelling if that were the only reason for subscriptions. (I don’t deal with finances, so I don’t know this for certain.). Instead there are other advantages to subscriptions.

      Subscriptions mean that we can financially treat you the way that we see you irrespective of how many platforms you use 1Password on: If you are a 1Password customer, you should be able to use 1Password and your 1Password data on all platforms. There is no reason why someone who uses Windows + iOS should have to pay more than someone who uses 1Password only on Mac. If you use 1Password on Windows, Mac, iOS, and Android then with licenses you would be hit up for paid upgrades on four platforms. And most app stores don’t offer a mechanism for upgrade pricing. You are a single customer no matter how many devices and platforms you run 1Password clients on.

      One sync to rule them all
      The 1Password service is more than about synching your data, but it is a huge part of it. Synchronizing data of this nature is harder than it might originally appear. First of all, it is all end to end encrypted, but we can’t just encrypt it all as one huge blob. That would require retransmitting a huge amount of data every time even the smallest change is made to one item. And reconciling conflicts would be a nightmare.

      In our history, we have worked on multiple synchronization mechanisms. Some people may recall the times nine years ago when we OS X Keychain and synching via MobileMe. It did not go well, despite the effort that we put into it.

      We introduced the Agile Keychain Format (AKF) to be “easily” syncable by any folder synching mechanism (I used rsync for a while). It turned out, however, that the file format was not well suited for some file systems. It just didn’t work over SMB/CIFS or NFS. And I won’t get into WebDAV. (We had WebDAV support 95% done, and actually promised it. But that last 5% turned out to be a killer. We’ve learned not to promise anything until it is delivered.)

      Note that this was before Dropbox really took off. Dropbox and AKF worked quite well. There were still some problems, and we couldn’t just get away with treating AKF data in a Dropbox folder as purely local data.

      LAN WiFi synching left us inundated with support queries that involved us helping people figure out how their local network is set up.

      OPVault introduced huge cryptographic improvements for living on some sync service (such as Dropbox), and also was designed to work with a broader range of file systems. And of course, there is iCloud synching.

      Every single one of those mechanisms is hard to maintain. And none of them have the exact properties we want. Furthermore, most problems people encountered with 1Password was with synching. Often it is because they were using different sync mechanisms on different devices. Users shouldn’t have to know whether they are using AKF or OPVault; Dropbox or iCloud. Sure, there will be long time users who pay attention to those things and those variants and have a sense of what each entails. But most people don’t, and we shouldn’t expect them to.

      So we built our own. Something designed for 1Password data management instead of trying to shoehorn this into some file or data record synching system. Something with the additional security requirements we have. Something that doesn’t require people to install and setup third party systems. Something that doesn’t depend on the local operating system.

      We still have the problem of people not knowing which synching mechanism they are using and so running into synching problems. And so we are steering people toward the one synching mechanism that is actually designed for 1Password data management; and we are leaving the other, legacy, mechanisms for expert users.

      Strong encouragement, but not force
      We do hope that even those expert users will see the advantages of the 1Password service. And I hope that you understand that we hide “expert” options their existence do cause problem for a lot of people.

      You can continue to use WiFi sync if that is what you are doing to never let your data leave your network, but I really hope you will read about our security design and see that the burden you are imposing on yourself by your choice isn’t really gaining you much.

      We have built the service we have built because we think it is the right thing. It’s most certainly not some sort of feature race to the bottom nor some attempt to smooth out revenue. It is the right thing to offer people who wish to manage their data and secrets in a secure and private manner.

      A Summary

      Well that was a long comment on a comment on a blog post; so to sum up

      • At every point in the design of our system, the principle that it is your data and not ours remains central.
      • Subscription pricing is fairer and more predictable than sporadic paid updates across stores, particularly when upgrade pricing isn’t available and people work from multiple platforms.
      • A synching systems designed, built, and maintained for 1Password data and security needs is far superior than trying to shoehorn this data into what various other synching mechanisms provide.
      • Steering most people to just one mechanism avoids what is by far the most common source of trouble that people run into.
      • A service allows us to offer browser clients, like 1Password X. Thus bringing 1Password to more platforms more quickly.
      • The sharing and management features we can offer through our own service are extremely valuable for a lot of people (including us). It is very much not a “race to the bottom.”
      • We’re not forcing you change, but we sure are encouraging you to.

      Well, that was long. I hope that it is helpful and worth the read.

      Chief Defender Against the Dark Arts @ AgileBits

  2. Tangible
    Tangible says:

    The existence of this feature isn’t going to be unknown to security agents. At the US border, CBP can confiscate devices if you refuse to provide your passwords. Once they have 1PW unlocked, won’t it become routine for them to turn off travel mode, knowing you may have turned it on?

    • Rick Fillion
      Rick Fillion says:

      Good question. You can unlock 1Password and there is no way to disable Travel Mode from within the app, nor is there any hint that you’re currently in Travel Mode.

    • Jeffrey Goldberg
      Jeffrey Goldberg says:

      You are absolutely correct, Tangible. Let me add a bit to what Rick has already pointed out.

      The goal is not to convince anyone that certain secrets don’t exist. It is to keep certain secrets off of your devices when you are entering situation where those devices may be searched.

      What we are doing here is offering to everyone something that at AgileBits have already been doing for ourselves. I am a member of several 1Password Teams and Families (as are most of us at AgileBits). What I have been doing is unsubscribing to certain Teams when traveling and resubscribing later. But that solution isn’t available to most people who don’t have as many different Teams as we do here.

      By making this available on the vault level, we give everyone the opportunity to decide what is and what isn’t on their device under certain circumstances.

    • Alex
      Alex says:

      I think the feature is poorly named, and that leads to confusion like this.

      It’s not a “mode” at all. It’s more like a big red button that will “nuke all local copies of non-travel-safe password vaults”.

      Nobody can “turn it off”, any more than they can un-burn the ashes of some papers (or even tell that those papers used to have passwords written on them).

    • Rick Fillion
      Rick Fillion says:

      I disagree with the idea that this isn’t a mode, Alex. You’re right that it behaves much like that big red button, though.

      It’s a mode on the user account. When in this mode, the user account isn’t allowed to store these vaults locally.

    • Alex
      Alex says:

      Rick: I guess we’ll have to agree-to-disagree, then. I don’t know of any other “mode” in any program I’ve ever used where entering the mode deletes data, in a different context than where I am right now.

      It sounds to me like you’re thinking about a technical aspect of the implementation (it’s a flag on the user’s account record, therefore, technically a mode!), rather than its obvious behavior to the user (this deletes stuff from your iPad).

      Even with an explanatory blog post, a good number of people here are misunderstanding what it does. As a developer myself, I take the position that users are right. If they don’t understand something, it’s the software that’s wrong, not them.

    • Rick Fillion
      Rick Fillion says:

      That’s a good point, Alex. I think that we need to do a better job of explaining it, especially since there’s a destructive side to it as you’ve said.


    • Carl Seghers
      Carl Seghers says:

      “You can unlock 1Password and there is no way to disable Travel Mode from within the app, nor is there any hint that you’re currently in Travel Mode.”

      I don’t get it.. how do you disable it then?

    • Rick Fillion
      Rick Fillion says:


      To disable it, you have to sign in to the website with your account credentials. Does that clear it up?


    • Jeremiah
      Jeremiah says:

      I absolutely expect the next escalation of this war to be them asking you to sign into the website. The duress password idea has the best chance of being effective for that.

    • Jacob
      Jacob says:

      It very well could be, Jeremiah. If that does happen, there are some other great ideas out there, like the duress password you mentioned.

    • Jeffrey Goldberg
      Jeffrey Goldberg says:

      Hi Jeremiah! You are not alone in recommending a duress password, but I’d recommend that people consider such things more carefully.

      Remember that you are dealing with an “attacker” who has the power to compel you to decrypt data. If they discover that you have given them fake data (either during the encounter or at some point afterwards), there may be very severe consequences.

      I personally recommend that people do not attempt to deceive or mislead border officials. I’ve written more about this in our forums.

    • Rick Fillion
      Rick Fillion says:

      Thanks for asking that, as I had a feeling some people might wonder exactly this. 1Password will work just fine. 1Password works on the idea that you’re sometimes going to be offline (not connected to the internet) and it makes sure that it has everything you would need when that’s the case.

      This new feature allows you to specifically have a portion of your data removed from your device so that you’re carrying less data with you. So it’s not that 1Password couldn’t travel before, it absolutely could. It’s that 1Password now lets you travel with less data.

    • Rick Fillion
      Rick Fillion says:

      This is a good question. It will be interesting to see how this plays out. We have some ideas that we’re working on that will hopefully help should this become a problem.


    • Matthew
      Matthew says:

      Nothing stops them from telling you to sign into But nothing stops you from signing in with a “duress password” that causes to behave differently than if you had provided your actual master password. (That one’s free, AgileBits 😉 Love ya!)

    • Rick Fillion
      Rick Fillion says:

      Thanks for commenting, Matthew.

      You’re right. We’ve talked (internally) about the concept of a duress password a few times. It’s an interesting idea, but there are concerns there as well.


    • Jeffrey Goldberg
      Jeffrey Goldberg says:

      Hi Matthew,

      We have talked about duress passwords in the past on our forums. While technically this can be done, it only makes sense in terms of rather unlikely threat model. It assumes an attacker who can coerce you into decrypting your data, but isn’t capable of determining that you gave them false data and retaliating upon that discovery. That seems like a very unlikely set of circumstances. (The one plausible scenario I’ve been able to come up with is for a child attempting to keep something hidden from parents who are not technically sophisticated.)

      Travel Mode might initially seem similar, but it is about a search of what is on your device. If the attacker only has the ability to compel decryption of what is on your device (as opposed to a more general power of being able to compel you to reveal all of your passwords) then it is possible to fully and honestly comply with the decryption of what is on your local device.

    • Thomas
      Thomas says:

      To Thomas (from Thomas):
      I’m afraid you have a valid point.
      It is very sad that law abiding people are punished instead of the terrorist nuts,

    • Tai Viinikka
      Tai Viinikka says:

      I think we should distinguish between crossing a border into Canada or the US and crossing a border into $Country-That-Tortures-People.
      The US and Canada give their border services people the constitutional power to search devices crossing the border. You have to comply with this, or they can hold you. They don’t have a broader power to demand every password for every purpose. So if you can honestly say, (and they cannot easily dispute in good faith) “I have given you access to everything that’s on my devices,” then you are good to go.

      IANAL, this is just my understanding as a Canadian who travels.

    • Jeffrey Goldberg
      Jeffrey Goldberg says:

      You are absolutely correct, Tai, individuals need to consider the various threats they face given the environments they will be entering. As I have said in a different comment, the US on its worst day may still be better in this regard than some other country on its best.

      I am, however, wary of advising people to “insist on their rights” in a border crossing situation. This is particularly true if you not a citizen of the country you are entering. Remember that there is an enormous power asymmetry as order authorities have broad powers to deny entry to anyone other than citizens. It is hard to fight for your rights in courts of a country that you have been denied entry into.

      I have had the misfortune of dealing extensively with immigration authorities in three countries, and I personally recommend that people be cooperative and never lie to these authorities. The idea of Travel Mode is so that you have less on your person when you cross a boarder. This should make it safer for you to be fully cooperative in a situation where the devices you carry with you are subject to search.

    • Jeffrey Goldberg
      Jeffrey Goldberg says:

      You make an important point, Oop.

      We are not trying to conceal the existence of data from anyone. After all, it is probably not a good idea to lie or mislead someone who has the power to make you unlock your device and apps on that device. And as you point out, we wouldn’t be able to succeed at that anyway.

      What we are trying to do is make it easy to remove certain data from your devices for situations where the device might be searched. There may be circumstances with someone has the power to search the devices you are carrying but does not have the power to search things not stored on your device.

      I hope this helps.

  3. Polly
    Polly says:

    Rick – this is great on so many levels but as stupid as this sounds, I cannot see a way to mark a vault “safe for travel”. I see under My Profile how to turn it on, but I don’t a way to mark the vault.

  4. Thomas Berrang
    Thomas Berrang says:

    Hi Rick!
    Great feature. Just in time for my next long business trip.
    Extremely easy question: I’m poking around my admin console and can’t find the place where I can assign a vault as ‘safe for travel’!

    Best regards

    • Rick Fillion
      Rick Fillion says:

      Hi Thomas,

      We’re working on making that a little more obvious. The best way currently is to use the pencil (edit) button on the vault from your Home Screen. This will allow you change the vault’s name and includes a button to mark it safe for travel.

      Hope this helps!


  5. Bill
    Bill says:

    This is an excellent, forward-thinking feature. But I can’t help but comment on how desperately sad it is that our privacy has come to this. The upside I guess is that this fuels creative solutions that will push technology forward like the decentralised web for one.

  6. Pantulis
    Pantulis says:

    Regarding the centralized service vs standalone, it also means that if an attacker gains control of servers, it can also activate travel mode for me and disable my secret data on my device!

    I mean, the idea is cool and awesome and should be appraised, but there is no free lunch for everyone.

    • Rick Fillion
      Rick Fillion says:

      That’s a good point, Pantulis. Someone that gains access to Dropbox could perform a similar action by marking items in an AgileKeychain/OPVault as tombstoned (the step beyond trashed).

      Just like Dropbox, we have a large responsibility to keep our servers secure.

    • Jeffrey Goldberg
      Jeffrey Goldberg says:

      That is correct Pantulis.

      Travel Mode is about removing things from your local before you may be compelled to decrypt everything on that device. If the attackers are willing and capable of reaching beyond your device as well as compelling you to decrypt then there is nothing we can do.

      Law is very very unsettled in most places about searches and compulsion to decrypt, and I do not wish to make any claims about what any country’s laws are and their consequences, but I will point out that in some jurisdictions governments have more power to conduct searches at boarders then they might elsewhere. So not having the data with you at a border may be of value.

      We do not know how this will work out in practice, but I believe that the less information you have on your person as you cross a border the safer that information is. But for much of this we will have to wait and see.


Newer Comments »

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.