Israel Archives - Page 5 of 6 - Schneier on Security

Entries Tagged "Israel"

Page 5 of 6

Adopting the Israeli Airport Security Model

I’ve been reading a lot recently—like this article on the Israeli airport security model, and how we should adopt more of the Israeli security model here in the U.S. This sums up the problem with that idea nicely:

On the other hand, no matter how safe or how wonderful the flying experience on El Al, it is TINY airline by U.S. standards, with only 38 aircraft, 46 destinations, and fewer than two million passengers in 2008. As near as I can tell, Cairo is their only destination in a majority Muslim country. Delta, before the Northwest merger is included, reported 449 aircraft and 375 destinations.

Ben Gurion Airport is Israel’s primary (not only) international gateway. In 2008, Ben Gurion served 11.1 million international passengers and 470,000 domestic passengers, roughly comparable to the 10 million total served at Sacramento, the airport I use most often. Amsterdam served 47.4 million total, and Detroit served 35.1 million total in 2008.

By American standards, in terms of passengers served, Ben Gurion is a busy regional airport.

Simply put, the Israeli airport security model does not scale.

EDITED TO ADD (1/7): More.

EDITED TO ADD (1/12): Interview with El Al’s former head of security.

Posted on January 5, 2010 at 7:04 AM • View Comments

Mossad Hacked Syrian Official's Computer

It was unattended in a hotel room at the time:

Israel’s Mossad espionage agency used Trojan Horse programs to gather intelligence about a nuclear facility in Syria the Israel Defense Forces destroyed in 2007, the German magazine Der Spiegel reported Monday.

According to the magazine, Mossad agents in London planted the malware on the computer of a Syrian official who was staying in the British capital; he was at a hotel in the upscale neighborhood of Kensington at the time.

The program copied the details of Syria’s illicit nuclear program and sent them directly to the Mossad agents’ computers, the report said.

Remember the evil maid attack: if an attacker gets hold of your computer temporarily, he can bypass your encryption software.

Posted on November 5, 2009 at 12:48 PM • View Comments

Israel Implementing IFF System for Commercial Aircraft

Israel is implementing an IFF (identification, friend or foe) system for commercial aircraft, designed to differentiate legitimate planes from terrorist-controlled planes.

The news article implies that it’s a basic challenge-and-response system. Ground control issues some kind of alphanumeric challenge to the plane. The pilot types the challenge into some hand-held computer device, and reads back the reply. Authentication is achieved by 1) physical possession of the device, and 2) typing a legitimate PIN into the device to activate it.

The article talks about a distress mode, where the pilot signals that a terrorist is holding a gun to his head. Likely, that’s done by typing a special distress PIN into the device, and reading back whatever the screen displays.

The military has had this sort of system—first paper-based, and eventually computer-based—for decades. The critical issue with using this on commercial aircraft is how to deal with user error. The system has to be easy enough to use, and the parts hard enough to lose, that there won’t be a lot of false alarms.

Posted on March 10, 2008 at 12:24 PM • View Comments

Airport Security: Israel vs. the United States

A comparison:

We were subjected to a 15-minute interrogation at the airport in Eilat, in southern Israel, after spending the weekend in neighboring Jordan. The young, bespectacled security official was robotic and driven in his questioning. He asked to see a copy of my husband’s invitation to his conference. The full names of anyone we knew in Israel. More and more questions, raising suspicions that started to make me feel guilty.

“Did you give anyone your e-mail or phone number? Did anyone want to stay in contact with you?” He had us pegged for naive travelers who could become the tool of terrorists.

He even went through our digital photos, stopping at a picture of a little boy, holding a baby goat. “Who is this?”

“It’s a Bedouin,” I snapped. “We don’t have his contact information.”

In the same calm tone, he told me not to become angry. Later I realized it was a necessary part of traveling in Israel, as a safety precaution. Ironically, we didn’t have to throw away our water bottles or take off our shoes when we passed through the security gate—which made me wonder at the effectiveness of U.S. policies at airports.

Regularly I hear people talking about Israeli airport security, and asking why we can’t do the same in the U.S. The short answer is: scale. Israel has 11 million airline passengers a year; there are close to 700 million in the U.S. Israel has seven airports; the U.S. has over 400 “primary” airports—and who knows how many others. Things that can work there just don’t scale to the U.S.

Posted on July 3, 2007 at 3:13 PM • View Comments

Recognizing a Suicide Bomber

Fascinating story of an Israeli taxi driver who picked up a suicide bomber. What’s interesting to me is how the driver comes to realize his passenger is a suicide bomber. It wasn’t anything that comes up on a profile, but a feeling that something is wrong:

Mr Woltinsky said he realised straight away that something was not quite right.

“When he got into my car, I had a bad feeling because he did not behave normally—his eyes, his nerves—and the fact he was wearing a big red jacket even though it was hot.

“I asked him where he wanted to go but he didn’t say anything, just waved his hand.

“When I asked him again, he said only one word, “Haifa”, in an Arab accent. Haifa is hundreds of kilometres away, so now I was almost 100% sure he was a suicide bomber.”

In other words, his passanger was acting hinky.

EDITED TO ADD (2/1): The Israeli was not a taxi driver. Apologies.

Posted on February 1, 2007 at 6:26 AM • View Comments

Did Hezbollah Crack Israeli Secure Radio?

According to Newsday:

Hezbollah guerrillas were able to hack into Israeli radio communications during last month’s battles in south Lebanon, an intelligence breakthrough that helped them thwart Israeli tank assaults, according to Hezbollah and Lebanese officials.

Using technology most likely supplied by Iran, special Hezbollah teams monitored the constantly changing radio frequencies of Israeli troops on the ground. That gave guerrillas a picture of Israeli movements, casualty reports and supply routes. It also allowed Hezbollah anti-tank units to more effectively target advancing Israeli armor, according to the officials.

Read the article. Basically, the problem is operational error:

With frequency-hopping and encryption, most radio communications become very difficult to hack. But troops in the battlefield sometimes make mistakes in following secure radio procedures and can give an enemy a way to break into the frequency-hopping patterns. That might have happened during some battles between Israel and Hezbollah, according to the Lebanese official. Hezbollah teams likely also had sophisticated reconnaissance devices that could intercept radio signals even while they were frequency-hopping.

I agree with this comment from The Register:

Claims that Hezbollah fighters were able to use this intelligence to get some intelligence on troop movement and supply routes are plausible, at least to the layman, but ought to be treated with an appropriate degree of caution as they are substantially corroborated by anonymous sources.

But I have even more skepticism. If indeed Hezbollah was able to do this, the last thing they want is for it to appear in the press. But if Hezbollah can’t do this, then a few good disinformation stories are a good thing.

Posted on September 20, 2006 at 2:35 PM • View Comments

Press Security Concerns in Lebanon

Problems of reporting from a war zone:

Among broadcasters there is a concern about how our small convoys of cars full of equipment and personnel look from the air. There is a risk Israelis (eyes in the sky: drones, satellites) could mistake them for a Hezbollah convoy headed closer to the border and within striking distance of Israel. So simply being on the road with several vehicles is a risk.

Plus, when we fire up our broadcast signals it is unclear what we look like to Israeli military monitoring stations. If there are a number of broadcasters firing up signals from the same remote place, the hope is that the Israelis would identify it as media signals, and not Hezbollah rocket electronics, and thus avoid being a target.

Posted on July 26, 2006 at 5:56 AM •

Patrick Smith on Airline Security

Patrick Smith writes the “Ask the Pilot” column for Salon. He’s written two very good posts on airline security, one about how Israel’s system won’t work in the U.S., and the other about profiling:

…here’s a more useful quiz:

In 1985, Air India Flight 182 was blown up over the Atlantic by:
a. Muslim male extremists mostly between the ages of 17 and 40
b. Bill O’Reilly
c. The Mormon Tabernacle Choir
d. Indian Sikh extremists, in retaliation for the Indian Army’s attack on the Golden Temple shrine in Amritsar

In 1986, who attempted to smuggle three pounds of explosives onto an El Al jetliner bound from London to Tel Aviv?
a. Muslim male extremists mostly between the ages of 17 and 40
b. Michael Smerconish
c. Bob Mould
d. A pregnant Irishwoman named Anne Murphy

In 1962, in the first-ever successful sabotage of a commercial jet, a Continental Airlines 707 was blown up with dynamite over Missouri by:
a. Muslim male extremists mostly between the ages of 17 and 40
b. Ann Coulter
c. Henry Rollins
d. Thomas Doty, a 34-year-old American passenger, as part of an insurance scam

In 1994, who nearly succeeded in skyjacking a DC-10 and crashing it into the Federal Express Corp. headquarters?
a. Muslim male extremists mostly between the ages of 17 and 40
b. Michelle Malkin
c. Charlie Rose
d. Auburn Calloway, an off-duty FedEx employee and resident of Memphis, Tenn.

In 1974, who stormed a Delta Air Lines DC-9 at Baltimore-Washington Airport, intending to crash it into the White House, and shot both pilots?
a. Muslim male extremists mostly between the ages of 17 and 40
b. Joe Scarborough
c. Spalding Gray
d. Samuel Byck, an unemployed tire salesman from Philadelphia

The answer, in all cases, is D.

Racial profiling doesn’t work against terrorism, because terrorists don’t fit any racial profile.

Posted on June 19, 2006 at 7:22 AM • View Comments

El Al Doesn't Trust the TSA

They want to do security themselves at Newark Airport, as they already do at four other U.S. airports.

No other airline has such an arrangement with U.S. officials, authorities acknowledged. At the four other airports, El Al has installed its own security software at bomb-detection machines, which authorities said is more sensitive than that used by American carriers.

Posted on May 23, 2006 at 3:30 PM • View Comments

Automobile Identity Theft

This scam was uncovered in Israel:

Thief rents a car.
An identical car, legitimately owned, is found and its “identity” stolen.
The stolen identity is applied to the rented car and is then offered for sale in a newspaper ad.
Innocent buyer purchases the car from the thief as a regular private party sale.
After a few days the thief steals the car back from the buyer and returns it to the rental shop.

What ended up happening is that the “new” owners claimed compensation for the theft and most of the damage was absorbed by the insurers.

Clever.

Posted on September 21, 2005 at 7:45 AM • View Comments

←Previous 1 … 3 4 5 6 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.