
Israel airport security stole my laptop - boltzmannbrain
https://twitter.com/theAlexLavin/status/1089036484735262720
======
boltzmannbrain
Curbside security guard asked a couple basic questions ("How long were you in
Israel? Where are you traveling to?"). The guard at the first security gate
inside asked ~20 questions (4-8 is normal). I think answering that I'm a SW
engineer to "What do you do for a living?" made her suspicious. I was then
directed to a side security area where they searched my bags and discovered my
laptop. A few guards then escorted me to a side room. Here there was one guard
interrogating me on and off for ~2 hours. Just about any question I asked was
met with "We can't tell you that." They confiscated my laptop b/c they had to
"run more tests". I said several times I would wait for the tests, but they
'insisted' I leave. As soon as I was through security I went to Turkish
airlines for help, but their immediate (read: scripted) response was "We do
not deal with airport security."

~~~
peterwwillis
What you experienced is not rare at all for travel through Israel. Answering
that you're a SW engineer is not suspicious, it's _how_ you answer that
they're trained to look at. The questions are basically irrelevant. You and
your equipment got flagged.

Once when I was boarding a plane to fly into TLV from Athens, I got about 200
questions in the space of 5 minutes, from 3 different people. When I mentioned
who I used to work for, they asked me what that kind of work entailed, what
did my office building look like, what city was it in, where was I living at
that time, why was I living somewhere else, etc. I got the same questions
multiple times, spaced apart.

They don't actually give a crap what my old office building looked like.
They're looking for responses that appear delayed, evasive, made up.

After the questions I had to follow them to another room to have my bags
meticulously inspected and scanned. They then checked my bags for me (breaking
my zipper in the process - and no, the airline didn't do jack about it) and
finally let me board. After I was on, they barged on and insisted some older
passenger who had been sitting quietly leave the plane immediately while it
was on the tarmac, and left.

Traveling through Israel is a pain in the ass.

~~~
kkapelon
>I was boarding a plane to fly into TLV from Athens

I think you mean the other way around. If you are being asked all these
questions the flight was from TLV to Athens. Right?

~~~
pintxo
Israel has people on the ground around the world. Hard learned lesson after
too many hijacked planes.

~~~
isostatic
See for example the "Hindawi affair"

[https://www.asi-mag.com/ann-marie-murphy-hindawi-
affair-30th...](https://www.asi-mag.com/ann-marie-murphy-hindawi-affair-30th-
anniversary-review/)

------
boltzmannbrain
Yes this could have been worse, and is relatively minor compared to other
mideast travel horror stories. Nonetheless I feel frustrated not only losing
my computer and non-backed up materials, but because this occurs as I am
helping an Israeli tech company by sharing my knowledge and expertise. There
has been incredible outreach initiative in the AI research community as of
late -- e.g., DL Indaba in Africa -- but this makes us feel unwanted. I will
continue working with the Israeli startup, but from my office in SF.

~~~
so_tired
> incredible outreach initiative in the AI research community as of late --
> e.g., DL Indaba in Africa

Geez.

You are not "outreaching" some minority tribe here. You are selling your
expertize for good money. Israel is the 2nd biggest VC market in the world
(maybe 3rd after US, China?).

Sorry about your laptop though. There is current incredible outreach of
Israelis to tourists who have had a bad experience while visiting.

We do our best !! Luckily your plane did not blow up.

~~~
balls187
> Luckily your plane did not blow up.

He'd be lucky if his plane did blow up, since it's such a rare occurrence.

~~~
PakG1
I believe that's what the word unlucky is for. Lucky is for positive rare
occurrences, unlucky is for negative rare occurrences. I'll admit I have no
clue what normal/average occurrences would then be.

~~~
nsomaru
Luckless.

------
opless
This is a good argument for never taking any electronic devices outside your
home region.

Even if you get your device back, after someone takes it behind the curtain
and fiddles with it ... How can you be sure that they have not compromised it
for its onward journey?

~~~
xoa
> _This is a good argument for never taking any electronic devices outside
> your home region._

For most of us here in particular that's very silly as well as completely
unrealistic, we need some level of electronics for our work even beyond that
it makes many kinds of travel much more practical. However, what is worth
considering (at least when traveling internationally) is to have specific
dedicated travel electronics. One consequence of the end of Moore's Law and
the flattening of the performance curves in PCs and now mobile devices as well
is that older kit can still be perfectly serviceable for travel usage. I
replaced my 4 year old notebook and 3 year old phone last year for example,
but this time rather then sell the old ones (which aren't worth that much
anyway) I just kept them and changed them into specific clean travel devices
(and with the notebook in particular oriented around remote work for most
stuff).

That kind of opsec was a lot more expensive and difficult at one point, but
these days I think it's ever more practical and it reduces potential headaches
and opportunities for screwups (by me) a lot. It's much easier to make sure
nothing critical is on a device I wipe regularly and much easier to maintain
compartmentalization with physical separation. If any of it ever was seized
I'd still be bummed/irritated, it's still worth some money and on a practical
level it'd mean I didn't have it for the rest of the trip (even if the rest is
just "the flight home" and all I wanted was to read a bit). But nothing I
couldn't just write off ever seeing again or that could cause me any trouble
even if it was cracked.

~~~
siffland
I will preface this with saying i dont think stuff like this should happen,
however in the DoD we are advised to never take a personal laptops (or phones)
to a foreign country, only take a secondary laptop and ensure the hard disk is
encrypted. Also keep as little information on the drive as possible.

Furthermore if a laptop (or other electronic device) is purchased in a foreign
country either dont bring it back or bring it back and shred it.

I know this sounds extreme and expensive, but with cloud storage and cheap
laptop's i cant imagine anyone travling to a foreign country not being able to
have a secondary "disposable" machine with cloud backups (could be a challenge
in say china, but if you are doing buisness in a country like that (government
monitored and access restricted) you should have company policies in place
already).

------
sodosopa
This is particularly why I leave my good MacBook at home and depend on a
decent Chromebook and a throwaway Gmail acct. I can use Citrix or an Amazon
Workspace if I need something more secure. If I lose it or if it’s stolen, I’m
out $200-400 instead of $1200 and my data.

~~~
PakG1
Dang, I'll have to start considering something like this. And keep all my data
on the cloud instead. :(

~~~
TomVDB
95% of what I do on my laptop (other than random web surfing) is hobby stuff
that can go to Github.

That 5% (taxes, paperless office) happens on my MacBook.

So I’ve start to do the same thing: MacBook for US travel, $40 laptop for
international travel.

Works great.

------
dylanz
I was traveling through Istanbul and there were multiple tiers of security
before reaching my plane. One of the checkpoints was run by private security,
and they took my laptop out of my bag and asked me a ton of questions. They
asked me to open my computer and log in so they can review data in my machine.

Lucky for me, my laptop was completely out of battery, so when they opened my
MBP, all they saw was the red blinking battery symbol. They mumbled to each
other under their breathes, handed me my laptop, and waved me through.

~~~
boltzmannbrain
Wow they asked you to login? I have the Apple watch feature for auto-login,
but took my watch off as soon as they grabbed my laptop.

Yes I went through several tiers of security as well, each with different
organizations it seemed (airport, private, gov't).

------
devy
Just a tangent: TLV is the most secure airport in the world though.[1] You
wouldn't think the most secure airport is in the middle east but it is.
Compare to Israelis' human approach, the billions dollars the U.S. spent by
the corrupted TSA on invasive cancer causing body scanners and still have tons
security breaches is a joke. The wikipedia page has a few reports explained in
details why it works at TLV. Worth a read.

[1]:
[https://en.wikipedia.org/wiki/Ben_Gurion_Airport](https://en.wikipedia.org/wiki/Ben_Gurion_Airport)

~~~
Zak
> _You wouldn 't think the most secure airport is in the middle east but it
> is._

Yes, I would. I would expect the most secure airport in the world to be in a
small country that has been at war with several of its neighbors within living
memory. I would expect it to be a country that's technologically-sophisticated
and well-funded. I would expect it to be in a country that has had issues with
terrorism.

In other words, Israel is exactly where I would expect to find it.

------
onetimemanytime
Must've triggered something when they questioned you. Maybe you just made
yourself non-Grata over there too by sharing this story.

At least they should have said, wait, let's clone it and here is your laptop
back. Unless they suspected you of economic espionage or whatever and didn't
you to have it with you. Either way, unless charged with a crime it's theft.

~~~
megous
> Unless they suspected you of economic espionage...

This also may be a part of industrial espionage done by Israel.

~~~
onetimemanytime
Great point. His work may be of extreme value to Israel. And you can't argue
with airport security

------
basementcat
I thought that all sovereign nations had the authority to seize whatever they
want at border crossings. I always travel with the assumption that all my
belongings (on my person) are subject to confiscation.

This has two consequences: 1. I travel light and 2. If something doesn’t get
seized that’s great news!

------
Fnoord
Do not take electronic devices with you when you leave your country. Use a
burner instead. Counts for USA, China, Russia, and apparently also for Israel

------
markvdb
Don't travel. Or use a disposable laptop when traveling. Something like the
Thinkpad x240 is rather sturdy, small form factor, with perfect linux support.
Shouldn't set you back more than ~150-200€.

Pull in whatever data you need after passing these risky checkpoints. Destroy
the data again afterwards.

------
rv-de
I suspect they intentionally regularly interrogate people who they know are
innocent to train what a normal false positive acts like. that helps detect
the true positives in contrast while training on true positives is difficult
as they are quite rare. the interrogation strategy is just to impose a high
level of stress on someone. i suspect a false positive will act very confused
in contrast to someone who wants to hide something.

(with positive I refer to someone who is considered dangerous or an enemy)

having said that I went twice to Israel from Germany and coming back from
Istanbul and never had issues. actually I find it quite exciting to experience
the perfectly orchestrated security measures. obviously though also because I
never got the tough treatment so far.

------
walrus01
Good argument for taking a laptop that is basically a thin client to a VNC-
over-SSH session.

~~~
alex_duf
if the thin client hardware is compromised you're back to square one

~~~
walrus01
if people are breaking into your hotel room while you're not there to install
rootkits in its bootloader, hardware keystroke loggers, or similar (google
"evil maid attack"), you're probably the target of somebody with the
capabilities of a nation-state intelligence agency. at which point all bets
are off.

~~~
Zak
Breaking into a hotel room and installing a rootkit on a laptop does not
require anywhere near that level of sophistication.

In many cases, obtaining a hotel room key requires only entry-level social
engineering. How do I know? I've received keys for my own hotel rooms from the
front desk with essentially no verification. Adding a rootkit to a laptop
depends on how well-secured it is, but that's often little more effort than
inserting a flash drive and rebooting it.

These things require the resources of an individual and skills that can be
learned from a google search.

~~~
walrus01
Breaking into a hotel room, and breaking into a hotel room without sufficient
surveillance resources are two different things... Just off the top of my
head, I can think of a few concerns. You'd need a rotating team of at least
three persons to verify that the subject has left the hotel room, and isn't
going somewhere for a very short time such as to the hotel laundry room, to a
lobby snack bar, or such. You don't want to be surprised in the middle of
installing a rootkit. Then you have to deal with the fact that the front desk
staff might speak to the person later, like "Hey just checking your new key
card worked OK?" "What new keycard?", alerting the person that something is
fishy. You have to deal with the possibility that the person might have left a
portable motion sensitive alarm stuck to the inside of the hotel room door, or
a tiny camera somewhere in the room.

Lots of things can go wrong with this sort of plan. But it's not a one-person
job.

You might have your rootkit totally prepared and ready to go, and find that
the person has a sub-1-kilogram sized netbook/small laptop that they take with
them literally everywhere they go, in a backpack, small bag, or purse.

You might have an attack prepared and get there to discover that the laptop
has had its USB ports disabled in the BIOS, with a BIOS password set, and
insufficient time to work around that.

~~~
Zak
You're describing the sort of operation a nation-state's intelligence services
would plan, and I'm describing the sort of thing anyone from a crazy ex-lover
to an unethical competitor might do.

Your scenario is obviously more likely to succeed and less likely to be
detected, but mine works more often than not. Being sure I have not done
anything to attract the attention of an intelligence agency is not sufficient
to be sure nobody has gained physical access to my laptop and installed
malware.

------
altmind
Have anybody got any good experience with self-encrypting drives(SED)?
Something that will allow you to pull the ssd out of laptop and carry it
through security separately, not worrying about contents getting spied on if
seized?

------
bibyte
This is crazy. Does anyone know how common this kind of thing is ? I don't
know anything about airport security. How can some data on a laptop be so
dangerous ?

~~~
giancarlostoro
I mean Stuxnet comes to mind:

[https://en.wikipedia.org/wiki/Stuxnet](https://en.wikipedia.org/wiki/Stuxnet)

Of course all it takes is a malicious USB.

------
ElDji
[https://bdsmovement.net/](https://bdsmovement.net/)

