Schneier on Security
A blog covering security and security technology.
« Analysis of Redaction Failures |
| Tennessee Makes Password Sharing Illegal »
June 6, 2011
Fighting Terrorism with Cupcakes
MI6 hacked into an online al-Qaeda magazine and replaced bomb-making instructions with a cupcake recipe.
It's a more polite hack than subtly altering the recipe so it blows up during the making process. (I've been told, although I don't know for sure, that the 1971 Anarchist's Cookbook has similarly flawed recipes.)
Posted on June 6, 2011 at 2:59 PM
• 50 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
May have been more effective to replace the instructions with something that would look correct but be benign. May have went longer without being detected.
Can I have lemon icing please
RE: The Anarchist's Cookbook.
I used to make my own explosives and rockets, back when I was a lad in the wilds of North Dakota, back before TAC was published.
I was in college then, and snapped up a copy as soon as it hit the college bookstore. I was gobsmacked when I saw they suggested drying nitrogen tri-iodide with carbon disulfide!
I won't go into details but, many of the incredients you can use to make a bomb can be bought without suspicion in a "home baking" shop.
Just consider that all an explosive is just a well blended mix of a fuel and source of oxygen.
For instance a very fine flour (chipatti) was supposadly used in the making of bombs in the UK,
They did not need to use hydrogen peroxide (hair bleach) from hair dressing suppliers then "boil it down" to concentrate it. They could have used another oxygen rich molecule that is frequently used in decorative cake making....
If anyone else wants the recipe, it's the top search result for the quoted phrase (and is in handy PDF form too).
Also got a small chuckle at the recipe being by Darcy *Israel*.
@Self - Never mind, it appears to just be a summary.
Anyone know where the actual recipes for these delicious explosive cupcakes are?
"the 1971 Anarchist's Cookbook"
The original title was "To Serve Anarchists"
Might I suggest that someone invent a technology that would turn on mild electric shocks from keyboards or mice whenever you visit a terrorist related website etc. Of course the electric shock current increases each time you visit these types of websites causing you to avoid them.
@Clive: I hate your (and others) "I won't go into details" bullshit. Firstly, it's big-headed. You're just trying to sound like you know more than everyone else. And secondly, the information is available elsewhere and some of us are interesting in playing with explosives.
If you don't think the details should be known then how did *you* learn them?
So I *shall* go into details: The simplest low explosives are just mixtures of oxidiser and fuel. You can use almost anything as a fuel - sugar is popular and easily available (even in very fine form -- icing sugar).
The oxidiser (e.g. peroxide, ammonium nitrate) is the hard-to-get part. The easiest ones are peroxide and you *can* just about still buy nitrates used for farming.
No idea what you're talking about with the cake making... Perhaps you are thinking icing sugar is an oxidiser?
Anyway, all this information is available on wikipedia and roguesci, so let's have less of the "I know the details and you don't so theeere" talk please.
Let's send them calamari recipes. Then you can blog it again on Friday Squid Blogging.
"Firstly, it's big-headed. You're just trying to sound like you know more than everyone else. And secondly, the information is available elsewhere and some of us are interesting in playing with explosives."
With regards your "first" I've mentioned it before and other people got upset because I did, so it looks like I upset people if I say it or not.
As for your second yes the information is out there (or it used to be) and you can find it in any degree level organic chemistry library, all you have to know it the "common name" from the "chemical name".
As for amonium nitrate look up making saltpeter with human waste and potash it's not difficult just takes time, and many people make it accidently in their compost heaps (middens) and the recipe has been known since before the Tudor's time throughout europe. The Tudor's had a lot of use for potash and organic substance chemistry it made amongst other things the soap they used for washing their clothes (not that they washed themselves).
Whilst you are at it you can find out about the history behind various organic acids etc.
Typical British humour, I'd say.
"You're just trying to sound like you know more than everyone else."
Clive doesn't need to try. Most of the time he just does. Ask anyone here. And there really is no point in giving out full specs if they can be found kinda everywhere by even the most retarded of AQ wannabees. Not to mention the fact that some of us are cautious enough not to elaborate on stuff that could sooner or later be used against us by LEA's following Bruce's blog too. I for one have no interest in ending up on some secret TSA list for publishing bomb recipes online. You may wish to follow on Twitter the amazing airport adventures of one Jacob Appelbaum (@ioerror) to give just one example.
A word of warning if you're interested in playing with explosives: they are dangerous. I may have mentioned this before on this blog, but I personally know two people who blew themselves up trying out TAC recipes, one of whom a former classmate who lost an eye in the process. The other one lost the arm he used to pluck his one-snared bass with. Needless to say that neither of them were the sharpest knives in the drawer.
The funniest one in the anarchists cookbook is "how to make nitric acid" which you need to make most HE's.
To get it dry (anhydrous is required) you need pretty pure sulfuric first -- they tell you to get it from a *dead* battery, which as most know, is when a battery has the least strong sulfuric in it.
That's the first major error. Even acid from a fully charged battery is only 1/4 pure more or less, so you're going to need a lot of them...
They have you boil it down (just don't try it at home, it has a nasty tendency to "zish" or bump boil right as it's ready, and spray hot acid all over. Sulfuric at its boiling point is a very serious threat.).
Then, they have you mix some of your sulfuric with a nitrate in a still (correct so far). But they have you doing this with two beer bottles over a campfire, using a duct tape seal. As one who has made nitric -- believe me, that's not going to work, the duct tape is more or less going to vanish right at the moment production begins. The reaction with sulfuric and a nitrate that produces the acid tends to have an exotherm in it partway through that's really vicious, and to do it successfully at home you have to distill under vacuum, so you can take the vacuum off to prevent a serious accident while this goes on.
Further, the distillation process makes many of the NO class of gas -- which are lethal, but you get no warning, they don't sting or stink like ammonia or chlorine -- you just die of nitrated lung tissue later.
And you have to do it in a quartz apparatus...no grease -- boiling nitric acid even eats teflon tape pretty quick.
So if you follow the cook book directions, assuming you live through the sulfuric acid steps and actually get any worthwhile acid, you die at the next step when the still comes apart and you breath the fumes -- it only takes one. More likely, you'll wind up with permanent scars from acid burns head to toe.
As I pointed out to the BATF on their last (friendly) visit, they should promote this book -- it will then be easy to ID potential bombmakers by the acid burns, missing body parts and so forth. That book is just close enough to fool people who sorta almost know what they are talking about...a real work of art in a funny way. Much of it will either get you injured or simply not be effective the way a reader might want -- either way, if they're learning from that junk, we are pretty safe - they're going to hurt themselves, not us.
There are some good sources out there, some of them were widely available on the 'net, but probably no more. The thing is -- if you didn't know some of this stuff already, how do you judge how good the source is?
@ Mikko (if this is you)
Congrats on your upcoming TED-talk !
Yeah...right. HTML "garbled" code as recipe is more in line with an exploit pack to own the machines. That's what i would do, and is the best way to deliver a payload to "viewers" and get intelligence.
"The thing is -- if you didn't know some of this stuff already, how do you judge how good the source is?"
It's not just that it's the myths that build up as well. You often see this with making certain peroxides, about if you keeping the temprature below say 10C you get a more stable result.... (for the unknowing a health warning needs to be on all peroxide explosives although more stable when wet they dry out even in closed containers especialy around the top or stopper, and the friction of opening can take a finger or whole hand off)
Many years ago when I was somewhat of a "scamp" I used to dable in homebrew bangs and I made some interesting pops bangs whizes and the occassional hole in the ground (one of which was large enouch to become the duck pond it still is).
After a while however (and a friend geting hurt) I realised three things,
The first was that the easier and more powerfull an explosive was to make, the more likley it was to go off by accident (it's one reason why peroxides are not used comercialy, another is they just don't like the metals used in bombs and bullets).
The second was that more stable explosives don't explode unless you have a detonator and they are not that easy to make (and like peroxides fulminates and chlorates have downsides).
Thirdly that many explosives are either poisonous or have very nasty/unplesant properties (for the curious who don't know look up NG-headache, or why WWI munitions workers who worked with TNT were sometines called canaries).
Back when the anarchist cookbook came out, I knew a chem graduate student who reviewed the book. I was very involved with political radicals back then.
Given the huge number of really dangerous "errors" in the book, the consensus amongst people I knew was that the anarchist cookbook was written by the CIA or some other government agency. No proof, but it seemed like the best explanation.
Great article Bruce. That's terrific! I wonder if they could hack me out of the database I'm in and leave a nice recipe instead.
This just in: Boston PD close local supermarkets after sightings of suspicious baked products.
Best of all the cupcakes are low fatwa...
@Clive: I'd still love to know which cake decorating ingredient you think has abundant oxygen that is sufficiently unreduced as to be useful as an explosive oxidising agent. Sugars (and carbohydrates in general) may be around 50% oxygen by mass but they are not useful oxidising agents and are more commonly used as the fuel in explosives. I've never seen anyone use saltpetre (by far the most common kitchen oxidising agent) for cakes, or indeed for any cooking other than corn beef, pastrami or similar.
Most strong of oxidising agents are poisonous in large quantities and a great many are carcinogenic in smaller quantities. You can buy saltpetre from the chemist or places that sell sausage making supplies, and you can get ammonium nitrate and sodium chlorate from the garden shop; all are useful for making low explosives but I wouldn't want any of them on my cake.
The Army Improvised Munitions blackbook was my source of information. I particularly liked the Explosive Flour that was stable enough to bake, with a weird recipe, into biscuits or pancakes. Then, they would be crushed, a blasting cap inserted, and the mix detonated. Other practical pieces of knowledge I felt worth remembering were armor-piercing shaped charges, homemade guns/grenades, and an improved chemical molotov cocktail. Be sure to get the Blackbook companion that was released later, as much for error corrections as new recipes. Props go to Doug Coulter for intelligently illustrating what many of us who were cautious intuitively felt: the anarchist cookbook wasn't worth jack as a bomb-making guide, but succeeded as a LEO trap.
As for this article, I think what they did was a ridiculously stupid waste of a subversion opportunity. Making it blow them up or work haphazardly would have produced useful results.
"I'd still love to know which cake decorating ingredient you think has abundant oxygen that is sufficiently unreduced as to be useful as an explosive oxidising agent." (Nicko)
I don't recall him saying "unreduced" "cake decorating ingredient." I do recall him talking about a "molecule" in an ingredient, with the unstated implication that it might be extracted or refined somehow.
"They could have used another oxygen rich molecule that is frequently used in decorative cake making...." (Clive Robinson)
I have no idea what Clive is talking about but it's best to address someone's actual claim rather than putting [dumber] words in their mouth.
Damned if I know, maybe you should ask Jumpin' Jack Flash if you want to make one...
This sseems a pretty unsophisticated attack, you'd think they would have embedded some malware or something with it too.
p.s. There's clearly 2 of us Tims on here, in future I'll call myself Tim#3
@ Clive Robinson "They could have used another oxygen rich molecule that is frequently used in decorative cake making"
Not to get off topic, but I really have to know the answer to this one: titanium dioxide is the first thing that comes to mind for me. Is that what you were thinking of?
Also, there are many other confectionery items you can use to cause panic. For example, cake fondant bears an uncanny resemblance to plastic explosive.
See Adriano Zumbo's V8 cake recipe.
"This sseems a pretty unsophisticated attack, you'd think they would have embedded some malware or something with it too."
Maybe the cupcake recipe results in food poisoning, a bad case of the runs, a disappointing bland-tasting muffin, or something else similarly unpleasant.
@Doug: "The thing is -- if you didn't know some of this stuff already, how do you judge how good the source is?"
You take ten recipes and ten teams. Those who report back the next day have the good recipes.
@Dirk Praet That cake scares me. I know titanium dioxide is used in cake decorating, but I'm not sure if it's any good as an oxidizer. I have more experience with cakes than explosives.
My guess: nitrous oxide, which dissolves easily in cream, and is used to charge whipped cream dispensers.
N2O is used as an oxidizer, esp. in auto racing applications, but I've never heard of it being used as an explosive precursor. But you never know.
Wasn't it pointless?
"Hi webmaster, I just downloaded the cookbook and there's some garbled code in there. Can you upload a clean copy?"
"Sure thing! We're a little busy today, but we'll have it up by the end of the week."
"As for this article, I think what they did was a ridiculously stupid waste of a subversion opportunity."
TS: "Wasn't it pointless?"
It's brilliant. It gets headlines, instead of agencies having to tell the usual "we've thwarted several attacks, but we can't tell you about it" sleeping pill; and it sends the message that these clowns are not even worth the trouble of messing seriously with, so it undermines their credibility.
If one assumes that the goal was keeping bomb-making instrucions out of The Bad Guys' hands, then, yeah, it makes no sense. So that's not what it's about.
I love the recipe analogy because it strikes at a fundamental point. If you're not a cook, no amount of reading cookbooks will make you a cook -- you have to actually get in the kitchen and start doing, instead of reading.
With food cooking, the results of incompetence are wasted ingredients and a lot of clean-up.
Errors in learning to make explosives are a bit more catastrophic. Overall this is a good thing. We get a chance to catch the incompetents when they blow their fingers off, get a lungful of acid, buy precursor chemicals (and sometimes the wrong ones!) with flimsy excuses, hack together "labs" that would scare any self-respecting meth addict, and/or make bombs that simply don't go off -- which saved many lives at Columbine.
Tim asks a good question: "If you don't think the details should be known then how did *you* learn them?"
The problem is finding out which details are "good" and which are simply products of fertile imaginations. Timothy McVeigh was dangerous not only because he was trained at USG expense, but because he had the time and privacy to continue his education by making stuff that goes boom instead of just reading about it on the Internetz.
It's not as though al-Qaeda doesn't have demolition experts. It's much more effective to make fun of them . . . Very Proper Charlies indeed.
How very nice to see you gracing the blog again, you have been missed.
I used to do a little chefing when I was an impoverished student many years ago. But cake making was not my thing although making ice cream jam, fruit cheeses and preserves is still a hobby along with a bit of charcuterie.
Having just taken a gander at the V8 my heart and pancreous stoped in shock halfway down the incrediants list and my left arm still feals numb ;)
Back when I was chefing in a Greek restaurant a third of a century ago the two main chalenges I remember where making filo pastry and getting to grips with E numbers that were just becoming all the rage...
The filo was a both a "right of passage" and a "durance vile" of the job and I've not made it since, the E numbers I personaly found fascinating because I'm eternaly curious, and unlike a cat appear to have a lot more than nine lives.
The curiosity about E numbers was partly because you had to know the chemical names, but also when you did and did not have to include them on the incrediants list. For instance some of the chemicals were both flavouring and preservative in the early days you only had to declare them if they were used as a preservative but not as a flavouring.
Likewise you did not have to declare processing agents. Now if you did a chemical analysis of some popular fruit jucies you might be shocked to find nitric acid in them, or some breads you might be as shocked when you find silicon oils (used as a baking vessel release agent).
Oh and you might also be surprised to find traces of Hydrogen peroxide on raw meat. It is used in a very dilute form to spray on fresh meat to stop it drying out but also to keep it the bright blood red colour so the consumer thinks it's fresh...
Have a look down the E numbers list and your eyes might pop at some of the things we put in or on our foods.
Some commentators seem to think that legible bomb making recipes were replaced by legible cupcake recipes. That is not the case.
If you look at the side-by-side comparisons at F-secure, you will see that the PDF is apparently garbled from page 4 ("Hear the World... A collection of quotes from friend and foe"), on to the end of the file. Upon examination it turned out that this "garbling" is actually a PDF representation of the raw contents of another PDF file. That is, it is as if you did:
1. Open ellenbca.pdf in a text editor.
2. Print it as a PDF, say, tmp.pdf
pdftk A=Inspire.pdf B=tmp.pdf cat A1-3 B1-end output Inspire.pdf
Step 2 was done, by the way, on 29 June 2010, nearly a year ago.
This may be reversible, BTW. Select all text contents from page 4 to the end, inclusive, and export as text. Rename to something.pdf. You should have rebuilt ellenbca.pdf, modulo a few missing \r here and there.
To the average non-technical user, it appears as if the file has been corrupted. Only on technical examination do you identify the association with DeGeneres's cupcake recipes.
I am at a bit of a loss to see why anyone would do this deliberately. In fact I'm going to lay at least 20% odds that it was caused by PDF "printer" driver corruption on a PC belonging to an an AQ officer who just happens to like cup cakes.
"If one assumes that the goal was keeping bomb-making instrucions out of The Bad Guys' hands, then, yeah, it makes no sense. So that's not what it's about."
Good point. I didn't claim that was their goal, so that's irrelevant. I claimed it was a wasted subversion. Their stated goal is to stop these groups. They had an opportunity to cause real damage. Instead, they screwed around for press or fun. Either way, a waste.
@Nick P: I appreciate that Clive didn't say unreduced. What he did say is that there was something used in cake decorating that was both an oxygen rich molecule and which could be used as a substitute for hydrogen peroxide. In the context of making explosives this means that it's something that can be used as a powerful oxidising agent, which implies that the oxidising capabilities of the oxygen have not yet been fully utilised.
Even N2O, commonly used in whipped cream dispensers, is a poor substitute for H2O2, since it's a gas at room temperature and is only easy to get in 8 gram charges.
"... hack together "labs" that would scare any self-respecting meth addict..."
Reminded of a page to "first responders",
That indicated that a meth lab operator suffering from long term work related sickness becomes paranoid and their thoughts may turn to "protecting themselves" against rivals and cops. It goes on to indicate that many of the chemicals you find in a meth lab are also used in making certain explosives, that you most certainly would not want to brush up against...
I had a lot of friends who used to play a lot with the Cookbook was one of the big downloads on bbs' back in the day. Most still have all of their fingers/toes so not sure how far they took all of the material.
I appreciate your redaction and clarification. Not knowing cake decorating, I can't say anymore at this point. I try not to talk out of my ass. Usually. ;)
I like this hack, its entertaining and a bit humiliating.
One side point - if they did change the recipe to make it unstable / blow up early etc., what happens when an innocent bystander or neighbour is injured or killed in the explosion?
I think what they did was a good idea. (Biased to UK intelligence agencies out of national pride :-) )
"Their stated goal is to stop these groups. They had an opportunity to cause real damage."
Yeah, and they did, by making them look bad. Any "real damage" would have been to individuals, not the group. The publication is a recruiting tool and PR, not what any serious group would be using amongst themselves.
"One side point - if they did change the recipe to make it unstable / blow up early etc., what happens when an innocent bystander or neighbour is injured or killed in the explosion?"
I doubt that was a factor. Officials care so little about killing innocent people during ops that they don't even call them casualties: they say "collateral damage." Doesn't even sound like people were involved. Around 200,000-1,000,000 in collateral damage in Iraq, depending on who you ask. And you think they care about 1-20 people dying to stop some bomb makers from killing dozens to thousands?
1) This "hack" didn't stop anything. It just corrupted some files. If anything, it was the hack, not the corrupted files, that mattered.
2) And that was stupid - revealing that they could hack the site instead of just hacking it to surveil it and get intelligence from it.
Corrupting some bomb making manuals just delays the bomb maker, it doesn't stop them. The ONLY way to stop them is find them and arrest or kill them.
This whole incident is stupid beyond belief. It's some CIA moron's notion of a prank, apparently.
These idiots are responsible for this country's security? No wonder my meme is true...
A coulpe of threads back made a good point(al quada doesn't trust moden encryption).
This hack could be to try and spreed that around some more..."you use tecnology we will find you.."
Why did mi6 amite that they did it?
Using titanium dioxide as a oxidise would be good, it has the abilty to oxidizse but it is low down the table would minmize the amount of redox reaction with catilyse at low tempture, but without would need atleast 3000C to start oxidiseing, and drain alot of power out of the exploisve for little benifet
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.