Schneier on Security
A blog covering security and security technology.
« Naval Drones |
| A Foiled Terrorist Plot »
May 8, 2012
Overreacting to Potential Bombs
This is a ridiculous overreaction:
The police bomb squad was called to 2 World Financial Center in lower Manhattan at midday when a security guard reported a package that seemed suspicious. Brookfield Properties, which runs the property, ordered an evacuation as a precaution.
That's the entire building, a 44-story, 2.5-million-square-foot office building. And why?
The bomb squad determined the package was a fake explosive that looked like a 1940s-style pineapple grenade. It was mounted on a plaque that said "Complaint department: Take a number," with a number attached to the pin.
It was addressed to someone at one of the financial institutions housed there and discovered by someone in the mail room.
If the grenade had been real, it could have destroyed -- what? -- a room. Of course, there's no downside to Brookfield Properties overreacting.
Posted on May 8, 2012 at 7:03 AM
• 67 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
You can even buy those from Amazon: http://www.amazon.com/...
So... to shut down a large office building, all I need to do is order one of those and have it shipped to that building? And I wouldn't even be doing anything illegal...
Maybe they were afraid it was a nuclear prototype. That or they watched one too many action films which exaggerate reality.
The other thing is does no one involved have a since of humor? I've seen those plaques before, I got a big kick out of it at a museum I visited one time.
Last did they even contact the recipient, to determine if they were expecting something unusual?
"Of course, there's no downside to Brookfield Properties overreacting."
They did not anticipate there may be a car bomb waiting in the evacuation gathering point...
If you'd like to lodge a formal complaint, please take your number...
Was the mail room opening the packages or something?
Good to know that the NYPD is keeping America safe from novelties...
Of course, there's no downside to Brookfield Properties overreacting.
Actually for a cycnical person like myself there are a couple of upsides in it for them...
Firstly by over reacting the potential lower their buildings insurance at little or no cost to them (the rent comes in from those renting regardless of what the companies have lost due to down time)...
Secondly they have been gifted on a plate a nice little negotiation point when it comes to renegotiating rent with the company concerned...
Thirdly as has often been pointed out when it comes to advertising there is no bad news just how you sell it. And in this case the building company have had their name plastered all over the news for being a "responsible organisation"...
And I'm ssure a few more "benifits" can be thought up with little difficulty ;-)
@ Jeff Martin,
Was the mail room opening the packages or something?
Many post rooms in the financial districts have had X-Ray equipment since the "White powder" and more generalised "letter bomb" attacks a number of years ago.
Can the tenants ask for there rent to be pro rated for the month? After all they weren't getting access to the building like they were paying for.
@Clive: "there are a couple of upsides"
Right, but the crucial point still is that there are no downsides at all.
If there were, all those upsides would have to be evaluated (i.e., whether they are real or just for cynics like us) and weighted.
As there are no downsides, even the potential that there might be a vague chance for a minimal upside to occur is sufficient to act.
This is one of the lessons we failed to learn from Kaczynski. It's amazingly easy to do denial of service on (some) businesses and delivery systems.
While I do agree that reaction was a bit exaggerated, I don't think there's much that can be done about it.
Imagine you're the mailroom worker. You come across a potentially explosive item. How do you determine how strong the explosion would be, unless you had military experience?
Of course, being a low-level worker you can't decide evacuations willy-nilly. You grab the phone and call head of security, tells them there's a possible explosive in your room. So now imagine you're head of security, you got the warning and you haven't enough info to assess how strong the resulting explosion would be. What would you command if you were in his shoes?
If the package explodes and someone dies your career is over. If the package explodes and there's no one to die in a 15-mile radius because you were really extra-safe, you just become an article at schneier.com . I think I know my pick.
I had one of those in my office in a Federal Building. After the OKC bombing, I decided it was probably prudent to take it home.
In high school I had a teacher who had a claymore mine (inert) pointed at the class. Loved that guy.
They ought to go after the person who called it in. Those novelty "take a number" things have been in nearly every office I've ever worked at. it clearly was not a threat and clearly a novelty item.
The person who called it in as a threat ought to be the one charged with a bomb threat. They were the direct cause of the entire building being evacuated.
Last week's "suspicious package" in Vermont turned out to be one of those musical greeting cards. According to my son the bomb squad robot came out of the building holding the card up in the air. I have no idea if it had been soaked with the water cannon or not.
Sure this was obviously a novelty once it was opened but given that this was found in mail room I am assuming the guard was working an x-ray machine. An x-ray would only show a grenade shaped outline it wouldn't show the plaque or the funny caption. So I think condemning the guard is way over the top.
Also considering the current feelings about the financial industry I would tend to take a suspicious package seriously.
@ No One
In high school I had a teacher who was the reason our district had an explicit policy forbidding making nitroglycerin in class.
He was missing the fingertips on one hand.
He did teach us how to make ammonium nitrate explosives.
So it sounds to me like, Al Qaeda now has a perfectly legal way of shutting down wall street, simply mail people in varies buildings on wall street these novelties as free gifts. The natural response would be, I suppose to move all mail operations to an offsite location in New Jersey.
My favorite is still the suspicious package that required the evacuation of several city blocks and the youtube video of the robot blowing it up.
Firstly the 'package' was only about 4inches high and couldn't have held more than 50g of explosive so the exclusion was probably a bit over the top.
Secondly the suspicious package was a my little pony and the target location was the playground of a kindergarten!
I have to leave now - we have discovered a small suspicious device with a red light underneath and a couple of buttons attached to this computer by a cable - so we are evacuating the city!
I think people are missing the whole point of Bruce's post. The issue is one of proportionality. It doesn't really matter if the "bomb" was live. Imagine the worst possible scenario possible with a package that size. It can't take out a 44 story building. It just can't.
The problem isn't the guard or the security chief. The problem is using a shotgun to kill a gnat. It's the extreme overreaction to the most minor slights that's the problem.
Evacuate the mail room. Evacuate the first five floors of the building. But there is no rational security justification for emptying the whole building.
@Daniel - the rational response is to now stop people entering the building with nail clippers or bottles of water over 2oz
I was recently relieved of the tiniest keyring swiss-army knife when visiting .... the Hoover Dam.
I can see that spotting a Brit they may have been over cautious and probably checked for a squadron of 4 engined Lancaster bombers or bouncing bombs about my person. But it wasn't immediately clear what threat a 1/2inch blade and nail file posed to 10million tons of concrete
I can't help but wonder if one of the aims of such automatic overreaction is to push as much blame as possible to the sender of that joke.
Once that guy has been found, he'll be treated like a criminal. Millions of dollars in "lost income" will be put on his back. He'll be vilified as the terrorist who did his dirty deeds with a fake bomb.
Whether you committed a crime or just made a joke depends a lot on what the other end decides, nowadays.
WAR ON ANYONE THAT JOKES ABOUT OUR POLICE STATE!
I realize it's a bit paranoid, yes. But OTOH DAs do that all the time to force a plea bargain. They're not interested in fairness, truth, etc. Just in getting a conviction on anyone. Same here, no ? If you can pin the blame on someone else, you can overreact all you want and the blame for that overreaction will be put on the poor sod who's just sent a joke.
The WTF isn't that they called in the bomb squad because someone saw a grenade when X-raying a package. This is a normal and prudent reaction.
The real WTF is that they evacuated a 44-story, 2.5-million-square-foot office building because of one grenade. This is overreacting, CYA, doing the terrorists job for them.
@ Para Noid
The decision to evacuate was made by the company that owns the building not by the police.
Having worked in an office tower, I am used to tramping down fifteen flights of stairs every time there is a fire drill.
If I'm willing to do this for the name of safety 'training' (how much extra value - really? I already know where the stairs are, and if I didn't I would just follow all the the people in the office who did) why not for a bomb threat?
If someone pulls a fire alarm in the same building, what happens? A grenade could easily start a fire...
But what if it had been a "Dirty" grenade?
@onthewaterfront: Novelty grenade with anatomically correct features?
Who can know what other information the security people had received about current threats? It is 25 years today since some sort of information lead to the very successful operation at Loughgall - it is so important that security information is used effectively if it is to be worth gathering. Sometimes there will be red herrings, but the price is worth paying.
"Of course, there's no downside to Brookfield Properties overreacting."
Well, except for getting chastised by Bruce Schneier. :)
"Of course, there's no downside to Brookfield Properties overreacting."
Maybe no obvious downside that affects Brookfield Properties directly, but it seems to me that the paranoia their overreaction incites in viewers of the local news is a pretty big downside.
I love it when the news reports that such-and-such place was shut down so the bomb squad could investigate a suspicious-looking object that turned out to be nothing. People freak, "Goodness, what a scary world we live in!", but I'm wondering, "If it was nothing, why are you scared?"
"What if it was a bomb?"
"But it wasn't."
"But what if it was?"
"But it wasn't."
"But it could have been."
"But we know now that it wasn't!"
"Well anyway, I hope they catch the person responsible."
"For what? It was just a harmless misplaced object and we overreacted. No crime was committed."
"Uh-huh, it looked suspicious. It could have been a bomb."
"But it wasn't!"
Imagine this was at an airport, would the airport be closed for such, of course not, however enough people would be removed as per danger to surrounding infrastructure and of course as priority number one the danger to life. Even though it could and probably one day will be a real grenade if we disrespect the danger and underestimate the enemy. Firstly, there is no way someone can make a judgment call on a threat other than a trained person onsite to make the judgement call. This is something that should have been in place and a process to ensure that the correct procedures are followed. All very basic and straightforward, surprised actually that the facility manager did not have this in place. All so easy in hindsight, but that is where I would concentrate rather than blame some poor untrained worker for his her ignorance.
One of my co-workers has a mug meeting the description of this suspicious item. We evacuate the building 4-5 times a day whenever someone notices it on her window sill.
@bcs Can the tenants ask for there rent to be pro rated for the month? After all they weren't getting access to the building like they were paying for.
I like this. Remove the externality. If the building management decides to evacuate the building, and it turns out the "bomb" was actually a joke novelty item, then management should rebate one day's rent to every tenant.
If the University of Pittsburgh decides to evacuate a building because they received a bomb threat email, and it turns out there was no bomb, then they should refund one day's tuition (about $180) to every student.
It's interesting that Pitt was willing to disrupt classes for bomb threats, but when final exams rolled around -- and the impact of disruptions became much higher -- they suddenly decided they didn't have to evacuate after all.
I want so badly to agree that this is an over-reaction... BUT...
step out of your Monday morning quarterback, omnicient viewpoint for one minute...
You are the mail clerk watching the X-Ray monitor when you see what is obviously a grenade. There is no way for you to know that it is a novelty. You don't have the luxury of knowing all the facts. All you know is that you see a grenade in a mail package and since the mail system has never been used for terrorist or activist attacks then why should you report it! Of course you report it! You're a basement mail clerk, not a bomb disposal technician, not a chief of secuirty, not a building owner responsible for the lives of everyone inside. Your job is to report it! Everyone's job is to report anything suspicious to the proper authorities. I would rather be inconvienienced by 1000 false alarms than murdered by one unreported suspicious package.
And for those of you out there who are grenade experts... what if it had been modifed and rather than just explosive it contained a canister of sarin gas that disperses into the HVAC system and spreads to the entire building killing every occupant before anyone even knows what happened.
Call it an over-reaction, but if I'm just a mail clerk... I'm reporting it every time!
I've had that exact conversation before. There's just no reasoning with some people!
So now that we *know* grenade shaped items attached to complaint-dept plaques are "just novelties" ... How long before someone sends he real thing?
Aren't these the same folks who own Zuccotti Park, you know, the one that got so publicly Occupied?
They might be a little higher on the radar than some other companies.
Maybe they were overdue for an evacuation drill and this was a good time for a drill that could be charged off to a Real Live Incident (TM). Stranger things have happened.
"... they evacuated a 44-story, 2.5-million-square-foot office building because of one grenade ..."
Why am I remembering Idi Amin's 'nuclear hand grenades' claim?
This nicely illustrates the difference between risk mitigation and blame mitigation.
> And for those of you out there who are grenade experts... what if it had been modifed and rather than just explosive it contained a canister of sarin gas that disperses into the HVAC system and spreads to the entire building killing every occupant before anyone even knows what happened.
1) There's a big difference between treating it like a grenade (or any other explosive of around that size) and treating it like a threat to the entire building.
2) There's a big difference between the guy watching the X-Ray raising a flag (which probably *should* have happened in this case) and some higher-up calling for an evacuation of the building. Whoever is making the decision whether or not to evacuate a building should know about explosives.
3) If someone was going to release sarin gas into the HVAC system, why would they make it look like a grenade?
4) If venting gas in the mail room will flood the entire building with it, that's probably something that should be dealt with itself.
The employee receiving the item was from Nomura. Tediously we (Nomura employees) are now banned from receiving personal items in the mail at work, which is quite an inconvenience ("24" DVD box set doesn't fit through my letter box...)
Amusingly, the vast majority of the evacuees would have had to move /closer/ to this latest existential threat to life in the US during the evacuation.
Does that sound like a rational response? "We don't know what this is, but we want you all to go closer to it."
(and also; +1 to those pointing out that reacting to the thing was fine, but overreacting was definately not ok.)
It pretty much sums up the prevalent approach to security in the US today: overreaction to the point that skilled terrorists are no longer needed to bring down the nation with stupidity and paranoia doing their work for them.
@NobodySpecial: "I was recently relieved of the tiniest keyring swiss-army knife when visiting .... the Hoover Dam."
It's a 2000 megawatt power generator. No doubt the threat scenario involved hijacking the dam and turning off the power. Or sabotaging the turbines. Or taking over control, flying the dam west and dropping Lake Mead on Los Angeles.
I regard any area where I can't bring my swiss-army knife as dubious: either the place needs some kind of security but good sense isn't being applied, or they have a valid reasons for taking pen-knives, and the reason isn't obvious or explained. Either way, the place is best avoided.
@Bruce: "Of course, there's no downside to Brookfield Properties overreacting."
And if I ran a business in a building whose property management was run by Tweak from South Park, I'd plan on moving. It wouldn't take many unplanned evacuations to exceed the cost of a planned move.
@dave "what if it had been modifed and rather than just explosive it contained a canister of sarin gas"
What if a coffee cup had similarly been modified? Do we evacuate the building if somebody has a coffee cup?
I'm going to be the noodge.
You become aware of an item that suggests
your location is under smuggled explosives attack.
Do you make the call to evacuate the Target,
and call for a general explosives search?
In our location we have about a thousand lockers,
about half no longer in use,
all locked with built in, user resettable combination locks,
and in two repurposed lab rooms about 500 locked cubbies,
from an outdated program,
each with its own individual key.
Cubbies are no longer used, keys are no longer indexed, some are lost.
In a bomb scare, every one of them would have to be opened,
before an All Clear could be legally declared.
What would you do to fix the problem cheaply?
In the months and years following 911, I would occasionally hear on the cable news channels things like: "The NYC police department is responding to a suspicious package outside of an office building -- the streets and nearby buildings have been evacuated. We will bring you more when we get it."
Of course a few minutes later, after the bomb squad had been deployed, we would hear "False alarm, it was a backpack full of clothes." And the story would die. I remember hearing this type of thing live several times and I don't even watch cable news that often. I am sure this type of thing still happens a lot in other cities (NYC just got all the attention). The story Bruce mentioned here is but one more example.
It got me to thinking that due to the hysteria 911 brought, that a terrorist group could use this to its advantage. They could go around and plant suspicious suitcases conspicuously around large buildings and in other important locations. This would really cost the city or jurisdiction a *lot* of time and money. It would essentially be a DDOS attack at the physical "real world" level. And the great thing from the terrorist's perspective? It takes very little resources to pull off and one would have very little risk of ever being caught. In fact, I am not even sure much could be done to them even if they were caught. I am not a lawyer, but afaik it is not a crime to drop a backpack on the ground (though a conspiracy to do so for malicious intent could probably be prosecuted).
My point is, all of this hysteria and increased police action can have, shall we say, unintended consequences. In a sense, by introducing all this extra security, they have opened up new security holes that are even more easily exploitable than the things they are protecting against. What if during one of these false alarms people are crushed and killed by the stampeding crowd? Even though there was no bomb, the mere fear of a bomb caused deaths.
Taking this into account, it is not really a stretch to say that the terrorists have already won. Emmanuel Goldstein didn't have to bomb anyone -- his mere (perceived) existence allowed him to exert his psychological influence. Bin Laden was compared directly to Goldstein (correctly I think). Any time we have a "name" attached to a threat, we grossly exaggerate that threat.
We now have the DHS telling us to "speak up" if we see some guy paying for his coffee in cash (no I am not kidding, DHS has said paying in cash should be reported, especially if the person looks nervous or has burns on his fingers -- whatever that means). Also, if you buy fertilizer, watch out. This is supposed to be reported to DHS as well, especially if cash is paid for it. (Yes, I know about nitrate fertilizer bombs a la Tim McVeigh).
We have turned into a country of paranoid snitches. People snitch on "suspicious" activity that is probably in 99.99% of cases completely innocent. And the more snitching people do, the more the "cry wolf" phenomenon comes into play. Eventually people will get sick and tired of evacuating their office buildings due to all of the backpacks left on street corners and they will simply begin to ignore it. Then one day one of the real threats falls through the cracks and an attack will be successfully executed. After that, the cycle starts all over again: people once again become paranoid snitches. It reminds me in some ways of that Twilight Zone episode "The Monsters are Due On Maple Street." It's a classic episode that illustrates beautifully how fearful people are more of a threat to their neighbors than some existential scary threat can ever be (in this case it was an alien invasion).
David Brooks gave an interesting talk about this phenomenon at RSA. He presented studies by both economists and psychologists that suggests that the less trusting people are of their neighbors, the less successful the population is economically. He gave Italy as one such example. In Italy, people are very distrusting of people not blood related to them, so even though their business may have lots of room for growth, they never hire "outside the family" which results in unnecessary stagnation of the business. He also mentioned Soviet Russia as another example: in Russia people were terrified that their neighbors might be KGB agents which was bad for business. I highly recommend you watch his talk on YouTube.
What's the solution? Stop being paranoid and stop living your life in fear. Your chances of being killed by a terrorist are next to nil. Even if DHS and TSA were both eliminated today, your chances of being killed by a terrorist are less than being struck by lightning. That's not to say if you see a man walking around outside an airport with a bomb strapped to his chest that you shouldn't report it, but some of this stuff DHS is suggesting is just ridiculous and does much more harm than good.
Of course, it's true that just because you're paranoid doesn't mean they're not after you. But, in reality, they probably aren't.
In a loosely related story, it seems that the latest "undetectable underwear bomber" was a CIA/Saudi double agent who turned over his exploding undies to the American authorities voluntarily.
One wonders, given the purported trove of information uncovered in this plot, why the authorities decided to make such a big splash, rather than keeping it under their hats and developing the information further.
Oh, yeah. . . there's an election coming up.
Apparently President Obama has learned well from his predecessor.
"In a bomb scare, every one of them would have to be opened,
before an All Clear could be legally declared.
What would you do to fix the problem cheaply?"
Declare 'Locker Day' and tell everyone to bring their key or combination. All unopened lockers will be cut open. Anyone who wants to retain the use of a locker identifies themselves and the key number. Combination lockers are removed.
Costs a bit of organisation, an angle grinder and a trolley to cart the unused lockers away.
@Peter E Retep, Fried Ape: And auction the excess lockers on eBay.
If I find /one/ explosive in my mail room I tell my supervisor. He evacuates the mail room and tells building security. Who tells building head of security. Who looks at the X-ray and sees one Mk. 2 grenade replica. He then tells the police that what looks like a Mk. 2 pineapple grenade was found in the mail room, gives them the information on the package (shipping addresses, tracking numbers) and asks what should be done. The police should call the bomb squad who should realize that if you were to take a Mk. 2, fill it with pure RDX and detonated it it'd only destroy, at best, the first three or so floors of the building and advises a three-floor evacuation and an alert to the rest of the building so that they can make their own choices.
The bomb squad then puts the package in a bomb containment unit until the package owner is contacted. If he can't be contacted in some reasonable amount of time they bring it to the bomb range and practice blowing up suspicious packages.
There isn't much you could put in a Mk. 2 pineapple grenade that could harm a modern building. And whatever you could would be better served in something more innocuous like a thermos or free balloons for the kiddies.
I think property managers go through the thought process of possible bomb, should I evacuate, is there liability, I need to evacuate.
Erring on the side of caution is a good practice regardless of the motivation. Even though the grenade was intended as a joke, it's easy camouflage for the real thing. Highly unlikely but certainly not outside the realm of possibility.
LPT Security Consulting
"Erring on the side of caution is a good practice"
No it isn't.
They should evacuate the building in case the grenade is a disguised grenade, so they should also evacuate the building in case that coffee cup is also disguised grenade, or that cycle messenger has a bomb in his helmet ?
The stupid factor here wasn't that there was a suspicius package. We watch for suspicous packages, there is a list in every 'sensitive' building mailroom for what to look for. This was a silly reaction because of something that looked like a bomb.
It's like airports banning passengers for pictures of guns on t-shirts or people being reported for having spy-vs-spy cartoons from old Mad magazines on their wall.
Well, there isn't a downside until someone has a heart attack and dies because of the strain of walking down from the 44th floor in a crowded staircase. At that point, I rather expect that the risk assessment done by the building owners will be modified a bit.
> At that point, I rather expect that the risk assessment done by the building owners will be modified a bit.
Blame assessment. They've never been performing risk assessments, or they wouldn't do this. They were performing blame assessments: how much will I get blamed for this if something goes wrong?
But yes, that might just change things a little.
ok, blame Iran for the hoax and send bombers over. Or was it north korea?
"And for those of you out there who are grenade experts... what if it had been modifed and rather than just explosive it contained a canister of sarin gas that disperses into the HVAC system and spreads to the entire building killing every occupant before anyone even knows what happened."
@caj That applies to plastic bags, parcels, mugs, monitors, crates, keyboards and any other object. Following your logic to its conclusion, every object would be worth a panic.
While many commenters are correct to say that this was an over-reaction, you miss the mark in saying that this is a specific feature of the current US approach to security.
On the contrary, this is very much a part of the OH&S malaise that is now rapidly infecting all aspects of the Western business and government world. OH&S is an entirely reasonable idea, but it has been elevated to such a sacred status that in many businesses there is now absolutely no place left for proportionality. To even suggest that you are going a bit over the top on a "safety" initiative is such a heresy it may literally result in a disciplinary counselling session.
To illustrate how crazy it can be, let me give an example that actually happened to me recently. One of our rooms had been refurbished, and after a long delay while all the safety and environmental paperwork was checked off, we finally got the go-ahead to re-occupy it. So we immediately wheeled some chairs across the corridor -- and got chewed out for not first completing a two page Task Risk Analysis form. Someone pointed out that we already move these chairs back and forward twice a week for the team meeting, and don't do a TRA for that ... Ah, but it seems that the meeting is not a specific "thing", therefore not a task, no TRA required; re-occupying a room is a task, TRA required. Driving across town to our other office: not a task, perfectly safe without a TRA. Moving a wheeled chair 10 feet: is a task, hence dangerous unless duly completed form is approved by supervisor. Geddit?
So in this Brookfield incident, there would have been no-one below the rank of bomb squad scene commander with the authority to say "we only need to evacuate 1 floor." Not no-one with the experience, knowledge or wherewithal; no one *permitted* to make such a decision about human safety without multiple pages of form filling and several levels of review.
This colossal inertia is not just affecting the US, and not just business, either. Just try reporting a damaged swing in the local park, and watch the city dither and hand-wring about the risk of bruised infant coccyges, until they decide the safest thing is to just close down the playground ...
@Trogdor: "So now that we *know* grenade shaped items attached to complaint-dept plaques are "just novelties" ... How long before someone sends he real thing?"
Sorry to be glib, but ... so, someone sends a real grenade. How about we just don't pull the pin?
True story: when my grandmother moved out of the apartment she'd been living in for 30 years, in the back of a drawer she found a grenade that my grandfather had brought back from WWII as a souvenir. It was defused, of course, but she didn't know anything about the grenade, including that it was there at all, and my grandfather had died years before so couldn't provide any reassurances. Not sure if the bomb squad was called, but I know the police were, and I know at least a chunk of the building was evacuated.
@Quirkz: The trick is to place live grenades in the place of the dummies in the customer number novelties and attach the "1" tag to the pin. That way when some joker pulls the pin to be funny he blows up the room.
Of course the pins require such force to pull them that most people would give up or pull down the novelty stand before getting the pin out.
On a vaguely related tangent, we weren't evacuated but I was over an hour late home yesterday due to a mile or so of my route home being closed due to a bomb threat just round the corner from my workplace. I believe some closer buildings may have been evacuated.
A slightly more balanced risk assessment though, in my view: some apparently rather large, and obviously unexploded, WWII ordnance unearthed during building work. So there was actually explosive there, even though the possibility of an explosion probably remained negligible to low.
>And for those of you out there who are grenade experts... what if it had been modifed and rather than just explosive it contained a canister of sarin gas that disperses into the HVAC system and spreads to the entire building killing every occupant before anyone even knows what happened.
Congratulations, you just bought into the FUD. Sarin is not some sort of magic death pixie dust. Like any other toxin it has a minimum concentration needed to cause debilitating effects.
The worst non-military sarin gas attacks in history occured when Aum Shinrikyo attacked the Tokyo subway. Those attacks occured in essentially perfect conditions, using over six litres of sarin in an enclosed, highly confined space packed full of people. The final death toll was twelve people, with about a thousand affected by the toxin to some extent or another.
Ignoring historical data for a moment however, let's jump right in to Math and Science Fun Time with Mr. Some Dude!
A Mills Bomb has approximately 125 mL of capacity. (Rough approximation, assuming a capacity equal to a sphere of equal diameter.)
The lethal concentration 50% (vapor concentration at which half of the exposed victims will die) of sarin is 70mg/m^3 for a ~10 minute exposure.
At 1g/cm^3 density, this means your hypothetical lethal joke grenade is carrying 125g of sarin, or enough sarin to contaminate 1785 m^3 of air to the LCt50. Assuming 2m ceilings and no wasted vapor, this means it will (reasonably lethally) contaminate a 30m x 30m room, or some 900m^2 of building space. (A bit less, but I'm rounding up in order to draw the worst case scenario.)
If we set the standards lower, and use the data for severe incapacitation, instead of lethality, the MSDS for sarin indicates ICt50 for sarin at 35g/m^3 for a 10 minute exposure. At this concentration, your joke grenade contaminates 3570 m^3 of volume, or roughly 1785 m^2, which equates to a 42m x 42m room.
Considering the building in question is 232,000 m^2, you're looking at the contamination of less than 1% of the total volume of the building either way.
In summary: Even if it was sarin, they still overreacted by two orders of magnitude.
62 comments and not one person considers the fact that this 44 floor building, with major financial companies as tenants, is left virtually empty for 90 minutes?! An hour and a half, that is.
Apparently, all you need to do to get yourself 90 unsupervised minutes in any major financial company is to send a fake grenade to the mailroom of a Brookfield Properties building.
And to LPT Security Consulting up there: You need to read some books on security. Maybe a CPP certification would be in order? Or at least, take a look at Introduction to Security, 8th Edition. Jeez.
SnallaBolaget : 62 comments and not one person considers the fact that this 44 floor building, with major financial companies as tenants, is left virtually empty for 90 minutes?!
Now you've gone and blow Nick P's "master plan" of how to get rich quick step 5...
How much did that pom bloke Nick Leason who lost his Barings lose for his bank in Singapore, or that French dude for his definitely a lot more than $1Billion each.
And who knows who else, you don't get to hear about it unless it's more than 10% of the banks net worth.
INteresting analysis, but some of your data is quite a ways off.
Your volume for a Mills bomb is about 30% too low, but that doesn't matter too much. However your LCt50 for sarin is an order of magnitude too low. Published sources vary somewhat (after all, it is difficult to actually do the experiment...), but are generally on the order of 70 mg-min/m³.
That's not 70 mg/m³ for ten minutes; that's 70 mg/m³ for 1 minute, or 7 mg/m³ for 10 minutes, or 0.7 for 100 minutes, and so on.
You can't extend the linear relationship indefinitely, for two reasons. Firstly you may eventually hit the point where absorption becomes slower than the time constant for repair. You won't get that with sarin though, because its time constant for repair is several *months*. More importantly, at low concentrations you have to start considering the material that is being removed by ventilation, adsorption onto surfaces, and so on. A well-ventilated modern office might have an air change rate of 3/hr, so after we solve a little differential calculus we see the total exposure (in mg-min/m³) is probably around 20 min x initial concentration.
Thus we would expect 50% lethality if initial concentration was around 3.5 mg/m³. However, from the responders' point of view, we aren't just concerned about 50% lethality; we don't want anyone to die. And the LCtLo is about 10 mg-min/m³, and thus the LCLo in this scenario is about 0.5 mg/m³.
Compared to your estimate, this increases the potentially dangerously contaminated area by around 140 times. The smaller error on the Mills bomb volume brings that up to an even 200 times.
Thus the floor area of the potentially lethal contaminated zone is up to about 178,500 m². Which is pretty close to the total floor area of the building...
So if sarin is so jaw-droppingly lethal -- and it is -- why wasn't the Tokyo subway attack much worse? Quite simply, making sarin turns out to be a lot harder than you might think, and even with the aid of a professional industrial chemist and several million dollars' worth of plant, Aum Shinri Kyo's 6 litres of fluid contained a *lot* less than 6 litres of sarin.
I pop in every year or so just to see what's what - sad to see that you Americans are still frightened of your own shadow. Pity.
You're right, I did screw up on exposure measurements. But I didn't screw up on picking LCt50 instead of LCtLo. caj's comment asked about sarin killing everyone in the building. Not killing or sickening a few people.
Specifically, he asked "And for those of you out there who are grenade experts... what if it had been modifed and rather than just explosive it contained a canister of sarin gas that disperses into the HVAC system and spreads to the entire building killing every occupant before anyone even knows what happened."
I'm not a grenade expert, but I figured I'd take a stab at the calculations anyways. Even with the new info, my point still stands that sarin isn't some sort of magic killer pixie dust of doom. Nasty stuff for sure, but 'oh no a tiny bit will wipe out a quarter-million square meter office building' is hardly true.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.