Entries Tagged "bombs"

Page 18 of 22

On the Implausibility of the Explosives Plot

Really interesting analysis of the chemistry involved in the alleged UK terrorist plot:

Based on the claims in the media, it sounds like the idea was to mix H2O2 (hydrogen peroxide, but not the low test kind you get at the pharmacy), H2SO4 (sulfuric acid, of necessity very concentrated for it to work at all), and acetone (known to people worldwide as nail polish remover), to make acetone peroxides. You first have to mix the H2O2 and H2SO4 to get a powerful oxidizer, and then you use it on acetone to get the peroxides, which are indeed explosive.

A mix of H2O2 and H2SO4, commonly called “piranha bath”, is used in orgo labs around the world for cleaning the last traces out of organic material out of glassware when you need it *really* clean—thus, many people who work around organic labs are familiar with it. When you mix it, it heats like mad, which is a common thing when you mix concentrated sulfuric acid with anything. It is very easy to end up with a spattering mess. You don’t want to be around the stuff in general. Here, have a look at a typical warning list from a lab about the stuff:

http://www.mne.umd.edu/LAMP/Sop/Piranha_SOP.htm

Now you may protest “but terrorists who are willing to commit suicide aren’t going to be deterred by being injured while mixing their precursor chemicals!”—but of course, determination isn’t the issue here, getting the thing done well enough to make the plane go boom is the issue. There is also the small matter of explaining to the guy next to you what you’re doing, or doing it in a tiny airplane bathroom while the plane jitters about.

Now, they could of course mix up their oxidizer in advance, but then finding a container to keep the stuff in that isn’t going to melt is a bit of an issue. The stuff reacts violently with *everything*. You’re not going to keep piranha bath in a shampoo bottle—not unless the shampoo bottle was engineered by James Bond’s Q. Glass would be most appropriate, assuming that you could find a way to seal it that wouldn’t be eaten.

Read the whole thing.

EDITED TO ADD (8/16): More speculation.

EDITED TO ADD (8/17): Even more speculation.

Posted on August 16, 2006 at 7:32 AMView Comments

New Airline Security Rules

The foiled UK terrorist plot has wreaked havoc with air travel in the country:

All short-haul inbound flights to Heathrow airport have been cancelled. Some flights in and out of Gatwick have been suspended.

Security has been increased at Channel ports and the Eurotunnel terminal.

German carrier Lufthansa has cancelled flights to Heathrow and the Spanish airline Iberia has stopped UK flights.

British Airways has announced it has cancelled all its short-haul flights to and from Heathrow for the rest of Thursday.

The airline added that it was also cancelling some domestic and short haul services in and out of Gatwick airport during the remainder of the day.

In addition, pretty much no carry-ons are allowed:

These measures will prevent passengers from carrying hand luggage into the cabin of an aircraft with the following exceptions (which must be placed in a plastic bag):

  • Pocket size wallets and pocket size purses plus contents (for example money, credit cards, identity cards etc (not handbags);
  • Travel documents essential for the journey (for example passports and travel tickets);
  • Prescription medicines and medical items sufficient and essential for the flight (e.g. diabetic kit), except in liquid form unless verified as authentic;
  • Spectacles and sunglasses, without cases;
  • Contact lens holders, without bottles of solution;
  • For those traveling with an infant: baby food, milk (the contents of each bottle must be tasted by the accompanying passenger);
  • Sanitary items sufficient and essential for the flight (nappies, wipes, creams and nappy disposal bags);
  • Female sanitary items sufficient and essential for the flight, if unboxed (e.g. tampons, pads, towels and wipes) tissues (unboxed) and/or handkerchiefs;
  • Keys (but no electrical key fobs)

Across the Atlantic, the TSA has announced new security rules:

Passengers are not allowed to have gels or liquids of any kind at screening points or in the cabin of any airplane.

They said this includes beverages, food, suntan lotion, creams toothpaste, hair gel, or similar items. Those items must be packed into checked luggage. Beverages bought on the secure side of the checkpoint must be disposed of before boarding the plane.

There are several exceptions to the new rule. Baby formula, breast milk, or juice for small children, prescription medications where the name matched the name of a ticked passenger, as well as insulin and other essential health items may be brought onboard the plane.

See the TSA rules for more detail.

Given how little we know of the extent of the plot, these don’t seem like ridiculous short-term measures. I’m sure glad I’m not flying anywhere this week.

EDITED TO ADD (8/10): Interesting analysis by Eric Rescorla.

Posted on August 10, 2006 at 7:40 AMView Comments

A Minor Security Lesson from Mumbai Terrorist Bombings

Two quotes:

Authorities had also severely limited the cellular network for fear it could be used to trigger more attacks.

And:

Some of the injured were seen frantically dialing their cell phones. The mobile phone network collapsed adding to the sense of panic.

(Note: The story was changed online, and the second quote was deleted.)

Cell phones are useful to terrorists, but they’re more useful to the rest of us.

Posted on July 13, 2006 at 1:20 PMView Comments

UK Report on July 7th Terrorist Bombings

About the Intelligence and Security Committee:

Parliamentary oversight of SIS, GCHQ and the Security Service is provided by the Intelligence and Security Committee (ISC), established by the Intelligence Services Act 1994. The Committee examines the expenditure, administration and policy of the three Agencies. It operates within the ‘ring of secrecy’ and has wide access to the range of Agency activities and to highly classified information. Its cross­party membership of nine from both Houses is appointed by the Prime Minister after consultation with the Leader of the Opposition. The Committee is required to report annually to the Prime Minister on its work. These reports, after any deletions of sensitive material, are placed before Parliament by the Prime Minister. The Committee also provides ad hoc reports to the Prime Minister from time to time. The Chairman of the Intelligence and Security Committee is the Right Honourable Paul Murphy. The Committee is supported by a Clerk and secretariat in the Cabinet Office and can employ an investigator to pursue specific matters in greater detail.

They have released the “Intelligence and Security Committee Report into the London Terrorist Attacks on 7 July 2005,” and the UK government has issued a response.

Posted on May 31, 2006 at 11:19 AMView Comments

A Real Movie-Plot Threat

Arson Squad Blows Up News Rack, Tom Cruise Movie to Blame

A newspaper promotion for Tom Cruise’s “Mission: Impossible III” movie was off to an explosive start when a California arson squad blew up a news rack, thinking it contained a bomb.

The confusion: the Los Angeles Times rack was fitted with a digital musical device designed to play the Mission: Impossible theme song when the door was opened. But in some cases, the red plastic boxes with protruding wires were jarred loose and dropped onto the stack of newspapers inside, alarming customers.

You just can’t make this stuff up.

Posted on May 2, 2006 at 1:41 PMView Comments

Document Verification

According to The New York Times:

Undercover Congressional investigators successfully smuggled into the United States enough radioactive material to make two dirty bombs, even after it set off alarms on radiation detectors installed at border checkpoints, a new report says.

The reason is interesting:

The alarms went off in both locations, and the investigators were pulled aside for questioning. In both cases, they showed the agents from the Customs and Border Protection agency forged import licenses from the Nuclear Regulatory Commission, based on an image of the real document they found on the Internet.

The problem, the report says, is that the border agents have no routine way to confirm the validity of import licenses.

I’ve written about this problem before, and it’s one I think will get worse in the future. Verification systems are often the weakest link of authentication. Improving authentication tokens won’t improve security unless the verification systems improve as well.

Posted on April 5, 2006 at 8:43 AMView Comments

Cubicle Farms are a Terrorism Risk

The British security service MI5 is warning business leaders that their offices are probably badly designed against terrorist bombs. The common modern office consists of large rooms without internal walls, which puts employees at greater risk in the event of terrorist bombs.

From The Scotsman:

The trend towards open-plan offices without internal walls could put employees at increased risk in the event of a terrorist bomb, MI5 has warned business leaders. The advice comes as the Security Service steps up its advice to companies on how to prepare for an attack. MI5 has produced a 40-page leaflet, “Protecting Against Terrorism”, which will be distributed to large businesses and public-sector bodies across Britain. Among the guidance in the pamphlet is that bosses should consider the security implications of getting rid of internal walls.

Open-plan offices are increasingly popular as businesses seek to improve communication and cooperation between employees. But MI5 points out that there are potential risks, too. “If you are converting your building to open-plan accommodation, remember that the removal of internal walls reduces protection against blast and fragments,” the leaflet says.

All businesses should make contingency plans for keeping staff safe in the event of a bomb attack, the Security Service advises. Instead of automatically evacuating staff, companies are recommended to gather workers in a designated “protected space” until the location of the bomb can be confirmed. “Since glass and other fragments may kill or maim at a considerable distance from the centre of a large explosion, moving staff into protected spaces is often safer than evacuating them on to the streets,” the leaflet cautions. Interior rooms with reinforced concrete or masonry walls often make suitable protected spaces, as they tend to remain intact in the event of an explosion outside the building, employers are told. But open-plan offices often lack such places, and can have other effects on emergency planning: “If corridors no longer exist then you may also lose your evacuation routes, assembly or protected spaces, while the new layout will probably affect your bomb threat contingency procedures.” Companies converting to open-plan are told to ensure that there is no significant reduction in staff protection, “for instance by improving glazing protection.”

Posted on March 31, 2006 at 5:14 AMView Comments

80 Cameras for 2,400 People

This story is about the remote town of Dillingham, Alaska, which is probably the most watched town in the country. There are 80 surveillance cameras for the 2,400 people, which translates to one camera for every 30 people.

The cameras were bought, I assume, because the town couldn’t think of anything else to do with the $202,000 Homeland Security grant they received. (One of the problems of giving this money out based on political agenda, rather than by where the actual threats are.)

But they got the money, and they spent it. And now they have to justify the expense. Here’s the movie-plot threat the Dillingham Police Chief uses to explain why the expense was worthwhile:

“Russia is about 800 miles that way,” he says, arm extending right.

“Seattle is about 1,200 miles back that way.” He points behind him.

“So if I have the math right, we’re closer to Russia than we are to Seattle.”

Now imagine, he says: What if the bad guys, whoever they are, manage to obtain a nuclear device in Russia, where some weapons are believed to be poorly guarded. They put the device in a container and then hire organized criminals, “maybe Mafiosi,” to arrange a tramp steamer to pick it up. The steamer drops off the container at the Dillingham harbor, complete with forged paperwork to ship it to Seattle. The container is picked up by a barge.

“Ten days later,” the chief says, “the barge pulls into the Port of Seattle.”

Thompson pauses for effect.

“Phoooom,” he says, his hands blooming like a flower.

The first problem with the movie plot is that it’s just plain silly. But the second problem, which you might have to look back to notice, is that those 80 cameras will do nothing to stop his imagined attack.

We are all security consumers. We spend money, and we expect security in return. This expenditure was a waste of money, and as a U.S. taxpayer, I am pissed that I’m getting such a lousy deal.

Posted on March 29, 2006 at 1:13 PMView Comments

Al Qaeda Hacker Captured

Irhabi 007 has been captured.

For almost two years, intelligence services around the world tried to uncover the identity of an Internet hacker who had become a key conduit for al-Qaeda. The savvy, English-speaking, presumably young webmaster taunted his pursuers, calling himself Irhabi—Terrorist—007. He hacked into American university computers, propagandized for the Iraq insurgents led by Abu Musab al-Zarqawi and taught other online jihadists how to wield their computers for the cause.

Assuming the British authorities are to be believed, he definitely was a terrorist:

Suddenly last fall, Irhabi 007 disappeared from the message boards. The postings ended after Scotland Yard arrested a 22-year-old West Londoner, Younis Tsouli, suspected of participating in an alleged bomb plot. In November, British authorities brought a range of charges against him related to that plot. Only later, according to our sources familiar with the British probe, was Tsouli’s other suspected identity revealed. British investigators eventually confirmed to us that they believe he is Irhabi 007.

[…]

Tsouli has been charged with eight offenses including conspiracy to murder, conspiracy to cause an explosion, conspiracy to cause a public nuisance, conspiracy to obtain money by deception and offences relating to the possession of articles for terrorist purposes and fundraising.

Okay. So he was a terrorist. And he used the Internet, both as a communication tool and to break into networks. But this does not make him a cyberterrorist.

Interesting article, though.

Here’s the Slashdot thread on the topic.

Posted on March 28, 2006 at 7:27 AMView Comments

London Rejects Subway Scanners

Rare outbreak of security common sense in London:

London Underground is likely to reject the use of passenger scanners designed to detect weapons or explosives as they are “not practical”, a security chief for the capital’s transport authority said on 14 March 2006.

[…]

“Basically, what we know is that it’s not practical,” he told Government Computing News. “People use the tube for speed and are concerned with journey time. It would just be too time consuming. Secondly, there’s just not enough space to put this kind of equipment in.”

“Finally there’s also the risk that you actually create another target with people queuing up and congregating at the screening points.”

Posted on March 23, 2006 at 1:39 PMView Comments

1 16 17 18 19 20 22

Sidebar photo of Bruce Schneier by Joe MacInnis.