Feeds

Letter bombs: an expert writes

Reg UXB man delivers the facts

3 Big data security analytics techniques

People and groups of this kind very seldom have access to proper manufactured explosives, which is another comforting factor when dealing with postals. A victim can still be badly hurt (blindings and severe burns aren't uncommon: letter-bombers are still violent criminals) but it does mean that protective gear can be very effective.

Pleasingly, it also means that a bomb-disposal operator may be able to get permission for a manual render-safe procedure: that is, he may be allowed to cut into the package and actually snip a wire in true movie-hero style, rather than going for the safer, more prosaic remote disruptor shot. This will permit him to become an insufferably smug bore in bomb-disposal bars for the rest of his life.

For all these reasons, most bomb-disposal ops pretty much live for the day when they may encounter a live postal device. The rest of us normally have a rather different viewpoint, but on the whole there's no great need to worry about letter bombs – even if your job does involve opening mail for someone unpopular.

Nearly every postal has a visible giveaway of some kind (the MI5 guidance is perfectly OK, though in classic British government style the relevant webpage seems to be down right now. However, a pdf booklet with a section on postals is still available).

If you've got the least doubt, don't open it, it's as simple as that. Very few things that come by post are so critical they can't wait for a bit. An X-ray will soon let you know if there's a problem. If your organisation is too stingy to spring for an X-ray scanner, don't fret: just put the suspect package to one side, call the cops and carry on working. Someone will eventually come round and X-ray your suspect pile for you, though you'll probably have to wait a while in the UK just at the moment.

The only cases where you might not want to be in the room with a dodgy package is if it was brought by a courier service with guaranteed delivery timings, or dropped off by hand, or if you've opened it. In that case, get everyone well away from it and keep them away, and call the cops – making clear that the thing isn't an unopened postal. You should get quicker service that way.

A lot of people feel a mysterious urge to put suspect items in buckets of water; don't do that, it doesn't help. If the courier guys arrive well ahead of their guaranteed deadline, you can make a judgement call whether you want to put the delivery somewhere more convenient before you cordon it off. There might be a place nearby where a smallish explosion wouldn't be that big a deal.

In the end, though, you've got to keep these things in perspective. Even if you're a mail-opener by trade, should you die today, chances are it'll be a traffic accident or a heart attack that gets you, not a letter-bomb. You'd probably improve your life expectancy more drinking red wine than you would swotting up on the MI5 advice, and it'd be a lot more fun too. ®

Lewis Page spent several years as a military bomb-disposal operator tasked in support of the UK police. He attended more than 200 incidents, a number of which involved actual explosives – though sadly, never a postal. Other highlights of his service included commando training with the Royal Marines, and the opportunity to render safe bona-fide "weapons of mass destruction". Disappointingly, these WMDs were discovered in Wales rather than any sunnier clime. On leaving the service he wrote a book, Lions, Donkeys and Dinosaurs: Waste and Blundering in the British Armed Forces, which was so successful that it is now almost impossible to obtain, though a paperback is forthcoming. Page can be found on the web at www.lewispage.co.uk.

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.