Feeds

Trouser-bomb clown attacks - how much should we laugh?

Reg investigates case of the undertotally-pants bomber

High performance access to file storage

Comment As the smoke clears following the case of Umar Farouk Abdul Mutallab, the failed Christmas Day "underpants bomber" of Northwest Airlines Flight 253 fame, there are just three simple points for us Westerners to take away.

First: It is completely impossible to prevent terrorists from attacking airliners.

Second: This does not matter. There is no need for greater efforts on security.

Third: A terrorist set fire to his own trousers, suffering eyewateringly painful burns to what Australian cricket commentators sometimes refer to as the "groinal area", and nobody seems to be laughing. What's wrong with us?

We'll look at the first part to begin with.

In order to destroy an airliner and kill everyone on board, one needs to do a certain amount of damage to it: a lot if it is on the ground without much fuel in it, not so much if it is fuelled up, less yet if it is flying at low altitude, and least of all if it is flying high up.

Formerly there was the option of gaining access to the flight deck - perhaps using the aircraft as a weapon, as on 9/11, perhaps to carry out a hostage strategy - but those days are gone. The 9/11 hijackers have seen to it that the best and most effective ways for terrorists to employ airliners are no longer open to them. Pilots will never open flight deck doors again, no matter the threat to hostages in the cabin; passengers will not permit themselves to be dominated; armed sky marshals are back. If all these fail, following the bloodbath at Ground Zero fighter pilots will not hesitate to shoot.

So the damage must nowadays be done by other means than crashing, most practically by detonating a charge of high explosives on the plane while in flight. This doesn't need to be too big, especially if the jet is at cruising height so that the explosive effects will be enhanced by depressurisation. This is why airliners are a favourite target: because a fairly small amount of explosive can potentially kill a large number of people in one go, which is not the case under most circumstances.

It is an unfortunate and pretty much unavoidable fact that the necessary amount of explosives can easily be carried through any current or likely-future airport security regime, short of universal strip + cavity searches and a total ban on carry-on luggage.

Let's consider, for instance, a future security check involving backscatter X-ray-through-clothes perv scans - much more effective than millimetre wave - and X-raying of carry-on bags as is already normal. There are several ways to beat this.

Firstly, detonators and firing devices can be disguised within permitted electronic equipment such that they will pass through X-raying without trouble. An AA battery casing full of hexamethylenetriperoxidediamine (HMTD) - or some similar sensitive primary - with a flashbulb filament in it is almost impossible for an X-ray operator to pick out from among others, and can be triggered by the flash circuits of any camera.

The difficult bit is the main charge, which needs to be a decent weight and volume of acceptably stable high explosive. But it's not that difficult. Here are just a few ideas:

  • Several terrorists - only one of whom would need to go aboard the target flight - could carry permissible amounts of liquid explosives through security, combining them later in the air-side lavatories.
  • Readily available plastic explosives can be rolled out into flat, uniform sheets - they can actually be bought in this form, for instance under the name "Sheetex" - and cut to shape with ease. Such sheets can easily be inserted into luggage, where they won't look noticeably different from normal cardboard or plastic structure, partitions etc under X-ray if they aren't too thick. There are many other ploys along these lines; a sensible and well-resourced terror group could probably buy an X-ray machine and develop a bag containing a charge, detonator and firing circuit which looked entirely legit under scan.
  • Reasonable amounts of main charge can be carried stuffed into body cavities, undetectable by any body-scan. They would need to be removed before use in order to escape the pronounced dampening effect of the human body, and probably combined with other such payloads to get a bang sure to do the job, but again teamwork and lavatories will see to this.
  • There's more scope still for the use of checked baggage. US and many other airports nowadays X-ray this, but there are airports which don't. You can easily find out, as a terrorist organisation, routes on which a checked bag won't be X-rayed by packing some unexposed film and making some flights. Once you have identified an airport that doesn't X-ray checked bags, simply put a large time- or barometrically-triggered bomb into a suitcase and have your suicide operative check it before boarding.

The list goes on - and on. Any reasonably competent terrorist organisation, with access to funds, capable technical experts and a small number of operatives able to move about the world freely can blow up airliners in flight. You wouldn't even necessarily need suicide volunteers to carry the bombs, if you were cunning: dupes might be convinced that they were smuggling drugs, money or other contraband, or IRA-style "proxy bombers" could be forced to do your bidding by seizing and threatening their families.

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.