Here's a writeup of Evan Booth's Hack the Box conference presentation on making lethal weapons out of items bought in airport duty-free shops. It's pretty ingenious stuff (the video above is from a related presentation at CarolinaCon 2013).
The problem here is that legitimate purpose of airport security is not protecting passengers and flight attendants from harm. In reality, there's no way to accomplish that goal against a determined attacker. The real and legitimate purpose of airport security is to protect airplanes and cockpits from harm -- to stop people from hijacking and/or crashing airplanes (this is why the TSA correctly relaxed its rules about carrying small knives onto planes -- and why so many of their other rules are pointless and stupid). So long as none of these lethal weapons can crash an airplane or beat an armored, bolted cockpit door, they embody no new incremental threat to aviation -- on the other hand, the improvised battery-bombs are a real threat.
Besides a bomb knew Booth also easy to make a bow and arrow of stuff he had bought in a shop in an airport. For this he used an umbrella, hair dryer, socks, a leather belt and condoms. Too obvious things like a lighter and deodorant as alternative gas burner he did not elaborate.
Booth also made a crossbow of an umbrella, floss, grab a toy, a rolkoffertje, a straw and tape. With a straw, cotton and a piece of metal from a remote controlled helicopter he was able to make a blow gun for firing arrows.
Remarkable is also a club that he made a gift, what magazines, floss, a leather strap and tape. In a test showed that so firmly, that he with a single blow a coconut in several parts stores.
Onderzoeker maakt bom van artikelen luchthavenwinkels [Dutch, Nu.nl]
Researcher makes bomb Articles airport shops [Google Translate]
Vtech is a ubiquitous Hong Kong-based electronic toy company whose kiddy tablets and other devices are designed to work with its cloud service, which requires parents to set up accounts for their kids. 4.8 million of those accounts just breached, leaking a huge amount of potentially compromising information, from kids’ birthdays and home addresses to […]
Yesterday, Dell was advising customers not to try to uninstall the bogus root certificate it had snuck onto their Windows machine, which would allow attackers to undetectably impersonate their work intranets, bank sites, or Google mail. Today, they apologized and offered an uninstaller — even as we’ve learned that at least one SCADA controller was […]
Last February, Lenovo shocked its security-conscious customers by pre-installing its own, self-signed root certificates on the machines it sold. These certificates, provided by a spyware advertising company called Superfish, made it possible for attackers create “secure” connections to undetectable fake versions of banking sites, corporate intranets, webmail providers, etc.
Celebrate Cyber Monday with some brain food. Save on any eLearning deal in the Boing Boing Store today using coupon code: CYBERMONDAY25. Below are a couple of our favorite eLearning offers: eduCBA Tech Training Bundle: Lifetime Subscription:Welcome to your personal online classroom, where you can finally study at your own pace, on your own time (and […]
This minimalist multi-tool will see to it that instead of rocking a tool belt, you’ll carry just one. It’s shaped slightly like a key and weighs less than an ounce, so it plays nice with your keychain. The strong surgical-grade stainless steel blade will last, and is handy for everyday tasks like opening boxes and […]
The Code Black is our top-selling drone of all time—and for good reason. This powerful, palm-size drone is not only insanely fun to fly, but can capture some serious video footage from up above. With a flight time of about 10 minutes and an ultra-smooth ride, it’s a great introductory drone for anyone looking to […]