how to steal a nuclear warhead, without voiding your xbox warranty
DESCRIPTION
We will present the common elements and basic mechanisms of modern tamper-evident seals, tags, and labels, with emphasis on attack and circumvention. Adhesive seals, crimp seals, wire wraps, fiber optic seals, electronic, chemical, biological, and make-shift seals will be dissected, examined, and explained, with emphasis on their shortcomings and circumvention techniques. We will also present an overview of typical applications for tags, seals, and labels, including covert traps and uses ranging from consumer goods to loss reduction to government secrets.TRANSCRIPT
![Page 1: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/1.jpg)
HOW TO STEAL A NUCLEAR WARHEADWITHOUT VOIDING YOUR XBOX WARRANTY
An Introduction toTamper-Evident Devices,
Applications, Design, & Circumvention
Jamie Schwettmann & Eric Michaud
![Page 2: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/2.jpg)
The Way Things Will Go• What are Tamper-Evident Devices &
Why Should I care?
• The Proof is in the, uhm, …what Proof?
• Types of Devices:– Adhesives, Inks, and Sealants– Wraps, Seals, Physical Barriers– Optics, Electronics, and Alarms– Other Unique Devices
• Tag, You’re it! Attacks and Bypasses
• Seal the Deal! Risks and Implications of Tamper, from Real-life Scenarios
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 3: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/3.jpg)
What are Tamper-Evident Devices and Why Should I Care?
![Page 4: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/4.jpg)
What are Tamper-Evident Devices?
Move along.
These are not the tags and seals you’re looking for.
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 5: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/5.jpg)
What are Tamper-Evident Devices?
Definition:
Any tag, seal, alarm or other indicator which can be employed to evidence unauthorized intrusion or alteration to a container, room, building, device housing, or other material is a TAMPER-EVIDENT DEVICE.
Materials secured by such devices are often said to be “sealed”
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 6: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/6.jpg)
What are Tamper-Evident Devices?
Humans learned tamper-evidencing from Nature
Probably Safe to Eat
Probably NOT SAFE to Eat
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
PH
OTO
S:
JA
MIE
SC
HW
ETTM
AN
N
![Page 7: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/7.jpg)
At least 7,000 years ago, intricate stone carvings were pressed into clay to seal jars and later, writing tablets.
What are Tamper-Evident Devices?
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
PH
OTO
: U
RIE
L_1
99
8
![Page 8: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/8.jpg)
Why Should I Care?
• Everybody’s doing it…– And so are YOU.
• Avoid lawsuits and recalls
• Shrink & fraud reduction• Quality assurance
• Don’t trust the messenger… check for tampering.
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 9: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/9.jpg)
The Proof is in the… … uhm, what Proof?
Inspection Methods andEvidence
![Page 10: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/10.jpg)
The Proof: Inspection Methods
Casual Inspection (duh, it’s broken)
NO SPECIAL
TOOLS
REQUIRED!!!
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
PH
OTO
: JA
MIE
SC
HW
ETTM
AN
N
![Page 11: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/11.jpg)
The Proof: Inspection MethodsBlink
Comparison
One of these things is not like the others… J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan
2011
PH
OTO
: JA
MIE
SC
HW
ETTM
AN
N
![Page 12: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/12.jpg)
The Proof: Inspection MethodsBlink
Comparison
One of these things is not like the others… J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan
2011
PH
OTO
: JA
MIE
SC
HW
ETTM
AN
N
![Page 13: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/13.jpg)
The Proof: Inspection Methods
Traps and Alarms
Designed to automate notification of tampering
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 14: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/14.jpg)
The Proof: Inspection MethodsRigorous Scientific Examination
• Materials Analysis• Xray, UV, and Microscopy• Circuit Verification• Chemical Testing• Checksums and Hashing
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 15: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/15.jpg)
Types of Devices
![Page 16: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/16.jpg)
Adhesives, Inks, & Sealants: Characterization
• Adhesives– Bonds to surface– Overt removal damages
surface or film barrier
• Inks, Marks, & Stamps– Visually broken by
tampering
• Sealants– Similar to adhesive– No film or other barrier
necessary J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan
2011
PH
OTO
: JO
E S
HLA
BO
TN
IK
![Page 17: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/17.jpg)
Adhesives, Inks, & Sealants: Circumvention
• Thermal Stressing (best)– Heat: hair dryer or heat gun– Cold: freezer or dry ice
• Solvents (may be messy)– Alcohols– Acids– Petrochemicals– Mineral Oil– Water or Steam
• Needles & Razor BladesJ. Schwettmann & E. Michaud, BlackHat DC, 18 Jan
2011
![Page 18: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/18.jpg)
Wraps, Crimps, Physical Barriers: CharacterizationAll require material rupture to evidence
tampering.
• Wraps:– Cover or surround container or device– Sealed with heat, adhesive, or
mechanically crimped– Plastic, paper, or foil films
• Crimps:– Mechanical or heat-pressed seal– Metal, plastic, paper, foil
• Other Physical Barriers:– Wire wraps, zip ties, cup seals, pull-tabs,
break-away caps, perforated films, tapes, blisterpacks, band seals, bolt locks, plastic padlocks, dangle-tabs, rivets, etc. J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan
2011
![Page 19: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/19.jpg)
Wraps, Crimps, Physical Barriers: Circumvention
• Most require physical manipulation or modification, followed by reinstatement of seal
• Many can be shimmed
• Thermal Stress still helps
• Custom tools may be required
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 20: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/20.jpg)
Optics, Electronics, Alarms: Characterization
Unifying feature: Sensors
• Optical Devices– Beam-break– Motion detection– Often trigger other events
• Electronic Devices– Any kind of switch or sensor
may be used– RFIDs!!! SERIOUSLY!?
• Alarms– Active alert of breach– Often connected to electronics
(not always)J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 21: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/21.jpg)
Optics, Electronics, Alarms: Circumvention
• Automation makes humans lazy => less examination may occur!
• Electronic devices have inherent sampling rates and trigger tolerance – events outside these won’t trigger
• Inline signal and alarm bypasses may be available
• Devices operating on a network may be susceptible to additional attacks
• Many are themselves tamper-evidenced with physical methods
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 22: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/22.jpg)
Tag, You’re It!Attacks, Bypasses and Circumventions
![Page 23: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/23.jpg)
Bypass of Wire Wraps
Classic Coke shimming methodRequires:RazorbladeCoke
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
PHO
TOS: G
AB
RIE
L LAW
REN
CE
![Page 24: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/24.jpg)
Barriers: Bypassing Films and Stickers
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
Go a little MacGuyverFishing Line/Mint Dental FlossGoo Gone/Acetone/Similar SolventsHypodermic Needle Sewing NeedlesA steady and patient handHeat GunAttack the containers skip the Seals!
PHOTO: GABRIEL LAWRENCE
PH
OTO
: G
AB
RIE
L LA
WR
EN
CE
![Page 25: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/25.jpg)
Barriers: Attacking Bolt Seals
Two methods:
1. Dissolve. Shim, or drill retaining ring, then replace
2. Cut head off, add screw and Loctite
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 26: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/26.jpg)
Barriers: Attacking Bolt Seals
Two methods:
1. Dissolve. Shim, or drill retaining ring, then replace
2. Cut head off, add screw and Loctite
Retaining Ring
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
1
![Page 27: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/27.jpg)
Barriers: Attacking Bolt Seals
Two methods:
1. Dissolve. Shim, or drill retaining ring, then replace
2. Cut head off, add screw and Loctite
Drill here
Retaining Ring
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
1
![Page 28: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/28.jpg)
Barriers: Attacking Bolt Seals
Two methods:
1. Dissolve. Shim, or drill retaining ring, then replace
2. Cut head off, add screw and Loctite
Cut as high as possible
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
2
![Page 29: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/29.jpg)
Bypass Bolt Barrier Seals
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
• Polycarbonate Seals are prone to material removal
• Insert tool in hole on base with nail or chisel then spin plug till it releases.
• For Metal plugs make custom shim
To reseal press plug back in.
![Page 30: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/30.jpg)
Bypass Bolt Barrier Seals
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
Sometimes it’s easier to attack the container
•Drill out the rivets•Take off a hinge•Cut a hole in the side
…and then repair it.
PH
OTO
: TH
OM
AS H
AW
K
![Page 31: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/31.jpg)
Bypass Bolt Barrier Seals
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
Sometimes it’s easier to attack the container
•Drill out the rivets•Take off a hinge•Cut a hole in the side
…and then repair it.
PH
OTO
: TH
OM
AS H
AW
K
![Page 32: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/32.jpg)
Bypass Bolt Barrier Seals
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
Sometimes it’s easier to attack the container
•Drill out the rivets•Take off a hinge•Cut a hole in the side
…and then repair it.
PH
OTO
: TH
OM
AS H
AW
K
![Page 33: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/33.jpg)
Bypass Bolt Barrier Seals
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
Sometimes it’s easier to attack the container
•Drill out the rivets•Take off a hinge•Cut a hole in the side
…and then repair it.
PH
OTO
: TH
OM
AS H
AW
K
![Page 34: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/34.jpg)
Bypass Bolt Barrier Seals
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
Sometimes it’s easier to attack the container
•Drill out the rivets•Take off a hinge•Cut a hole in the side
…and then repair it.
PH
OTO
: TH
OM
AS H
AW
K
![Page 35: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/35.jpg)
Circumventing Cup SealsSimilar to removing a water
bottle cap…
Shape a stiff piece of metal into a hook, insert/twist/depress tangs and repeat
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
To reseal, reset tangs, then press cap back into place
![Page 36: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/36.jpg)
Breakaway Tags/Padlocks
• Shimming and chiseling work well for these padlocks.
• Splitting down side then careful re-gluing works also
• Heat Gun to replace physical distress marks
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 37: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/37.jpg)
Breakaway Tags/Padlocks
ChiselShimRe-glue
Insert Shims/Chisels at entrance, either reset
or glue.
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
PH
OTO
: TIM
LEW
ISN
M
![Page 38: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/38.jpg)
Breakaway Plastic Bands
• Plastic Bands – Chisel the restricting tips– Heat Gun to reset color of
physical stress indicators
Spread Heat over physically
distressed areas
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
Insert chisel here and
chop!
![Page 39: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/39.jpg)
Many Mechanisms simply beaten with bent pieces of metal
Bypassing Metal Band Seals
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
PH
OTO
: G
AB
RIE
L LA
WR
EN
CE
![Page 40: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/40.jpg)
• Thermal Stressing– Hot air Gun to make
pliable– Canned Air to cause
shrinkage and removal then reheat to reapply
Wax Seals Defeats
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
PH
OTO
S:
GA
BR
IEL
LAW
REN
CE
PH
OTO
: JO
E S
HLA
BLO
TN
IK
![Page 41: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/41.jpg)
Steaming still works!
Defeating Envelopes
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
but if it doesn’t, other solvents probably will!
![Page 42: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/42.jpg)
Seal the Deal! Risks and Implications of Tamper:Real-World Scenarios
![Page 43: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/43.jpg)
Scenario One: The XBox Tamper Seal
Easily removed unscathed with a hairdryer and
razor blade.
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 44: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/44.jpg)
Scenario Two: Drug Tests Anyone?
Who relies on a clean test to keep their jobs and clearances?
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 45: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/45.jpg)
• Remember the summer of 93?– It’s a long time ago, I know…– Rumors of Syringes in Pepsi cans – Turned out to be a hoax, but
severally harmed the image of Pepsi
• Your Assembly Process is part of the Tamper-Evident system also!
• Even though it was hoaxed by many copy-cats, Pepsi had to release ads and the FDA had to get involved.
Scenario Three: This Pepsi Stings
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 46: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/46.jpg)
Potassium Cyanide is my drug of choice…
What happened? Deaths from Cyanide-laced Extra Strength Tylenol, 1982-1986
On some bottles, the seals had not been broken
Results:On October 5, 1982, Johnson & Johnson issued a nationwide
recall of Tylenol products; an estimated 31 million bottles were in circulation, with a retail value of over $100M.
Johnson & Johnson went from 38% of sales to 8%It did rebound after a year, …but not without the loss.
Scenario Four: Chicago Tylenol Murders
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 47: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/47.jpg)
Scenario Four: Chicago Tylenol Murders
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
• Unsolved mystery– No killer has been found… the case is still open– J&J claims the bottles were tampered on the shelves– No evidence of post-production bottle-tampering was found– Monsanto, also in Illinois, filed patent 4439453 for
tableting acetaminophen in Sep 1982, just a week before the Tylenol murders began…
• A change to the industry– Federal Anti-Tampering Act (1983)– Capsules replaced by tablets
…industry-wide
![Page 48: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/48.jpg)
• The IAEA details transportation requirements and does inspections.– Represents the UN and the Security
Council– Lost Source Incidences– Rogue States – DPRK Anyone?– Material Sold to Non-Security Council
countries
Scenario Five: Now where did I leave that fissile material?
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
PH
OTO
: A
NL
VAT
![Page 49: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/49.jpg)
Conclusions…
![Page 50: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/50.jpg)
Conclusion
If possible,
avoidattacking the sealdirectly.
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 51: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/51.jpg)
Conclusion
If possible,
avoidattacking the sealdirectly.
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 52: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/52.jpg)
Conclusion
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
IMA
GE:
TSH
IRTH
ELL
.CO
M
![Page 53: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/53.jpg)
Additional Resources
Your local arts, crafts, and hardware store!!
Tamper-Evident Devices:Journal of Physical Security
(Argonne National Laboratory Vulnerability Assessment Team)
Insecurity of Drug Testing:Journal of Drug Issues
Freight Container Mechanical Seals: ISO/PAS 17712 (2010)
J. Schwettmann & E. Michaud, BlackHat DC, 18 Jan 2011
![Page 54: How To Steal A Nuclear Warhead, Without Voiding Your XBox Warranty](https://reader038.vdocuments.mx/reader038/viewer/2022102922/5480987fb4af9fa85d8b45c8/html5/thumbnails/54.jpg)
For a Seal-Clubbing Good Time Call
Jamie SchwettmannEm: [email protected]: brink_0x3f
Eric MichaudEm: [email protected]: EricMichaud