If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
After 9/11, we were told that "no cost was too high" when it came to fighting terrorism, and indeed, the US did blow trillions on forever wars and regime change projects and black sites and kidnappings and dronings and gulags that were supposed to end terrorism.
Back in the imperial core, we all got to play the home edition of the "no price is too high" War on Terror game. New, extremely invasive airport security measures were instituted. A "no-fly" list as thick as a phone book, assembled in secret, without any due process or right of appeal, was produced and distributed to airlines, and suddenly, random babies and sitting US Senators couldn't get on airplanes anymore, because they were simultaneously too dangerous to fly and also not guilty enough to charge with any crime:
We lost our multitools, our knitting needles, our medical equipment, all in the name of keeping another boxcutter rebellion from rushing the cockpit. As security expert Bruce Schneier repeatedly pointed out back then, the presence of (for example) glass bottles on the drinks trolley meant that would-be terrorists could trivially avail themselves of an improvised edged weapon that was every bit as deadly as 9/11's box cutters.
According to Schneier, there were exactly two meaningful security measures taken in those days: reinforcing cockpit doors, and teaching basic self-defense to flight crews. Everything else was "security theater," a term coined to describe the entire business, from TSA confiscations to warehouses full of useless "chemical sniffer" booths that were supposed to smell out bombs on our person:
Security theater isn't just about deploying measures that don't work – it's also about defending yourself against risks that don't exist. You know how this goes: in 2001, Richard Reid – AKA "The Shoenabomber" – tried to blow up a plane with explosives he'd hidden in his shoes. It didn't work, because it's a stupid idea – and then we all took off our shoes for a quarter-century:
https://en.wikipedia.org/wiki/Richard_Reid
In 2006, a gang of amateur chemists hatched a plan to synthesize explosives in an airplane toilet sink, scheming to smuggle in different reagents and precursors in their carry-on luggage, then making a bomb in the sky and taking down the plane and all its passengers. The "Hair Gel Bombers" were caught before the could try their scheme, but even if they had made it onto the plane, they would have failed. Their liquid explosive recipe started with mixing up a "piranha bath" – a mixture of sulfuric acid and hydrogen peroxide – that needs to be kept extremely cold for a long time, or it will turn into instantly lethal gas. If the liquid bomb plot had gone ahead, the near-certain outcome would have been the eventual discovery of an asphyxiated terrorist in the bathroom, lips blue and lungs burned away, face down in a shallow sink filled with melting ice-cubes:
The fact that these guys failed utterly didn't have any impact on the dramaturges who ran the world's security theater. We're still having our liquids taken away at airport checkpoints.
Why did we have to defend ourselves against imaginary attacks that had been proven not to work? Because "no price was too high to pay" in the War on Terror. As Schneier pointed out, this was obvious nonsense: there is a 100% effective, foolproof way to prevent all attacks on civilian aircraft. All we need to do is institute a 100% ban on air travel. We didn't do that, because "no price is too high to pay" was always bullshit. Some prices are obviously too high to pay.
Which is why we still get to keep our underwear on, even after Umar Farouk "Underwear Bomber" Abdulmutallab's failed 2009 attempt to blow up an airplane with a bomb he'd hidden in his Y-fronts:
It's why we aren't all getting a digital rectal exam every time we fly, despite the fact that hiding a bomb up your ass actually works, as proven by Abdullah "Asshole Bomber" al-Asiri, who blew his torso off with a rectally inserted bomb in 2009 in a bid to kill a Saudi official:
https://en.wikipedia.org/wiki/Abdullah_al-Asiri
Apparently, giving every flier a date with Doctor Jellyfinger is too high a price to pay for aviation safety, too.
Now, theatrical productions can have very long runs (The Mousetrap ran in London for 70 years!), but eventually the curtain rings down on every stage. It's possible we're present for the closing performance of security theater.
On September 17, the Israeli military assassinated 12 people in Lebanon and wounded 2,800 more by blowing up their pagers and two-way radios whose batteries had been gimmicked with pouches of PETN, a powerful explosive. This is a devastating attack, because we carry a ton of battery-equipped gadgets around with us, and most of them are networked and filled with programmable electronics, so they can be detonated based on a variety of circumstances – physical location, a specific time, or a remote signal.
What's more, PETN-gimmicked batteries are super easy to make and effectively impossible to detect. In a breakdown published a few days after the attack, legendary hardware hacker Andrew "bunnie" Huang described the hellmouth that had just been opened:
The battery in your phone, your laptop, your tablet, and your power-bank is a "lithium pouch battery." These are manufactured all over the world, and you don't need a large or sophisticated factory to make one. It would be effectively impossible to control the manufacture of these batteries. You can make batteries in "R&D quantities" for about $50,000. Alibaba will sell you a full, turnkey "pouch cell assembly line" for about $10,000. More reputable vendors want as little as $15,000.
A pouch cell is composed of layers of "cathode and anode foils between a polymer separator that is folded many times." After a machine does all this folding, the battery is laminated into a pouch made of aluminum foil, which is then cleaned up, labeled, and flushed into the global supply chain.
To make a battery bomb, you mix PETN "with binders to create a screen-printed sheet" that's folded and inserted into the battery, in such a way as to produce a shaped charge that "concentrat[es] the shock wave in an area, effectively turning the case around the device into a small fragmentation grenade."
Doing so will reduce the capacity of the battery by about 10% or less, which is within the normal variations we see in batteries. If you're worried about getting caught by someone who's measuring battery capacity, you can add an extra explosive sheet to the battery's interior, increasing the thickness of a 10-sheet battery by 10%, which is within the tolerance for normal swelling.
Once the explosive is laminated inside its (carefully cleaned) aluminum pouch, there's no way to detect the chemical signature of the PETN. The pouch seals that all in. The PETN and other components of the battery are too similar to one another to be detected with X-ray fluorescence, and the multi-layer construction of a battery also foils attempts to peer inside it with Spatially Offset Raman Spectroscopy.
According to bunnie, there are no ways to detect a battery bomb through visual inspection, surface analysis or X-rays. You can't spot it by measuring capacity or impedance with electromechanical impedance spectroscopy. You could spot it with a high-end CT scan – a half-million dollar machine that takes about 30 minutes for each scan. You might be able to spot it with ultrasound.
Lithium batteries have "protection circuit modules" – a small circuit board with a chip that helps with the orderly functioning of the battery. To use one of these to detonate a PETN-equipped battery, you'd only have to make a small, board-level rewiring, which could deliver a charge via a "third wire" – the NTC temperature sensor that's standard in batteries.
Bunnie gets into a lot more detail in his post. It's frankly terrifying, because it's hard to read this without concluding that, indeed, any battery in any gadget could actually be a powerful, undetectable bomb. What's more, supply chain security sucks and bunnie runs down several ways you could get these batteries into your target's gadget. These range from the nefarious to the brute simple: "buy a bunch of items from Amazon, swap out the batteries, restore the packaging and seals, and return the goods to the warehouse."
Bunnie's point is that, having shown the world that battery bombs are possible, the Israelis have opened the hellmouth. They were the first ones to do this, but they won't be the last. We need to figure out something before "the front line of every conflict [is brought] into your pocket, purse or home."
All of that is scary af, sure, but note what hasn't happened in the wake of an extremely successful, nearly impossible to defeat explosives attack that used small electronics of the same genus as the pocket rectangles virtually every air traveler boards a plane with. We've had no new security protocols instituted since September 17, likely because no one can think of anything that would work.
Now, in the heady days when the security theater was selling out every performance and we were all standing in two-hour lines to take our shoes off, none of this would have mattered. The TSA's motto of "when in trouble, or in doubt, run in circles, scream and shout" would have come to the fore. We'd be forced to insert our phones into some grifter's nonfunctional billion-dollar PETN dowsing-box, or TSA agents would be ordering us to turn on our phones and successfully play eleven rounds of Snake, or we'd be forced to lick our phones to prove that they weren't covered in poison.
But today, we're keeping calm and carrying on. The fact that something awful exists is, well, awful, but if we don't know what to do about it, there's no sense in just doing something, irrespective of whether that will help. We could order everyone to leave their phones at home when they fly, but then no one would fly anymore, and obviously, no one seriously thinks "no price is too high" for safety. Some prices are just too high.
I started thinking about all this last week, when I was in New Delhi to give a keynote for the annual meeting of the International Cooperative Alliance, which was jointly held with the UN as the inauguration of the UN International Year of Coops, with an address from UN Secretary General Antonio Guterres:
https://2025.coop/
When I arrived in New Delhi, my hosts were somewhat flustered because Indian Prime Minister Narendra Modi had just announced that he would give the opening keynote, which meant a lot of rescheduling and shuffling – but also a lot of security. I was told that the only things I could bring to the conference center the next day were my badge, my passport and my hotel room key. I couldn't bring a laptop, a phone or a spare battery. I couldn't even bring a pen ("they're worried about stabbings").
Modi – a lavishly corrupt authoritarian genocidier – has a lot of reasons to worry about his security. He has actual enemies who sometimes blow stuff up, and if one of them took him out, he wouldn't be the first Indian PM to die by assassination.
But the speakers and delegates gathered in the hotel lobby the next morning, we were told that we could bring phones, after all. Because of course we could. You can't fly people from all over the world to India and then ask them to forego the device they use as translator, map, note-taker, personal diary, and credit card. Some prices are just too high.
They took a lot of security measures. Everyone went through a metal detector, naturally. Then, we were sealed in the plenary room for more than an hour while the building was sealed off. Armed men were stationed all around the room, and the balcony outside the room was ringed with snipers:
We were prohibited from leaving our seats from the time Modi entered the room until he left it again, despite the fact that the PM was never more than a few steps from the single most terrifying bodyguard I'd ever seen:
And yet: the fact that we were less than two months out from an extremely successful, highly public demonstration of the weaponization of small batteries in personal electronics did not mean that we all had to leave our phones at the hotel.
After that, I'm tempted to think that, just possibly, security theater's curtain has rung down and its long SRO run has come to an end. It's a small bright spot in a dark time, but I'll take it.
Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality✓ Free Actions
Free to watch • No registration required • HD streaming
A TikTok ban is a massive prize that Zuckerberg has been laying the groundwork on for years. Will Trump let him have it?
Is the TikTok ban rooted in real security concerns? Yes. Is that what's really driving what's going on here? Not nearly as much as people would like the American public to believe, no.
I genuinely believe that Trump, who has reversed course on the ban since pushing for it during his administration, will not let it go into effect, because it's a carrot that he can dangle in front of Musk & Zuck, and a stick he can use to threaten other parties, and if the ban goes through, he loses that. I may be wrong -- I've been wrong before and will be again -- but this is my genuine belief. Why would he give up leverage like that? He loves that shit.
Anyway, this is all security theater until they start getting serious about Meta & X's data harvesting.
The TSA is advancing plans that could place private companies at the center of airport security operations, raising fresh concerns about the privacy implications of deeply integrated biometric and digital ID systems.
Lawyers: hey people like to impersonate us, sign a document saying you're aware of the risk and its not our fault if you get scammed. We care so much about digital security.
Me: Fine
Lawyers: hey use this sketchy app, the invite code will be sent unsolicited via a random text. We'll email you an unencrypted login code from a weird third party email address.
Me: I mean weird, but okay
Lawyers: Now sign all these documents, except the app we're forcing you to use is terrible and makes you redraw your signature on your phone screen every time. If you deviate from the signature box at all the app will freak out, and sometimes even if you're careful the page will start scrolling instead of drawing your signature and will exit the document you're trying to sign, making you scroll down for 30 pages to try again. You'll end up using a 'digital signature' which is just your name in a loopy font.
Me: ...
Me: ...
Me: ...why-
Lawyers: -oh btw can you upload pictures of your most sensitive documents to this random app? Also we need a video of your face saying random numbers.
Me: Please stop
Lawyers: Oooh, our AI is having difficulty reading that picture of your passport. Take it again 23 times until it's just the way we want it. Now let us scan your passport with your phone - NO NOT LIKE THAT DUMBASS - okay great :)
Me: Please I'm begging you
Lawyers: All done! We'll start right away-
Me: -Oh thank god-
Lawyers: -and by right away we mean it'll take two months. At least.
Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality✓ Free Actions
Free to watch • No registration required • HD streaming
sometimes when I hear people talk about security and feeling safe, it's like when you hear a kid talk about how the monster can't get you if you're under the covers.