Our favorite crazy slingshot maker, Joerg Sprave, can seemingly turn anything into a weapon. And recently his scavenging skills were put to the ultimate test when a magazine challenged him to turn everyday trash into an improvised arsenal.
Did he succeed? Well, if you’re familiar with Joerg’s past efforts you’ll know the answer is a resounding yes. Using trash found around his property, he turned old chili powder into pepper spray, cans and batteries into bolas, and a broomstick and latex gloves into a crossbow. And stick around until the end where Joerg also shows off a couple of new slingshots, including a grape launcher that he hopes will help set a new Guinness World Record. [YouTube]
It will certainly help keep you cool at work, but if you were hoping to fool your co-workers into thinking you’ve got the latest and greatest Apple hardware, think again. Not even a toddler would mistake thisiPhone ‘shaped’ compact air conditioner for the real deal.
The on-screen icons barely match the ones in iOS, and it’s not even a real LCD display. It’s also monstrously thick, so what’s the point of trying to impress people if they have to be complete idiots to be fooled? It will, however, definitely keep you cool. And for just $20, without a contract or a data plan. All you need to sign away is an available USB port.
You might notice the sting of the injection. Within seconds you’d realize you’re having trouble moving your eyes and fingers, followed by your arms and legs. If you were standing, you’d collapse. In a heap on the floor, you’d realize nearly every muscle in your body was paralyzed. Being fully conscious, your sense of panic would be rising as rapidly as the paralysis was spreading. Swallowing and breathing has become more and more difficult. Slipping into unconsciousness, your last conscious thought may well be “I am going to die.”
Statistically speaking, you’re not going to die. Not because what was injected isn’t lethal – it most certainly is. No, you’re probably not going to die because if you’ve been injected with succinylcholine (also known as suxamethonium chloride or simple ‘sux’) you’re most likely in a hospital, undergoing intubation with accompanying respiratory support. The administration of sux is part of the rapid sequence intubation (RSI) protocol, which means a medical team is actually trying to keep you alive – they’ve just got to paralyze you do to it. If you’re being intubated, you’re airway is blocked and the RSI protocol is employed to get a breathing tube down your throat. To get this tube in quickly, they’ll paralyze and sedate you.
Sedation means you won’t be conscious when the paralysis sets in. Respiratory support means something will be breathing for you when the muscles involved in respiration stop working. In 5 – 10 minutes, a clinical dose of sux wears off as it’s rapidly metabolized by your body. The sedation will likely last longer. The goal is that by the time you’re awake, your breathing has been stabilized and perhaps other medical issues have been (or are being) addressed. This is the intended use of sux. But, like many chemicals, people can use it for nefarious reasons.
If you’re hit with clinical dose of sux and have no respiratory support, you will likely die. Though the effects of sux wear off in 5-10 minutes, your body’s need for oxygen renders those minutes far too long. If you’re hit with sux without sedation, you’ll spend those minutes before death in a state of waking terror, realizing there is nothing you can do. It is a horrible way to die. For a time, it was a clever way to kill someone.
Since the early 1950s, sux has been used in a clinical setting mainly by anesthesiologists. It’s a mystery when it was first used in a homicide, but the first high-profile killings came in the 1966 and 1967. This salacious tale of murder involves anesthesiologist Dr. Carl Coppolino, his mistress, his mistress’ husband dying suddenly in ’66, Coppolino’s wife dying suddenly in ’67, a quick remarriage by Dr. Coppolino (not to that mistress), two trials in different states leading to different verdicts.
Coppolino’s first trial in New Jersey involved a shaky witness (that jilted mistress) and a tricky toxicology problem. In their 2006 J Am Soc Mass Spectrom paper, Ballard et al. expound on sux’s tricky tox.
…few forensic laboratories will even attempt to analyze these compounds. This is partially because there is little need to measure them clinically and, thus, no routine assays are available, and partially because they are analytically challenging compounds. Nevertheless, the potential for their use as murder weapons must be considered, particularly in cases involving sudden, unexpected, and unexplained death with a medical professional as a potential suspect, both within and outside of a hospital setting. Succinylcholine in particular has a long reputation as an undetectable, “perfect” poison.
The analysis of quaternary ammonium neuromuscular blocking agents in a forensic setting is challenging for two reasons. The first reason is that the chemical behavior of these compounds, involving both hydrophilic and lipophilic characteristics, makes them difficult to isolate from biological specimens. The second reason is the extraordinary variability of the types of specimens encountered; this variability is such that each specimen must be considered unique.
Back in the mid-to-late sixties, sux was likely considered a “perfect poison” as no tried-and-true method for detecting it in tissues was developed until the 1980s. Previous analysis had holes – including the analysis presented in both of Coppolino’s trials. It wasn’t sux that was detected, but the metabolites succinic acid and choline. Here’s a big hole: what else could give rise to those detected metabolites?
While Coppolino’s soon-to-be very famous defense attorney F. Lee Bailey focused on the tricky tox of sux in both trials, Coppolino was only aquitted of the death of his ex-mistress’ husband. That second set of jurors in the Florida trial for Mrs. Coppolino’s murder returned a guilty verdict.
The Coppolino trials shined a light on the challenges of detecting sux. In the decades that followed, advances were made but even these new techniques had their limits. Police in Osaka, Japan had a string of missing persons in 1993-1994, which they linked to single suspect who subsequently confessed to killing five people. Oddly, the suspect was a dog breeder. Typically, suspicious deaths involving sux have one thing in common – access to sux. This usually means medical professionals are involved. Just how did a dog breeder get his hands on drug typically associated with anesthesiologists? The suspect explained both his access to sux and his mode of administrating sux to police.
The suspect (the dog breeder) confessed that he had injected around 40 mg (one ampule dose) of succinylcholine (suxamethonium chloride) intramuscularly into one arm of the victims after sedating them by oral administration, via some soft drink, of a small amount of bromovalerylurea (bromisovalum) and/or nitrazepam. The drugs had been illegally provided by a veterinary surgeon of his acquaintance under the pretense of killing unwanted animals. The suspect had prior experience of killing dogs with succinylcholine. [excerpt from here]
During his confession, this dog breeding killer directed police to the burial sites of all five victims. At the site of one victim, a plastic syringe was found. A needle mark was noted for one victim during autopsy, but not for the other four. In 1994, body decomposition and the rapid metabolism of sux proved too big a hurdle for a sux tox screen to overcome – no sux was found in any of the victims. Sux was found in that recovered syringe, however. Though no sux was found in the victims, the suspect was convicted based on his confession and other evidence.
By the time of Kathy Augustine’s death in 2006, analysis of sux in tissues and biological fluids had advanced greatly. Like Mrs. Coppolino, Augustine’s death was first thought to have been the result of a heart attack. Found unconscious at home by her husband Chaz Higgs, Augustine was rushed to the hospital where she died a few days later. Augustine, the first female state controller in Nevada history and a political mover-and-shaker, was a high profile death in Nevada from day one.
Like Coppolino and the dog breeder before him, Higgs had access to sux. Higgs was a critical care nurse who had experience administrating sux. But it wasn’t Higgs’ access to, and familiarity with, sux that raised a red flag. It was the troubled Higgs – Augustine marriage, along with something Higgs supposedly told fellow nurse Kim Ramey.
Ramey told police that she and Higgs had talked at work just a day before Augustine was rushed to the hospital. At the preliminary hearing, Ramey said Higgs had mentioned a well known local murder case involving a man who had stabbed his wife to death.
“He said, ‘That guy did it wrong.’ He said, ‘If you want to get rid of somebody,’ and he made a gesture like this (holding a needle), ‘You just hit her with a little Sux, because they can’t trace it post mortem,'” Ramey told the court. “I looked him at the face and I said, ‘Chaz, that’s too much anger to carry around.’ And the hair on my arm arose.” [excerpt from here]
After hearing from Ramey, police sent urine collected during Augustine’s hospital stay directly prior to her death. Analysis of Augustine’s urine showed sux metabolites and sux. At no time during her hospital stay was Augustine administered sux.
The detection of sux, not just sux metabolites, in Augustine’s urine was dismissed by Higg’s defense attorney David Houston.
…he argues the amount of succinylcholine detected by the urine test is inconsequential. “What they’re talking about from the prosecution’s stand point is finding what they euphemistically refer to as traces. Well, I’m not really sure what a trace is, but it’s certainly not enough to convict somebody beyond a reasonable doubt of a murder,” Houston says. [excerpt from here]
Traces of sux was enough for Tom Barb, the prosecutor handling the Higgs case.
“Succinylcholine is not a recreational drug. If that’s present, somebody put it in her, and the only one that had the opportunity to put it in her was her husband,” argues Tom Barb. “I guess it’s just pretty straightforward. It’s murder by injection, as opposed to a gunshot.” [excerpt from here]
Interestingly, the way sux was put into Augustine was a focus of Higgs’ defense. Higgs’ attorney David Houston raised what can be called the “my client knows better” defense.
He also tried to raise doubts about the medical evidence, including the site of the injection, which was in the muscle of the buttocks. The drug works fastest if delivered intravenously, and Higgs would have known that, Houston argued. [excerpt fromhere]
Nearly a year after Augustine’s death, a jury convicted Higgs of first degree murder.
The cases discussed here weren’t cracked by some routine tox screen. The tip-off to sux came from a jilted mistress, a confessed killer and a coworker. Such witness tips have helped resolve other high profile sux cases. Tips aren’t usually enough in today’s criminal prosecutions, neither is a suspect’s access to sux. This is where modern analytical techniques come in. Tests can bolster, or weaken, witness tips and other circumstantial evidence against accused killers that sux.
This video purportedly shows someone demonstrating what has to be one of the craziest weapon mashups we’ve ever encountered: a compound bow crossed with a twelve-gauge shotgun.
There’s been some well-deserved skepticism as to whether or not the recoil is authentic, but more importantly, whether or not the bow’s strings can be used to successfully impact the shotgun’s firing pin. There’s also the question of why someone would choose to completely negate the stealthy silent nature of hunting with a crossbow, and why this creation didn’t come from the twisted mind of our favorite slingshot builder, Joerg Sprave. [YouTube via Neatorama]
Common knowledge dictates that girls dig guys with muscles. However, new research suggests that women gave up on bulging biceps and strong jawlines long ago, in favor of qualities like loyalty and generosity. In other words, the scrawny geek gets the gal.
The research, which was conducted at the University of Tennessee-Knoxville and is published in PNAS, used mathematical models to get to the bottom of when humans first started living in monogamous relationships. The study suggests that the rise of weaker males—or Beta males, if you prefer—began far earlier than suspected. In fact, Beta males started to become a hit with the ladies not long after humans started living in large social groups.
When humans began living in such groups, Alpha males were clearly dominant. But over time, Beta males realised that they had to develop strategies in order to secure a relationship. Their solution was to devote themselves to single woman—unlike Alpha males who played, and continue to play, the field—offering her all the food and protection she needed. On balance, the research suggests, women quickly became more convinced by the notion of a committed and generous partner over that of a stronger, but promiscuous, man.
A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation.
The malware, discovered by Russia-based anti-virus firm Kaspersky Lab, is an espionage toolkit that has been infecting targeted systems in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa for at least two years.
Dubbed “Flame” by Kaspersky, the malicious code dwarfs Stuxnet in size – the groundbreaking infrastructure-sabotaging malware that is believed to have wreaked havoc on Iran’s nuclear program in 2009 and 2010. Although Flame has both a different purpose and composition than Stuxnet, and appears to have been written by different programmers, its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals – marking it as yet another tool in the growing arsenal of cyberweaponry.
The researchers say that Flame may be part of a parallel project created by contractors who were hired by the same nation-state team that was behind Stuxnet and its sister malware,DuQu.
“Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide,” said Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, in a statement. “The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country.”
Early analysis of Flame by the Lab indicates that it’s designed primarily to spy on the users of infected computers and steal data from them, including documents, recorded conversations and keystrokes. It also opens a backdoor to infected systems to allow the attackers to tweak the toolkit and add new functionality.
The malware, which is 20 megabytes when all of its modules are installed, contains multiple libraries, SQLite3 databases, various levels of encryption – some strong, some weak – and 20 plug-ins that can be swapped in and out to provide various functionality for the attackers. It even contains some code that is written in the LUA programming language – an uncommon choice for malware.
Kaspersky Lab is calling it “one of the most complex threats ever discovered.”
“It’s pretty fantastic and incredible in complexity,” said Alexander Gostev, chief security expert at Kaspersky Lab.
Flame appears to have been operating in the wild as early as March 2010, though it remained undetected by antivirus companies.
“It’s a very big chunk of code. Because of that, it’s quite interesting that it stayed undetected for at least two years,” Gostev said. He noted that there are clues that the malware may actually date back to as early as 2007, around the same time-period when Stuxnet and DuQu are believed to have been created.
Gostev says that because of its size and complexity, complete analysis of the code may take years.
“It took us half-a-year to analyze Stuxnet,” he said. “This is 20-times more complicated. It will take us 10 years to fully understand everything.”
Kaspersky discovered the malware about two weeks ago after the United Nations’ International Telecommunications Union asked the Lab to look into reports in April that computers belonging to the Iranian Oil Ministry and the Iranian National Oil Company had been hit with malware that was stealing and deleting information from the systems. The malware was named alternatively in news articles as “Wiper” and “Viper,” a discrepancy that may be due to a translation mixup.
Kaspersky researchers searched through their reporting archive, which contains suspicious filenames sent automatically from customer machines so the names can be checked against whitelists of known malware, and found an MD5 hash and filename that appeared to have been deployed only on machines in Iran and other Middle East countries. As the researchers dug further, they found other components infecting machines in the region, which they pieced together as parts of Flame.
Kaspersky, however, is currently treating Flame as if it is not connected to Wiper/Viper, and believes it is a separate infection entirely. The researchers dubbed the toolkit “Flame” after the name of a module inside it.
Among Flame’s many modules is one that turns on the internal microphone of an infected machine to secretly record conversations that occur either over Skype or in the computer’s near vicinity; a module that turns Bluetooth-enabled computers into a Bluetooth beacon, which scans for other Bluetooth-enabled devices in the vicinity to siphon names and phone numbers from their contacts folder; and a module that grabs and stores frequent screenshots of activity on the machine, such as instant-messaging and email communications, and sends them via a covert SSL channel to the attackers’ command-and-control servers.
The malware also has a sniffer component that can scan all of the traffic on an infected machine’s local network and collect usernames and password hashes that are transmitted across the network. The attackers appear to use this component to hijack administrative accounts and gain high-level privileges to other machines and parts of the network.
Flame does contain a module named Viper, adding more confusion to the Wiper/Viper issue, but this component is used to transfer stolen data from infected machines to command-and-control servers. News reports out of Iran indicated the Wiper/Viper program that infected the oil ministry was designed to delete large swaths of data from infected systems.
Kaspersky’s researchers examined a system that was destroyed by Wiper/Viper and found no traces of that malware on it, preventing them from comparing it to the Flame files. The disk destroyed by Wiper/Viper was filled primarily with random trash, and almost nothing could be recovered from it, Gostev said. “We did not see any sign of Flame on that disk.”
Because Flame is so big, it gets loaded to a system in pieces. The machine first gets hit with a 6-megabyte component, which contains about half-a-dozen other compressed modules inside. The main component extracts, decompresses and decrypts these modules and writes them to various locations on disk. The number of modules in an infection depends on what the attackers want to do on a particular machine.
Once the modules are unpacked and loaded, the malware connects to one of about 80 command-and-control domains to deliver information about the infected machine to the attackers and await further instruction from them. The malware contains a hardcoded list of about five domains, but also has an updatable list, to which the attackers can add new domains if these others have been taken down or abandoned.
While the malware awaits further instruction, the various modules in it might take screenshots and sniff the network. The screenshot module grabs desktop images every 15 seconds when a high-value communication application is being used, such as instant messaging or Outlook, and once every 60 seconds when other applications are being used.
Although the Flame toolkit does not appear to have been written by the same programmers who wrote Stuxnet and DuQu, it does share a few interesting things with Stuxnet.
Stuxnet is believed to have been written through a partnership between Israel and the United States, and was first launched in June 2009. It is widely believed to have been designed to sabotage centrifuges used in Iran’s uranium enrichment program. DuQu was an espionage tooldiscovered on machines in Iran, Sudan, and elsewhere in 2011 that was designed to steal documents and other data from machines. Stuxnet and DuQu appeared to have been built on the same framework, using identical parts and using similar techniques.
But Flame doesn’t resemble either of these in framework, design or functionality.
Stuxnet and DuQu were made of compact and efficient code that was pared down to its essentials. Flame is 20 megabytes in size, compared to Stuxnet’s 500 kilobytes, and contains a lot of components that are not used by the code by default, but appear to be there to provide the attackers with options to turn on post-installation.
“It was obvious DuQu was from the same source as Stuxnet. But no matter how much we looked for similarities [in Flame], there are zero similarities,” Gostev said. “Everything is completely different, with the exception of two specific things.”
One of these is an interesting export function in both Stuxnet and Flame, which may turn out to link the two pieces of malware upon further analysis, Gostev said. The export function allows the malware to be executed on the system.
Also, like Stuxnet, Flame has the ability to spread by infecting USB sticks using the autorun and .lnk vulnerabilities that Stuxnet used. It also uses the same print spooler vulnerability that Stuxnet used to spread to computers on a local network. This suggests that the authors of Flame may have had access to the same menu of exploits that the creators of Stuxnet used.
Unlike Stuxnet, however, Flame does not replicate automatically by itself. The spreading mechanisms are turned off by default and must be switched on by the attackers before the malware will spread. Once it infects a USB stick inserted into an infected machine, the USB exploit is disabled immediately.
This is likely intended to control the spread of the malware and lessen the likelihood that it will be detected. This may be the attackers’ response to the out-of-control spreading that occurred with Stuxnet and accelerated the discovery of that malware.
It’s possible the exploits were enabled in early versions of the malware to allow the malware to spread automatically, but were then disabled after Stuxnet went public in July 2010 and after the .lnk and print spooler vulnerabilities were patched. Flame was launched prior to Stuxnet’s discovery, and Microsoft patched the .lnk and print spooler vulnerabilities in August and September 2010. Any malware attempting to use the vulnerabilities now would be detected if the infected machines were running updated versions of antivirus programs. Flame, in fact, checks for the presence of updated versions of these programs on a machine and, based on what it finds, determines if the environment is conducive for using the exploits to spread.
The researchers say they don’t know yet how an initial infection of Flame occurs on a machine before it starts spreading. The malware has the ability to infect a fully patched Windows 7 computer, which suggests that there may be a zero-day exploit in the code that the researchers have not yet found.
The earliest sign of Flame that Kaspersky found on customer systems is a filename belonging to Flame that popped up on a customer’s machine in Lebanon on Aug. 23, 2010. An internet search on the file’s name showed that security firm Webroot had reported the same filename appearing on a computer in Iran on Mar. 1, 2010. But online searches for the names of other unique files found in Flame show that it may have been in the wild even earlier than this. At least one component of Flame appears to have popped up on machines in Europe on Dec. 5, 2007 and in Dubai on Apr. 28, 2008.
Kaspersky estimates that Flame has infected about 1,000 machines. The researchers arrived at this figure by calculating the number of its own customers who have been infected and extrapolating that to estimate the number of infected machines belonging to customers of other antivirus firms.
All of the infections of Kaspersky customers appear to have been targeted and show no indication that a specific industry, such as the energy industry, or specific systems, such as industrial control systems, were singled out. Instead, the researchers believe Flame was designed to be an all-purpose tool that so far has infected a wide variety of victims. Among those hit have been individuals, private companies, educational institutions and government-run organizations.
Symantec, which has also begun analyzing Flame (which it calls “Flamer”), says the majority of its customers who have been hit by the malware reside in the Palestinian West Bank, Hungary, Iran, and Lebanon. They have received additional reports from customer machines in Austria, Russia, Hong Kong, and the United Arab Emirates.
Researchers say the compilation date of modules in Flame appear to have been manipulated by the attackers, perhaps in an attempt to thwart researchers from determining when they were created.
“Whoever created it was careful to mess up the compilation dates in every single module,” Gostev said. “The modules appear to have been compiled in 1994 and 1995, but they’re using code that was only released in 2010.”
The malware has no kill date, though the operators have the ability to send a kill module to it if needed. The kill module, named browse32, searches for every trace of the malware on the system, including stored files full of screenshots and data stolen by the malware, and eliminates them, picking up any breadcrumbs that might be left behind.
“When the kill module is activated, there’s nothing left whatsoever,” Gostev said.
UPDATE 9am PST: Iran’s Computer Emergency Response Team announced on Monday that it had developed a detector to uncover what it calls the “Flamer” malware on infected machines and delivered it to select organizations at the beginning of May. It has also developed a removal tool for the malware. Kaspersky believes the “Flamer” malware is the same as the Flame malware its researchers analyzed.
Yesterday was the Golden Gate Bridge’s 75th birthday. To mark the occasion, there was a day-long party in San Francisco, which culminated in a massive fireworks display and light show. And we have to say, the old bridge looks as beautiful as ever bathed in the light of the fireworks.
The bridge, opened on May 27th 1937, is a wonder of engineering, spanning 4,200 feet to link the city of San Francisco to Marin County. So wonderful, in fact, that it was named one of the modern Wonders of the World by the American Society of Civil Engineers. Judging by this picture, taken by Thomas Hawk, that’s a title it still deserves.
It’s hard to imagine that these still life flower photos, made of splashed paint, were created without the assistance of Photoshop or 3D software. But photographer Jack Longcaptures each shot as a single event in camera. Not one of these images was assembled from multiple exposures, and that’s just amazing.
Understandably, Jack isn’t keen on sharing how exactly he manages to capture these perfect moments frozen in time. But he has pointed out that each shot represents months of planning and testing as he mixes up the perfect concoction to create the flowers. As well as hundreds of photos taken during the process, until he has a handful that stand out as being the best.
Normally we’re extremely curious about how amazing photos like these are captured. But this time, while we have a few theories as to how he does it (what exactly is inside those splashing vases?) we’re actually happy to just sit back and enjoy the results for a change.
Images by Jack Long used with permission.
973,086 iOS devices were jailbroken in a single weekend thanks to Absinthe 2.0, which was released on Friday. Chronic-Dev, one half of the Jailbreak Dream Team tweeted the announcement yesterday, adding that 211,401 of those freed were third-generation iPads. If you want to loosen your own Apple-branded handheld from the clutches of Cupertino’s control, then the warranty-worrying software is still available — with the promise that it’s so easy, your grandma could do it.