Aconite Attack, the new Katla KillFile, is now live!

Aconite Attack, the fourth KillFile, is now available at Amazon and will soon be available at other retailers*. Click on the cover to go to the Amazon page:

Aconite Kill File gray MS

Assassin Katla finds a devious way to get a target to poison himself…

The Aconite Attack KillFile (10,700 words) follows Katla Sieltjes on her first foray as a freelance assassin and corporate troubleshooter, when she gets herself hired by the CEO of a modelling agency to permanently remove his playboy partner, who is quickly draining the firm’s resources on his downward spiral into self-destruction. Katla finds a way to administer poison to the target, but he has to be isolated for her plan to succeed. Every plan has a fluke factor though, and Katla soon finds herself in a struggle for life and death, when the target reveals his darker side…

The Katla KillFile short stories chronologically precede the novels in the Amsterdam Assassin Series.

Each KillFile features Katla Sieltjes, expert in disguising homicide, executing one of her contracts. While not mandatory reading, each KillFile provides insight both in Katla’s work methods and skill, and additional background information in her character and personal history. The KillFiles can be read out of order, as the contracts are random samples from Katla’s past.

This e-book features a glossary.


 

* Aconite Attack should become available at iBooks, Kobo, B&N, NookUK, Scribd, and other retailers in the coming days, as some retailers take more time to process the publication. Check your favourite retailer by using the links on the main page.


 If you want to read Aconite Attack and review the story on GoodReads/Amazon/Kobo/iTunes/B&N/NookUK, I have free review copies (ePub/Mobi) available, just send me an email.

I hope every Katla fan will enjoy this new novella. Please share this post through the social media buttons below.

Thanks for your support!

Advertisements

Aconite Attack: ARCs now available!

Aconite Attack, the fourth Katla KillFile, will be published in a few days, but you can get an Advance Reader Copy from today! If you’re interested in reading the story before its official launch date and support an independent author, read on:

Aconite Kill File gray MS

Aconite Attack is the fourth Katla KillFile, after Locked Room, Microchip Murder, and Fundamental Error.

The pitch for Aconite Attack:

Assassin Katla finds a devious way to get a target to poison himself…

The Aconite Attack KillFile (10,600 words) follows Katla Sieltjes, freelance assassin and corporate troubleshooter, as she gets herself hired by the CEO of a modelling agency to permanently remove his playboy partner, who is quickly draining the firm’s resources on his downward spiral into self-destruction. Katla finds a way to administer a poison to the target, but he has to be isolated for her plan to succeed. But every plan has a fluke factor, and Katla soon finds herself in a struggle for life and death when the target reveals his darker side…

The Katla KillFile short stories chronologically precede the novels in the Amsterdam Assassin Series.

Each KillFile features Katla Sieltjes, expert in disguising homicide, executing one of her contracts. While not mandatory reading, each KillFile provides insight both in Katla’s work methods and skill, and additional background information in her character and personal history. The KillFiles can be read out of order, as the contracts are random samples from Katla’s past.

This e-book features a glossary.

Aconite Attack will be published on New Years Eve, but a limited amount of Advance Reader Copies will be made available to early reviewers.

“Am I eligible for an ARC of Aconite Attack?”

You do not have to be a reviewer for a magazine or other official publication. All readers are eligible for an ARC, provided they are able to write a review and post it on their blog and retail sites (links to the retail sites will be provided to reviewers on the launch date). Reviews don’t have to be long, but honesty is required. Reviews are for readers to make up their mind if they want to read the story, so it’s important to give a fair assessment of the story’s entertainment value.

“What if I don’t like (parts of) the story?”

Please put that in your review. Readers might share your opinion and avoid reading something they don’t like, or they might not share your opinion and like the story for the reasons you don’t like it. Whatever you do, give your honest opinion.

“How can I apply for an ARC?”

Simple, just send an email to katlasieltjes@yahoo.com with “Aconite ARC” in the subject line and you’ll receive an ePub and a mobi file, so you can choose the device you want to use for reading the story. Download the attached file to your hard drive and upload the file into the e-reader of your preference.

“How long do I have to read the story and write and post my review?”

The story is just over 10,000 words, so most readers can read it in an hour or two, maybe three if they read at a leisurely pace. The review doesn’t have to be long. Just state that you’re reviewing an ARC provided by the author, and what you liked/disliked about the story and why. Posting the review on the retail sites and blogs is a matter of minutes. If possible, post your reviews on the launch date. If you’re late, post the review a day or so later, but preferably no longer than a week after the launch.

All ARCs will be sent out until December 30th. Applications after midnight December 30th will not be considered for ARCs, so send your application email as soon as possible.

Thank you for your support,

Martyn V. Halm

If you think your own community might be interested in this offer, please use the social media buttons below to spread the word.


New Katla KillFile on its way: Aconite Attack

Despite battling my kidney stones, I’ve been working on a new Katla KillFile called Aconite Attack:

Assassin Katla finds a devious way to get a target to poison himself…

The Aconite Attack KillFile follows Katla Sieltjes, freelance assassin and corporate troubleshooter, as she gets herself hired by the CEO of a modelling agency to permanently remove his playboy partner, who is quickly draining the firm’s resources on his downward spiral into self-destruction. Katla finds a way to administer a poison to the target, but he has to be isolated for her plan to succeed. But every plan has a fluke factor, and Katla soon finds herself in a struggle for life and death when the target reveals his darker side…

The Katla KillFile short stories chronologically precede the novels in the Amsterdam Assassin Series.

Each KillFile features Katla Sieltjes, expert in disguising homicide, executing one of her contracts. While not mandatory reading, each KillFile provides insight both in Katla’s work methods and skill, and additional background information in her character and personal history. The KillFiles can be read out of order, as the contracts are random samples from Katla’s past.

This e-book features a glossary.

First peek at the cover:

Aconite Kill File gray MS

Pre-publication snippet:

Katla put away her lock picks and took the oxygen tank from her bag. She covered her face with the biohazard mask before she entered the target’s apartment and closed the door behind her.

Although she had waited a good half hour after Gerard Snuif left, she took no chances and made a slow circuit through the target’s opulent bachelor pad to make sure she was alone before she went into the kitchen and took down the cereal box from the cabinet.

She lifted the plastic bag with cereal from the box and placed the bag on a scale. 114 grammes. So Snuif had eaten more than half the bag, unaware of the source of his complaints.

Probably figured nobody would mess with his cereal.

Katla smiled behind the biohazard mask and took a fresh carton of cereal from her bag. She removed the sealed bag with untainted cereal, measured against the used bag and tore off a corner. She poured 136 grammes of cereal into a bowl and weighed the bag to make sure it contained the exact same amount as the used bag.

Although it was unlikely that Snuif would know exactly how much cereal he had left, she preferred to be meticulous when dealing with poison.

She placed the fresh bag in the used carton and placed the cereal back in the kitchen cabinet. The used bag with the poisoned cereal went into a ziplock bag. She added the 136 grams of untainted cereal and put the bag in the carton in her bag.

Ready.

Leaving the oxygen mask on until she was near the door, Katla went out the same way she came in and used her picks to lock the door behind her.

Now, all she had to hope for was for his partner to be susceptible to her offer. If he didn’t take the bait, all her work had been for nothing.

If you think this article might be interesting to others, please share through the social media buttons below.


PIN Theft Using Thermal Imaging: Public Service Announcement or Panic Mongering?

A new threat to PIN security has been found: By using a thermal camera, scientists at the University of California in San Diego were able to record PIN codes from the heat signatures retained on keypads minutes after the PIN had been entered. But are Thermal Camera Attacks really a threat, or is the reporting skewed for sensationalism?

After reading the scientific article in question, Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks by Keaton Mowery, Sarah Meiklejohn, and Stefan Savage of UC San Diego—cited in the fear-mongering articles spreading like wildfire—I’ve come to the following conclusions:

As described, the test hardly worked on metal keypads:

“The material of the keypad also made a huge difference: against metal keypads, the few runs that we did perform were almost completely abortive. Much of this can be attributed to the high conductivity of the metal, which meant that the heat residue remained localized to the key that had been pressed for only a few seconds; we also observed, however, that either the keypad itself or a paint put on the keypad caused it to act as a thermal mirror, meaning it was hard to even get a clear reading on the keypad at all. Therefore, at least based on our current results, the obvious approach to prevent our (and essentially any thermal-camera-based) attack would be to use metal keypads exclusively.”

The camera used for the test is extremely expensive:

“We used an A320 FLIR camera running at 9Hz with the built-in lens and the standard ExaminIR software for the camera. The monthly rental rate for this camera is $1950 and the cost to buy is about $17,950.”

Although the rental rate is only a mere two thousand dollars per month, the return rate has to be quite high for this method to be economically feasible.

The individual touch can skew results:

“Similarly, individual differences of the keypad operators plays a determining role as well. Some people were quite a bit more warm-blooded than others, and some were more forceful in pressing the keypad; for the people with colder hands or a lighter touch, the thermal results faded significantly more quickly.”

In other words, cold hands and a light touch severely influence the success rate. Not to mention using gloves…

Typical time frame for success:

While the results were pretty good for the first 45 seconds, the thermal imaging had to be rendered within 90 seconds after the PIN code had been entered on a plastic pad.

Most of the time, after entering the PIN on an ATM, the time elapsing before the client has received the money (and puts it away in their wallet/purse) is often more than one minute.

What About Counter Measures?

The article mentions some simple countermeasures ignored in most articles on this ‘new threat’:

“There are of course prevention methods that a user might in turn take against thermal camera-based attacks (for example, continuing to press the keypad even after he has entered the code, or simply resting his whole hand on the keypad); nevertheless, we expect that all but the most paranoid of users do not take them (at least not at present), and so the advantage over conventional cameras is still meaningful.”

How High Is The Risk?
While much has been made of the possibility of theft of individual PIN codes at ATMs, I think that risk is negligible and easily countered. With people becoming more security conscious in recent years, many users already screen their PIN by using their free hand to block the view of the keypad. If that action is followed by these countermeasures, the risk drops down to nihil:

  • Keep touching different keys on the pad or simply rest your warm palm on the key to give all of them a heat signature.
  • Never take a preset amount of money, but select ‘Other’ so you have use the keypad to insert a different amount. The keys of the amount will mess up the heat signatures of the pads used to typing your PIN.
  • Use gloves or an object (pen, keys, et cetera) to press the keys. If none of those options are available, press the keys with your knuckle instead of your fingertip. Especially the knuckle of your little finger will transmit less heat to the keys than a fingertip.
  • Whenever you can, only use ATMs with a metal keypad.

So, Nothing To Worry About?

Well, not for ATM users. However, the article is interesting for security professionals with regards to the use of keypads to limit access to secure locations, for a variety of reasons not encountered with ATMs:

  • Unlike the keypads of ATMs, access keypads are often mounted vertically on the door or the wall next to the door.
  • Door keypads are often made of plastic, which retains the transferred heat longer than metal pads.
  • Users often vacate the area immediately, i.e. the individual arrives at the door, enters the code, opens the door, and goes inside, allowing for a far shorter time elapsing between the entering of the code and taking the thermal image.
  • And, most important, all users use the same code, so if one takes thermal imaging of several users, the code pattern will emerge much swifter than with the use of individual codes (like PIN codes at an ATM).

A lot of this also goes for safes with electronic keypads: plastic keypads, single code. Except that most safes are vacated seconds after the code has been entered. So with safes the risk is less high than with door keypads.

The scientific article, complete with graphs and source material, can be found here: https://cseweb.ucsd.edu/~kmowery/papers/thermal.pdf

If you think other people could benefit from this information, please share this post using the social media buttons below.