Teflon Gets Heat from Environmentalists

If I asked you what a normal cooking temperature was, could you tell me within ten degrees of accuracy; what about fifty degrees of accuracy?

I am certainly not the best chef. I confess I have no idea what the exact temperature of a frying pan is when I put it on medium, or medium-high, high, etc..

Now consider the latest news from the Environmental Working Group on Teflon:

For the past fifty years DuPont has claimed that their Teflon coatings do not emit hazardous chemicals through normal use. In a recent press release, DuPont wrote that “significant decomposition of the coating will occur only when temperatures exceed about 660 degrees F (340 degrees C). These temperatures alone are well above the normal cooking range.”

I see. So the normal cooking range is below 660 degrees F. The only problem with DuPont’s reasoning is that most people probably do not know this and regularly cook above the level that they consider “normal”. Safety suddenly comes into play, and yet I would bet not a single DuPont teflon user has any idea of the risks:

In new tests conducted by a university food safety professor, a generic non-stick frying pan preheated on a conventional, electric stovetop burner reached 736°F in three minutes and 20 seconds, with temperatures still rising when the tests were terminated. A Teflon pan reached 721°F in just five minutes under the same test conditions (See Figure 1), as measured by a commercially available infrared thermometer. DuPont studies show that the Teflon offgases toxic particulates at 446°F. At 680°F Teflon pans release at least six toxic gases, including two carcinogens, two global pollutants, and MFA, a chemical lethal to humans at low doses. At temperatures that DuPont scientists claim are reached on stovetop drip pans (1000°F), non-stick coatings break down to a chemical warfare agent known as PFIB, and a chemical analog of the WWII nerve gas phosgene.

Personally, I have never liked teflon because I felt the risks were not clearly discussed or identified and so I have only bought stainless steel cookware. Come to think of it, I have not owned teflon for over fifteen years. When I first started looking for safety data and could not find anything conclusive, I steered clear. I also never understood the idea that it could peel off if you touched it with metal, like a normal fork or spoon. What kind of “hard” surface requires you to replace all your cutlery?

This general unease now turns out to be well founded.

Unless you can monitor your temperatures and/or install controls to keep teflon below 660 degrees F, there are some serious health risks to consider. I guess I will stick to stainless steel for now (pun intended).

NYC Tuna Toxicity

The NYT reports that the fish being served in their fair city has toxic levels of mercury:

Sushi from 5 of the 20 places had mercury levels so high that the Food and Drug Administration could take legal action to remove the fish from the market. The sushi was bought by The New York Times in October.

“No one should eat a meal of tuna with mercury levels like those found in the restaurant samples more than about once every three weeks,” said Dr. Michael Gochfeld, professor of environmental and occupational medicine at the Robert Wood Johnson Medical School in Piscataway, N.J.

Yikes. Perhaps most notable is that the restaurant owners had no idea they were serving toxic fish. Will they test at the market? Will fish markets test before selling? Where will the controls emerge? What if restaurant guides like Zagat started to include toxicity tests in their reviews and award cleanliness? Or will consumers be expected to carry a toxicity test when they eat out or even shop at the grocery?

Will someone please market a sushi preparedness kit? A pair of organic-based chopsticks, chemical free soy sauce, natural wasabi, and a box that you can drop your food into to assess mercury levels before you put it into your mouth. Ok, just kidding. But you get the idea.

Update: Apparently Greenpeace offers a $25 mercury do-it-yourself test kit.

The results are in, and the findings are worse than we anticipated: one in five women of childbearing age that were tested have mercury levels exceeding the EPA’s recommended limit.

“In the samples we analyzed, the greatest single factor influencing mercury exposure was the frequency of fish consumption,” said Dr. Steve Patch, Co-director of EQI and co-author of the report. “We saw a direct relationship between people’s mercury levels and the amount of store-bought fish, canned tuna fish or locally caught fish people consumed.”

Yikes again. Is this Department of Homeland Security material? Or will this be left up to the EPA to sort out?

SocGen hack update

I just noted that the sad story about the investment trader gone bad has been distilled down to a case of weak password/user controls:

Societe Generale might have been able to prevent a year-long binge of fraudulent transactions by one of its mid-level traders – which the French banking giant confirmed this week has cost it more than $7 billion in losses – simply by instituting stricter password controls and applying available software that tracks transactions to individual workstations, analysts told SCMagazineUS.com today.

They do not mention clear-text passwords as one of the gaps, but I bet stronger passwords would have only helped a little. The article suggests that administrators should not have access to users passwords, but few systems actually allow this by design. Two-factor would have definitely been better, but it still begs a few simple control questions.

Dutch Transport Cards Exposed

Ed Felten has described some interesting and somewhat simplistic flaws in a Dutch smartcard
based transportation payment system.

Among other foolishness, the designers used a custom cryptosystem and 48 bit keys.

The fundamental security problem with the disposable Ultralight card is that it doesn’t use cryptography, so the card cannot keep any secrets from an attacker. An attacker who can read a card (e.g., by using standard equipment to emulate a card reader) can know exactly what information is stored on the card, and therefore can make another device that will behave identically to the card. Except, of course, that the attacker’s device can always return itself to the “fully funded” state. Roel Verdult of Raboud University implemented this “cloning” attack and demonstrated it on Dutch television, leading to the recent uproar.

The Dutch have only invested $2 billion so far for this amazing system that accidentally gives away rides for free.

More detail on the hacks can be found in a presentation by Karsten Nohl and Henryk Plötz called “Mifare: Little Security, Despite Obscurity“, hosted by the 24th Chaos Communication Congress.