As far I'm concerned if you hack the door and then post about it on the discussion list you are a real Sudoer :-)

We want the doors to be secure, but the goal of door access is to give more people access not to keep anyone out. Obviously that would be a feature of the system at some point, but keeping someone out of the space is more of an organizational question than a technical one.

Theft and vandalism suck, and we want to avoid it, but the truth is that there is no way to really make it 100% impossible for someone to be malicious if they want to. I would hope that sense we run a pretty open space there wouldn't really be a desire to say steal some valuable if they could just come and use it whenever they wanted to. But that's no excuse for poor security, I know..

tl;dr how much security and what kind it's very much an open question.

--Andrew


On Sun, Mar 24, 2013 at 2:11 PM, Lisha Sterling <lishevita@gmail.com> wrote:
I am a happy girl, sitting in the hackerspace feeling all pwnie, which is like a bronie, only not at all. (But I do like unicorns!)

I was given the password to the downstairs door on Friday. I came inside imagining that there would be other people up here. Alas. There was no one. I tried the downstairs password on the upstairs door. FAIL! (Mine, not the system's or the hackers that put it together.) I could not get in. In fact, I didn't even know the right URL to *get* in the door.

So I sat my bee-hind down on a couch in the common room, got on the wiki, looked up "door access", found the server name for the inside door access, and went there. It took me a few tries to figure out the password, but it was not a hard one.

The door lock is kinda sticky. You can get the right password on the right URL and hear the mechanism trying to do its thing, but the lock doesn't fully unlock. The trick is to push the door closed tighter while the lock turns. 

So, yup, I'm inside. Between bringing cookies and breaking into the space, I guess I should fill out the web form and start calling myself a real sudoer now. :p

How secure do we need these doors to be? If we have people in the space MOST of the time, then there is a lower need for security. With an often empty space, there's maybe more of a risk of theft, vandalism or other nastiness.

Security through obscurity is no security at all.

- Lish

--

_______________________________________________
sudo-discuss mailing list
sudo-discuss@lists.sudoroom.org
http://lists.sudoroom.org/listinfo/sudo-discuss




--
-------
Andrew Lowe
Cell: 831-332-2507
http://roshambomedia.com