Also need it be said that duplicating an existing card with access would be
entirely trivial and probably easier than going about trying to copy
a security key. So to the best of my knowledge at least, the mag stripe
reader in its current form also won't solve this particular problem for
anyone even mildly determined.
The new 'unhackable' RFIDs are probably the most secure tokens..
Dk
On Friday, February 5, 2016, David Keenan <dkeenan44(a)gmail.com> wrote:
Back when I write that about security keys, I had
assumed that each member
collective deserved a key, plus some extra for various active
Omni organizers. But by all means, the less keys the better.
Re: copying security keys vs regular keys, yes anything is possible but it
seems substantially harder than regular keys, so I respectfully disagree
with the assessment that there's no meaningful difference. There's a lot of
different kinds of high-security keys; are you sure that this
particular type is as easy to copy as you think..? In any event, imo the
fact is that average person will have a much harder time to get such a
key copied, and this is what we would to my mind trying to mitigate with a
better lock - the average person making copies etc
- not 100% unhackable security. Like a bike u-lock, no it won't stop
someone determined to bypass it's security, but it will deter that more
than say just a thin cable lock or not having one.. In my opinion, at least.
If we simply want to remove the keyed lock altogether, personally that's
fine with me. It does seem like the card system has been working well for
some time. If that happens, perhaps access to the card unit could be
audited again just to make sure it's as physically & digitally safe as
possible from being hacked (in the bad sort of way). Again just my 2c.
Best,
David
On Friday, February 5, 2016, Adam <adam(a)aperture.systems> wrote:
> I just moved into a new house, and the front gate has 125 kilohertz RFID
> keys. They're super simple to work with, and even parallax and Adafruit has
> hardware that makes it easy to hack.
>
> Ace monster toys uses the same type of system
> On 5 Feb 2016 3:24 pm, "Jake" <jake(a)spaz.org> wrote:
>
>> why do more than 3 people need keys?
>>
>> -jake
>>
>> On Fri, 5 Feb 2016, Dante Cassius wrote:
>>
>> I strongly feel that security keys probably aren't a good route, for the
>>> simple reason that there are a TON of places that can and will copy
>>> security keys, even though they're not supposed to. Went through this
>>> trying to get an apartment key copied one time and it's seriously not
>>> hard or even that expensive. It's not much of an additional barrier if
>>> somebody wants to give keys to all their friends.
>>>
>>> On Fri, Feb 5, 2016 at 3:05 PM, David Keenan <dkeenan44(a)gmail.com>
>>> wrote:
>>> I agree with Jake; this issue is also why I reccomended
>>> around May of last year that for non-card keys, we get
>>> security keys that can't be so copied easily. That means we
>>> can't make our own keys for the front door as we now do, but
>>> in this instance that's a good thing imo.
>>> The cost would be about $360. (In addition, I think we should get
>>> a locker that auto-locks, as others have suggested.)
>>>
>>> The email I sent back then:
>>>
>>> Requesting this money be transferred to the building card to
>>> purchase a security lock for the front door.
>>>
>>> Budget sheet:
>>>
https://docs.google.com/spreadsheets/d/12mLeOEJEKZS11iQO5yQxVO21f2ldVbV
>>> n9scQWoAmhyM/edit?usp=docslist_api
>>>
>>> Ronald Reed over at Reed Bros recommended the following
>>> high-security lockset (that is physically hard to copy):
>>>
>>> 1x Schlage single-sided deadbolt B560 x 626 ('626'=metal-colored
>>> finish)
>>> $66.00
>>>
>>> 1x Primus cylinder 40-700-626 (for the deadbolt)
>>> $113.00
>>>
>>> Lockset total: $179.00
>>>
>>> Primus keys:
>>> $7.50/ea.
>>> # of initial copies of keys: 20 keys.
>>> 20x keys: $150
>>>
>>> Project cost:
>>> $329.00 + $31.26 tax = $360.26.
>>>
>>> This is obvs more than $2.25/ea for regular keys, but a lot less
>>> than $13-14/ea as for other high-security keys.
>>>
>>> The keys are:
>>> - stamped with a serial so they can only be made at Reed.
>>> - can be additionally individually serialized (no extra charge)
>>> which I think we should do.
>>> - can be restricted by what we decided IE only copied by a certain
>>> set of individuals with ID.
>>>
>>> The Primus keys have normal bumps but also angular divots on the
>>> side. They have an advantage in that, they can also be used with
>>> regular, existing, non-security cylinders for say interior doors
>>> inside the building. 'Standard' keys made to only open the
>>> interior door would conversely not be able to open the
>>> high-security exterior door. If that makes sense.
>>>
>>> I want to state that I think getting a 'standard' lockset rather
>>> than a high-security one would be counterproductive and just a
>>> waste of our money, time, energy. Stamping 'do not copy' on a
>>> regular key, will do next to nothing. If we don't get a
>>> high-security lockset, I am against spending any money on rekeying
>>> the door.
>>>
>>> Reed Bros will ask for ID when using any card (ATM or credit).
>>> Therefore your name has to be on the card, or you have to pay
>>> cash. So if your name is not on the card or you don't have ID, be
>>> prepared to get cash from the Bank of the West ATM first.
>>>
>>> I am happy to install the lock or Matt will probably be way better
>>> at it. If you get 20 keys, ask for them to be individually
>>> serialized. We should then record somewhere, who gets which key.
>>>
>>> We may want to ask people who want a key to pay for them or pay
>>> the omni back for them..
>>>
>>> Provided everyone agrees, I will get these as soon as funds are
>>> available.
>>>
>>> Best,
>>> David
>>>
>>>
>>> On Saturday, January 23, 2016, danarauz(a)gmail.com
>>> <danarauz(a)gmail.com> wrote:
>>> Also, something that I have noticed it that the door
>>> doesn't have a handle from the inside, so the door
>>> bounces out easily, or doesn't reach the position to
>>> lock as easy, so one has to grab the push bar and pull
>>> in, then the door can lock. Well, that is what I have
>>> noticed before and this morning when I came in.
>>> If we lost track of who has the key or copies, then I
>>> support the re-keying too.
>>>
>>> Repeating link sent by Laura:
>>> Sign up for a front door shift
>>> here:
https://ethercalc.com/omni-front-desk
>>>
>>>
>>> On Sat, Jan 23, 2016 at 1:20 PM, Laura Turiano
>>> <scylla(a)riseup.net> wrote:
>>> It may be time to re key the front door, but I
>>> want to point out that there is a process to
>>> receive an actual key:
>>>
https://omnicommons.org/wiki/Keys.
>>>
>>> It would be great to find different hardware
>>> that is more robust and doesn't need relocking
>>> but we dont have money for that right now.
>>>
>>> When there is an event, the event holder is
>>> supposed to have someone stationed at the door
>>> to let people in and tell them where to go.
>>>
>>> If people are smoking the door should still be
>>> closed. They should also be 20 feet away from
>>> the door or windows.
>>>
>>> Sign up for a front door shift here:
>>>
https://ethercalc.com/omni-front-desk
>>>
>>> Laura
>>>
>>>
>>> _______________________________________________
>>> discuss mailing list
>>> discuss(a)lists.omnicommons.org
>>>
https://omnicommons.org/lists/listinfo/discuss
>>>
>>>
>>>
>>>
>>> --
>>>
>>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>>> - - - - - - - - - - - - - - - - - - - -
>>> Help open a people-powered common space in Oakland,
>>> California!
>>>
https://omnicommons.org/donate
>>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>>> - - - - - - - - - - - - - - - - - - - -
>>>
>>>
>>>
>>> _______________________________________________
>>> sudo-discuss mailing list
>>> sudo-discuss(a)lists.sudoroom.org
>>>
https://sudoroom.org/lists/listinfo/sudo-discuss
>>>
>>>
>>>
>>>
>> _______________________________________________
>> sudo-discuss mailing list
>> sudo-discuss(a)lists.sudoroom.org
>>
https://sudoroom.org/lists/listinfo/sudo-discuss
>>
>>