Category Archives: Physical Security

Medeco Embracing the Locksport Community

Filed under Physical Security

Medeco Locks

Via the Emergent Chaos blog…

If you follow physical security and specifically the “Locksport” community you might be interested in the open letter by Peter Field (chief architect of Medeco products) stating that Medeco (a big high security lock manufacturer) is embracing the Locksport community. This is huge news considering that lock manufacturers in general have been pretty reluctant to support the research of Marc Tobias and others in the past. From Marc’s post on In.Security:

“So it often falls upon the Locksport enthusiasts, hackers, or security professional, outside of the lock manufacturing community, to demonstrate vulnerabilities that should have been discovered by the manufacturer before offering their products for sale. In my experience, design engineers learn how to make things work quite well; they rarely are educated in how to break them. That is a fundamental problem. If locks were designed properly, hackers and others would not be able to circumvent security. It is about time that manufacturers recognized that the more minds that are evaluating their products, the better.”

You can read the full open letter posted on NDE here. Very good read as well as Marc’s response. By the way, check out NDE (Non-Destructive Entry) magazine. It’s a good magazine on the Locksport community and lock picking in general. Issue #3 even has a good article about the “Tiger Team” show that had a short appearance last year on TrueTV.

Geek out with your own RGB combination door lock

Filed under Physical Security

Hack a Day posted a cool tutorial today on how to make your own RGB combination door lock. What is this monstrosity of geekness? Think Star Trek, Star Wars or any other science fiction movie with scenes of cool blinky lights! Now you too can secure your man room, computer lab or whatever and really impress your friends. From Hack a Day:

“Instead of typing in numbers, your password is a unique set of colors.”

“By entering the correct color code, the pad will flash green and unlock the door for 10 seconds. If you go over the limit counter, it will flash red for 30 seconds.”

Pretty cool. Check out the pictures and details on the Hack a Day web site. Anyone have the nerve or electronics knowledge to put one of these together? Looks like part 2 of the article will talk about how to make the PC board, cut a custom wall plate, install the lock strike and more.

HSBC branch server goes missing

Filed under Physical Security

<%image(20080509-hsbc.jpg|133|86|HSBC branch server goes missing!)%>

This is one of those security breaches that underlines the need for physical security if you are doing remodeling or construction where there is potentially sensitive customer data being held…like a bank! From the official bank disclosure:

“The Hongkong and Shanghai Banking Corporation Limited confirms one of its computer servers went missing on 26 April 2008 at its Kwun Tong Branch, which has been undergoing renovation. The data held on the server includes account number, customer name, transaction amount and transaction type.”

Nice! This just adds to the list of breaches that HSBC has announced recently…not a good time to be an HSBC customer. Seriously though, all banks should look at the physical security around these renovations..most construction sites I have seen have no security at all. I hardly ever see even a security fence around these locations. Take a look next time you drive by a store or building that is under a remodel or construction. You might be surprised at the lack of physical security of these locations.