Begin forwarded message:
From: Andrew Pam <[EMAIL PROTECTED]>
Date: January 4, 2006 1:21:36 PM EST
To: David Farber <[EMAIL PROTECTED]>
Subject: Re: [IP] Key Bumping
On Wed, Jan 04, 2006 at 11:19:47AM -0500, Dave Farber wrote:
From: "Rabkin, Eric" <[EMAIL PROTECTED]>
Date: January 4, 2006 10:01:43 AM EST
Subject: RE: [IP] Key Bumping
Folks, I just found out about the "bumpkey" from
http://www.toool.nl/bumpkey-alert.wmv. Don't download that on a slow
connection, but if you watch it you'll get a real feeling of
insecurity
about expecting locks to protect your house. Apparently (see, for
example, http://www.toool.nl/index-eng.php), "bumping" is real and as
soon as the idea spreads, houses may as well not have mechanical locks
on them. :(
That's an alarmist exaggeration. See for example
http://connectmedia.waag.org/toool/whatthebump.wmv
(warning: 97 minute video!)
This is the video of "Bumping Revisited", a conference presentation
earlier this year in which bumping is explained and demonstrated, and
then new countermeasures from lock manufacturers are shown and
discussed.
Executive summary: Security by obscurity serves to prolong bad design
which the bad guys likely already know how to break. Open lockpicking
has already lead to new improved lock designs.
Share and enjoy,
Andrew
--
mailto:[EMAIL PROTECTED] Andrew Pam
http://www.xanadu.com.au/ Chief Scientist, Xanadu
http://www.glasswings.com.au/ Partner, Glass Wings
http://www.sericyb.com.au/ Manager, Serious
Cybernetics
-------------------------------------
You are subscribed as [email protected]
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/
