Hi Ken and Espi, The problem or risk does not warrant a single solution, there is no "catch-all". Abandoning the key and lock is not the answer, IMO. For instance, let's say I have a two story house and I have a 6 ft fence around my house's perimeter to reduce the likelihood of theft (risk), however, I want to double my security because I'm concerned that a criminal could just come in with a 6 ft ladder and breach my defenses. So, I invest in a 12 ft fence so the criminal can't breach my defenses. Did I double my security? No, because a criminal could easily use a 12 ft ladder and then BOOM.
My proposed solution is to diversify the security approach as much as possible and use defense in depth, do JUST enough so that the criminal thinks twice about picking your house while he/she is on their neighborhood hunt. E.g. Leave a light on next to a front window, hang up signs that advertise your alarm system (even if you don't have one!), have a deadbolt installed on your front door or have a sign warning of beware of your dog. Sometimes it's even recommended to have deterrent plants against fences or near entrances on the property such as roses and thorny bushes. My two cents. :) Regards, James Chicago, IL, United States From: [email protected] [mailto:[email protected]] On Behalf Of Ken Schaefer Sent: Thursday, July 31, 2014 8:57 PM To: [email protected] Subject: RE: [NTSysADM] This was inevitable, but it's still a good reminder So if thats something thats OK with you, what exactly are you arguing here, Ken? I'll try to explain it succinctly: a) Criminals 'follow the money' [1] b) Setting up cameras to photo PINs at ATMs is financially viable for criminals - you might get a few PINs out of thousands of customers, but that pays for the technology. This is different to setting up cameras outside a private residences, where to get the same "hit" ratio, you'd need to setup 1000 cameras outside 1000 residences, to get the same few keys c) Where technology (e.g. CC chip-n-PIN) has evolved to counter new threats, this is because the risk from the criminal threat (whether that be financial, reputational or whatever) has become significant, despite the best efforts of law enforcement, insurance companies and so forth, to do something about it. d) To date, the risk you talk about doesn't seem to warrant the wholesale abandonment of a tried-n-tested technology that you advocate as being required, especially given that the alternatives all have their own significant drawbacks. If there was substantial losses arising from this new threat, I would expect insurance companies (at the very least) pushing people to adopt counter measures, or alternate ways of securing their entry ways. Is that clearer? [1] (let's leave aside the stupid ones, or the ones not thinking straight due to being under the influence etc.) From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Micheal Espinola Jr Sent: Friday, 1 August 2014 11:39 AM To: ntsysadm Subject: Re: [NTSysADM] This was inevitable, but it's still a good reminder Surely we all hold our keys in our hands when we use them - but I dont think we do anything to obstruct the important-end with the teeth from public view - like what we might do when we enter a pin. I would put forward that people typically take out their keys, look at them to confirm the correct key as well as orientation, and then also briefly pause the key in mid air while confirming visually the proper orientation/alignment with the lock. You forever run the risk of locking yourself out of you own home or car. Do you have a car with a fob-only starter, with no key override? Those are tons of fun to replace. Very time consuming; very expensive. So wait - you dont think that current CC's should stay the same for another 1000 years? (hey. I can use "1000" too). If current CC's should change, is that not saying that the current less-secure variation "have to go"... in order to make way for a new version? So if thats something thats OK with you, what exactly are you arguing here, Ken? -- Espi On Thu, Jul 31, 2014 at 6:17 AM, Ken Schaefer <[email protected]<mailto:[email protected]>> wrote: I tend to hold my keys in my hand when I insert those keys into a lock, so I suspect that taking photos will be somewhat harder. Photographing people's PINs at an ATM or similar location is a numbers game - for every 1000 people, you might get 10 or 5 PINs, which makes the endeavour worthwhile. Installing surveillance outside private property would involve 1000x the expense, probably making it not worthwhile. And if you install your own counter-surveillance, then even if your physical key is compromised (assuming you only have one lock), you can record the perpetrators in the act, and claim on insurance and report to law enforcement. In my line of work, I've seen this 1000 times: - Solution 123 (doesn't meet requirement ABC || is vulnerable to exploit DEF). We should look at solution 345 or 678 The issue is that whilst 345 or 678 might mitigate or solve the defect with 123, it introduces new vulnerabilities or other non-compliance with requirements. And Solution 123 typically has a proven history behind it, and there are alternate measures that can be employed to satisfy ABC. Keys and locks have served us well for hundreds of years (notwithstanding the threat of people lock picking your locks - despite that issue being around, we live with it every day). Introducing more complex keys, or electronic countermeasures introduces other risks. For example: If you make keys impossible to copy, then you run the risk of a Denial of Service attack against yourself if you lose your own key (e.g. through complete accident). No doubt threats continually evolve - and this is an example of an emerging threat. However countermeasures also continually evolve. Criminals (other than the really stupid ones) follow the money. There's entire industries (e.g. insurance), not to mention law enforcement, that work to make crime not pay. It's the same reason why, eventually, the entire world, will have CC cards with chips and require PINs. Until the next round of attacks and countermeasures. Cheers Ken From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Micheal Espinola Jr Sent: Thursday, 31 July 2014 7:09 PM To: ntsysadm Subject: Re: [NTSysADM] This was inevitable, but it's still a good reminder I've read that article before, and agree that it is a good read. I didnt realize thats what you meant, because I dont concider that a realistic proposal to the threat - especially giving what you are potentially asking of the general public. The threat, as I addressed it in my initial reply, is that a common-style key can be copied in an automated fashion via photographs. As an current example: A key factor in a lot of identity theft that happens with "skimmers" also incorporates video surveillance to steal pins, zip codes, etc, to be used with the skim-copied card. Surveillance could similarly be set up at residences and other building egresses to capture images of keys for duplication. Let alone that people casually place their keys down all the time. Perhaps I'm misreading the situation, but this is what I see as the worst aspect of the threat - particularly because I see no need for physical possession. -- Espi On Wed, Jul 30, 2014 at 11:52 PM, Ken Schaefer <[email protected]<mailto:[email protected]>> wrote: A simple solution would be not to give your keys out to untrusted parties Fwiw, the Technet article was written by Steve Riley: "It's Me, and Here's My Proof: Why Identity and Authentication Must Remain Distinct" - it's a good article, worth reading. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Micheal Espinola Jr Sent: Thursday, 31 July 2014 4:42 PM To: ntsysadm Subject: Re: [NTSysADM] This was inevitable, but it's still a good reminder I'm sorry, what exactly was your proposal? Was it the technet article? I didnt read it. -- Espi On Wed, Jul 30, 2014 at 9:13 PM, Ken Schaefer <[email protected]<mailto:[email protected]>> wrote: So, what's wrong with my proposal? You didn't address that anywhere, unless I've missed it somehow. (leaving aside the issue of traditional lock picking, which has been an issue, or non-issue, for years) From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Micheal Espinola Jr Sent: Thursday, 31 July 2014 1:34 PM To: ntsysadm Subject: Re: [NTSysADM] This was inevitable, but it's still a good reminder I'm referring specifically to the standard types of keys that are used by consumers for thier private property. Current common door locks/keys are decreasingly viable as a security solution, and have been for years. If a common key can now be duplicated via automation simply by a series of pictures, then its really time to put this antiquated system to rest. Keys need to become more complex. Its not that I have issue with the concept of physical keys - its a problem with the low-tech variations of common locks that are still so prevalent around the world. "Authentication" issues aside, the typical mechanical systems are still not complex enough to prevent basic lock-picking methods. And now, we are subject to duplication by photograph? I think this is a horrendous turn of events. Cool tech, but how utterly exploitable on a massive scale. People are already subject to video-based types of identity theft. Now, I would speculate, that we can welcome breaking and entering. -- Espi On Wed, Jul 30, 2014 at 7:14 PM, Ken Schaefer <[email protected]<mailto:[email protected]>> wrote: Why do they "have to go"? Keys are a physical authenticator (something you have). You give it to someone else, and you run the risk of it being cloned or otherwise compromised. A simple solution would be not to give your keys out to untrusted parties... I think the fundamental issues with using current keys is that there's no separation between identity and authenticator. Just like using your CC number online: http://technet.microsoft.com/en-us/library/cc512578.aspx is an old article, but still applies. Not to mention the lack of simple revocation mechanisms, audit capabilities etc. :) Cheers Ken From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Micheal Espinola Jr Sent: Thursday, 31 July 2014 11:11 AM To: ntsysadm Subject: Re: [NTSysADM] This was inevitable, but it's still a good reminder It was inevitable. Locks and keys as they have existed for decades simply have to go. -- Espi On Tue, Jul 29, 2014 at 7:17 AM, Kurt Buff <[email protected]<mailto:[email protected]>> wrote: Physical security is just as important as computing security http://www.wired.com/2014/07/keyme-let-me-break-in/ IMPORTANT: This message may contain confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure as information can be intercepted, lost, arrive late or incomplete. The sender therefore does not recommend total dependence on e-mail for secure and timely communication.
