Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Taral
On 2/26/07, Hadmut Danisch [EMAIL PROTECTED] wrote: Each of these (three digit code) locks had a small keyhole for the master key to open. Obviously there are different key types (different size, shape, brand) as the locks had numbers like TSA005 tell the officer which key to use to open that

RE: padlocks with backdoors - TSA approved

2007-02-27 Thread Ian Farquhar \(ifarquha\)
Some of the locks have special indicators which flag that a TSA key has opened it, which marginally improves the idea, but not by much. Whether those flags could represent a defence in the case of a corrupt official in possession of TSA keys I do not know. Without such flags, it's an

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Allen
Hi Hadmut, Welcome to the world of total stupidity. I was in the hardware store the other and looked at those cheap luggage looks and thought about how thieves might be able to utilize the weakness of the system to rip off people, but then..., well I looked at the Master brand, generally a

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread David Chessler
At 03:20 PM 2/26/2007, you wrote: ?xml version=1.0 encoding=US-ASCII? Hi, has this been mentioned here before? I just had my crypto mightmare experience. I was in a (german!) outdoor shop to complete my equipment for my next trip, when I came to the rack with luggage padlocks (used to lock

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Nicolas Rachinsky
* Hadmut Danisch [EMAIL PROTECTED] [2007-02-26 21:20 +0100]: has this been mentioned here before? I don't know if it was mentioned here. Bruce Schneier wrote about it some time ago. http://www.schneier.com/crypto-gram-0404.html#2 http://www.schneier.com/crypto-gram-0405.html#10 Nicolas

RE: padlocks with backdoors - TSA approved

2007-02-27 Thread Trei, Peter
Taral wrote: I'm just waiting for someone with access to photograph said keys and post it all over the internet. Let us hope that happnes - it won't make passenger security worse, and would demonstrate that The Emperor Has No Clothes. Even if that doesn't happen, it is presumabley feasible

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Hadmut Danisch
Hi Allen, On Mon, Feb 26, 2007 at 09:23:30PM -0800, Allen wrote: Hi Hadmut, combination lock brands in the $30 to $45 USD range where you can set the combination to whatever you want. Guess what? They all seemed to use the same key to enable setting the combination. Why make it that

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Hadmut Danisch
On Tue, Feb 27, 2007 at 01:09:00AM -0500, David Chessler wrote: This is why I don't bother with padlocks until I get to the hotel room. It is a good idea to slow down the petty thief, but a twist tie from a plastic bag will work. I use the nylon straps used to hold cable bunches in place.

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Hadmut Danisch
On Mon, Feb 26, 2007 at 10:36:22PM -0600, Taral wrote: I'm just waiting for someone with access to photograph said keys and post it all over the internet. It does not need access to the keys. Do you know that car Volkswagen Golf? As far as I know also sold in the USA. In the eighties

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Ralf-Philipp Weinmann
On Feb 26, 2007, at 21:20 , Hadmut Danisch wrote: Hi, has this been mentioned here before? Yes. It is old news, Bruce Schneier's Cryptogram mentioned it in April 2004, actually [1]. Never seen anything in real world which is such a precise analogon of a crypto backdoor for governmental

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Sean McGrath
Ian Farquhar (ifarquha) wrote: [...] However, I will say that any government (or other) program which assumes the honesty of employees and contractors is fundamentally flawed, and any associated risk analysis is either incompetent, or in failing to identify risk to travellers, seriously

U-Prove features (Re: announce: credlib library with brands and chaum credentials

2007-02-27 Thread Christian Paquin
Adam Back wrote: About flexibility and generality I mean Brands has a huge list of features, like a very efficient observer setting, with cheap operations suitable for an 8 bit smartcard, limited multi-show (though linkable, there is an online credential refresh phase if unlinkable is desired),

Details of the backdoor-padlock

2007-02-27 Thread Hadmut Danisch
Hi, made two pictures of the padlock with the backdoor: http://www.danisch.de/tmp/pict0951x.jpg shows the TSA keywhole: Just a very simple standard key cylinder, pretty easy to produce a general key from any lock. But that's waste of time. The lock suffers from the same weakness almost all