Lock Picking Become Obselete?

[LockNewbie21]

Also sorry if i came off trying to be a know it all i wasn't my dad's a data comtech, and basically his department sets up servers for the hospitals central control areas, and they stuff they have only a few would be able to bypass, they run incryptions for the standard 128 on the wirelesss to above that for diffrent things. For example if a hacker got in or cracker which ever you call it they have pre written programs that will detect that presence even if it over a hospital ip adress, because they have another program that regulates were ips can go when they can go, and what times there active. Meaning that its possible.. but not like swordfish or anything like that, they do that becuse if someone got in they could kill the power in the hospital and kill the back up generators and say bye bye to patients on life support. I really doubt a lock maker programing a lock would go through all this, so there ability to be cracked with a intenet download program would be to easy. Anything that has something worth protecting you wont get close to theres back up programs, sniffers logistics and anything you can imagine folling all them, well you'd have to be a genious.



Andy

[p1ckf1sh]

Ok. I dont know too much about electronic locks, as yet, but I do know this... WIRES!!!! Thats right, wires and chip boards. And there lies the weakness of this kind of lock. You dont have to exaustively serch for the combo if you can use a Security Driver to take off the control panel and cross the right wires, or hook up the right... tester? Get what I'm saying.
[...]
I think that hacking electronic locks needs its own locksmithing term. Any ideas?

Ummm... I don't claim that the current versions of electronic locks are outstanding, but even those are mounted in such a way that there is no way to remove or open the device from the OUTSIDE of the door. You can't remove an eurocylinder escutcheon plate from the outside just as well. There is just a plain surface. Manufacturers are not THAT dumb (although the Winkhaus Bluechip fiasco would make you think twice on that...).

Term for opening/bypassing electronic locks. Well, generally speaking I would say the process requires a lot of knowledge on the type of lock and its internals, but after having found a flaw it will prolly be really easy. So "reverse engineering" would be adequate I think.

[p1ckf1sh]

[...description of IP security in a hospital...]
they do that becuse if someone got in they could kill the power in the hospital and kill the back up generators and say bye bye to patients on life support.

I am not bashing your dad or questioning the functionality of the security mechanism he utilises, but I think it is kind of weird to have an option to control the power circuits from a networked computer in such a critical environment.

Does it strike anyone else as an obvious conceptional flaw? What gain is there to the management processes by having this option? How often does a hospital have the need to shut down (all) power? If they really need computerization in this context they might as well use a stand-alone machine in a (physically) well-secured room, not networked in any way. This would raise security in this context much higher than any level of IT security measures. Even with the most sophisticated security, there is still a remaining risk (inside job, disgruntled employee, etc.)

[LockNewbie21]

No buddy i didnt take it like that i jsut said what i knew sorry if i came across that way, i appologize for the mix up.




Andy

[p1ckf1sh]

I doubt locks will ever go out, just becuase mechanical working locks are more reliable and cheap, also for the hacking for each lock that came out, a nerd would sit at his PC type up a Logistic's program to decipher ever possible combo and bam that locks abosolete.

Not necessarily. In one way or another, all electronic locks are comparable to passwords. Every conceivable password is known (you just need to know which symbols can make up a password and how long the password can be at max, wham, you can generate all possible passwords). But passwords are not obsolete, they offer a pretty good level of security when implemented properly.

Becuase once you get into computers ,electroics and such the most obsurd things could jepordize security (Power surge, EMP.. no not the matrix junk the real deal, for example if an atomic bomd is detonated so many miles above say Rhode island it will abliterate every unprotected ciruuit(veryexpensive) from maine to Soulth carolina to alabama) its a little over the top example but when they used to test these bombs this same thing happened.

All right, just two things to note:
1) You don't need an atomic bomb to generate EMP. A van loaded with the proper equipment can quite easily take out the electronics in an apartment complex. For more guided and less powerful assaults you can even build a handheld device. At the 16C3 or 17C3 I have seen such a thing made from microwave parts and a pringles can for aiming, this could take out automobile stereos from up to 150yards away (or so the owner claimed, but I do not have reasons to doubt him because he demonstrated the effects on electronic garbage (old calculators etc.) from a range of ~70 yards).
2) An EMP will most likely NOT open any electronic lock. If the lock is locked in "standby" state and you blast it with EMP the electronics will fail and most likely the lock will stay in its locked state. The only difference is that you can't open it anymore, even with the right keyfob/passcode. But this also happens with "snap-to-secure" locks. If one says that a "snap-to-secure" feature is raising security, because the snapped lock is still locked, but unoperable by the correct key, the same has to be true for an EMPed electronic lock. Therefore EMP is not really a big threat to electronic locks security.

I wonder how susceptible the electronic locks are to van Eck eavesdropping. I think there is a pretty wide range of possible manipulative scenarious....

[p1ckf1sh]

No buddy i didnt take it like that i jsut said what i knew sorry if i came across that way, i appologize for the mix up.

If this was directed at me, no problem, there is nothing to apologize for, no offense made. I was just getting a few thoughts out of my head regarding the system you described and your Dad works on, and I wanted to make sure that you don't misunderstand that as criticizing your Dad. Preemptive, so to say.

Dave a nice day.

[n2oah]

[quote="p1ckf1sh"
2) An EMP will most likely NOT open any electronic lock. If the lock is locked in "standby" state and you blast it with EMP the electronics will fail and most likely the lock will stay in its locked state. The only difference is that you can't open it anymore, even with the right keyfob/passcode. But this also happens with "snap-to-secure" locks. If one says that a "snap-to-secure" feature is raising security, because the snapped lock is still locked, but unoperable by the correct key, the same has to be true for an EMPed electronic lock. Therefore EMP is not really a big threat to electronic locks security.[/quote]

It will, however, completely destroy the lock. If it doesn't have a bypass, you're screwed.