I once worked for a company that kept its passwords locked in a safe. One day, all other copies of the password were lost, and they needed it, but the safe's key could not be found.
They expensed a sledgehammer and obtained the password through physical modification of the safe using a careful application of force. Some employees complained that meant the safe wasn't... well, safe.
The security team replied "Working as Intended" - no safe is truly safe, it's just designed to slow down an attacker. At that moment, I was enlightened.
I worked on port facilities. Everything corrodes quite quickly, and locks and keys need to be replaced fairly regularly. Once, there was a problem with key management following the replacement of locks on a building containing emergency diesel generators.
The doors were heavy, 45-minute fire-rated security doors, aka "Fucking heavy doors that can cut your fingers just from inertia or wind.".
These doors had to be opened quickly in the middle of the night. There was no locksmith on call, but there were boilermakers. Supports and a chain were welded to the doors, and a T-Rex container mover was used to carefully pull the doors off the building.
The whole operation took less than an hour. Physical security is a matter of time and resources.
However, for good safes, there's a rating on how long it takes.[1] Ratings start at TL-15, for 15 minute resistance against hand tools. They go up to TXTL-60: torch, explosive and tool resisting for 60 minutes. Safes with these ratings will have a metal plate indicating UL testing and approval.
If there are any rated safes on Amazon, I can't find them. A real TL-30 1 cubic foot safe sells for about $2000 and weighs about 500 pounds. Amazon sells something that looks similar for about $100 and weighs about 15 pounds.
There's a separate set of ratings for fire protection, from the NFPA. Fire safes are much simpler. They have more insulating materials and less steel.
[1] https://www.vaultandsafe.com/vault-safe-classifications/
Thunderbolt and Lightfoot (movie).
Obligatory xkcd
https://xkcd.com/538/
please stop mention this anymore, I gonna crazy
Why? There are actually valuable takeaways from this.
One would be that people are the weak point in your security system. If all your organizational security hinges on one guy not folding, that guy is the natural target. Whether a literal 5$ wrench is used or they bribe him makes no difference.
That means you could consider shaping your org in a way that is resistent against this by e.g. decentralizing secrets. That means instead of bringing a "5$ wrench" to one person (which may even work without raising suspicion), you now need to convince multiple people at once which is much more unlikely to work without being detected.
All you need to do is s/wrench/social engineering/ and you will understand exactly why it's such an effective--if not infallible--vector of attack.
The only defence is to not have the secret at all.
In a similar way sometimes the best way to protect data is not to collect it of if you collect it not keep it around in its raw form.
As for secrets, you sometimes need to have them for very good reasons. If you can reach the same goals without a secret while having the same protection going without a secret is a good choice.
But let's assume if you want the cryptographic protections of confidentiality (through encryption), authenticity (through signatures) and integrity (also through signatures or hashes) chances are someone somewhere has to store a secret. If that someone isn't you it is someone else (or something else).
But if you want to protect data with encryption and you should be the only one who can decrypt it I don't really know how you would do it without any form of secret.
Please mention/link it even more. All security nerds _need_ to see this comic once a month.
Why? Everyone knows about rubber-hose cryptanalysis. The whole point of cryptography is to reduce them to this.
If they want our information, they should have to become literal tyrants, send armed men after us and violate human rights in order to get it. Not push a button on a computer to tap into their warrantless global dragnet surveilance networks and suddenly have our entire private lives revealed to them on a computer screen.
Yes, people will fold if they are kidnapped and tortured. That's not news. Forcing them to stoop to that is the entire design. Once the situation has escalated to that level, you are justified in killing them in self-defense. Torturers don't make a habit of allowing their victims to live and testify about it.
>Everyone knows
Don't make me link 1053 ;)
Petition to ban all xkcd links and references effective immediately.
It's really pretty stupid. Your encryption is there in case your laptop gets stolen. If you have people willing and able to kidnap and torture you to get your data, you have much bigger problems than the fact that they'll probably get it.
once a month???? I literally see this once every 2 days
every comment that has little bit content of security/cryptography/secure/blockchain/CIA etc always mention this particular entry
Just wait until you discover '10,000'.
It’s tonyhart7’s lucky day https://xkcd.com/1053/
https://xkcd.com/538/ LOOK AT IT
I thought maybe cwsx was posting this often but that doesn't seem to be the case. Is it that that xkcd is basically a HN trope at this point?
If you do a site search you'll find 700+ comments linking to it. I wouldn't be surprised if it was the number one most frequently linked page in HN history.
And Randall deserves EVERY single one of them, IMHO!
Slow down -- sometimes. But for the most part, locks are more like envelopes. They produce evidence of tampering.
Which is why McNally (the youtube in the title) demonstrating poor locks that can be opened by simple bypass attacks like shimming or whacking is especially damning for those locks. You can always destroy a lock with brute force, preferably power tools. You also spend years honing your lock-picking skills and open any keyed lock in less than a minute, but good locks make this a difficult craft. But shimming a padlock or whacking a masterlock with another masterlock takes no skill, doesn't leave evidence and allows you to relock it when you are done. It defeats every protection the lock was supposed to provide
Yep. There’s a safe engineer on YouTube who was explaining the history of dial combination locks commonly used for government filing cabinets, etc. He pointed out that you can drill them in minutes but you’d need several hours to make good the damage such that the break in wouldn’t be easily detected. The combined time is therefore the ‘strength’ of the security. (Also, why it might be a good idea to have open sensors on safes, cabinets, etc)
Not sure if you're referring to DeviantOllam or someone else, but here is his awesome talk on safes: https://www.youtube.com/watch?v=-Z_Jv7vuiqg
He is a great source of knowledge on physical security for laymen and professionals alike, and leaves an impression of an extremely amicable and well-rounded human being.
> They produce evidence of tampering.
That's why one of the more advanced challenges in lock picking is to minimize the amount of evidence you leave. Eg even a normal pick can leave some scratches on and in the lock in different places than a normal key.
If I remember right, 'bumping' is an interesting technique partially because it leaves even less of a trace.
Yup, I've got a three bolt break in resistant front door in my house, but right next to it is a window that can be breached in .5 seconds by yeeting a brick though it. But both will leave traces if they've been forced so my home owner's insurance should cover any losses / damages.
That seems to be a rather weak security, especially relying on “…should cover…” to save you, which I presume you have also never been able to test. And that’s without addressing common mistakes like not realizing the policy is for cash value and requires evidence; which people do not have, is not updated, or is not compliant. That can leave people with effectively no coverage at all, with the only test being run in deployed systems… the first time you check if your arms supplier provided quality arms, is when you’re facing the enemy trying to kill your at the front lines.
"Having windows in your home is weak security": The trade-off between usability and security incarnate.
Some windows are more resilient than others.
When I lived in a less than stellar neighbourhood in Germany, we had windows that you couldn't throw a brick through. (Some tougher than usual glass.)
No. You can get security glass. There’s no trade off.
You’re right, they should board up all their windows or live in a concrete box.
Ever heard of security glass? No need to be snarky and unlikable.
You are so confidently stating this as if you mentioned that at all in your previous post lol - obviously that’s not the issue I had with your comment. Sure, I was a little snarky, but you started it with your bad attitude.
Most locks are there to keep honest people honest.
From what I remember, the quality of a safe is measured in minutes, with "15-minute" safes being OK for general use.
It kinda fits how I feel sometimes.
Folks come up with some super secure idea for securing my account and I think "Yeah but maybe I forget the thing ... I do still want to access it."
When the theory hits reality with a sledgehammer
I mean theoretically ever the hardest encryption just buys you time. That time may be long past the lifetime of our own sun, but it just buys you time.
The same is true for locks and safes as well.
Being one of the few people who never had their bicycle stolen in a city where this is common, the trick that always works is: Just make your lock harder to attack than other locks that safeguard comparable things.
Unless your stuff is unique and high stakes that means regular criminals won't pick you since the surrounding stuff looks more intersting and is the easier target.> Good lock + old looking bicycle = no theft
"I parked my old, crappy bike and started locking it. Some guy went past and said, "Don't worry, love - no-one will nick that", and a passing crackhead said "I fuckin' would", and we three strangers shared a moment of humour together. "
I think 'one time pad' encryption can't be decrypted unless you get the key, even given infinite time.
Depends on the length of the key vs the message, but if the pad is 100 percent and has something approaching a random distribution, and the message length is suitably padded, and the results roll over in a modulo that is close to the information distribution, then all valid results become close to equally probable, so, while you may decode a message, it is very unlikely to be the message that was sent.
Still lots of ways to crack a poorly executed OTP.
I’d say
Excellent koan
reminds me of how a few years ago it became fashionable to say that "walls don't work"