Interesting People mailing list archives
more on eol Key Bumping
From: David Farber <dave () farber net>
Date: Wed, 4 Jan 2006 13:55:19 -0500
Begin forwarded message: From: Andrew Pam <xanni () glasswings com au> Date: January 4, 2006 1:21:36 PM EST To: David Farber <dave () farber net> Subject: Re: [IP] Key Bumping On Wed, Jan 04, 2006 at 11:19:47AM -0500, Dave Farber wrote:
From: "Rabkin, Eric" <esrabkin () umich edu> Date: January 4, 2006 10:01:43 AM EST Subject: RE: [IP] Key Bumping Folks, I just found out about the "bumpkey" from http://www.toool.nl/bumpkey-alert.wmv. Don't download that on a slowconnection, but if you watch it you'll get a real feeling of insecurityabout expecting locks to protect your house. Apparently (see, for example, http://www.toool.nl/index-eng.php), "bumping" is real and as soon as the idea spreads, houses may as well not have mechanical locks on them. :(
That's an alarmist exaggeration. See for example http://connectmedia.waag.org/toool/whatthebump.wmv (warning: 97 minute video!) This is the video of "Bumping Revisited", a conference presentation earlier this year in which bumping is explained and demonstrated, andthen new countermeasures from lock manufacturers are shown and discussed.
Executive summary: Security by obscurity serves to prolong bad design which the bad guys likely already know how to break. Open lockpicking has already lead to new improved lock designs. Share and enjoy, Andrew -- mailto:xanni () xanadu net Andrew Pam http://www.xanadu.com.au/ Chief Scientist, Xanadu http://www.glasswings.com.au/ Partner, Glass Wingshttp://www.sericyb.com.au/ Manager, Serious Cybernetics
------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on eol Key Bumping David Farber (Jan 04)