-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 11 Oct 2000, Arnold G. Reinhold wrote:
> Derek Atkins adds:
>
> >
> >Why try to pick a Medeco when it's locking a glass door? :-)
>
> The fact that some people put Medeco's in glass doors, doesn't mean
> Medeco should never develop a better lock.
Sure, Medeco should keep working on developing the best locks that it can
produce.
However, if you are going to design your structure with a glass door, it
really makes no technological sense to exceed the security provided by the
glass door with the other components (locks, hinges, etc.). Put a Medeco
or an ASSA in a door that can be jimmied or broken down, and you've gained
nothing that you wouldn't have had with a high quality lock lacking a
sidebar. Except a warm fuzzy feeling inside: "We have unpickable locks!"
Most burglar aren't going to spend the time picking your locks,
regardless of what you have installed. The James Bond approach of sticking
a pick in a lock (sans tension wrench), wiggling it a half a second, and
then opening the door is pure fantasy. Lock picking, even for a very
seasoned locksmith, takes more time than can be afforded in most cases.
The same principle applies for fancy biometric access measures. I've seen
high profile Internet security companies that have hand geometry scanners
and I-Button controlled locks on doors that have door hardware that can be
opened with pen-knives, coat hangers, and credit cards in a matter of
seconds.
How about ISP collocation centers with private, locked compartments for
security conscious customers? Check the raised floors and the drop
ceilings. In many cases, I fear, you will find that the steel doors on the
compartment stop 18 inches above the concrete floor below, and/or don't
extend past the ceiling tiles. Is it likely someone is going to pop the
floor tile, craw around the cables and then pop up in your private collo
space? No. But you as the customer deserve to be aware of where the
weaknesses are.
The only reasons I see for having a security system (be it an encryption
product, or a physical access device) with a large discrepancy in the level
of security that the individual components provide is either:
a) Incompetence on the part of the designer, when the weaker component is
thought to be as or nearly as secure as the stronger component, or
b) An intentional marketing design stunt, where the purpose of the
stronger component is to make the consumer comfortable with using
an inherently weaker solution, or
c) "Future capacity planning" (see also: budget cutbacks).
Perhaps most excusable is "c", where the hypothetical Medeco would be
installed in the glass door, with the intention of implementing a steel
door in the future, while retaining the Medeco lock. The chances of such
improvements happening decrease drastically the longer the weaker (but
working) solution is in place. ("It's been good enough so far...")
As for the other two reasons, obviously, "a" is the better case here, as
the problem will (in a lot, if not most cases) be corrected after being
discovered. I am disgusted by the use of security devices purely for
marketing reasons. The mentality that "It doesn't matter that we can't
provide quality entropy in our encryption product as long as we can say we
use 256 bit Twofish" is demonstrative of negligence. I want to be told the
security of the *weakest* part of the system, as that is the measure of
the entire system's security. Then I will decide if it is sufficient for
me.
Certain things we just take for granted. No one seems phased by using
wooden or glass doors to secure sensitive locations. Some people
religiously arm their car alarms, but when was the last time you paid
attention to a blaring car alarm, other than to wish it would stop? Does
anyone hear one of those, and call 911 to report theft? I don't think
so. Who here actually verifies ssh key fingerprints before accepting them
upon connecting to a host for the first time? Or when the host key
changes? Very few people, I would bet.
Security is a ritual, not a product.
- -MW-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3
Comment: No comment.
iQEVAwUBOeT/dSsFU3q6vVI9AQFVdwf/YvVNrEnup42xIZh6xasSkGuvW1IIqLTL
rUBLgI67Ip/Cpv7Q127nzv/1oQzVkfSSPzfRmN7UnjQMDQab+LQHqUv22eIDk5Ft
9Zoqef5JeKmz7NkUjt+6GX/B4WTHo3ZefrIVD0Hqg4dkTTsFC+ibiqEnC3xM4gT6
xHUpbnX/Vhfudw+j1bpkUwTFFlP0lPKVEK803bNOMoPUcubHj9TRoFq64f+got5s
ieEqPMEc3/EZAq+/72kZgZHMN1YEBg3rZ+i2EaZhG5iIleEO69DqYau6kVUxX5lJ
nEditzNjXox4jV0p+CwBCRU4r6WFX27480zh5iAo6M24FFfQlg/sng==
=fjfM
-----END PGP SIGNATURE-----
