Physical security and cryptography can learn from each other, part 11367:
-
Practical advice: Put your hotel room key in a different pocket than the holder. (The paper holder has your room number on it.)
@JeffGrigg @print @canacar @mattblaze Take a photo of the paper sleeve, leave it in the room. I always know which room is mine by the "do not disturb" hanger, additionally, the thief is less likely to try such a room.
-
@ariadne @th @mattblaze What if you wanted to have a drink at the rooftop bar before going to your room?
@rhelune
Oh, no hotel will restrict access to a bar. They're always free floors.
@ariadne @th @mattblaze -
@rhelune
Oh, no hotel will restrict access to a bar. They're always free floors.
@ariadne @th @mattblaze@hypostase @ariadne @th @mattblaze Yes but you do not want to be taken to the wrong floor just because you swiped your keycard. If the lift acted that way, I would suspect a prank (or worse): https://youtu.be/1Un_oHaf798
-
@hypostase @ariadne @th @mattblaze Yes but you do not want to be taken to the wrong floor just because you swiped your keycard. If the lift acted that way, I would suspect a prank (or worse): https://youtu.be/1Un_oHaf798
@rhelune
I was almost expecting the Scotsmen.
@ariadne @th @mattblaze -
Physical security and cryptography can learn from each other, part 11367:
Hotels wisely don't put the room number on guest keycards so if someone finds your card, they'd have to exhaustively search the hotel to find the room it opens.
Some hotels now have elevators programmed to only let you call the floor for which your keycard is coded, preventing guests from wandering to other floors.
But it also means the elevator can be used as an efficient oracle to determine the floor of a found key.
@mattblaze what if typing a wrong floor bring the elevator to the security reception that thank you for bringing a lot keycard ?
-
Physical security and cryptography can learn from each other, part 11367:
Hotels wisely don't put the room number on guest keycards so if someone finds your card, they'd have to exhaustively search the hotel to find the room it opens.
Some hotels now have elevators programmed to only let you call the floor for which your keycard is coded, preventing guests from wandering to other floors.
But it also means the elevator can be used as an efficient oracle to determine the floor of a found key.
@mattblaze a moot point as anytime I have misplaced a room key I have gotten a new card at the front desk with very little effort.
-
the solution is for the hotel itself to drop keycards around the hotel and in the surrounding area
then when that honeypot keycard is used on the elevator it takes the potential burglar to the basement where a burly guy named Steve is waiting for them with a grin
@benroyce @mattblaze It's a funny idea, but as I'm sure you'll know this isn't like dropping your file/USB stick, it's not unlikely a customer will misplace their card and then 'miraculously find it again' in the surrounding area, as that's what they walked past
-
@mattblaze I enjoy the idea, but are you sure they don't print the room number for security reasons? I was under the impression it was because they reprogrammed them when they gave them to you
@mfdeakin @mattblaze It's easy enough to decide. Are hotels interested in security or in cost? If the room number was on the key, it's extra cost to manufacture, it's extra cost because you'd need twice as many to allow for losses, it's extra cost because you'd need racks to store them, it's extra cost because reception would have to sort returned keys
So instead of having the room number on the key, it's quickly handwritten on the card folder, and you'd never lose that with the key
-
Physical security and cryptography can learn from each other, part 11367:
Hotels wisely don't put the room number on guest keycards so if someone finds your card, they'd have to exhaustively search the hotel to find the room it opens.
Some hotels now have elevators programmed to only let you call the floor for which your keycard is coded, preventing guests from wandering to other floors.
But it also means the elevator can be used as an efficient oracle to determine the floor of a found key.
@mattblaze "Let's align this cheese slice with this other cheese slice."-infosec
-
@ariadne @th @mattblaze What if you wanted to have a drink at the rooftop bar before going to your room?
@rhelune Also annoying if you are staying at a hotel with a group of friends (e.g. for an event). Then you cannot easily go to their floor and have to always meet in the lobby.
EDIT: OK I am an idiot, @mattblaze already covered this exact point! 🤪
>… harder for guests to visit their friends on other floors…
-
@print @JeffGrigg @canacar @mattblaze I've seen worse than not remembering which room you were in. On a trip to southern France, I had to get up early on my final day to get to the airport. I took a cab. As I was about to get in some shirtless British guy, obviously up all night, was asking for help - he couldn't remember where his hotel was (and probably not its name either), and was quite rude when the driver couldn't help. I mentioned a map at the train station (if only to get rid of him)
@canacar Friends were drunk and we saw them get into a taxi on the other side of the street from the hotel. Five minutes later, they were dropped off at the hotel by the taxi driver, who’d taken them around a few blocks.
-
@mattblaze I enjoy the idea, but are you sure they don't print the room number for security reasons? I was under the impression it was because they reprogrammed them when they gave them to you
@mfdeakin @mattblaze
They don't print the room number because they don't have a printer for the cards. (And there's probably a policy against marker pens on stationary orders, for this reason.) -
@rhelune Also annoying if you are staying at a hotel with a group of friends (e.g. for an event). Then you cannot easily go to their floor and have to always meet in the lobby.
EDIT: OK I am an idiot, @mattblaze already covered this exact point! 🤪
>… harder for guests to visit their friends on other floors…
@ruari @rhelune @ariadne @th @mattblaze
Hotels don't want guests visiting each other's rooms. They want guests meeting each other profitably in the bar. (Also make it easier to charge the prostitutes their ground rent.) -
@mattblaze I suspect there is a square-root law here, where optimum balance between the "wandering guest" threat and the "found keycard" threat is achieved by allowing elevator access to the square root of the total number of floors (your own, plus some randomly selected floors)
@mvaneerde @mattblaze Is this the overengineering we sometimes hear about ?
On a more serious note, that would probably be immediately offset by half the staff being confused, and many guests both getting lost, and complaining to the front desk.
Guests have learned this feature. Some (many?) even rely on it to avoid remembering the floor - scan the card, smash some buttons, done.
Now they would end up on semi-random floors... -
@ariadne @rhelune @th @mattblaze floors with shared amenities are usually open to all cards (provided you have one). Some hotels also doing restric your floors, but simply required a valid card to take the elevator, trying to prevent non-customer coming into the hotel from being able to wander in the corridors. This is obviously defeated by stairs (that are usually present) or simply by riding the elevator with other people.
-
@ariadne @rhelune @th @mattblaze floors with shared amenities are usually open to all cards (provided you have one). Some hotels also doing restric your floors, but simply required a valid card to take the elevator, trying to prevent non-customer coming into the hotel from being able to wander in the corridors. This is obviously defeated by stairs (that are usually present) or simply by riding the elevator with other people.
@halfa @ariadne @th @mattblaze Sure but, if you scan keycard because there is a scanner in the lift and press the top floor to go to the bar, you do not want to be automatically taken to the third floor.
-
Physical security and cryptography can learn from each other, part 11367:
Hotels wisely don't put the room number on guest keycards so if someone finds your card, they'd have to exhaustively search the hotel to find the room it opens.
Some hotels now have elevators programmed to only let you call the floor for which your keycard is coded, preventing guests from wandering to other floors.
But it also means the elevator can be used as an efficient oracle to determine the floor of a found key.
@mattblaze For various reasons, I'd recommend using the stairs.
-
@benroyce @mattblaze It's a funny idea, but as I'm sure you'll know this isn't like dropping your file/USB stick, it's not unlikely a customer will misplace their card and then 'miraculously find it again' in the surrounding area, as that's what they walked past
well if i was being serious, the burly guy in the basement would have been named Bob
-
well if i was being serious, the burly guy in the basement would have been named Bob
@benroyce @mattblaze Well, yeah, Steve is just too nice, isn't he?
-
@mvaneerde @mattblaze Is this the overengineering we sometimes hear about ?
On a more serious note, that would probably be immediately offset by half the staff being confused, and many guests both getting lost, and complaining to the front desk.
Guests have learned this feature. Some (many?) even rely on it to avoid remembering the floor - scan the card, smash some buttons, done.
Now they would end up on semi-random floors...@richlv @mattblaze all valid concerns. In the "pro" column I will add guests would have more recourses if the ice machine on their floor breaks
