Physical security and cryptography can learn from each other, part 11367:
-
@ariadne @rhelune @th @mattblaze floors with shared amenities are usually open to all cards (provided you have one). Some hotels also doing restric your floors, but simply required a valid card to take the elevator, trying to prevent non-customer coming into the hotel from being able to wander in the corridors. This is obviously defeated by stairs (that are usually present) or simply by riding the elevator with other people.
-
@ariadne @rhelune @th @mattblaze floors with shared amenities are usually open to all cards (provided you have one). Some hotels also doing restric your floors, but simply required a valid card to take the elevator, trying to prevent non-customer coming into the hotel from being able to wander in the corridors. This is obviously defeated by stairs (that are usually present) or simply by riding the elevator with other people.
@halfa @ariadne @th @mattblaze Sure but, if you scan keycard because there is a scanner in the lift and press the top floor to go to the bar, you do not want to be automatically taken to the third floor.
-
Physical security and cryptography can learn from each other, part 11367:
Hotels wisely don't put the room number on guest keycards so if someone finds your card, they'd have to exhaustively search the hotel to find the room it opens.
Some hotels now have elevators programmed to only let you call the floor for which your keycard is coded, preventing guests from wandering to other floors.
But it also means the elevator can be used as an efficient oracle to determine the floor of a found key.
@mattblaze For various reasons, I'd recommend using the stairs.
-
@benroyce @mattblaze It's a funny idea, but as I'm sure you'll know this isn't like dropping your file/USB stick, it's not unlikely a customer will misplace their card and then 'miraculously find it again' in the surrounding area, as that's what they walked past
well if i was being serious, the burly guy in the basement would have been named Bob
-
well if i was being serious, the burly guy in the basement would have been named Bob
@benroyce @mattblaze Well, yeah, Steve is just too nice, isn't he?
-
@mvaneerde @mattblaze Is this the overengineering we sometimes hear about ?
On a more serious note, that would probably be immediately offset by half the staff being confused, and many guests both getting lost, and complaining to the front desk.
Guests have learned this feature. Some (many?) even rely on it to avoid remembering the floor - scan the card, smash some buttons, done.
Now they would end up on semi-random floors...@richlv @mattblaze all valid concerns. In the "pro" column I will add guests would have more recourses if the ice machine on their floor breaks
-
In other words, restricting the elevator in this way is a bad tradeoff. It makes it harder for guests to visit their friends on other floors, but it reduces the complexity for an outsider burglar from O(|rooms|) to O(|floors|) + O(|rooms-per-floor), a much more feasible search space.
(The point here is not about securing any specific hotel or keycard system. The point is that thinking about security in abstract terms can reveal properties and weaknesses that aren't otherwise obvious.)
-
(The point here is not about securing any specific hotel or keycard system. The point is that thinking about security in abstract terms can reveal properties and weaknesses that aren't otherwise obvious.)
In the holiday house we rent there is a masonite panel in a closet under the stairs, with screws in the corners.
Since it seems to hide something (actually it hides just the heating pipes) I wrote on the wall behind it: "The safe is not here! Try again!". -
@JeffGrigg @print @canacar @mattblaze Take a photo of the paper sleeve, leave it in the room. I always know which room is mine by the "do not disturb" hanger, additionally, the thief is less likely to try such a room.
@rhelune @JeffGrigg @print @canacar @mattblaze Take a photo of the Do Not Disturb card too, just in case.
-
@mattblaze same applies to i.e. self-storage units.
@kkarhan @mattblaze Isn't a hotel room a self-storage unit?
-
@mattblaze
Key self-destructs after 3 failed rooms.
Say there are 30 rooms on your floor, chance of a successful breakin: 10%@jjponders @mattblaze Good luck, Jim.
-
@richlv @mattblaze all valid concerns. In the "pro" column I will add guests would have more recourses if the ice machine on their floor breaks
@mvaneerde @mattblaze Do the random floors change every time guests use the lift?
In a way that "feature" makes me feel less safe. What do you mean, in your hotel it is dangerous and there are random burglaries or something?
Sidenote: "ice machine" seems like such an American thing. I recall my first visits to the USA many years ago, and
-
@kkarhan @mattblaze Isn't a hotel room a self-storage unit?
@oclsc @mattblaze last time I checked a self-storage unit doesn't allow sleeping in.
-
In other words, restricting the elevator in this way is a bad tradeoff. It makes it harder for guests to visit their friends on other floors, but it reduces the complexity for an outsider burglar from O(|rooms|) to O(|floors|) + O(|rooms-per-floor), a much more feasible search space.
@mattblaze same with parkades where keywords are associated with being let in and out.. had used parkades in storms to remove ice and snow to allow ability to see better and wheels to be deiced for further movement
