Build Your Own Electronic Key Card Lock

edBX writes "GideonTech.com has a new guide up on how to make your own electronic lock using a key card. Built using a phototransistor, infrared-emitting diode and a few ICs, they are able to turn on their computer using a punched out phone card."

Just a thought...

[GMC-jimmy]

Why isn't there a "Build your own" section like "Ask Slashdot" or "Apache" ? Maybe even a "Slashdot How-To Guide" could turn out useful.

Re:Just a thought...

Why isn't there a "Build your own" section like "Ask Slashdot" or "Apache" ? Maybe even a "Slashdot How-To Guide" could turn out useful.

because then there would be two stories: build your own goatse and build your own cowboy neal. I'm not sure which one I'd rather be associated with.

P.S. I did your mom last night.

Re:Just a thought...

diy.slashdot.org would be cool

Re:Just a thought...

[jimlintott]

How about a roll your own section?

Oops wrong website.

www.norm shit, fucking mouse.

Re:Just a thought...

[Computer!]

Best first post ever.

This is a great idea.

Re:Just a thought...

[znode]

Oh yay...

Build your own Space Shuttle
How to make your own space shuttle using only 230 thousand tons of liquid fuel, 23 tons of spacecraft-grade aluminum-titanium-magnesium-iron alloy, and five 1000-cubic-liter combusion chambers. Easy-to-follow blueprints here!
(Read More... | 423 of 756 comments)

Roll your own Lightsaber
Geekandlightsaber.com recently published a guide on producing your own lightsaber with merely 2 hand-held fusion reactors and 2 focusing jewels.
(Read More... | 230 of 1123 comments)

Create your own Universe
Jehovah!God!Heaven has published a guide on making a home-made universe.
(Read More... | 445 of 1022 comments)

Re:Just a thought...

[BEHiker57W]

Create your own Universe Jehovah!God!Heaven has published a guide on making a home-made universe. (Read More... | 445 of 1022 comments)

This post was clever and nice and I did like it, but I have one pressing question.

Why is G_d still on bitnet? Can't he upgrade to a regular internet email system?

Re:Just a thought...

Isn't it a little ridiculous how many plans are out there on the net to build your own imitations of available commercial products? I envy, but also pity those who have the time and dedication to invest in such pirsuits.

I understand this may sound a little harsh, and many Slashdotters "root for the underdog," but I'm sure some of us here probably work in the consumer product industry and make our living designing/building/selling these things. The last thing we need is another one or one-hundred rogues to take away our business by giving away plans for cheap knock-offs.

Personally I wouldn't spend my time and money into these projects for a few reasons: they haven't been certified, they were designed by an amateur or amateurs (usually), and the cost of time, frustration, raw materials and tools required far exceed the price of just buying an off-the-shelf unit. And to a lesser extent, they are intended to undermine an existing company's business by discouraging the purchase of their product and instead building a cheap rip-off that is "almost" as good.

Re:Just a thought...

[WegianWarrior]

There is a major difference between makeing something (in this case, a keylock for your PC) as a one off, DIY project and starting a produtionrun of them to use on all the PCs at your workplace.

The first you do not primarely because you need whatever you're making, but becase making it is at least half the point. You draw up plans, fool around, modifies things, tries out new ideas and so on... and by the end of it all you have learnt something new, had the pleasure of making somethign with your hands as well as gotten yourself a new piece of (hopefully usefell) equipment.

But judging from your post, you've never had the pleasure of achiving anything on your own, have you?

Re:Just a thought...

[EvanED]

Exactly. For instance, how many people really need something like this card reader? Almost every computer I've seen has a lock that you can turn (with a normal key) that will make it impossible to turn on the computer (not sure about off). Or case mods. Almost the whole point of case mods is doing it yourself.

Re:Just a thought...

[ColaMan]

As all the old-school Bitnet zealots would tell you, Bitnet is God's Own Email system :-)

Re:Just a thought...

If I just get one bite, then my work is done!

Re:Just a thought...

[Jennifer+E.+Elaan]

Granted, a lot of these projects are designed by amateurs and are drastically unprofessional (this one, for instance, could use a lot of help). But sometimes these "amateurs" also happen to be professionals as well, in which case the plans tend to be solid. Often, the "cheap knockoffs" end up with more features than the commercial products in such cases.

It's also false that it costs more to DIY. Sure, there is an initial investment in tools and equipment. The time required is heavily dependant on the skill of the builder and the quality of the tools. If you happen to have mass production equipment (like I once did), you can make prototypes relatively quickly, and even do small production runs. And so long as you already have the tools required and a few good suppliers, it's often much, much cheaper to make your own.

And besides, you are missing how much *FUN* it is to build stuff. You know how Linux was written by a bunch of people for fun? Hardware is really no different, except that it has some sort of mystique that scares off a lot of people.

Re:Just a thought...

[fifedrum]

this card reader is about 3 steps from a roll-your-own keycard accessed door lock... I would use that every day on several doors around the house.

Re:Just a thought...

[bhtooefr]

Hmm, I think two. Try a electronic door lock designed to be added to a kit, and maybe some relays.

Re:Just a thought...

Isn't it a little ridiculous how many plans are out there on the net to build your own imitations of available commercial products? I envy, but also pity those who have the time and dedication to invest in such pirsuits.

Let's look at what this particular product accomplished: he could have bought an electronic lock off the market. I've worked with electronic locks, so let's do a comparison.

This guy's cost: not much.

Cost of an electronic lock: $400+.
Cost of a keycard encoder: $200+.
Cost of a site license for software to encode cards for your electronic lock: $10000.
Cost of a source license for the software or firmware to make modifications to suit your company: inapplicable (not gonna happen, even under NDA - these people are old-school physical security types who believe this would be a security risk (see the recent Schneier interview posted to Slashdot to see what I mean)).

Now hooking this up to a PC is kind of pointless, but imagine hooking this up to the front door on your home. You don't see private homes hooked up with keycard locks as keycard locks are not marketted to individuals and are prohibitively expensive (whether or not it makes sense to put keycard locks in homes is a matter of debate).

Thus, he accomplished something that would not have been possible with a commercial offering.

Re:Just a thought...

[Pooua]

Isn't it a little ridiculous how many plans are out there on the net to build your own imitations of available commercial products?

No. Some people enjoy taking apart and building automobile engines. Some people enjoy designing and building their own aircraft. Some people enjoy growing fruits and vegetables in their own backyard garden. Some people even enjoy coding their own software. So, there is nothing ridiculous about some people enjoying electronic assembly.

I envy, but also pity those who have the time and dedication to invest in such pirsuits.

Here, let me really make your day:

FetchBook.info

List of books on this page:

Encyclopedia of Electronic Circuits, Vol. 4
McGraw-Hill Circuit Encyclopedia & Troubleshooting Guide, Volume 2
McGraw-Hill Circuit Encyclopedia & Troubleshooting Guide, Volume 3
McGraw-Hill Circuit Encyclopedia & Troubleshooting Guide, Volume 4
Printed Circuit Board Materials Handbook
Measuring Circuits
Converter & Filter Circuits
Electronic Technology Handbook
ELEKTA Professional: Knowledge-Based Systems for Electronics, CD-ROM & Manual

Quality Technical Books

Partial list of books on this page:

The Encyclopedia of Electronic Circuits, Volume 6
The Encyclopedia of Electronic Circuits, Volume 7
The ARRL Handbook for Radio Communications (2003), 80th Edition
HF Digital Handbook
Spread Spectrum Sourcebook
Complete Wireless Design
Secrets of RF Circuit Design

I understand this may sound a little harsh, and many Slashdotters "root for the underdog," but I'm sure some of us here probably work in the consumer product industry and make our living designing/building/selling these things.

This has nothing to do with "rooting for the underdog." People build these projects usually because they ENJOY building these projects!

The last thing we need is another one or one-hundred rogues to take away our business by giving away plans for cheap knock-offs.

There are thousands of bakers and cooks in this country, and here I am with a recipe book...

Personally I wouldn't spend my time and money into these projects for a few reasons: they haven't been certified,

That's your choice, of course, but you won't help our society by attacking the hobbiest market.

My Mom sews clothes for people. Nobody has certified her, either, but people actually buy things she has made.

they were designed by an amateur or amateurs (usually), and the cost of time, frustration, raw materials and tools required far exceed the price of just buying an off-the-shelf unit.

There is nothing like the satisfaction of seeing your own project actually work. After I installed an oil pressure gauge in my old Dodge Dart, I spent a lot more time watching that gauge than I required to read the oil pressure.

Years ago, "Radio Electronics" magazine featured directions for etching and assembling the motherboard of a 386 computer from scratch. A hobbiest who could build one of those and make it work definitely would have a lot of bragging rights, even though most people would not understand what he meant when he says he built his own computer.

I enjoy assembling my own computers from component parts. It's kind of therapeutic. Besides that, I have yet to see anyone offer a computer off-the-shelf that is exactly like I want.

And to a lesser extent, they are intended to undermine an existing company's business by discouraging the purchase of their product and instead building a cheap rip-off that is "almost" as good.

Boy, that's going to be a tough sell...

Re:Just a thought...

[zonker]

i second this notion. in fact, several years ago i was going to start up a /. like site that was specifically for BYO x. unfortunately, i didn't have the time to do it and i wasn't sure of the interest that others would have in it... now i find myself still w/o the time, but at least there's interest. :)

Re:Just a thought...

[thynk]

starting a produtionrun of them to use on all the PCs at your workplace.

Acutally, that's not a bad idea. One weekend, install all the locks then be the only supplier for the keys. Sure, you'd get canned, but depending on how many PCs your company has, could be a nice little severance package.

On a slightly more realistic note... DIY stuff like this is one of the reasons I have so much fun at work sometimes. My boss and I go out, find problems and then find solutions to fix them. We've gotten to play with everything from 802.11b on PDA with our own software, Ethernet based relays, Xports, Ibuttons and we each have our own keys to the mill in the machine shop. Next years budget includes device tracking with RFID and fingerprint scanners for checking in.

Obvious Matrix Quote..

[sinjayde]

But Mr. Anderson, what good is your custom made electronic lock when you can no longer find your card?

Re:Obvious Matrix Quote..

[netsharc]

"... when your computer is a melted piece of metal?" would be better. :p

Re:Obvious Matrix Quote..

[EvilTwinSkippy]

There is no card.

Security by Semiobscurity

[the_other_one]

This device will keep the power switch safe
from anybody that does not understand electricity.
Anybody else can bypass the unit with a handy
suitably reshapable piece of conductive material.
Probably a piece of wire would do.
Those whom the computer is protected against
are probably not a threat.

Re:Security by Semiobscurity

[LagDemon]

It's always harder to protect yourself from the people who acually can or want to hurt you, isn't it?

Re:Security by Semiobscurity

People who do not understand electricity
Are a threat to your computer.

Re:Security by Semiobscurity

[JeffTL]

I agree. Better to use firewalls -- this is the work of BIOS or Open Firmware, and encrypting anything of extreme value.

Re:Security by Semiobscurity

[Zibi]

I believe it is the concept that is being presented here. Yes, it may not protect your personal computer from anyone with at least a little knowledge, but the exact same thing could be carried over to a project where the person wouldn't be able to easily access the wires. Such as a case built into a cabinet in a store where to tamper with the circuit would involve dismantiling the device itself since the computer is hidden.

Re:Security by Semiobscurity

[twifkak]

Yeah, but you've got to admit it's pretty fucking cool.

Re:Security by Semiobscurity

[jrumney]

The biggest threat to my server's uptime is my girlfriend, mother or cleaner switching it off, and this would protect quite nicely against that. But to be really safe, it would have to be hard-wired into the wall, not plugged in with the standard IEC lead it is now.

Re:Security by Semiobscurity

[EvilTwinSkippy]

Not without disassembling your PC.

And if they are at your case with tools, you are fucked anyway.

Personally, rather than flip a switch in the power supply, it would be more useful to rework the device to send a coded signal across the serial port. Run a daemon in the background that listens to the serial port, and then passes the appropriate information to PAM.

Re:Security by Semiobscurity

[Hast]

Thing is, most people who are "un-technical" enough that they don't know that turning a computer off can typically be very creative in their ways of turning it off.

If they don't see a power button on the front they simply jank the power cord. (And that's most likely worse, since the power button can be wired to give your computer a shutdown command.)

And there's always the good ol' circuit breaker in case the previous plans fail.

Re:Security by Semiobscurity

[i.r.id10t]

Naw, this is talking about *local security*.

At my house, we enforce local security with a 12 gauge shotgun.

Slashdot mirror

[LoneIguana]

This has already been slashdotted! I think slashdot should mirror sites before it posts the story to prevent killing these poor servers.

Re:Slashdot mirror

[1Oman]

http://slashdot.org/faq/suggestions.shtml#su900

Re:Slashdot mirror

[LoneIguana]

ok. I still think it should be a good idea. Most of these people are posting comments that are not to well thought out because they can't even read the full text of the story. One solution would be for slashdot to cache the page internelly, then after a story is released it could ping the server every minute or so to see if it has gone down. If it has, then the cached page could be brought up and people would still have access, if the server comes back up the cache would be removed. The caches would also be purged after 2 days, when the main wave has passed.

Re:Slashdot mirror

[Computer!]

Another great idea. Mod parent up, please.

Re:Slashdot mirror

there is not enough profanity to express how bad that answer is.

As for commercial sites, they probably won't respond so slashdot away, but personal sites would gladly not be buried. The waiting six hours is crap since the articles are usually referencing something that's either been around for years or some cooler site has already referenced.

Re:Slashdot mirror

Most of these people are posting comments that are not to well thought out because they can't even read the full text of the story.
No, most of the people who post comments that are not well thought out do so because they don't want to read the full text of the story. Most people on Slashdot don't RTFA. They never have, and they never ever will.

Re:Slashdot mirror

[YOU+LIKEWISE+FAIL+IT]

Because putting an answer in the faq makes the problem magically go away. Geez.

YLFI

Or you could

[structuredlynx]

Why not just use a BIOS password. There are way more than 255 possible passowrds. If someone can figure out how to open the case and reset the bios, they can figure out how to connect 2 wires to bypass that device. A bios password is cheaper and more reliable.

Re:Or you could

[RonnyJ]

A lot of common BIOSes have backdoor passwords hardcoded, which let an intruder gain access to the BIOS options without having to work out what the user set the password to. This unfortunately means it's not an effective way to safeguard your PC. Even if an intruder isn't able to use one of these backdoor passwords, he can always reset the BIOS by taking the battery backup out. In the end, no matter what precautions you take, with a standard x86-architecture PC, if an intruder has physical access to it, there's nothing much you can do to stop them switching in on somehow, the only effective protection is to securely encrypt any sensitive data.

Re:Or you could

Congrats. Your post had more words, less information, and many more errors in it than structuredlynx's.

Re:Or you could

[AlgUSF]

You are missing the point it isn't for real security. It is for the "look cool" (in a geek sense) factor!

Re:Or you could

[cybermace5]

Not a problem if you weld the case shut.

Re:Or you could

[dracocat]

Or you could just take the whole damn PC.

Re:Or you could

[stienman]

Or fill it with concrete.

-Adam

Re:Or you could

[Jeff+DeMaagd]

Three of my computers include cable-lock tabs for padlocking. Add security screws and you'd at least frustrate people enough to bash your computer in.

Re:Or you could

"RMS and FSF are seeking power, not freedom."

Many people seek power. The real danger is that RMS and the FSF honestly believe that they are not.

Re:Or you could

[jonadab]

BIOS password is no good; all they've got to do is steal the computer, open
the case by whatever means are necessary, and pop the drive into another
system.

If you need to secure against the case where someone gains physical access
to your computer while it is unguarded, I can only think of one way to do it:
encrypted filesystem with a large private key that must be typed in at boot
time and is not stored on disk anywhere (never, for example, in swap space),
just in RAM. This, combined with the usual forms of software security that
prevent the already-running system from being compromised, should at least
make it abnormally difficult for an attacker to get at the data. Difficult
enough that the easiest way would be to obtain the private key (either by
surveillance or by rubber-hose cryptanalysis).

Alternately, you could just never leave the system unguarded. But then you
have to decide how "guarded" is guarded enough. Is it enough to leave a pair
of trained dogs in the room? A security guard with a handgun? A platoon of
goons with assault rifles? A couple of gryphons and a medium-sized dragon?

Re:Or you could

[Professor+Bluebird]

Also, if one can open the case, many boards have a jumper to reset the BIOS passwords.

Re:Or you could

Until your shoddy wiring fails and you can't even turn it on...Of course that would improve slashdot.

The rest of us (who know how to solder) would run into trouble when it's time to upgrade.

Re:Or you could

Ooooh!! Those of us who know how to solder. What, is that some elite club?

Re:Or you could

[Enoch+Zembecowicz]

Two words: die grinder

Re:Or you could

BIOS passwords are stored in CMOS memory, which is maintained by a small back-up battery (like a watch battery) when no external power source is present. Even if there is no jumper to clear CMOS memory (which there is on practically all modern motherboards) you can still erase it by unplugging the PSU and removing or short circuiting the battery long enough for the memory to erase, which can take some time since CMOS memory doesn't need to be refreshed like DRAM does.

Re:Or you could

FALSE... the "hardcoded" password is a jumper on the mother board... or did you right a commonly used bios such as the one phoenix uses and know something that no one else in the world knows... are you an idiot savant... or just AN IDIOT.

I must be a sucker

[jaysones]

Here I am turning my computer on with the power button, like an idiot!

Re:I must be a sucker

Really? Since I have no case and the motherboard just sits on my desk -- I use the nearest conductor handy (usually my keys) to short the power button jumper. Even easier than a button!

This is so 1995

[_14k4]

Popular Electronics had a very very similar article. Punched out phone cards.. all of that stuff.. only they had used old breadboard. Yum!

Re:This is so 1995

I am also looking at the May 1998 Issue of Electronics Now (which merged with Popular Electronics to make Poptronics) in which they build a Swipe-Card Reader.... using optics and a barcoded card... includes the BASIC source to work with it... although mine used C++ and Code 39 Mod 10 barcode.

This is retarded, seriously guys

Next on "Michael's Friday-night Slashdot Bag 'O Fun:" How to make a secure telephone with two tin cans and a piece of string.

This is so low tech it's not funny. Hey did you know you can take an LED, a resistor, and a battery and get a little shining light too? OMFGLOL!!1!

So why would you do this?

[unterderbrucke]

Waste of time + money. Almost like women :D

Punch Card

[Chucow]

turn on their computer using a punched out phone card

First thing I thought when I read this, "Interesting to be going back to those...for security?"

Punchcards... again?

[downix]

excuse me for a moment, but WHAT?!?!?!?

Re:Punchcards... again?

[the_other_one]

Punch cards are actually significantly more advanced than this.

Re:Punchcards... again?

[Jennifer+E.+Elaan]

Punchcards for authentication... why didn't I think of that? I've been spending all my time tinkering with microcontrollers and iButtons when I have a perfectly good RS232C-interface punch card reader sitting here gathering dust. I mean, a punchcard stores a whopping 80 bytes, which is quite sizable for a password or encryption key!

also in the article

How to host your website with a 1200 baud modem.

1 button isn't enough

[Gyorg_Lavode]

I actually put a second button in series with the normal power button because I was always kneeing my computers off. The second button is on the left side of the front bezel. You just have to push both buttons at the same time to turn the computer off/on.

Re:1 button isn't enough

[LnxAddct]

Wow now that is security through obscurity, you give me step by step instructions on how to access your machine and dont tell me where it is!!!!
-Steve

Re:1 button isn't enough

[aardvarkjoe]

That's not a half bad idea. Although I wouldn't bother with the power button (the 4-second delay is generally enough), I currently have my reset button disconnected because I kept on hitting it. If I did the same thing, then I could have a quick reset again.

Re:1 button isn't enough

[Sabalon]

Took the front bezel off, removed the button part. Now I have to use a pen or something to poke in the hole on the bezel to hit the button.

It was a bitch to hit initially, but my daughter had a knack. Now she's moved on to my wifes computer. :)

Re:1 button isn't enough

May I suggest you add a third and label the buttons in the sequence: Ctrl, Alt, and Del?

Re:1 button isn't enough

[g0at]

I actually put a second button in series with the normal power button because I was always kneeing my computers off.

Well there's a geek for you with spare time: rather than move the case away a few inches, he'll wire in an additional power switch and keep kicking it. 8)

-ben

Re:1 button isn't enough

[Hast]

Now you just have to put them so far apart that one person can't reach both at the same time. They wire it to a key circuit and make a small board which requires both "buttons" to be pressed at the same time.

After that you just have to find a room mate who'll put up with helping you turn the keys each time you want to turn you computer on.

(Though your idea was pretty clever, I've had that problem sometimes with the reset switch. I have my current MB set so I have to press and hold the power button for 4 seconds before it shuts down, so it's not much of a problem.)

Re:1 button isn't enough

[ericspinder]

That's not a bad idea. My Toddler is at the point which he like to push buttons. Now all I need is to rewire the TV.

Re:1 button isn't enough

[Gyorg_Lavode]

I'm an electrical engineer so it came easily. Anyway, I don't have the room to move it. My desk bearly has room for the 3 computers as it isl

Seems to have locked viewers out

[hhg]

How about turning the web-server back on? Bet a key-card could come in handy in that matter.

Obligatory Bill Hicks Quote

[edalytical]

GideonTech.com

Who are the fuckin' Gideons? Ever meet one? No. Ever seen one? No. But there all over the fuckin' world puttin' Bibles in hotel rooms.

Listen to it here.

Re:Obligatory Bill Hicks Quote

that music sample was horrible. that guy is not even remoptely funny.. you can tell hes american. anyways the audience was also slow. i bet you modded that up with another account didnt you. so many people do that you know.

Re:Obligatory Bill Hicks Quote

[edalytical]

Bill Hicks is the best comedian ever! If you can't grasp the superior humor of a genius such as Bill Hicks I suggest you go watch Gallagher smash watermelons. "Yes folks it the amazing Sledge-O-Matic, it's not a slicer, it's not a dicer, but it can help get rid of pesky slashdot trolls."

Re:Obligatory Bill Hicks Quote

I run a hotel, I've met them.
nice sincere salt of the earth people

I still washed my hand a few minutes later...

Re:Obligatory Bill Hicks Quote

[stewwy]

FBI News.... Gideons to be branded as terrorists, an FBI spokesdroid said yesterday. "...all these people sneaking into the hotel rooms of unsuspecting Americans and leaving subversive literature which anyone could read, possibly impressionable children and adults .... he later demanded that more powers be given to security organizations and in future all hotel rooms be searched along with their occupants every saturday night until the threat ended.....

Re:Obligatory Bill Hicks Quote

[Thing+1]

The end was great: "I'm going to capture a Gideon. I'm going to make that my hobby. Yeah, I'm going to call the front desk one day: 'Yeah, I don't seem to have a Bible in my room...'"

Never heard of Bill Hicks before, he's a bit vulgar but very amusing. Great delivery too. Thanks!

Re:Obligatory Bill Hicks Quote

[edalytical]

I'm glad you enjoyed Bill Hicks. He is surprisingly still not available in the comedy section of the iTunes music store-- I don't know why that would be.

Turn On the Computer???

[jetkust]

Yea but how do I get my computer to spit out cash like ATM machines do?

Re:Turn On the Computer???

[EvilTwinSkippy]

Empty your wallet into the CD-Rom tray.

Re:Turn On the Computer???

[Jennifer+E.+Elaan]

A half-dozen stepper motors, a couple rollers, and a microcontroller to keep it all in sync. Rather like the paper feeder mechanism on any modern printer (which you can easily cannibalize for this, if you wish, although you will probably have to rebuild the logic board). Stack in some bills into a hidden compartment, and voila!

Then you could always replace the light-gap cards with a real magstripe, and add a reader head and a couple op-amps. Tie it to the microcontroller, and away you go!

This is OLD!

I remember an article in Rainbow which was a computer magazine that specialized in TRS-80 Color Computers (the Trash-80 Coco).

They described the project in great detail. It was a much better system, when you pulled the card out the computer would pause until it was reinserted.

Ahh, I remember my Coco - 1.5 MHz 6809E CPU, 64k ram, cassete tape, rom cartridges, and (WOW!) floppy disks. Some great games - Lancer, Cashman, Time Bandit. I think I was 9 at the time. I still have the daisy-wheel printer my parents bought for it. Still works great.

Personally...

[LnxAddct]

This isnt all that great of a security measure, however its good to see slashdot posting home project kind of things again. I dont know if its just me, but there haven't been many lately and I like to see what people are up to and building, its a lot better than all of this legal and corporate stuff thats been taking over my monitor. Not that I dont love my SCO fix, or yey some senator is in favor of open source, but hey even though our interests are getting lots of press now, we can't forget things like this. I don't know if anyone else agrees, but thats how I feel.
Cheers,
Steve

Re:Personally...

[Jeff+DeMaagd]

This isnt all that great of a security measure, however its good to see slashdot posting home project kind of things again.

All that great? Be honest. The thing is a piece of CRAP! And it really isn't much of a tutorial of what is going on electrically either.

That said, I agree, at least it is an honest project.

Re:Personally...

[Lumpy]

Yes but it has ZERO security to it. it would be easier to impliment a barcode that would at least be more difficult for someone to copy from a mere glance at it. or interface to a magnetic strip reader (not hard to do and just as cheap) that you can get for almost nothing from places like all electronics or the other surplus places.

Or better yet, for the same money he spent, buy a ibutton reader and a couple of serial number buttons. you get massively higher security for the same really low cost plus.

I'm all for hardware hacking, but let's at least try to come up with something that is more that a ugly looking toy...

Another idea

[sokk]

I had an idea, and I almost realized it. It's very simple, but effective (not against someone who _really_ want to get inside your computer though).

Think about Duke Nukem 3D. There were simple codelocks on some of the doors (on/off-switches). What about modding a row of switches (on/off) onto the front of your cabinet, and lead the cable for the almighty Power On Switch through them? So that they have to be aligned correctly for the computer to turn on. That way you have an effective way to keep people from using the computer when you don't want them too, and you have a little casemod :)

A simple scheme:

0 0 -0--0-\
#---1--1-/ 1 1 \
#-----------------O <- power on switch

Here the "code" is "1100". (#=pins on mainboard)

Re:Another idea

[Stephonovich]

Except for the fact that 4!==24, it's not a bad idea... Now, up that to 5, and there's 120 permutations. Now we're talking. (-:Stephonovich:-)

Re:Another idea

[Stephonovich]

BTW, by 4!==24, I mean 4! equals 24, not 4!=24. Although both of those are true...

(-:Stephonovich:-)

Re:Another idea

[sokk]

Yes, or you could use three-way switches to add some difficulty to it, without too many switches. -- Btw, I only added four to show the concept without showing off too much ascii-art :) (I've heard rumours about a lameness-filter :))

Re:Another idea

And how long did it take you to brute-force the switches in the game?

Precisely.

Re:Another idea

[Stephonovich]

Three-way? You mean three position switches? Yes, 'twould work... except simple SPST switches are dirt cheap, and seeing a whole bank of 'em is dang impressive:-) It'd be cool to have to line them up in a certain order to get it to boot.

(-:Stephonovich:-)

Re:Another idea

[Stephonovich]

As I said, while 4 switches might not take you long, with only 24 permutations, with 5 switches, there's 120, with 6, 720... And if you go further, as was said, and add 3-way switches into the mix, someone is going to have to really want your data to get past that.

Unless, of course, they just open the case, and bypass all your fancy tricks...

(-:Stephonovich:-)

Re:Another idea

[jachim69]

Except for the fact that it's not a factorial.

Any computer geek worth his salt would recognize this as a 4 bit binary value. So, 2^4==16 possible combinations, not 24.

Re:Another idea

What does factorial have to do with this?

The number is in binary, with four digits, hence 16 combinations, i.e. 2^4 .

Re:Another idea

[Dun+Malg]

Except for the fact that 4!==24, it's not a bad idea... Now, up that to 5, and there's 120 permutations.

Aren't there only 16 combinations of 4 SPDT switches, and 32 of 5 of 'em?

Re:Another idea

[sokk]

You could use a padlock on your cabinet. A lot of cabinets have support for that :).

Re:Another idea

[Computer!]

Very cool. Have them light up, too. Or with three-way switches, it would be like starting a helicopter.

No Karma bonus, because that was the nerdiest thing I've ever written in my life.

Re:Another idea

[Syrrh]

Decent method, but if you're already in there adding pieces, why not just go for a regular keylock? Turning the lock to an open position connects a circuit between the power button and the PSU.

Heck, on some cases you might as well just rip out the power button and bore it out to a circular hole for the lock. Rip a pair of spring-tabs out of the battery compartment from whatever you can find in the nearest dumpster. Glue one tab to the lock tongue, the and other to a point where it will rotate and make contact. Save yourself the tedium of even pushing a button, just turn the key on like a car ignition and set it back to the inactive position.

For the extra geek mile, find some little sound unit that can be wired into the completed circuit and trigger a car-revving sound effect.

Re:Another idea

HEY STUPID FUCK it's not permutations and combinations 4 switches with 2 potential positions each results in 2**4 combinations which is 16 you stupid sack of dumb fucking shit!!!!!!!!!! ass!

Re:Another idea

You are completely right. The original poster was completely wrong. If there was a prize for being wrong, he would win it. This guy eats, breathes, pisses, and shits wrong. He puts wrong sauce on his pancakes before eating them. When ordering at a restaurant he tries to order items that aren't on the menu, and he has the waitresses tell him he's wrong. If you look in the dictionary, there is a picture of him by "wrong". He got his middle name changed to wrong, and has the same plans for his first and last name.

Re:Another idea

[Malor]

That's not how it works at all. Those are bits, on or off. A four-switch case would have four bits, or 16 values; 5 switches would be 32, and so on. At 8 you'd be at 256.

If they were 3-position switches, then it would be 3^number of switches. At four switches you'd have 81 permutations, at 5 you'd have 243. 8 switches would give you 6,561 possibilities. But anything over 4 switches is probably overkill anyway; if it's slower than a screwdriver, it's a waste of time.

I have NO idea where you got the factorial thing from.

Re:Another idea

[Niet3sche]

He's base-ten'ing it. 4! in base 10 *is* 24 ... but here in base-2 land, everyone's pointed out the result, so I'll not beat this further.

Re:Another idea

[gomoX]

Any person with slight maths knowledge would now it. The factorial thing in probability is used for cases where you are taking off one option every time, like, say, a box where you take colored balls out but *dont* put them back in before you take of another one. The number of balls is thus reduced by one at every extraction, giving (4 balls):
p()=4*3*2*1=4!=24
Our case is more like:
p()=2*2*2*2

Re:Another idea

[Malor]

As far as I can tell, factorial is not related to this problem in ANY way, in ANY base. The base you express a number in doesn't change the number.

Factorial of a given number is multiplying that number with all the numbers preceding it. If you were trying to simulate this with switches, each new switch you added would have to have one more position than the switch before it. Switch 4 would have 4 positions, switch 5 would have 5, and so on. That would produce a factorial result.

If all the switches have the same number of positions, then the formula is (number of switch positions) ^ (number of switches). It's really very simple.

Re:Another idea

[Obfuscant]

I have NO idea where you got the factorial thing from.

He's confused this binary problem with a "select n from a set of m" problem, which is factorial. I.e., if you have four unique playing cards and
select one at a time, there are 4! different sequences. (Your first choice can be any of 4, your second choice is any of the remaining 3, then 2, then 1 -- 4*3*2*1)

I agree...

[Stephonovich]

While a dedicated person could easily get past this, there's still the cool factor. I mean, c'mon... slide a card in and it boots? How cool is that?

I suppose one could lock your system case, but again, someone could break the locks. This, like everything, is a compromise in security/useability. For instance, I have a military surplus .50 ammo box that I store my personal stuff in. Letters, junk, Penguin Mints... It's locked up with ~ .75" (1.9cm for the rest of the world) hardened steel chain, and a Masterlock combination lock. The paper combination has been destroyed, and the only version other than the one in my head is PGP encrypted. From an average users' viewpoint, this is pretty tough to get into. Granted, with a hacksaw, you could break the chain in a few minutes. With a jigsaw with a metal blade, about 30 seconds. But I don't expect people to actually go attacking my box, so I don't have it covered with taser turrets or the like.

Pretty sucky analogy, I guess, but hey, it works...

(-:Stephonovich:-)

Re:I agree...

[EvilTwinSkippy]

Why resort to Laser turrets. Just take an old lamp cord, and wrap the hot wire around an obscured part of the ammo box. Take the other end, and plug it into the wall.

Conductive metal boxes are fun to secure. Ands nothing says "Don't Touch This" like 120/240VAC.

Re:I agree...

And nothing says "completely useless" like an open circuit.

(It might work if you grounded a metal floor around the box, and forced your intruders to wear conductive shoes, but just touching the hot wire of an AC plug will do nothing.)

Re:I agree...

"...and a Masterlock combination lock."

Actually, Masterlocks are easily cracked:

http://www.people.fas.harvard.edu/~hillson/master_ lock.html

Re:I agree...

[EvilTwinSkippy]

Hmm. And I suppose that hair dryers kill by lethal gamma radiation. If you've ever arched a tool, you would know that you are between the electrons and where they want to be. Sure you are a big resistor, but you are a big resistor attached to ground. Wet skin has even less resistance which is why so many electrocution deaths occur in the bathroom.

But I can tell you from personal experience, touching the hot pole on an AC circuit hurts like hell.

Retro++

[YouHaveSnail]

The card reader power switch has a certain amount of retro appeal. But to really do things right, wire one of those big red 1981 IBM PC power switches into your machine!

Re:Retro++

[jachim69]

My previous main computer was in a case with a BRS (Big Red Switch). Too bad it was an AT power supply and ATX only uses a momentary contact switch.

Re:Retro++

[EvilTwinSkippy]

No better yet, one of the Big Red Buttons (BRB) like you see in the dinosaur pens. Of course, don't forget your Molly Guard.

Re:Retro++

[EvilTwinSkippy]

You can turn the big red switch into a momentary contact switch a NAND gate, a resistor, and a cap.

(Grr, Ascii art circuit diagram came out shitful) Connect the GND end of the BRS, and connects that to the "-power" wire. The +power wire goes into the A input of a NAND gate. The output of that NAND is wired to an R/C combination, which is in turn wired back to the B input of the same NAND.

Yes, you are wiring the NAND to use it's output as one if its inputs.

The output of the NAND should then be wired into both inputs of another NAND gate. Connect the output of the second NAND to the +power wire from your MOBO.

To truth table for the circuit:

BASIC NAND
A B OUT
0 0 1
1 0 1
0 1 1
1 1 0

CIRCUIT
A B N1 N2
0 1 1 0
1 1 0 1
1 0 1 0
1 0 1 0

BRS=A

We look back the output from the NAND1 to be one of it's inputs. For most of it's life NAND1 always outputs true. Only for a brief instant when the BRS is thrown does it upset the truth table. The resistor and capacitor may be needed to stretch that window to be long enough to the flip-flop in the MOBOs button detection circuit to pick up.

The second NAND is just acting as a logic invertor. A and B are wired to the output of NAND1.

It reminds me

[Joel+Carr]

A number of years ago in my teenage years I was going to put an electronic combination/key card lock on my bedroom door to keep people out. Only problem was my parents told me it was not on and threatened to remove the entire door!!

Ahhh the memories... Still wish I'd done it though... :)

---

Re:It reminds me

I am going to do this. Not the case-mod, but the actual door-lock thingamajig. I just have to figure out how to get this OOPic to program right... then it'll be all sweet.

Why not use a floppy drive?

If you could fit the nessesary components into a floppy drive, and then drill holes in a floppy disk, you could haave an almost invisible security feature.

Easy to break?

[Qweezle]

Couldn't this easily be bypassed...just break the thing? OR, WHAT IF it did break, then you cannot get into your computer? I am a bit confused as to exactly how this would keep the computer much safer than it already would be with a properly difficult password...and maybe a roll of duct tape. ;-)

Pointless and crappy

[mad+flyer]

When you do something it should have some value...

Here it's obviously not for the safety, we're not at NORAD.

Maybe for the electronic know how ? well neither, i'm not a iron flux genius, but I think that everyone can obtain the same results with 1 quarter of the components (remember, in electronic, less is better, including for understanding how it works)

So maybe for the manual skills or cleanlyness of the job ? THAT's AWFULL, plastic modded with the iron flux, WOOD (!?) to place the leds where you can have done it cleanly with plastic parts from every "do it yourself" shops.

The whole article look like a big "look mum, i'm on the intarweb !".
Gyorg_Lavode reply about his second swith to power up trick is 10 times more useful (but for me it will be the reset switch that will be doubled... to many accident with this one)

do they work in florida?

[bryanthompson]

Do people in Florida need to be walked through how this works?

Re:do they work in florida?

[TrollBurger]

Do people in Florida need to be walked through how this works?

No, its okay. The wonderful people from Diebold will make sure that you pesky, fickle voters don't have to worry about voting.

Re:do they work in florida?

Florida has a lot more geeks than you might think. If you're talking about the 2000 vote, it wasn't the people of Florida's fault. Don't believe the hype.

Fuckdrip.

Why the "funny" score ?

Well, maybe welding IS an overkill :-) but there are some legitimate locks fo PC cases that can be drilled to the floor.

Re:BIOS Passwords

[Artifakt]

BIOS passwords work well on MBs built after about 1996, the vast majority these days. Some people still warn against them because of flaws that were fixed 5 to 8 years ago. Some businesses admittedly are still trying to get a little more life out of PCs that can't even run Win 95, and for them, BIOS passwords won't help (but then, what would?). One great advantage of BIOS passwords is that the earlier you limit access, the better, as a general security rule.

Old concept, nothing new

[mikeleemm]

I remember seeing this type of thing on several occasions years back on those electronics magazines and such..

DIY Lock

[anubi]

I can't get to the article right now.. it seems to be inaccessable, but the article intro looked kinda cool.

My trick was I found some old optical card scanners which would read the bar-codes printed onto credit-card sized plastic cards. Then I found the local gamery in the mall was using compatible cards, each coded with a different 24-digit number, being passed around to enable the various games as long as there was sufficient funds on account to the number of the card. Neat! I picked several "spent" cards out of the trash can, and went home and read them on my system, then programmed a few little AVR chips to recognize those specific cards. I keep one in my wallet to control the secure/access mode to my house alarm system and car. If it gets lost, its not obvious at all that the card has an alternate use. In the event I want some more cards, add or delete which cards work with the AVR, its not hard to put them back in the programmer and reflash their ROM with the new code list.

Actually, on mine, I never decoded the bar-code digits, I only kept track of whether it was a fat/narrow stripe and fat/narrow space by examining a counter interrupted on each rising and falling edge, and storing the counter state in an array. Upon scan completion, I examine the array and reduce it to 64 bits worth of fat/narrow of the first 32 stripes / spaces I encounter. There is a little start pattern at the beginning that helps a lot to align the data field so you are not shifted a bit or two off. To be on the side of possible error, I allow 8 bits to be bad before I declare the card invalid. This was from trial and error, as I could generate bad reads by not moving the card just right through the reader. I usually got at least one bit that wasn't right every time I scanned. I never did get it working absolutely perfectly. But then I did not really try that much on it after I had it working good enough. I think it was something to do with some focusing, and I could have used the analog side and some DSP to clean it up, I'm sure, but then I would have probably spent a good six months on it.

The only problem is I wish I had bought several dozen of those little optical slot readers when I had the chance. Anybody seen any out there ( dirt cheap ones, I mean - you know those surplus ditties they sell for a buck )? I am looking for some that just have the raw serial bar-code sensor out because I feed it right into the AVR.

My simple e-lock plans for your PC

[Bob+Cat+-+NYMPHS]

Mount 16 SPST mini toggle switches on the case. Wire them in series to pass AC or 12v or whatever when they are in the ON position. But mount some of them upside-down. 64k possible combinations, and no case mod is cooler than a row of toggle switches that actually do something.

Actually, keyswitches are a better idea. That might help you fight the urge to flip the toggles when the machine is running.

Re:My simple e-lock plans for your PC

[ColaMan]

Momentary keyswitches, on opposite sides of the room :-)

"Excuse me , could you help me start my pc?"

Re:My simple e-lock plans for your PC

Heh, reminds me of a robotics project I did in college. The assignment that year was so easy that almost the entire class finished weeks before it was due. So my team spent the remaining time hooking up a $5 voice recording chip, some LEDs, and a dual key lock like you see in all those nuclear war movies. We had it all running through a PIC microcontroller so you had to turn the two keys simultaneously (within a few microseconds of each other) to arm the device. I still have that arming panel in my basment somewhere... Heh, good times...

Though I know you are joking

[Sycraft-fu]

I actually HAVE met Gideons. They come to our university and hand out copies of the new testemant.

Re:Though I know you are joking

[Monkelectric]

thats probably better then the "jews for jesus" who came to my university ... we were all just thinking "WHAT THE FUCK!!"

CoCo is tEh suXor!1!!1!

[Call+Me+Black+Cloud]

Atari rulz!!!11!!

right on.

Even cooler...

[pr0ntab]

battery backed flash memory addressable via SMBus, which you program the "code" into, and the power switch only engages when the DIP pattern XOR values in NVRAM == all zero.

USB Keycards?

[theedge318]

Now this may not be more secure ... but I think it may have one up on the geek factor. Use the dandy/cheap little USB keychain devices to act as keycards to allow users to login/logout/freeze session. The cards we have with our Sun's are absolutely awesome, the only problem with it is the Solaris OS. Great for our sysadmin, but for GUI work, makes me wish for Windows (can't get Solaris-Gnome running).

Anyways I think that a standard USB "keycard" would be an awesome Linux project (sorry GNU/Linux) and I am totally suprised that I haven't seen one on SF. It makes me think I must be blind.

Re:USB Keycards?

[dasunt]

Linux Disc Encryption Howto

What it is: A method of encrypting a hard drive, and using a USB key-drive device and passphrase to decrypt the hard drive at boot.

Why: To protect computers (especially laptops) from unauthorized access to the hard disk. Bios passwords, login passwords, and the above slashdot story do not prevent the hard drive from being removed from the machine and the data read in another machine.

How it works: The laptop's drive is AES encrypted. At boot, the computer needs the key drive with the passkey and the matching passphrase to transparently decrypt the drive. It keeps a copy of the passkey and passphrase in memory, so the USB drive may be removed after booting. It only decrypts the files that it is using, so if power is lost at any moment, all data will remain protected.

Why its cool: Its high quality encryption, OS tools, and protects your laptop's files from being accessed if its stolen. What more do you need?

( IMHO, way more deserving of a slashdot story then a simple electronic hack that can be bypassed by anyone with electronics knowledge. )

Re:USB Keycards?

[RoboDebugger]

Moreover, there are several models that sport fingerprint sensors for biometric security. Vendors include USBKey (BIO KEY), Trek (ThumbDrive TOUCH), and ClipDrive (BIO, BIO Plus).

Re:USB Keycards?

[millette]

Another thing a saw recently was a usb key with a special netscape version preinstalled. I'm not sure if that means mozilla, or...

The idea is to keep all temporary files (cookies, cache, histoy) on the key itself, so you don't "pollute" the host computer used for browsing.

Punch cards

This sounds an awful lot like using punch cards...are they making a technological comeback?

Must...resists...obvious...joke...

[IversenX]

In soviet russia, key card punches YOU!

So why don't you.....

GO BUILD IT!

(on your own)

Gah!

[floydigus]

What use is a keycard lock without a giant stainless steel door protecting a diabolical evil invention clothed in dry ice and lit by a dull green glow?!

That is so retro

[Animats]

It's so rare today that you see someone building something out of small-scale logic ICs like shift registers and gates.

Alternative suggestions

[heironymouscoward]

I mean, a perforated phone card is kind of sad.

How about a remote control: as I walk into the room I zap my PC and it wakes up and says "Hi Heirony!"

Or, proximity sensors tuned to my DNA. C'mon, just five minutes with a soldering iron, some capacitors, and a steady hand.

But the ultimate, and I am seriously working towards this goal, is one's own personal PC assistant. "Good morning, Mr Heirony," says PC assistant 1 (I have a backup, but she's doing her nails this morning), "I saw you coming up the drive so I booted your Mandrake 9.2, did a quick apt-update and I've made you a coffee. Would you like the neck massage now, or later when Sue " (this is her colleague) "gets back...?"

Yes, it sure beats a phone card.

Re:Alternative suggestions

[87C751]

How about a remote control: as I walk into the room I zap my PC and it wakes up and says "Hi Heirony!"

"Hello, Domino."

Just a thought... stop being an ignorant anus

stop being an ignorant anus
You know how to fucking spell slashdot,
you know how to use the site,
Why can't you find the fucking manual
on how to install slash you fucking
ignorant anus?!?!?!?!?!

PS - I AM AN ANGRY GUMBALL!!!

WTF

[oPless]

Most pointless project ever !

Haven't these guys seen a keyswitch ?

What a great case study

In why intelligent and articulate documentation writers remain employable. The technology here is trivial - but I lost about 7,209 neurons trying to parse out the sentences.

iButton

[Jennifer+E.+Elaan]

A cooler way would be to use one of Dallas Semiconductor's iButton devices as a key for your computer. An iButton is a little ROM chip in a sealed metal can that looks rather like a watch battery. You snap it into one of the holders, and it'll easily fit on your keyring (it's comfortably small too). Some iButtons even have secure facilities like SHA1 hash algorithms, onboard realtime clocks, and the like.

I'm planning to make a device based on a PIC12F675 8-pin microcontroller to do just this. I'm even considering adding a hardware watchdog timer, for good measure. For the less hardware-inclined, they sell serial and parallel-port cables that allow software to do the work instead.

The embedded readers are small enough that they could easily be mounted on a peripheral (a monitor or keyboard), or possibly even fitted into the case of a laptop. The embedded readers require dedicated hardware, but this can be a single 12-pin SSOP, taking a negligable amount of space.

The best part is that even the bare ROM version of the iButton has a 64-bit, factory-lasered, guaranteed-unique key.

Radio Shack

[Jennifer+E.+Elaan]

All the parts you mentioned used to be sold at Radio Shack, and I even have a few on hand.

They used to sell keylock switches for security systems. I suspect they still carry them. This would just be a straight replacement of the power switch with another switch. Simple enough. You could also pilfer these out of old machines that used to have a keyboard lock.

As for the little sound device, the chip you are looking for is the ISD1000A (or, since it's now out of production, one of the newer versions of the same line). Radio Shack used to sell this chip a while back. It's a 20-second audio record/playback IC. Just flash in your 20 second clip of a car starting, and wire it up to trigger when you boot (tie the trigger line to the /reset line on the ISA bus and you will be fine).

What a pile of shit

just like Slashdot

Weak

[Dun+Malg]

I'm not sure why this article is supposed to be intersting and/or amusing. The "card reader" mechanism is lame, so it's not his engineering prowess that's interesting. His fabrication skills are abyssmal (did he cut the card slot in the plastic box with a soldering iron? cripes...), so it's not the elegance of the unti that's impressive. Is this supposed to be amusing because it's "kewl and 1337"? Please. OK, so the novelty of a computer that turns on with a card is worth something, but how much, really? I don't think this project rises above "case modder" coolness level.

Re:Weak

[Comatose51]

I think it fits under the category of "Wouldn't it be cool if..." and "Hey, let's see if we can do it..." or just a hack. It's all part of the "hacker" desire to create something just to see if you can do it. It's the same reason, I think, many of us starting programming when we were younger. While other kids followed the book, some of us went off on our own just to see if we can create something or to try something new. The article is probably not useful to most of us but at the very least it is amusing.

Re:Weak

[Dun+Malg]

I think it fits under the category of "Wouldn't it be cool if..." and "Hey, let's see if we can do it..." or just a hack. It's all part of the "hacker" desire to create something just to see if you can do it

Yeah, I think I was just disappointed with the lack of quality/complexity of the hack in this case. I was expecting something more sophisticated, I guess. Frankly, I built an electronic door lock that was more sophisticated when I was 14. It "read" resistors on a plug in circuit card and was controlled via my old VIC-20. Perhaps I just had/have access to better tools and materials. I dunno.

uuuhh.. secure ?

[Maavin]

um.. well...

It's been posted before, I'm sure... but...

Why not use a nice microcontroller which reads a standard chipcard ? It's much safer and waaay more l337 than this lame mechanical lock...

I built a chipcard reader which read german phonecards to open my door at the age of 14 using an commodore 64... that was kinda cool... now an Pic18F84 does the job... programmed in oure assembler :) ph33r !!

Because then you cant blame Microsoft

[t0ny]

Its hard to blame Micro$loth if you build it yourself and it turns out to be a piece of junk.

Actaully, this also happens to be the case with about 80% of Slashdotter's computers... interesting.

Project Suggestions

[phorm]

As a side-project to this, how about something on how to modify up a little card-reader on the serial (or perhaps usb/parallel) port in order to access a machine. I mean, it's not a big deal to turn it on, that's fairly easy to bypass, but how about to login to the operating system.

Personally, I'd find it much cooler to have somebody get to my personalized spiffy "Authorized Access Only" logo screen and have to put in a card (or click a special point onscreen and enter a username/password as backup).

On the aside: for just turning on my machine, I saw a nifty little "Remote Xmas tree switch" for $20 which basically sits between the wall outlet and power plug, and then turns on with a car-alarm-style remote.