Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safecracking for the Computer Scientist

Posted by michael on from the alternate-lines-of-work dept.

secureman writes "It looks like Matt Blaze (the University of Pennsylvania CS professor best known for finding security flaws in the NSA Clipper Chip and in master keyed locks) is still causing trouble in physical security circles. There's a draft paper (dated December '04) on his web site entitled Safecracking for the Computer Scientist, which is a pretty in-depth look at what computer security can learn from safes (and vaults). The interesting thing is that it describes in detail the different ways that safes are cracked, probably revealing techniques that locksmiths would rather you didn't know about (there's a lot of security-by-obscurity there). The conclusion seems to be that while safes can fail, at least they do so in better ways than computer systems do. Warning: it's a 2.5 meg pdf file with lots of pretty pictures."

15 of 322 comments (clear)

  1. Re:not that obscure by Spellbinder · · Score: 3, Funny

    you have to be able to read
    so it is quite obscure

    --


    stop supporting microsoft with pirating their software!!!!!
  2. The shocking secret the industry wants covered up by Anonymous Coward · · Score: 5, Funny

    All safes open using a maintenance combination of 12345.

  3. Re:spoof? by sfjoe · · Score: 4, Funny

    Did anyone else read the headline and think this was some horrible spoof on "Queer Eye for the Straight Guy"?

    Well, now that you mention it ... no.

    --
    It's simple: I demand prosecution for torture.
  4. Re:Unable to determine IP address by NanoGator · · Score: 4, Funny

    " Unable to determine IP address from host name for www.crypto.com

    Wow, that's pretty darned secure!

    --
    "Derp de derp."
  5. Re:The shocking secret the industry wants covered by KillerDeathRobot · · Score: 5, Funny

    That sounds like the combination some idiot would have on his luggage.

    --
    Thinkin' Lincoln - a web comic of presidential proportions
  6. Re:cse professor by big+tex · · Score: 5, Funny

    To top it off, his mastery of punctuation and the Shift Key is far better than yours.

    --
    I think I need a new sig here.
  7. Re:The shocking secret the industry wants covered by R2.0 · · Score: 5, Funny

    True story.

    I needed access to secured room of a building my company was renovating. It had a pushbutton type combination lock on it (or some such). I asked the combination, and the maintenance superintendent said "1-2-3-4-5". I immediately blurted out "1-2-3-4-5? That sounds like the combination some idiot would put on his luggage." Straight Pavlovian response to a Mel Brooks straight line.

    It was only after a 5 seconds of being stared at that I realized that the Superintendent had intentionally set that combination, and he was NOT a "Spaceballs" fan.

    --
    "As God is my witness, I thought turkeys could fly." A. Carlson
  8. Hacker vs cracker by AtariAmarok · · Score: 4, Funny

    This one throws a monkey-wrench in the works of the old "hacker vs cracker" argument. If someone is a redneck safe-cracking computer scientist from Georgia, what category do they fall into? Hmmm?

    --
    Don't blame Durga. I voted for Centauri.
  9. Re:The shocking secret the industry wants covered by oman_ · · Score: 3, Funny

    So I was reading the DaVinci Code and the main characters discovered that the account number for a swiss bank account was the first several digits of the Fibbonaci sequence.

    The first thing I thought to myself was:
    "That sounds like the combination some GENIUS would have on his luggage!"

    --
    Rats would be more funny if they could fart.
  10. Re:Considering the audience... by MrLint · · Score: 5, Funny

    ...is posting safe-cracking techniques on /. responsible behaviour?

    Well i dont think we have much to worry about here. As most /. readers wouldnt be able to get past teh 1st level of physical security around any safe. Namely the door at the top of the stairs to their parent's basement ;)

  11. Re:not that obscure by Arctic+Fox · · Score: 5, Funny

    Ever read /. at -1?
    You'll discover that you are incorrect, Sir.

  12. Re:The shocking secret the industry wants covered by vspazv · · Score: 3, Funny

    They changed the timeclock override password at work from 00000 to 12345 because the button broke from overuse :)

  13. New PIN posted *on* the door by xixax · · Score: 4, Funny

    I walked past the gym we have in the basement of our building. When too maany (non entitled) people started using it, they changed the PIN on the door. I know this because some Brainiac posted a apologetic notice on the door that helpfully included the *new* PIN for regular gym patrons.

    Unfortunately it was taken down before I could take a picture of it.

    Xix.

    --
    "Everything is adjustable, provided you have the right tools"
  14. [I stole this post, don't know from where] by narcc · · Score: 3, Funny

    I tried that myself with my new Quanilon(tm) quantum CPU from AMD. The problem I had, was when the cooling fan failed the CPU overheated -- causing the probability wave to colapse -- and my cat died...

    --
    Required reading for internet skeptics
  15. Re:The shocking secret the industry wants covered by Randy+Wang · · Score: 4, Funny

    Bah. A real genius would set his combination to the LAST few digits of the Fibbonaci sequence ;-)

    --
    --- Egads, I glow in the dark!