Safecracking for the Computer Scientist

secureman writes "It looks like Matt Blaze (the University of Pennsylvania CS professor best known for finding security flaws in the NSA Clipper Chip and in master keyed locks) is still causing trouble in physical security circles. There's a draft paper (dated December '04) on his web site entitled Safecracking for the Computer Scientist, which is a pretty in-depth look at what computer security can learn from safes (and vaults). The interesting thing is that it describes in detail the different ways that safes are cracked, probably revealing techniques that locksmiths would rather you didn't know about (there's a lot of security-by-obscurity there). The conclusion seems to be that while safes can fail, at least they do so in better ways than computer systems do. Warning: it's a 2.5 meg pdf file with lots of pretty pictures."