Slashdot Mirror
What Electronic Door Lock Would You Buy?
zentigger asks: "I work for an ISP that supports internet in several dozen remote areas. Our POPs are typically fairly small shed-like structures, with a couple racks of equipment. For the most part, we can manage this stuff in-band, but frequently we need to have a local agent physically access the equipment for some minor maintenance work or adjustments. As time goes on, the shuffle of keys is becoming farcical and expensive. What we need is an electronic lock of some sort that can be reprogrammed remotely (preferably from a remote console via serial or directly via ethernet) that will stand up to extreme weather. Google certainly turns up lots of glossy brochures — although I don't see how they can -all- be 'The heaviest duty lock you can buy!' Does anyone have good experiences with any particular products or perhaps other means of dealing with the key shuffle?"
Sargent & Greenleaf are *THE* stanrdard when it comes to electronic locks. See here.
Your an ISP... you have bandwidth and old servers... simply get an electronic latch, a webcam, and patch it through to your security officers.
With some easy code, you could remotely unlock the buildings for workers on an as needed basis. Plus it provides video surveillance, and a method to document who accesses the facilities and when.
Keys would still be in the hands of a few techs for situations when the network is down.
Sometimes the best solution is to stop wasting time looking for an easy solution.
A while back I did some consulting for a somewhat remote municipality, who was in your exact same situation. They had small "equipment sheds" located throughout the region, and were having problems maintaining physical access. Their solution was to invest in a bunch of programmable electronic combination locks that they could reprogram as people were fired and/or promoted and not have to go through the whole rekeying process. This created an entirely new problem: People forgetting access codes that changed every several months. These workers worked around the problem the only way they could: Prying open the doors with tools, breaking the doors and sometimes the locks in the process. This forward-thinking municipality ended up footing the bill for the lock retrofit, a bunch of broken doors, and ultimately a return to standard keyed locks. FYI, YMMV...
Here is my preferred electrical door lock in action. Never had a problem with a burglar yet.
I have a complete electronic defense system for my home and I am currently upgrading the AI. It was slow going at first, the AI kept requesting to be given a name. Eventually i gave in and called it Skynet and things have been going quite well, although the Asimo I hooked up to it does like to chase me round the house a lot trying to taser me. I am going to ask one of my mates at the NSA if one of their global domination scenarios can connect and defeat it as a final acceptance test. Should be cool.
Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
What truth?
There is no dupe
The World Wide Web is dying. Soon, we shall have only the Internet.
Is there some reason you can't just have all of the locks keyed the same?
Any locksmith should be able to do this for you.
Most companies I see use HID or S&G for card access. I personally would recommend HID (one of their newer card reader lines that use two-way authentication).
For mechanical lock backup, go with Medeco, Mul-T-Lock, or Abloy. All of which are immune to bumping, are restricted in key duplication, but keys are still decently available when you need copies made at a locksmith with your card.
Lastly, if you want a solution that is a hybrid, requiring only cylinders changed rather than lock hardware, you might consider the Mul-T-Lock CLIQ series. The CLIQ keys are mechanical and electronic, and the reader is in the cylinder, so no wiring of doors is needed. To remove a key from the authorized list, you just code the programmer key to remove it, then walk around and stick the key in the appropriate doors.
I worked my way through college as a locksmith. I've always favored hardware security (keys) over electronic widgetry. Talking to a Medeco dealer about getting your locks on a solid masterkey system would give you a solid system, but allowing remote sites to be accessed- possibly by different agents each time- wouldn't work.
One solution might be Videx. I've only glossed over their literature, but they seem to have a pretty good solution in place.
http://www.videx.com/products/detail/cyberlock.h tml
Specifically, the section on how "the CyberKey Authorizer enhances CyberLock systems by providing the ability to program and download CyberKeys at remote locations." That might be too pricey for your application. I've never priced out "door" costs on Videx hardware.
So I'm thinking that the way to do it is to have a keypad facing down so that you curl your fingers up to push the buttons so the person near you doesn't see. I figure having only four buttons would make it easier to enter the combo without looking. Buttons on the bottom would also have the advantage of keeping water out of your buttons.
One of the reasons I wanted a combo was I figured it would also be a lot faster than pulling the key out of my pocket every time. In fact I think a quick combo lock would be so quick that it wouldn't be too much trouble to just leave the door locked all the time.
Some other good features for the lock would be different combinations for everyone in the house. And some one time use combos and guest combos.
By the way if you are hiding a key outside your house make sure you put it around the corner or something so if someone is with you then you won't have to reveal your hiding place.
If your internet connection/webcam server/any other point of failure has a problem, you lose access to your locks if they are controlled via ethernet.
I am a free slashdotter. I will not be modded, blogged, DRM'd, patented, podcasted or RFID'd. My life is my own.
Being remotely programmable doesn't necesarrily mean the lock needs to be connected to the network just to operate.
Chernobyl 'not a wildlife haven' - BBC News
For a long time, geeks have come to share homes (eg, Open Sourcerers, who perfer lower living costs, et al.)
;-)
We can envision techie villages, bringing together a mix of renewable energy geeks with al the other geeks, onto a modest sized property,
away from the smells & noises of cityscapes, within commuting distance, but closer to nature & its beauties, maybe with windows looking out over nothing but natural sights & sounds (if the windows are opened
It the coming WiFi (WiMax & beyond) days, such villages might be happy to keep a near-constant watch over remote ISP facilities, either for $'s or some extra bandwidth.
There would possibly be problems with trust, but there always are.
(Insurange could be the ISPs workaround, if they were to get stung.)
You need to think like in a house/door lock instead of a padlock. And then think of a security system too. I have a garage door opener that you input your code to open and the alarm stores who accessed what when for 30 days. But I can set up a code for a repair man or someone who I know will be coming over while I'm away and then delete/disable the code after they are gone. and my security system can be controlled by Ethernet or the phone from any remote location. (even viewing the cameras.)
The Door in the kitchen coming from the garage is controlled by a set of really strong magnets and and hooked through the security system too. Once it is locked, you need about as much force necessary to kick a regularly locked door in to open it. But if the security code gave you access to the house, when you opened the garage door, it would unlock the kitchen-garage door too. Or you could open it separately with the same code on the keypad to the door.
This is the type of lock/access he is looking for. One that can check the codes and have the codes changed from remote locations to allow someone to enter and then deny access as soon as they complete thier jobs.
We have an RFID-based card access system where I work. The local stations keep a log of all cards allowed on a particular door in the last six months, so it'll open the door for those cards even if the network is out.
Whatever you do, avoid Chubb like the plague.
The "brains" of the system run on useless software that will not work without a hardware dongle. Check before you buy, I'm sure there are plenty of vendors who pull the same shit out there
Also, are you SURE that a keypress box (lockable box with hooks for hanging keys) won't do? When I was in the military, that's what we did. Never had a problem as:
a) We exchanged keys for identification (no ID, no key!)
b) If you lose the key or run away, we have your id, and we will hunt you down.
With a well-kept logbook, you cannot go wrong. Not to mention, no dicking about auditing whose keycard has access to which area when. If the key is missing from the keypress box, someone is using it. If it's missing after the official visitor hours, you have a problem. Scales pretty well up to a few hundred keys.
Of course, make sure you buy decent locks. Also, someone could always try to forge the keys. But that's what armed escorts are for.
I have had my eye on the RFID Digital Door Lock from ThinkGeek for quite a while now.
It's easily reprogrammed, you can issue access cards to persons as opposed to giving out a single PIN. Plus, it's supposed to be hack-proof, but probably not to the level of Sargent & Greenleaf.
I am considering it as a replacement for the lock in my flat's front door (which is arguably both less and more critical than an ISP gear shed). It's indoors, so weatherproofing is not an issue, but the flat is just rented so I can't really put any big holes in it...
Does anyone have experience with, or otherwise comments about, a lock of this type?
"Good news, everyone!"
Add & remove access on the fly.
while reading the first line of your 'utopia' I was immediately already envisioning the fourth & fifth word in your third line, but in a completely different expectation.....
every day http://en.wikipedia.org/wiki/Special:Random
Our recently refurbed admin building ("Hey! When are we plebs going to get our leaky windows replaced??") had its grand opening the other day, complete with University bigwigs and minor royalty. The day before it seems someone decided to upgrade the security system firmware.
When they did this, there was nobody inside. And they locked themselves out. They figured if they set the fire alarm off then the override would fling the doors open. But it didn't. They had to get someone in to smash through the security door to a) get inside and b) stop the fire alarm.
I imagine all the mess was cleaned up before the princess arrived.
Check out Computrols, Inc. They have programmable keycard locks that work over ethernet. Different card can access different zones and its all programmable from one head end unit. http://computrols.com/security
...is, as you have concluded yourself, completely useless.
Basically, you should go for the system that is easiest for you to manage. All electronic locks (and all locks in general) are easy to break, if you want to. Quite surprisingly, the more expensive locks, are often easier to break (it can be done with a screwdriver instead of a crowbar (or if your doorframe is better: power tools). And if the lock is better than that, there are always windows, or even walls.
If what you need is security, you need more than one lock to keep the bad guys out. And remember that the people most likely to break in to a better-than-average secured building is either the owner or people hired by the owner (insurance fraud); or employees or people hired by employees (or ex-employees). Your job is to not make it worth the risk. A local security company can also help with alarm systems and routine inspections. And remember the rule above, everyone, including security personnel, cleaning personnel, and so on, constitutes "employees" from a security standpoint.
Sound's like the geeks version of the Kibbutz
A small circle of friends and myself have been seriously discussing and investigating the myriad details in setting up something along those lines for ourselves. Thus far, the most compelling arguments in favour of it are the economies of scale and the various grants, tax breaks and other incentives we may gain, depending on how we are structured. The strongest argument against it has been the possibility of serious personality conflicts long term. Even setting aside the hopelessly flawed "Free Love" communes of the early '70's; experiments in communal living in North America have, at best, a patchy record of success.
I need a wheelchair van for my son. Help me get the word out. https://www.gofundme.com/wheelchair-van-for-jj
Of course, with a $10 tool, you can open the locks, but I bet the same could be said with your current locks.
certainly not the ones used in Jurassic Park... I know I don't want to overpay for some expensive door lock that some velociraptor can open when the power goes out...
The Door in the kitchen coming from the garage is controlled by a set of really strong magnets and and hooked through the security system too. Once it is locked, you need about as much force necessary to kick a regularly locked door in to open it.
Too bad most thieves cut the power before trying to break in. You do have your cameras on a UPS and the video sent to a remote location in realtime, right?
The who system runs on DC with a bank of small security batteries. The cameras have the power feed through the cables and I suppose they go through the same DC control panel. Last time the power went out and the generator didn't kick on, the alarm company called me on the cell phone asking if everything was ok. They said they received the signal that the power was off but didn't get the signal from the generator (it is the lower type that runs on natural gas and is automatic)
I'm under the impression they can monitor the house with or without electric except that I cannot connect to it (well though the phones) and they do their communications with it over dry-wire separate from the phone service. The IP address of the website I goto to monitor the cameras isn't my privat IP from my ISP. It is something the alarm company worked out. This isn't a role your own system. It came with the house and I pay for a service to have it monitored. It wasn't installed by brinks but the service is similar to it. I don't think cutting the power and phone lines alone is enough to defeat it. Now cutting a hole in the right wall and making a new door might. The motion sensors are only in a few places. there are switches in every door and window though. But the great thing about the motion sensors are that they can turn the light on and off when you enter a room which is convenient when your hands are full.
I will ask about the video when the power is off. Like I said, There was only one time we lost power and the generator didn't fire up. And that was because we had some work done on the wiring in one of the computer rooms and the contractor turned the main breaker back on but neglected to turn the generators safety cutoff on. We had to install line conditioners for the generator lines because the power isn't as clean as it should be. We were seeing jumps from 100 volts to 130v and had a cycle of around anything from 40 Hertz to 65H. This causes problems with surge protectors, ups and computers. Anyone looking for a generator should consider spending the extra money on one already fit with a conditioner or just install on in the wall before you think about expensive stereos or computers.
If you can afford it and the police have a reasonable response time, an alarm monitoring company is probably the best solution. Cutting wires won't help because disconnecting the house from the monitoring company triggers the alarm on their end (and maybe at the house, too) It would be interesting to know what infrastructure the alarm company uses for their wires. I imagine they could lease lines from the phone company, but for video it would tend to be rather expensive. Maybe they borrow frequencies on the cable system or actually did go lay their own wiring in the neighborhood. If it's an upscale neighborhood where everyone has an alarm, I would guess the latter. Wire all the neighborhood into one box and then pay for the T1 or other connection back to the main office and split the costs. Is the video from the cameras high quality, or small and/or highly compressed?
Have you looked into running your generator during peak usage hours to reduce electricity costs? It would be interesting if natural gas ended up being cheaper than buying the electricity during that time. It sounds like the generator powers the entire house back through the existing wiring, which may mean that it's overloaded if you see voltage and frequency variations that high. Generally it should run right at 60 Hz unless it's under heavy load and can't keep up. I'm surprised that your UPS didn't like the voltage fluctuations since they're supposed to handle it as far as I know. They will definitely switch to running off the battery when the voltage or frequency goes out of whack, but should keep the battery charged from the wall power regardless.
It really isn't that expensive once the install and initial maintenance is out of the way. The monitoring is less then 30 bucks a months with some service fees for incidents. But the discounts on the home owners insurance bring this down to less then $5 a months when you factor that in. I think we get 5 or 10 incidents every 6 months without incurring the fees but after everyone figured out how to use it, we haven't used more then one incident a month for quite a while now and that is a liberal estimate.
I believe they used something called dry wire. I think it is an aluminum version of the copper lines the telco uses. I don't think there is enough speed to do full voice with out some VIOP compression or something. Think of it as something similar to ISDN. I'm not sure if all the companies use this but I saw it in the documentation when we bought the house a couple years ago. I remember hearing about dry wire a lot back when DSL was coming of age and companies were getting around the Telco's slow reception to DSL by using dry wire and the word was to avoid it if at all possible. I recently found that Att/SBC is running a hybrid fiber to the network distribution panels in local subdivisions (at least in my area of ohio). I wouldn't doubt it if they used fiber on new installs. But DSL is available now in areas once too far off the beaten track to consider the equipment necessary for it. I'm living in the country with hundreds of acres of farm land in either direction and have 3 meg DSL service now. My closest neighbor beside the other three houses in the cluster is a quarter mile away. Life is good here:)
The gas company in my area automatically switches you to commercial status if your usage goes so high. But I use gas heat and have a gas stove and dryer. It bills don't seem that bad, during this winter which was a little warm, My gas bills only came to $60 and the electric never got higher then $30. The electric goes up and the gas goes down in the summer when the air conditioner is on. I don't think I ever had over an $80 electric bill except for when I forgot to pay it. The house is small and well insulated though. And I try to use the compact florescent bulbs in most of the lights, We do a good job of turning them off when not in the rooms and I have a good amount of natural light during most of the day. there are retractable awnings over the windows that help shade some of the sun when we are cooling and of course I do the old 70's early 80's thing and set the thermostat to 68-69 in the winter and 75-78 in the summer which seems to help a lot too.
In my old home, the bills were drastically higher but it was a lot older and not put together very well. So far, it seems like trying to lower them even more is more effort then it might be worth.
Here's something a little different than the typical swipe card systems that all have to be connected back to some central control:
CyberlocksWe use these where I work and it's a great retrofit when you have multiple builds, including ones that don't have any electrical power. Basically, you have electrical lock tumblers that you replace the mechanical ones currently in your door handles. The key supplies the power (no batteries in the locks to change). When the key is inserted, it powers up the tumbler. The key and the tumbler do their digital handshaking (Key says: "I'm key number 12345" tumbler checks its programmed list and sees that key 12345 is on it and says "Okay, I'm unlocking the door" and mechanically unlocks the tumbler).
Pretty interesting system with a lot of configuration options. Depending on how you set up the configuration, it's a little more involved if someone loses a key, but you can reprogram the tumblers fairly easily with a programming key, and you can set them up to permanently disable key 12345 if it is considered lost/stolen.
Not hackable? Hardly. But then again, so are mechanical locks. This system gives you an electronic equivalency of security that you have with the mechanical locks, plus with a more flexible method of key control and access.
I can't speak to the security of these locks but they might be worth a look. You unlock them using the Dallas Semiconductor iButtons. Each one has a unique serial number imbedded it it and it can't be copied. We've sold these peoples timeclocks and they have worked well. They also have a line of locks that sound like they might meet your needs. http://www.accesspilot.com/
Yes. These are great. However, they don't scale down well: *no-one* makes a decent lock of this type that is economical to buy in single digit numbers. You need the infrastructure to back it all up. Fine if you're doing a whole site, no good at all if you want a single lock.
*ALL* the single-door electronic locks are junk, which is why use of them often invalidates your building insurance.
Another solution I have seen to a very like issue is having a secure door lock like the medlock that don't open the door itself, but the bolt triggers an electric trigger built in the door with battery backup for power outages that will cycle the lock mechanism. Then also, a keypad combo lock tied into a central server that will also trigger the lock mechanism. This provides secure mechanical and electronic access in best and worst case scenarios.
Bingo. It's amazing how this post has already gathered about 5 threads of dimwits flaming each other over this very simple point.
My bicyles
I'm with a startup called Edge Integration (www.edge-integration.com - sorry, our web site is pretty lame at the moment) building exactly the system everybody seems to be talking around. Coming from the database/web I have found the physical security industry is pretty backward and I just don't think there are many solutions out there for our friend with the POP sheds all over the place. We're a good fit for it and maybe Brivo.
... that's a lot of work, I know, that's what I've been doing.
... we have just begun installation into a few reference sites and will be showing up in some security integrator's inventories in the very near future.
There are all sorts of quality electrified locks, decent means of authentication (Prox cards and readers are the most common and easiest to use) and systems that work well in locally managed situations. Getting rid of keys removes a big headache (not that Prox cards are perfect). The problem here is how to manage it all.
The problem with most physical security is they are controlled over serial lines to a control panel in a central closet (each panel is usually designed for 8, 6 or 32 doors) and to manage it you have to run some old Windows program (I even saw one recently that was a DOS program). For individual POP sheds with one door this is overkill. A clever guy could wire the door up to a spare server, write a bunch of software and manage it all that way, but
At Edge we are building a single door Controller (basically a PDA with special I/Os) to talk to the serial readers; manage the locks, buzzers, lights; and collect data from temperature sensors, pump switches or whatever else you want to connect. Our Controller manages its battery and happily works without external power or a network for as long as it can. Without network you can't configure it or see who is at the door, but if they have been authorized the door will still open. The Controllers talk to our server (we're an ASP model) so other than the little board a the door there is no "panel". All management, configuration, monitoring and upgrading is done over the network. The Controller calls out to us so there are minimal firewall/network issues to deal with. Users monitor and manage their doors on our web site, so it doesn't matter if the doors are spread across 20 POP sheds or in the same building. Naturally, you can define groups of doors and groups of users and map all kinds of schedules and permissions between the two. You can do ad hoc remote unlocks and scheduled uplocks. If the network is connected it takes about 3 clicks of the mouse and about 15 seconds to disable someone's access to a door. The web app will also let you know if a door is off network.
Right now you can't get this wonderful system, but soon
If the reason for attending the site is a power or backhaul problem, be careful which electronic lock you buy. It would be a shame if no power meant no access.
There was an unknown error in the submission.
mag casrds are your answer. you can remotely program the cards and there's no problem with opening the door if the network goes down at the site. they are also dirt cheap and can be set to expire so it doesn't matter if the tech loses it. video survillance is also a good idea.
If you mod me down, I will become more powerful than you can imagine....
hah, your giving most thieves WAY too much credit there pal. MOST thefts are thefts of oppertunity. scumbag X see's an open window and jumps in to see what he can steal. the most they will usually do is smash a window if they can see something worth the risk of the noise. My best mates a fed and even he has never known anyone to be that determined as to cut the power to a home to break in. you MIGHT need to worry about it if you house something obviously vaulable.
If you mod me down, I will become more powerful than you can imagine....