Slashdot Mirror


User: Dun+Malg

Dun+Malg's activity in the archive.

Stories
0
Comments
6,746
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,746

  1. Re:U.S. Constitution: Fourth Amendment on RIAA Loses DMCA Subpoena Case Against Charter · · Score: 2, Insightful
    The fourth amendment doesn't grant individuals the right to commit crimes anonymously.

    no, but it sure does mean that they can't go on "fishing expeditions", demanding the records of 20 people looking for that one in twenty that did commit a crime.

  2. Re:That's life on Diego Garcia? on Ham Radio Served as Main Link to Disaster Area · · Score: 1
    The military have put up a BS report saying all is well due to a freak geological anomaly that protected the island and there was only a tidal surge of 6ft anyway. But DG is on average only 4ft above sea level.....so by my calculations they were on average covered in 2ft of water (assuming the BS report bares any resemblance to the truth), which doesn't quite equate with things being "alright".

    A tidal surge of 6 feet doesn't mean that the entire ocean rose 6 feet all around the island. This surge is essentially a large swell coming from one direction. It the case of Diego Garcia, it came from the east. Most of the development on DG is on the west side. The tidal surge was essentially deflected/absorbed by the east side of the U shaped land mass (see map) and likely resulted in little more than a slight rise in water height in the central lagoon, and little if any flooding on the west side.

  3. Re:Why no mention of key-locked dials and bolt lev on Safecracking for the Computer Scientist · · Score: 1
    > Funny you should mention, but those cheap master locks with the false gates > is absurdly easy to manipulate. As a locksmith... The longest one of these > has ever taken me is 20 minutes. I find it interesting that a locksmith, of all people, thinks it could ever concievably take this long to open one of those things. Of course, it is your knowledge of the internals of the lock mechanism that is tripping you up. There are much faster ways to open those things than turning the dial, feeling friction, and deducing the combination. No, I don't mean bolt cutters. You can do it so that casual inspection and even use of the lock afterward will probably not discover what you've done, although the part of the lock that hooks onto the thingydoo inside gets worn out and the lock starts to feel very loose if you do it to the same lock too many times. If you still don't know what I'm talking about, no more hints: go find any eighth-grade boy whose favorite subjects are gym and study hall, hand him a locked $2 Master lock, and say, "I'll give you ten bucks if you can open this in under one minute with no tools except what you've got on you."

    Yes, the spring loaded latch mechanism can be "kicked", as you call it. It's essentially a design flaw in the mechanism. It really only works on older master combo locks or newer ones that are worn. A sharp blow at the right angle will put pressure on the shackle and also cause the latch to pull back just a bit-- done just right, the lock pops open. It can also potentially damage the internals, so I generally don't bother trying it. If I'm allowed to break the lock, a die grinder with a cutoff wheel will slice the shackle like butter. If I need the combination for a Master combo lock I can just look it up in the code books based on the serial number. The manipulation method I described is something I came up with one afternoon to amuse myself. Last week I figured out how to open a TSA approved luggage lock without tripping the tamper indicator. Locksmiths are weird.

  4. Re:Valve Hurt? on Inside the Shadow Internet · · Score: 1
    Dude... I think that you will find that trespass, or at least trespass without intent, is a tort. A civil action. And Copyright infringement has been codifyed as being criminal under the DMCA. From memory anyway.

    The sort of trespass where you walk across a farmer's back forty as a shortcut is a civil action. Good luck trying to convince them that trespass wherein you walk into their house and start rifling through their stuff was only criminal trespass and not burglary. Regardless, in either case trespass is a violation of property rights.

    As far as the DMCA criminalizing copyright infringement, that's neither here nor there. Even if they send you to jail over it, copyright infringement still isn't a property crime.

  5. Re:What's Truly Sad.. on Ham Radio Served as Main Link to Disaster Area · · Score: 1
    And yes, BPL is bad, and can/will interfere with HAM, but there are better ways to point this out than to completely ignore both the tragedy and what good these students, and other amateur HAM operators have been able to do since the tragedy occured.

    Do you also like to complain that cops write speeding tickets while there are still thousands of unsolved murders? Not all conversations have to default to the topic of greatest import, and I have no idea what made you think they did.

    Unless you're just karma whoring with a quick "think of the children"....

  6. Re:Valve Hurt? on Inside the Shadow Internet · · Score: 1
    Don't argue this point with me, go to the original poster's argument that he downloaded source 'just ouf ot curiosity'. He justifies copyright infringement with his 'just out of curiosity' and I asked would justifying trespassing with the same 'just out of curiosity' work in the court of law, so you are kind of off-topic.

    First, his justification never indicated he intended to use it as a legal defense, so I'm not sure why you're bringing the law into it. Second, since the two are covered by totally separate and unrelated sections of the US Code, your question is itself already off topic. It's about as relevant as asking if "curiosity" is a valid legal defense for murder. My reply was me pointing out the irrelevance of your hypothetical situation in terms of law.

  7. Re:Valve Hurt? on Inside the Shadow Internet · · Score: 1
    I downloaded Valve's source just out of curiosity.

    - I also, just out of curiosity sneaked into your house at night, and went over all of your stuff. I wonder if this line: 'just out of curiosity', will be a valid defence in the court of law?

    No, because you have committed trespass, which is a property crime. All you "then it's OK for me to steal your car" people need to get it through your thick skull: copyright infringement is not a property crime. It's not even in the same league. Copyright infringement is to burglary as jaywalking is throwing bricks at moving cars.

  8. Re:Curious tone on Inside the Shadow Internet · · Score: 1
    So you're saying that after Valve spent years and a heck of a lot of money creating Half-Life 2, they should be giving it away for free and making their money by selling support?

    No, jackass, what he's saying is that the original poster was improperly equating copyright infringement with theft of real property. Whether or not he thinks Valve's business model is (or should be) viable is a separate issue.

  9. Re:Better Safe Cracking through Chemistry on Safecracking for the Computer Scientist · · Score: 1
    Number of atoms, so probably neither

    But a scale will get you closer to the right ratio than a measuring cup.

  10. Re:Tell you the truth I'm not happy about this. on Safecracking for the Computer Scientist · · Score: 2, Insightful
    The parent post was not a complaint about the information being distributed. It was a complaint about how the information was being distributed. There's a difference between making the information available to those who go looking for it(as Matt Blaze did with the .pdf,) and posting a link on Slashdot for thousands of people to see.

    Personally, I think mass public distribution is better. It better serves to destroy the "security through obscurity" mindset held by a lot of locksmiths. It's not like any of that information is a magic back door that lets one defeat safes with the wave of a hand. It's a straightforward and honest examination of the design limitations inherent in these locks. It shouldn't be "kept quiet" so that only those who think to go looking for it find out; everyone considering these for physical security should know about it. The very fact that there are locksmiths out there who think this should be kept quiet is why this needs to be broadcast as publicly as possible, because people clearly can't depend upon those particular idiot locksmiths to tell them what they have the right to know.

  11. Re:I'm not a locksmith... on Safecracking for the Computer Scientist · · Score: 1
    Any locksmith will tell you breaking in without leaving any evidence is damm hard

    As I say to customers who ask if a particular deadbolt lock is "pickable", unless you're expecting problem with spies, it doesn't matter. Burglars don't pick locks when they can break windows or kick down doors.

  12. Re:It is actually interesting on how you "tap" a s on Safecracking for the Computer Scientist · · Score: 1
    The bad part is that once you've done this, to make the safe secure again you put a steel ball bearing the size of the hole in the hole, and then weld it in there. There is absolutely no way you're going to be able to drill through that steel. Any drill bit you try to drill through it is just going to dance on it, and end up breaking the drill bit. So I guess in that case, safes that have been forcibly opened using the above method are safer than ones that havn't.

    They're actually only marginally safer. Not only are there bits that can go through ball bearings (as another poster noted), but there is more than one place you can drill to see into the lock case. You can even drill at an angle and get UNDER the ball bearing. So long as you notice that it's been drilled before, it's doesn't add any difficulty.

  13. Re:The perfect safe on Safecracking for the Computer Scientist · · Score: 4, Informative
    The perfect safe is a computer controlled one. You can't crack a PIC controlling a solenoid-lock that is deep within the safe. And as long as there is a limit on combinations attempted per second, some sort of automatic combination guessing device is impractical, too.

    They make those, but my boss refuses to install them anymore, even if the customer wants it. We've seen too many cases of fritzed electronics, dead batteries, and broken wires with those things. I have only once seen a regular mechanical combo lock fail spectacularly, requiring drilling to open the safe, and in that case the lock "worked badly" for WEEKS beforehand (but the customer, of course, waited till it broke). Electronic locks tend to have binary failures: the work fine up until the point where they don't work at all.

  14. Re:Tell you the truth I'm not happy about this. on Safecracking for the Computer Scientist · · Score: 3, Insightful
    This is a very touchy subject and saying that alot of locksmiths were pissed off at Matt Blaze for even making that .pdf would be an understatement. Posting the link on Slashdot was just plain stupid.

    I'm a locksmith and any locksmith with half a brain should know that all of this is commonly available information. Certainly a few old fogies who think locksmithing is some sort of secret society like the Freemasons would pitch a fit if the customer wanted to see the inside of his safe lock. Or maybe they're pissed because they've been telling customers that the safes they're selling are "impenetrable", but if that's the case then they're the idiots. I have personally showed the various "safecracking" techniques to customers and let them try their hand at manipulating a combo lock. The theory is simple, but the implementation is darn near impossible without years of experience and practice. I've never had a customer decide not to buy a safe because I showed him how they're cracked and he thought it was "too easy". Basically, what it comes down to is that there's no such thing as 100% security. You Can pay more money and add more complication to get "more 9's", but a Star or Horizon in-floor burglary safe will keep out all but the most determined intruder. Honestly, any locksmith that thinks there are any "trade secrets" in the industry is foolig themselves. Anyone can get an Associated Locksmiths of America membership and a business license, and from there buy books that explain it all.

    I seriously doubt that posting this on slashdot is going to lead to a massive upswing in safecracking. The one thing I've noticed in the business is that (weird as it sounds) most people are basically honest! Besides, safecracking isn't fast enough for most criminals. Most safe burglaries happen when someone knows the combination, either having been entrusted with it, watching someone else dial it, or finding it written down in a drawer somewhere.

  15. Re:Why no mention of key-locked dials and bolt lev on Safecracking for the Computer Scientist · · Score: 3, Insightful
    I found this article to be quite diapointing. I don't know where he got that lock or how old it is, but it's likely at leat a hundred years old. They just don't make combination locks like that that would be so easily manipulated.

    Actually, the S&G lock he showed is pretty much current industry standard design. They're not as easy to manipulate as they sound. The principle is very simple, but the practice is extraordinarily difficult.

    Even a cheap $2 Master pad-lock, as he briefly mentioned in two sentences on page 31, has false gates on the wheels, basically defeating all the simplistic techniques mentioned in the article.

    They don't generally use false gates on the wheels of safe locks because the fence doesn't ride on the wheels while they're turning. The fence only drops down to contact the wheels when that smaller brass wheel in front is rotated so that thar hook shaped piece falls into it. False gates can make it more difficult to figure out where the real gates are, but the fact that they have a bottom and are not as deep as the real gate make them susceptible to the exact same analysis as a non-gated wheel pack. I think you are not entirely understanding how these locks work and the methods of manipulation he describes.

    Although he states that these false gates are easily identified, trust me, they are not.

    Trust you? You think an S&G 6730 lock (retail price $115.02, my price $69.01, 5 of them currently in stock at my lock supplier's warehouse in DC-- I just checked their online catalog) is "at least a hundred years old" and expect me, a locksmith with 10 years experience learning from a boss with 30 years experience, to trust your analysis? Please.

    --------

    Funny you should mention, but those cheap master locks with the false gates is absurdly easy to manipulate. As a locksmith I'll probably be banned from our secret society meetings for telling y'all this; but here, try it at home:

    First off, those false gates are only on the last wheel-- the first to wheels are smooth except for the combination notch. Second, the "keyspace" for those master combo locks is a lot smaller than it looks. The dial may be numbered 0 through 39, but you can be within 1.5 in either direction of the correct number and the fence will drop in. For sake of ease of implementation of my manipulation method, I usually round that down to 1.25 because this allows me to divide the wheel into 16 increments 2.5 apart. So effectively the possible numbers are 0 2.5 5 7.5 10 12.5 etc.-- basically each of the numbers marked on the dial face and the halfway mark between them.

    So now you have a keyspace of 16 * 16 * 16, or 4096 combinations. This is still a pretty big number, so let's reduce it. Pull up on the shackle and "feel" each of the points where there's a false gate on that last wheel. Around a certain number range it will feel "loose" because these lock wheels are never perfectly round and the fence of the lock will be stopped by the other two wheels. Once you find this loose space, you have a way to check if the other two wheels are correct. If they are, the fence will drop into them and your will feel friction at that formerly loose position. At that point you need only turn the dial until the third wheel gate is aligned and it pops open.

    You only need to go through 16 * 16 = 256 combinations on those other two wheels to find the combination. And you don't have to "clear" the lock after each try either: You set the first wheel at (say) 2.5, then spin around to 0 and see if it rubs. If it doesn't turn back the other way again to advance the second wheel to 5 then see if the third wheel rubs. Then go back and advance the second wheel to 7.5 and check the third wheel. Do this 16 times and you've checked all the combos beginning with 0. Reset the lock (4 spins) and try the ones that start with the first wheel at 2.5. continue this process until lock opens.

    The longest one of these has ever taken me is 20 minutes.

  16. Re:Why no mention of key-locked dials and bolt lev on Safecracking for the Computer Scientist · · Score: 1
    You could get a new dial with a medeco dial lock. That certainly will add a rather signficant layer to your security, of course this doesnt mean anything if its easy to pull your dial, and drill...

    Yeah, I always laught when I see those cheap locking dials. I mean really, how long does it take to pick a 4 pin wafer lock? And like you say, pulling the dial is usually the first thing you do when you drill a safe anyway.

  17. Re:Better Safe Cracking through Chemistry on Safecracking for the Computer Scientist · · Score: 1
    Thermite. Just pile your iron filings and aluminium powder (remember, kids: 3 parts of iron to 1 part of aluminium

    Is that 3:1 by weight or by volume? Important distinction there.

  18. Re:Book recommendation: The Great Train Robbery on Safecracking for the Computer Scientist · · Score: 2, Interesting
    Unfortunately, Bramah's "unpickable" lock was simply a round pin-tumbler lock. Like the ones Kryptonite used. Better design, though. The clever feature of the Bramah lock is that there's only one return spring for all the pins. So picking is really slow. Every time you get the setting wrong, you have to release all the pins and start over. Picking a Bramah lock is quite possible, but requires some specialized tools.

    I "picked" a small Bramah lock on a liquor caddy once. My boss was repairing the customer's front door lock and (as a joke) told me to see if I could open it after the owner told us she had no key. I managed to tension the lock and eyeball the depth of a couple gates and cut a makeshift key from a bit and barrel key with the bit shaved off. By sheer luck I had made a perfect working key in about 20 minutes. When I brought the open lock with key to my boss he looked surprised and told me they weren't supposed to be pickable, I (who'd never seen a Bramah lock before) said "It's a good thing I didn't know that then, eh?"

  19. Re:Surely you're joking... on Safecracking for the Computer Scientist · · Score: 1
    Mr Feynman used to be well known for this sort of things, repeatedly cracking the Los Alamos safes to try to demonstrate how lax security was...

    Nextel used to use Simplex mechanical pushbutton locks set to the factory default combination to "secure" leased equipment rooms on building roofs in my area. There was one in particular next door to where I work and I pointed out that fact to any of the Nextel techs I saw, but they always just shrugged and said "whatever". Every time I walked by that door I'd open the door and some sort of entry alarm would go off. Within 3 months of me doing this 2-3 times a week, the lock was finally replaced.

  20. No Big Secret on Safecracking for the Computer Scientist · · Score: 4, Informative
    The interesting thing is that it describes in detail the different ways that safes are cracked, probably revealing techniques that locksmiths would rather you didn't know about (there's a lot of security-by-obscurity there).

    A good locksmith specializing in safes doesn't care if you know how safes are opened-- on the contrary, they'll tell you all about it. The job of a competent physical security professional is give the client a straight and honest description of how the product works and what its weaknesses are, and safes are no exception. I've worked for a locksmith for the last ten years and it's company policy to show clients exactly what they're getting and/or what they already have. With safe openings, my boss explains exactly what he's doing and how it all works. Admittedly, there are a lot of locksmiths who think this should all be top secret stuff, but they're just fooling themselves. All the info is out there. There's no official schooling for locksmiths, and no coherent regulation of the profession. Subsequently, there's no way to really keep the information out of the hands of "criminals" while still allowing access for beginners trying to start out in the profession. You can join the Associated Locksmiths of America essentially by just saying you're a locksmith, although you'll be approved for membership quicker if you have the recommendation of an existing ALOA member. Once you have an ALOA membership number, you're a locksmith as far as the "keepers of the knowledge" are concerned. Heck, you don't have to have anything but fifty bucks and a mailing address to subscribe to The Locksmith Ledger, and they frequently have articles on opening various safes.

    Really, none of the techniques outlined by Mr. Blaze in the PDF are any big secret. Anyone with access to such a lock mechanism (buy a safe and you've got one) and a little brainpower can figure all that stuff out. The thing is, drilling a safe requires fairly specialized tools and is very noisy. Manipulating a safe requires a lot of practice, and even an expert can take a LONG TIME to get into a safe. There's no astounding revelations there. Walk into my boss' locksmith shop and he'd show you all that. I've tried my hand at both drill penetration and manipulation, and there are no "secrets" that make any of that stuff easy. At best, the knowledge it just makes it possible-- and that knowledge is available through simple observation.

  21. Re:I Wonder... on RIAA/MPAA Contractor Deploys Malicious Adware Trojans · · Score: 1
    You cannot "defend" your intellectual property anywhere except in court.

    Sure I can. If I hear you singing my song again I'll "pop a cap in your a**". I recall a rapper threatening to defend his IP against Weird Al in a back alley of New York City a few years ago. Did you mean legally? Did you mean ethically?

    Don't be intentionally obtuse. I was obviously speaking in terms of law (and to a lesser degree, ethics). One can obviously try to defend any sort of claimed "property right" regardless of the law. You can claim property rights to the word "bacon" and then go around to restaurants beating the crap out of diners who "steal" your word trying to order breakfast, but if you do you're a dumbass and you're probably going to face assault charges. So let's disregard the clearly inappropriate actions of some dirtbag who doesn't understand the parody aspect of "fair use", shall we?

    Beyond the ancient concept of "Possession is 9/10ths of the law," what makes the tree in your yard your property, and your neighbor's car parked in your driveway not your property? Did the tree grow from an acorn from your neighbors tree? Did you "build" that tree? Its all a legal construct, derived from the social construct we as a society choose to live in.

    You want me to define property theory without using the principle of posession/control/occupation upon which it's based? Property rights are an extension of animals' defense of territory. You can't define property without addressing its defensability. Even dogs understand a rudimentary form of property rights, so it's far more deeply ingrained that just a "social construct". That's the entire krux of the issue with "intellectual property". The only way you can "occupy, control, or posess" a song (for example) is to keep it secret known only to yourself. Once you release it into society, it becomes indefensible except through artificial constructs of law. If you examine the US Code, you'll find that property law and copyright are in totally separate, unrelated sections. You see, a copyright is merely a construct a law that allows people to treat something that fundamentally isn't property as if it were for the purposes of enriching the public domain.

    I'm curious how you propose protecting other property anywhere outside of court and the legal system? Locks? DRM. Limit access? Encryption. Sitting on the porch with a 12 guage?

    Sitting on the porch with a shotgun is a perfectly legitimate way of protecting your real property. Intellectual property, since it's not real property, has no physical form which can be physically defended or contained and therefore can only be defended through the court system.

    If you really want to go down that path, that intangible items are not real property, I'm not sure how you can object to anyone randomizing the bits on your hard drive, because you still have your hard drive after its done, what have they destroyed? Certainly not any property!

    By the same argument, you can't object to me coming into your house and de-solder all the IC's in your TV set because, after all, you still have the TV set! Trespass and destruction of property, at the very least. You're not allowed to go into an office and erase all the pencilled notes written on the CEO's steno pad either. Rendering property unusable, requiring expense of time and/or money to restore it to its original condition is a crime.

  22. Re:Obviously you are too young and stupid to... on German Court Sets Copyright Tax on New PCs · · Score: 1
    Why did you post all that musty old class-war drivel here?

    Shouldn't you be out selling your newspaper?

    Actually he should be out trying to give it away for free. After all, everything should be free and property is theft! Seize the means of production!....or something....

  23. Re:A new milestone. on One Year on Mars · · Score: 1

    Yeah, I think "cicadian" time is defined as how long it takes before those buzzing insects drive you insane (nominally about 3 days)

  24. Re:In the same direction.... on $1.5 Million Bar-code Scheme Bilks Wal-Mart Stores · · Score: 1
    Lack of intent might be a necessary criterion for escaping blame, but it's not a sufficient one.

    Of course, but you either have to prove intent to defraud or negligence, and the space between the two is pretty wide. A handfull of mis-priced items among thousands is an excusable error.

  25. Re:I Wonder... on RIAA/MPAA Contractor Deploys Malicious Adware Trojans · · Score: 1
    Protection of one's property is not a vigilante action.

    Copyrighted works are not the same as real property, and as such are not covered by the same rules. You cannot "defend" your intellectual property anywhere except in court.