As long as we are talking about specific markets, I have a couple of stories.
In the United States, postal services have access to clusters of mailboxes and some common areas where mailman can leave mail and parcels, which can be entryways or some kind of storage rooms in them, for example, so that the owners can pick them up when they get home. These rooms are locked with padlocks made by several local companies. Once a key is inserted and turned in the lock, it can only be retrieved by turning it in the opposite direction to the default position, but even then they manage to forget them in the locks.
A customer from the USA came to us and asked us to combine this padlock with an intercom system we are developing to signal the administrator that the letter carrier came, opened/closed the lock or forgot the key in it. Nobody wants to switch to RFID, of course, or else the employees of the lock manufacturing company will have nothing to eat, so we had to enlarge the intercom vertically in order to build into it a lock whose transom will close a group of contacts on the panel, letting us know that something is going on. On the edge, lmao.
In the UK, mailmen are treated very differently - the intercoms have a special button on the intercom which, when pressed, will open the door so that the mailman can enter and drop off the mail without having to carry keys or RFID identifiers. Normally this button is set for some working hours, for example from 9 to 5 and of course anyone can press it and get into the premises.
I work for a company that manufactures access control and communication systems. The readers we develop support a variety of ID standards, from unencrypted EM-Marin and a long time ago cracked Mifare Classic to modern Desfire EVx standards. According to our statistics, more than 95% of customers still continue to use the most insecure identifiers because of their low cost and ease of operation.
Many of the installed devices are not properly maintained, even if the manufacturers continue to support them, because you have to pay for maintenance. In addition, not all equipment can be updated remotely over the network or even have a network connection to do so remotely.
Even if your cards are encrypted, it still can't guarantee you protection, because in most cases card readers are connected to controllers (not in the case of all-in-one devices like this lock) via Wiegand protocol, which doesn't provide any data encryption, so the identifier ID is transmitted over two wires in the clear form.
> At some point, isn't there some responsibility that rests with manufacturers for choosing to continue to support known-insecure standards?
There should be. Also there should be liability for access control system customers for choosing low cost, insecure solutions. But just like in the InfoSec world, there are simply no consequences to companies that cheap out and fail at security. These companies just issue a press release saying “we take security very seriously” and continue on with their business.
It's often a compatibility thing too. Insecure standards can often coexist because they're the lowest common denominator. It's just a "password" stored and transmitted as plaintext.
A secure system would involve a PKI which increases complexity and management overhead significantly (you won't be able to just copy "passwords" from one system to another, etc).
Compat is a factor and valid in some instances. It's not valid at all in this case. The old systems are wholly insecure, and should not be offered at all.
This is just some faceless corp being cheap and ignoring the consequences, not their problem.
I think the only reason why we have the amount of attention to security that we do in the software industry is because Internet enabled cheap automated large-scale attacks - enough so that even very low-value targets are well worth it.
I'm in a similar space and a lot of our customers continue to use old-school Wiegand low-frequency badges even though they're ridiculously vulnerable to replay attacks to the degree that Flipper Zero has automated it.
For a while I've had a question about hotel keycard technology, maybe you can answer.
Essentially every time I've stayed in a hotel with contactless keycards (usually in a group needing 3-5 rooms for 2-3 nights) at least one person has needed to get a keycard reissued.
What's up with that? My workplace's smartcards and my contactless bank cards keep working for years on end.
Hotel keycards usually work by having dynamic data written to them at the front desk (as the locks are often not network connected, at least in older systems, so they write things to the card like "works for room 123 until March 30th noon and the gym" or "works for room 456; sequence number 2, invalidate all prior keys").
There are two types of magnetic stripe cards available: High-coercivity (HiCo) and low-coercivity (LoCo). The field-rewritable kind used in hotels is usually LoCo, to make the writers smaller and cheaper. But that also makes the cards much more prone to accidental corruption by magnets you might have on you, like earbuds, magnetic wallets etc.
Bank cards are usually only ever programmed once (these days), i.e. when they're issued, so they're usually HiCo, making them much more robust against that. In addition to that, magnetic stripe usage has been phased out for payment cards in most countries and is getting rare even in the US, so for all you know, and depending on where you live/shop, your magnetic stripes might have already been demagnetized without any adverse effects!
Bonus trivia question: Guess which kind NYC MTA Metrocards are :)
Edit: Oh, I just saw that you asked about contactless keycards! For these I actually have no idea, and I haven't had one fail on me yet.
I just know that they often use a similar scheme ("works for rooms x, y, z, until timestamp n"), sometimes with a bit of cryptography on top (often with a single shared key across all instances of the same lock and even across hotels...) but using non-networked locks, so there can definitely be synchronization/propagation issues too.
I used to work as maintenance on a big chain hotel and we had magstripe card locks, I don’t think strong security is their primary goal as in a hotel the staff can enter any room at any time, the cards me and my team had were “god mode” we could open any door at any time even when locked from inside. If the lock didn’t work “firmware problems, dead batteries, stuck mechanism” we had another device that worked by removing a cover and connecting with a wire, this was also used for testing and FW updates.
When I worked mainteince on a big chain hotel in a major college town, we had a mark 2.0 crowbar if the key card didn't work. The real fun one was the flippy locks that you could kinda pop by slapping the non-working key card in, and slamming the door. The card would flex and spring the lock back. Then you could use the crowbar again. It wasn't too slow, but it was very loud.
They told me couldn't whistle and spin the crowbar nonchalantly before casually popping open doors that had a dead battery in front of the guest waiting to stay in that same hotel.
> the cards me and my team had were “god mode” we could open any door at any time even when locked from inside.
That is just bad management. The whole point of the interior deadbolt lock in a hotel room door is so no one can accidentally walk in on you thinking it is an empty room.
An emergency keycard that can open a hotel room locked from the inside is only supposed to be kept at the front desk for use during an emergency, mostly by police or firefighters so they do not break down the door and cause tens of thousands of dollars of damage. And its presence and use should be constantly accounted for.
Many U.S. hotels changed that after the Mandalay Bay hotel incident in October 2017. A guest can no longer assume that their deadbolted hotel room door will only be opened in an emergency. Routinely, hotel staff (not accompanied by police) may knock and then immediately open a guest's door for what they consider a "welfare check" (e.g., guest has had a Do Not Disturb sign for 2 days). And, yes, guests may be strongly opposed to this for a variety of reasons (in the room but undressed, etc.) but it often is part of a hotel's normal operating practices. One of many references: https://www.reddit.com/r/askhotels/comments/vaxae2/comment/i...
> Many U.S. hotels changed that after the Mandalay Bay hotel incident in October 2017. A guest can no longer assume that their deadbolted hotel room door will only be opened in an emergency.
I don't see the connection. The Mandalay Bay incident was an emergency, and the door was forced. What needed to change?
I believe the above poster is saying that hotels want their staff to periodically barge in with little warning just to catch the rare moment when there's an alarming array of guns or a dead person or something other than recreational amounts of drugs laying in plain sight.
It would be very shitty policy to "barge in with little warning". Rooms are checked regularly, but there should be quite a bit of knocking, and in the event it is deadbolted and the hotel guest refuses to open the door, or arrange a time the room can be inspected, then hotel management should be convened. Only after initial contact has been made and the hotel guest unreasonably refuses to allow access for an unreasonable period of time should hotel management "barge" in, or call the police.
Yes, a hotel room should be checked regularly, at a minimum of once per week if not more frequently. And that should have always been the case due to pest control, not due to possibility of a crazy shooter.
In any case, I would classify a guest refusing to open the door for a room check as outline in the rental agreement as an emergency (which should simply state once every x days or per management’s discretion).
It could be up to hotel management to go in without police, but I would certainly not give any line level employee an emergency key card to carry around at all times for that scenario. And I would also expect a manager to take on that task themselves.
This is surely overstated. I am sure firefighters are trained to do the least amount of damage when forcing a hotel door open. I guess a handheld electric saw could do the trick in less than one minute.
Any non ancient hotel will have metal fire doors that cost near a thousand themselves, plus the metal framing and whatnot.
The cops or firefighters are not going to spend time cutting, they are going to bust it open with a battering ram which will ruin everything, requiring reframing, new door, new thresholds, new frames, new locks ($2k), and maybe flooring too.
And then add in opportunity cost from not being able to rent the room during repair, which would take weeks due to those materials not being available at Home Depot.
I would budget at least $10k, and I bet it would not exceed $20k, but either way, using a battering ram on a hotel door is very costly.
Shouldn't that be other way around? Keycard only holding the simple numeric id, which is burned into silicone chip on it and impossible to modify, and the reader at the door, connected to hotel central system checks what privileges that particular keycard grants?
> the reader at the door, connected to hotel central system
That’s very often not the case, though, especially in retrofitted installations.
Locks are sometimes offline and even battery powered (and I suspect they can even report a dying battery to the front desk by setting the appropriate flag on keycards as they’re being read).
In the days before cheap, low-power radio networks a "central system" would have meant dedicated wiring to each door lock. So it would have been much more expensive to install than a standalone battery powered unit mounted directly on the door.
None anymore! They're being phased out as we speak. They were supposed to be end of life last year, though they pushed back end of life EoY 2024, because the MTA is never on time, all the time.
And I’ll be swiping until the day they remove the readers if they don’t introduce monthly capping via OMNY!
The Metrocard is actually a quite elegant and resilient/decentralized system, given the technology that was available when it was introduced. OMNY depends on a network connection being (almost) always available.
At least with old fashioned keys you can't easily give out a duplicate. I was once in bed, late at night, lights out, when someone let themselves into my room - a rather drunk guy demanding to know what I was doing in his room. The desk clerk had got his room number wrong and given him another card to mine. It all worked out OK, but under other circumstances I could imagine that it might not.
It was programmed incorrectly and expired before it should have.
The stay was extended but the key was not updated with the new departure date.
A new key was erroneously issued for the room, someone used the new key to go into the room, saw someone was already staying in the room, and had to get keys for a different room. This would cause all old keys to stop working since every time a lock sees a new key used, it assumes a new hotel guest is staying.
My brain was ANDing the first three paragraphs until I got to the OR in the last paragraph, wondering why in the world those otherwise discrete scenarios would have a combinatorial effect. I'm wired to look ahead to determine AND versus OR with a comma-delimited series, but not with a paragraph-delimited series. It's a cool pattern but very unexpected, and I'm not sure you could successfully tack on other thoughts before or after the series, because what would delimit those from the series without overloading the meaning of a paragraph separation?
Given a need for multi-sentence items within a series, I go for bullet points. Hyphen character to start each point if no rich UL formatting is available.
I had the same experience with NFC hotel card failing after being in my pocket (next to other cards and a phone). It had to be re-programmed at the hotel's desk to work again. Puzzled me enough to search net for the answers, but to no avail.
It's the phone. Have had this happen multiple times with just the card and my phone. Not sure if it's doing some kind of NFC ping on the phone or if there's just enough of a magnetic field around it or what, but I reliably locked myself out of my room the first week doing field work this year by putting my phone and my hotel card in the same pocket.
Same as basically any physical lock can be trivially picked. Yet no one is buying office door locks based on pick-resistance. Burglars will smash their way in anyways.
>Even if your cards are encrypted, it still can't guarantee you protection, because in most cases card readers are connected to controllers (not in the case of all-in-one devices like this lock) via Wiegand protocol, which doesn't provide any data encryption, so the identifier ID is transmitted over two wires in the clear form.
It is true, seems like probably better to go back to keys and lock.
> so the identifier ID is transmitted over two wires in the clear form.
I'm much more worried about someone using to a clothes hanger looking tool [1] to break into my hotel room than someone exposing cables and reading data over the wire to unlock the door.
This topic is perfectly covered in a presentation by Jérôme Petazzoni from Dockercon 2015, a Docker developer, on how containerization works. After watching the video, I began to clearly understand that this is not virtualization at all, as many at first imagine.
We are using Confluence for public and internal wiki, it has a bad search and really slow, but no matter how much everyone hates it, the market does not provide worthy alternatives.
When choosing 3 years ago, we used the following criteria:
* WYSIWYG editor. Any user must have a minimum effort to write documentation
* Flexible access permissions to various parts of the documentation. Public documentation is open to anonymous users, the internal one is divided into many sections with access for certain groups
* Multilingual support. Not out of the box, but possible with plugins
* Multilingual pdf export. In some markets, some customers prefer to have exported manuals
* The ability to inherit articles. We need to be able to make edits once, instead of duplicating the same articles
* Have a relatively modern appearance. Wiki engines are familiar to many because the whole world uses Wikipedia, but this does not make them more pleasing to the eyes, if I can say so
3 years have passed, I periodically look at alternatives, so far only wiki.js seems like a good solution but it’s not even close yet.
I recommend reading "Origin of life. From nebula to cell" of Michail Nikitin. Not sure if it's translated from Russian, but the book is fresh and considers many modern theories in terms of chemistry.
I was there around the same time as you — a couple of weeks before the new sarcophagus was rolled into place, and just after the last inhabitant of Chernobyl died and her house burned down.
Everyone recommends going, but to be honest I'd give it a miss. There are plenty of nice things to see and do in Ukraine.
Idea of “decentralized” brain perfectly explained in Michael’s Gazzaniga book “Who's in Charge? Free Will and the Science of the Brain”. He’s the first guy who makes experiments on split brain and found decisions making center which works like telling and explaining machine. Recommend.
Reminds me of Willpower instinct book that has similar but with the hypothesis that the prefrontal cortex is the "executive in charge of" type of brain.
In the United States, postal services have access to clusters of mailboxes and some common areas where mailman can leave mail and parcels, which can be entryways or some kind of storage rooms in them, for example, so that the owners can pick them up when they get home. These rooms are locked with padlocks made by several local companies. Once a key is inserted and turned in the lock, it can only be retrieved by turning it in the opposite direction to the default position, but even then they manage to forget them in the locks.
A customer from the USA came to us and asked us to combine this padlock with an intercom system we are developing to signal the administrator that the letter carrier came, opened/closed the lock or forgot the key in it. Nobody wants to switch to RFID, of course, or else the employees of the lock manufacturing company will have nothing to eat, so we had to enlarge the intercom vertically in order to build into it a lock whose transom will close a group of contacts on the panel, letting us know that something is going on. On the edge, lmao.
https://imgur.com/a/63GoaTB
In the UK, mailmen are treated very differently - the intercoms have a special button on the intercom which, when pressed, will open the door so that the mailman can enter and drop off the mail without having to carry keys or RFID identifiers. Normally this button is set for some working hours, for example from 9 to 5 and of course anyone can press it and get into the premises.