The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: Rutgers 'Security List' (incl. misc.security) - Archives (1987)
DOCUMENT: Rutgers 'Security List' for October 1987 (53 messages, 28431 bytes)
SOURCE: http://securitydigest.org/exec/display?f=rutgers/archive/1987/10.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

-----------[000000][next][prev][last][first]----------------------------------------------------
From:      DPickett@his-phoenix-multics.arpa   2-Oct-1987 08:45:38
To:        Security@RUTGERS.EDU
     Anyone who has information on you indexed by SSN can sell it,
reducing your privacy and possibly reducing their opinion of you so that
you are harmed.  The very fact that they have the data indexed by SSN
means that anything they care to file on you can "travel" very far and
fast, and sometimes it is not factual.  Mistakes happen, and the first
party can clean their files, but they have no power over the persons
they copied it to....  Even if the organization collecting the
information is not sharing it, the indexing by SSN makes it salable by a
thief or future owner.  Security, yours and mine, comes from giving out
information on a need to know basis.
-----------[000001][next][prev][last][first]----------------------------------------------------
From:      tencati@VLSI.JPL.NASA.GOV   2-Oct-1987 15:18:41
To:        awalker@red.rutgers.edu
Well, before I got into the computer biz, I used to work in a hardware
store.  One of my jobs was re-keying people's locks.

The principle of a key is that when it is inserted into a lock, the ridges
on the key raise these little pins inside the lock cylinder.  If the right
key is inserted, the tops of all the pins are flush with the stationary
part of the lock which also has a set of pins of various lengths.  

The best way to describe it is to picture a 2 sets of pins.  When you insert
your key, the bottom pins rest on top of your key and are pushed up into the
top of the lock, against a second set of pins.  The lower pins are all 
different sizes which is why your key has different heights.  If all the
bottom pins are flush with the top of the lock cylinder, then you inserted the
right key, otherwise, some pins will either stick up past the point where
the cylinder turns and protrude into the upper cavity preventing the lock from
turning, or the pin will not stick up high enough in which case the upper
pin which is spring loaded will protrude down into the lower cavity again 
preventing the lock from turning.

A "MASTER KEY" is any old key.  The difference is in the upper pins of the 
lock.  Instead of having only one pin in each upper chamber, the upper
chamber is fitted with a series of pins with different heights.  So there
are segments instead of only one pin.  If the correct key is inserted in
the lock, the bottom pins are all flush and the cylinder turns.  If
the master key is inserted, some of the bottom pins may be flush.  The ones
that aren't correspond to a spot where the bottom pin is not pushed up far 
enough so that the top pin is pushed into the lower cylinder.  However
because the upper cavity was fitted with different sized segments (called
"master pins"), one of the segments is flush with the top of the cylinder
and the lock still opens.  In order for this to work, the master key must
be known, and each lock must be fitted with pins which allow the primary
key to work, and then the master pins are put in.  Because the top pins
have to have a sum-total of a certain length, the segments can be put in
any combination allowing more than one key to act as a master.

This is why locks can be picked with a hairpin (it's tricky, but it *does*
work).  All you have to do is lift the pins to the right height and turn.
The problem is overcoming the springs which act to force all pins down into
the cylinder.

Also, if you try a key in a lock, and any of the ridges cause the pins to
be raised up such that the lower set of pins pushes up into the upper 
cavity and the upper pins can't move any higher, the key will not be able
to fit any further into the lock, which is why sometimes your key won't
fit in someone else's lock.

Hope this answered your question.

Ron Tencati
Jet Propulsion Laboratory
-----------[000002][next][prev][last][first]----------------------------------------------------
From:      *Hobbit* <AWalker@RED.RUTGERS.EDU>   2-Oct-1987 17:57:31
To:        security@RED.RUTGERS.EDU
Ah, finally someone *else* talks about locks...

Master key systems can be done correctly or done stupidly.  Normally
[i.e. correctly] the cut heights for the master are mixed as to whether
they're above or below the cut heights for the non-master key[s], and 
placed a sufficient distance away so that there's no possibility of
placing pins at the master position by wiggling the slave key or inserting
it to funny places.  Often mastered systems use very thin splits [the little
wafer inserts between the pin and the driver that allow the lock to open
at different cut heights] which can jam or fall out of the cylinder.

If the maid's key cuts were all lower than the cuts on your office key,
then the system was done stupidly, and you could generate a master by
cutting your key down to the master level.  [You can determine the master
level by taking your office lock apart and loading in just the master
pins/splits as a template.]  I suspect that there are quite a few systems
out there that are done this way.  Suspect this if all the slave keys look
like they don't have too many low cuts in them.

Sometimes odd-shaped drivers called mushroom drivers are used in heavily
mastered systems, in an attempt to make them harder to pick.  These will
allow the plug to cock over a little bit during picking but with the
given pin in the wrong position, so that additional fiddling has to be done
to get it to the right position.   Some older Russwins use ball bearings in
place of rounded pin ends to reduce wear in heavily-used locks.  [If you take
your lock apart, of course, keep very close track of where everything went,
or it obviously won't work anymore...]  To disable the master position and
only allow your office key to work the lock, you'd normally have to obtain
different pins of the right heights.  You might get lucky, however, and
find two pins whose mastering parts could be swapped, changing the master
height there but leaving the slave height.  Then the maids couldn't get in
but you could.

I suspect that there are quite a few of us that majored in locksmithing
in high school, and were dearly loved by the deans.  If only I had had the
presence of mind back then to explain to them how locks are perceived as
little puzzles to take apart and solve, not as something standing in the
way of theft.

_H*
-----------[000003][next][prev][last][first]----------------------------------------------------
From:      Mike Linnig <LINNIG%eg.ti.com@RELAY.CS.NET>   2-Oct-1987 19:30:36
To:        security@RED.RUTGERS.EDU
talking about the security of garage door openers...

My house builder installed my garage opener.  He probably also 
installed the same model in all of my neighbors houses.  The garage door
is digitally keyed.. there are 256 codes.

I once thought of all the fun I could have if I got a one hundred watt
linear amp and attached my tiny garage door transmitter to it.  Of
course I'd have to rig something to cycle through all 256 different codes
but that wouldn't take long	(grin!)

An entire neighborhood with ONE remote control!

	Mike
-----------[000004][next][prev][last][first]----------------------------------------------------
From:      simsong@broadway.columbia.edu (Simson L. Garfinkel)   3-Oct-1987 10:13:57
To:        security@RUTGERS.EDU
Along the lines of keys and master keys, the system isn't always as
good as people make it out to be.

When I was in high school, I happened to be a computer consultant at
the college across the street, and they gave me a key to open the
computer room in the morning. One day, I discovered that the key blank
from the college computer room fit into the lock of the highschool
computer room (which also had a tendency to be locked in the morning.)
Not only did it fit, but it also turned in the lock!

After comparing my key with the key of one of the teachers, we figured
out what happeend: the college computer room key fit about half of the
pins for the high school computer room's "slave" key, half the pins
for the "master" key. A real fluke, but it effectively gave me a
generic computer room key, for which I was greatful.

................................................................simson
-----------[000005][next][prev][last][first]----------------------------------------------------
From:      bzs@bu-cs.bu.edu (Barry Shein)   4-Oct-1987 16:26:00
To:        mlinar%poisson.usc.edu@oberon.usc.edu
>That is hardly worthwhile.  What you have done MAY stop a true amateur, but
>wire tapping can be cleanly done anywhere along your phone line.

Waitaminute, do we have a case of security-macho here? Maybe he's only
trying to protect against the "true amateur"? Remember, the only
person that's going to bug his phone is a person with a motivation to
do so.  More often than not that will be someone w/in the organization
who isn't going to expend the resources to hire a pro, but if a pair
of alligator clips will do the job, what the hell, right?

Years ago I had an office which had a wire-closet for a good portion
of the building behind the door. I got curious and began playing with
a pair of alligator clips and found a phone line which appeared to be
unused.  This was useful because my phone line could not dial
off-campus while the discovered one could (not long-distance, that
took an access code, but even up the corner for a pizza.) [standard
disclaimer: this of course was on another planet where such things are
encouraged.]

If someone had simply put a locked box over it I'm sure I would have
never bothered to investigate (unless it was such a dumb lock...but
that's a different story.)

Let's not make the best the enemy of the good.

	-Barry Shein, Boston University
-----------[000006][next][prev][last][first]----------------------------------------------------
From:      Phil Benchoff <BENCHOFF%VTVM1.BITNET@WISCVM.WISC.EDU>   5-Oct-1987 08:35:04
To:        SECURITY@RED.RUTGERS.EDU
We  have  a  very  neat  security  system  on  our  computer  room  here.
Authorized people carry cards which are held in front of 'readers' at the
doors to gain access.  Each card has a number which the  security  system
hands  to  a  computer  which  determines  if  the  person  is  currently
authorized.  The cards are credit card sized  with  no  visible  magnetic
strip.    The  center  layer of the card looks like a glass-epoxy printed
circuit board.  You can usually get in the  door  just  by  holding  your
wallet close to the reader.  The manufacturer is Schlage Electronics.

Does  anyone  know  how  this  system  works?    The  readers determine a
4-digit(?) number, so it can't be that simple.  How expensive is  such  a
system?    It  is  very  convenient  to have one card that can be used on
several doors,  saves the cost of re-keying locks if one is  lost,    and
provides an audit trail of who has been where.

How  about  anti-shoplifting  systems  that  work  on similar principles?
Stores that use them either remove something from a product  when  it  is
bought,  or pass things over a demagnetizer(?) when they are paid for.  I
have  disassembled  several  things  that  I  have  purchased to look for
whatever they put there,  but haven't found anything.    I  suspect  that
only a random sample or items actually have protection from being carried
out.

A  final  note:   The two systems must be very similar, because I am told
that the computer room  card  will  trip  some  of  the  anti-shoplifting
alarms.  Oh,  the joys of being a DP professional.  :-)
-----------[000007][next][prev][last][first]----------------------------------------------------
From:      "Robert (Al) Hartshorn" <CCSM1AL%TECHNION.BITNET@wiscvm.wisc.edu>   5-Oct-1987 12:12:39
To:        security@RUTGERS.EDU
Just a sort note.  I retired from the US Army (MI).  I inspected sites
for security problems (TEMPEST).  Just to let you know, there is so meany
ways to monitor your PC.  We could monitor your phone line at the house,
at the pole, at a transmitting site, or even monitor your power lines.
There are more ways to do it then one would normaly think about, and alot
of the things that one would need can be gotten localy.

If you have information that you don't want anyone else to see, filter your
power line, put a ground screen on all four walls, floor and ceiling.
Ground your PC to a ground point that you can only get to from inside the
room, and now place your PC in a sheilded box, with you only access toward
the largest mass of your house.  This will do for a start.

This may sound like a joke, but this is just some of what you would have to do.
To me, it sound like to much work and I just don't have anything that I want
to prevent anyone from getting so bad.  But to secure your phone connection box
is not a bad idea for other reasons.  You can never tell when someone may
connect to it and make a call.

Have fun, and don't let this go to your head.

Al
-----------[000008][next][prev][last][first]----------------------------------------------------
From:      Jeffrey R Kell <JEFF%UTCVM.BITNET@wiscvm.wisc.edu>   5-Oct-1987 14:27:58
To:        SECURITY@RED.RUTGERS.EDU
Not to mention the MASTER-master-key of most large-scale lock systems;
if you watch them 'change' locks, a special little 'key' is inserted,
turned, and THE WHOLE CYLINDER comes out of the door.  'BEST' (company)
locksets work this way (a common supplier of large-scale locksets).

/Jeff/
-----------[000009][next][prev][last][first]----------------------------------------------------
From:      John Owens <OWENSJ%VTVM1.BITNET@wiscvm.wisc.edu>   6-Oct-1987 10:49:33
To:        Security Mailing List <SECURITY@RED.RUTGERS.EDU>
The most likely reason that the NSA couldn't decipher the multiply-
encrypted operating system is that they were looking for text.  How
would they recognize the "cleartext" when they had it, if what was
sent was machine code?  I wonder if they believed it when the sender
gave them the keys, since it still didn't come out to anything
sensible.  (Of course, this assumes that it was machine
code that was sent, and not source.  Glenn?)
-----------[000010][next][prev][last][first]----------------------------------------------------
From:      jcmorris@mitre-bedford.ARPA (Joseph C. Morris)   6-Oct-1987 18:26:33
To:        misc-security@mitre-bedford.arpa
Several years ago there was a report that MIT had been hit with numerous
breakins (some versions say the intent was pranks, not burglary) which 
had been accomplished with keys which opened various locked offices.
According to the reports (more accurately: rumors) going around the Institute
the keys were manufactured by students who had removed the door locks from
the bathrooms in the main MIT building (that's buildings 1 through 10) and
had disassembled them to find the common pin breaks.  All they had to do 
then was to file a key which aligned the common breaks with the cylinder
radius; since the locks represented doors from all parts of the building
(despite the range of numbers it's one structure) they had a master for
almost every door.

Except for buildings in which the bathrooms are routinely locked, who would
notice that the doors were missing the lock cylinder?
-----------[000011][next][prev][last][first]----------------------------------------------------
From:      wayner@svax.cs.cornell.edu (Peter Wayner)   6-Oct-1987 21:34:27
To:        misc-security@beaver.cs.washington.edu
Glenn (Everhart%Arisia.decnet@ge-crd.arpa) writes that 
all international communications must be sent encrypted by DES
by LAW.
   ----
   
Is this true?  Can anyone confirm, deny, or provide the necessary legal information? I thought you needed an export license to send the DES
algorithm across the seas. How can the other side decode message?

-Peter Wayner
(wayner@crnlcs.bitnet  or wayner@svax.cs.cornell.edu)
-----------[000012][next][prev][last][first]----------------------------------------------------
From:      murray@andromeda.rutgers.edu (Murray Karstadt)   7-Oct-1987 15:43:42
To:        security@red.rutgers.edu
his may be somewhat off the mark for this group but...

What we would like to do at our PC lab is leave software and manuls out for 
easy access by students. These disks are the usual mix of commercial stuff
that most PC labs have. 

The question is: How can we have a relatively open environment and not
have the disks ripped off. B. Daltons's and other large book/software
sellers use electronic security systems that are supposed not to fry disks. 
It would be nice to have one of these systems installed  at the lab. But most
like they cost too much.

Does anyone have any experience with on of these systems in a PC lab?
Is there a cheaper way of securing disks while maintaning an open access 
system? Is this another example of my typical brain damage and not at all
practical? 

waiting and hoping for some answers

murray
-----------[000013][next][prev][last][first]----------------------------------------------------
From:      half@mitre.arpa   7-Oct-1987 17:53:36
To:        security@red.rutgers.edu
It's always amazing to hear the stories floating around
about comsec. Now another DES crack story withthe usual cast
of characters: a grade student with a PC finds the famed 
trapdoor, --hidden years ago by a combination code designer
past chess grandmaster.  The proof is shown to civil servants
from Ft. Meade who'se first instinct is to banish the student
to a little known military reservation outside Atlanta, Ga.
Of course, the officials knows nothing about this and have no comment
on the specifics.  But the student told his friend, word is out!

OK, why not? But I figure this is the tenth such story in the
last two years.  

As I understand it (from what I read in the press, specifically
Cryptologia) DES can be attacked brute force; however, it's
expensive.  Now there is a cost per message were as formerly, the
traffic was free to harvest.  More traffic, more cost and the
result is that you have to divert money from other more important
projects to keep brute forcing all those DES messages. So 
management makes you limit your DES haul in favor of
more productive projects. Remember, DES is usually
low grade traffic.  Your need a lot of it to makes sense
of important things, --which is now expensive.

Again going back to the press we see David Kahn writting in 
the Fall 1979 issue of Foreign Affairs " Cryptography goes
Public" about intercepting telephone voice traffic. You can
read what he says for yourself but basically, the STU-III
telephone (described in the New York Times about six months
ago) is to help keep government information private, not
to help the telephone companies become "secure". 

I am looking foward to the next DES break story.  In fact I
may write my own: perhaps a former world war II cryptographer
notices an uncanny pattern in s-box number two whose 
mirror image he sees in the key bits....
-----------[000014][next][prev][last][first]----------------------------------------------------
From:      mason@OBERON.LCS.MIT.EDU (Nark Mason)   8-Oct-1987 13:18:36
To:        AWalker@red.rutgers.edu, jm7@pyr.gatech.edu
I recently wrote an RSA encryption algorithm to be used for encrypting
banking system audit logs. The software hasn't been delivered yet but
we are using 200 digit bignum arithmetic, which when Rivest, Shamir
and Adelman wrote their paper in '77 they estimated 3.8 * 10E9 years
to factor it. The great thing about RSA encryption is the more secure
you want it to be the longer the number you use (and the slower it runs),
whereas something like DES always takes the same amount of time to break.

The reason banks use numbers small enough to be factored in a couple
of (cpu) weeks is that the data is obsolete (and therefore useless)
within a week. We have stuck to 200 digit arithmetic because it impresses
people more and we don't actually have to use it yet.
-----------[000015][next][prev][last][first]----------------------------------------------------
From:      Larry Hunter <hunter-larry@yale.arpa>   8-Oct-1987 14:09:41
To:        <EVERHART%ARISIA%rca.com@relay.cs.net>
 GE:  1. DES was originally certified, but was designed with a short enough key
    that NSA could break it by brute force. (It IS a federal law that no cipher
    may be used for international traffic that NSA can't break, so the
    permeability of DES follows from reading the relevant US Code sections.)
      
 LH: Although the brute force math is easy enough to demonstrate, this legal 
    stuff is news to me!  What are the relevant US Code sections?  As far as I
    can tell it isn't in the Foreign Intelligence Surveillance Act, and there
    is no mention of this in Bamford's the Puzzle Palace.   Where can I find
    either the statute or a detailed reference?
          
 GE:I never did hear where in the US code the law I referred to exists; just
    got the info some years ago from some folks who did work on some spook
    jobs who were in a position to know.
    
I'm suspicious.  According to the Congressional Office of Technology
Assement series on Federal Governement Information Technology (3 vols:
Electronic Surveillance and Civil Liberties (1985), Management, Security
and Oversight (1986) and  Electronic Record Systems and Individual Privacy
(1986)), the relevant policy documents are the Brooks Act (1965), the
Privacy Act (1974), OMB circular A-71 transmittal memo 1, Presidental
directive NSC-24, the Paperwork Reduction Act,  the Federal Managers
Financial Integrity Act, National Security Decision Directive 145 (the
biggy: "national Policy on Telecommunications and Automated Information
Systems," which sets NSA as the focal point for both military and civilian
information security) and OMB circular A-130 -- None of which support
your claim that there is statue (or even policy) prohibiting use of a
cipher that NSA can't break.  The Foreign Intelligence Surveillance Act,
which made NSA into a legislated government body doesn't mention it,
either.  Even the idea is suspect: wouldn't that mean that there was
a list somewhere of ciphers that NSA couldn't break?!  Doesn't sound
like the kind of list I'd want to see passed around.

That doesn't mean I don't believe that NSA tries to ensure that it
can crack every message, say by getting the key size of DES cut in 
half.   I had an extended correspondence with one of the designers
of DES where I convinced him that NSA cut the key size so that
it would be vulnerable (you can have a copy of those messages
if you are curious).  I just don't believe there is any statute
that says such a thing, and you should be careful about making
any claim that there is.

                                 Larry
-----------[000016][next][prev][last][first]----------------------------------------------------
From:      jmturn%ringwld.UUCP@CCA.CCA.COM   8-Oct-1987 14:21:37
To:        security@RED.RUTGERS.EDU
Back when I worked for LMI, I had occasion to assist one of our
resident amatuer locksmiths in rekeying a lock. The basic goal
was to create a secure door for the video room, which would open
to my key, and no one else's. LMI used the standard system where
your office key was also the front door key. This is a varient on
the concept of a master key. Rather than one key opens many
locks, this is one lock with many keys. Obviously, you can't use
the split-pin idea to make that work, you'd need an almost
infinite number of sections in a large building. Instead, the
lock only has some subset of the total number of pins (3 pins in
a 5 pin system, for example). This makes for an interesting trade
off. By definition, all the keys must share a certain number of
common pins. 

Therefore, there is a trade-off. The more pins they share in
common (and thus, the more pins on the outside lock), the more
secure the outside door is. On the other hand, the less unique
pins between keys, the easier it is to gimmick someone elses lock
given you have a key.

It was VERY easy to gimmick LMI locks...

                           Save Your Vertical Blanking Intervals 
                           for Big Cash Prizes!

                           James Turner
                           (The Ringworld Engineer)
-----------[000017][next][prev][last][first]----------------------------------------------------
From:      jm7@pyr.gatech.edu (John McLeod)   8-Oct-1987 17:43:27
To:        AWalker@red.rutgers.edu, jm7@oberon.lcs.mit.edu, mason@oberon.lcs.mit.edu
~50 digits is fine until someone bothers to break the code the first time.
The first time that the key is broken, then the person who has the key
has access to all messages as they are sent.

jm7
-----------[000018][next][prev][last][first]----------------------------------------------------
From:      ATSWAF%UOFT01.BITNET@WISCVM.WISC.EDU   8-Oct-1987 19:53:01
To:        SECURITY @ RED.RUTGERS.EDU
Subject: Homing Devices

Does anyone know where to conveniently purchase some kind of device
to place in a car to track where that car is going? Does Radio Shack
have anything like that? How much would everything involved with it
cost? And what is a reasonable distance it would work at?

                                        Thanks
                                        Wendy Fraker
                                        University of Toledo
                            ATSWAF%UOFT01.BITNET@WISCVM.WISC.EDU
-----------[000019][next][prev][last][first]----------------------------------------------------
From:      quintus!gregg@Sun.COM (W. Gregg Stefancik)   9-Oct-1987 12:17:02
To:        security@red.rutgers.edu
Being a recent graduate of the Foley Belsaw Institute's course in locksmithing,
I would like to describe the technique for master keying and the way one can
make a master key.  Most master key systems have 2 or more shear lines.  One
shear line is for the change key (the key which will open that door only).
The second shear line is for the master key.  If there are any other
additional shear lines they would be for the grand master key, grand grand
master key, etc.  In a good master key system a change key will not have
any of the same depth cuts as the master and the master will not have any
of the same depth cuts as the grand master, etc.  So there is no sure way
of making a master key from any number of change keys.  The only way I know
of to make a master key is to remove a lock from service and either pick or
open the lock with a key then dump the pins and determine how many keys will
open the lock.  Make all of these keys(proably no more than two or three keys)
and see which one opens other locks.

Gregg
-----------[000020][next][prev][last][first]----------------------------------------------------
From:      paul@uxc.cso.uiuc.edu (Paul Pomes - The Wonder Llama)  10-Oct-1987 21:46:42
To:        security@RUTGERS.EDU
My object is not to be secure against professionals or those with excess
cash for nifty devices.  The "threat" to my privacy are the students in my
Explorer post and the local high school students who shop at Radio Shaft.
For the money ($3 and a half-hour) I've secured a too easy tap point.
Beyond that it's not worth the trouble.  The telco people in C-U usually
lock the junction boxes.  (Have you ever gone up a pole?  It's quite
stimulating to the adrenals when done illicitly.  'Tis far better to
have a lower profile then stimulate that sort of interest in your calls.)

-pbp
-----------[000021][next][prev][last][first]----------------------------------------------------
From:      webber@brandx.rutgers.edu (Webber)  10-Oct-1987 22:28:22
To:        misc-security@RUTGERS.EDU
> If you keep another copy of the program to run a diff against it should be
> hidden so that both the program and the copy aren't changed. Best would be
> to bring a copy in off some removable media to do the comparison. The medium
> should only be mounted when the person to do the comparison is there in
> person. Even then the program for reading the file in or the diff program
> could have been tampered with.

Actually, best would be to have the ``copy'' on an isolated system.  You
then detach the ``original'' from the public system and have the
isolated system inspect it (but of course, not execute any files that
are on it).  Just as programs like ``crypt'' can be subverted, so can
``diff,'' ``ls,'' and even ``cat.''  Or things can be done directly in
the operating system, e.g., setting it up such that ~cracker/bin is
implicitly at the front of everyone's path -- then /bin/crypt will
always look just fine (although no one is ever actually running it).

Similarly, login shouldn't be handled by a system that can be remotely
programmed.  Properly done, password modems should be considerably
more secure than letting login verification be handled by the
``exposed'' system.

Of course, much of the hyper-concern about computer security is
misplaced.  Traditional security people say you should set up security
so that it costs more to break it than it is worthwhile to break.
On a computer system, we should probably say that you should set up
enough security so that ``system bugs'' cause more problem than
``malicious users.''  Using this approach, many systems are
exceptionally secure.

---- BOB (webber@aramis.rutgers.edu ; rutgers!aramis.rutgers.edu!webber)
-----------[000022][next][prev][last][first]----------------------------------------------------
From:      obrien@aerospace.aero.org  12-Oct-1987 15:16:40
To:        security@RUTGERS.EDU
	OK, here's the poop on master/grandmaster systems, from one who
was at one time a bonded locksmith.

	Master/grandmaster systems should not be used unless absolutely
necessary.  It's like the difference between a system that has a root
password and one that doesn't.  However, since these are physical
systems, the mere existence of the "root password" actually weakens
the rest of the security system.

	Yes, those folks who note the existence of several "splits"
in a single pin are correct.  That's how the trick is worked.  However,
note that lock pins are not very large.  There is a limit to how close
splits can be made, as these mean very thin disks of metal between
the splits.  These disks wind up riding around the cylinder wall
every time either key is used; sometimes on the inside and sometimes
on the outside, depending on which break is used.

	It can sometimes happen that a disk which is too thin will turn
sideways in the chamber.  Result: lock-out.

	In addition, the more splits there are in a lock, the easier
it is to pick, for reasons I won't bother with here.

	Now to the question of keys.  Remember that a key is just a
long metal blade.  The deeper the key is cut, the thinner the blade.
The thinner the blade, the more likely it is to break off in a
recalcitrant lock.  Result: lock-out.  The answer is then that most
keys should be of the thick variety, since the sheer number of key-uses
is far larger than the total number of grand-master uses, even if the
grand-master is in constant use.  So, individual keys get the higher
cuts.

	Of course, you could argue, you could arrange the grandmaster
such that some cuts are very high and some are very low.  Indeed this
is sometimes done, but there are two reasons against it: 1) A low cut
in the middle results in a weakened key: it has a "thin spot" and can
break.  2) In general, for all keys, there is (or should be!) a limit
on the maximum "jump" in height from one cut to the next.  Remember,
as the key goes in and out of the lock, the pins have to ride up and
down.  Too great a difference between one cut and the next results in
a very steep "roller-coaster" ride for the pins.  Unless they are very
well-lubricated, this can result in a stuck key.  Result: lock-out.

	Hope this settles the hash of this question!

Mike O'Brien
-----------[000023][next][prev][last][first]----------------------------------------------------
From:      simsong@broadway.columbia.edu (Simson L. Garfinkel)  12-Oct-1987 21:06:47
To:        security@red.rutgers.edu, elbows@oberon.lcs.mit.edu, sipb@athena.mit.edu
One more request, if anybody can help...

I'm doing some research on computer databases used for blacklisting
purposes. I've heard of three of them, but haven't been able to get
any pointers so far. The three that I've heard of are:

	1. A database of oil workers who have filed workmen's
compensation claims.

	2. A database of people who have sued for medical malpractice.

	3. A database of people who have filed complaints against
their landlords.

	If you have any hard references for any of these databases or
others, please let me know:

			simsong@broadway.columbia.edu
	-or		simsong@eddie.mit.edu

	Thanks.
-----------[000024][next][prev][last][first]----------------------------------------------------
From:      Brian A. LaMacchia <balamac@athena.MIT.EDU>  12-Oct-1987 23:38:57
To:        simsong@broadway.columbia.edu
	   2. A database of people who have sued for medical malpractice.

I remember hearing that this one goes BOTH ways, i.e. there are two
lists: one list is for doctors and lists people who have sued doctors
for malpractice, and the other list is for patients and lists doctors which
have been sued and what the results of those suits were.

So while doctors are trying to avoid patients who sue a lot, patients
are looking for doctors who get sued a lot (and lose).

				--Brian
-----------[000025][next][prev][last][first]----------------------------------------------------
From:      Clive Dawson <AI.CLIVE@MCC.COM>  13-Oct-1987 13:06:37
To:        security@RED.RUTGERS.EDU
I don't own any sort of satellite reception equipment, so don't really
keep up with the latest developments.  Prior to this weekend, I had
the impression that the signal scrambling being used by most (all?) of
the major signal providers was DES-based and basically fool-proof.
I believe there was some discussion of this subject on this list several
months ago, but don't recall whether the following was covered.

A friend of a friend bought a Video-Cypher II box some time ago with the
intention of paying a fee to the various providers of signals he was
interested in.  This weekend I learned that this person obtained a chip for
the Video Cypher II box which will unscramble ALL signals at ALL times.
The only instructions that were given when this chip was installed were:
"Make sure that your box is turned on for at least 8 hours on the first
working day of each month."  (Presumably to get all the encryption key
updates...)

So it looks like somebody has actually "cracked" the system.  Is this
general public knowledge by now?  Note that when I say "the system" I do
NOT mean DES itself.  It sounds to me like this chip most likely exploits
a flaw in the key distribution procedure.

Clive
-----------[000026][next][prev][last][first]----------------------------------------------------
From:      warren@xanth.cs.odu.edu (Frank F. Warren Jr.)  13-Oct-1987 13:11:00
To:        misc-security@mcnc.org
John is correct in his observations concerning deep-cut master key systems.
Having earned a living as a locksmith for the past six years I can give a
technician's view of master keying.  Various sources have held forth for the
use of both deep and shallow masters.  My mentor in the trade taught me to use 
as few master pins as possible and shallow master cuts.  This relates to 
the principal of making the system as small as possible while allowing
for some expansion.  Each master keyed cylinder has 2^N (N= number of master
pins) potential keys.  The system has 4^N potential operating keys.  Given
these values the reason for keeping to a small N is obvious.  In practice
I have found no need to use deep masters and anyone who does so is likely 
to be following his early training at the hands of a deep master proponent.
-- 

Frank Warren, Jr.     Old Dominion University - Norfolk, Virginia
warren@xanth.cs.odu.edu     Old Arpa: warren%odu.edu@RELAY.CS.NET
warren@xanth.UUCP       old uucp: {decuac,harvard,hoptoad,mcnc}!xanth!warren
 Packet:  KB4CYC@WD4MIZ
-----------[000027][next][prev][last][first]----------------------------------------------------
From:      NESCC%NERVM.BITNET@wiscvm.wisc.edu (Scott C Crumpton)  15-Oct-1987 13:33:00
To:        SECURITY@RED.RUTGERS.EDU
There is a very simple reason why master keys tend to have less metal on
them than the non-master keys.  It's easier to make them that way.

Let's take a simple example: A lock that will have one standard key and
one master.  To key it you start with an empty cylinder (no pins in it
yet), the regular key, and the master (with less metal than the regular
key).  Place the regular key in the cylinder and try different length
bottom pin segments in each position until each position contains one
bottom segment that is exactly the right length to be flush with the
edge of the cylinder.  Remove the regular key and insert the master.
All of the pin segments will now be too short.  Add middle (mastering)
segments, 1 each, in each position until their tops are again flush.
Now insert the cylinder into the lock using the proper tools.  The top
pins in the lock are all the same length, no changes in these pins are
made.  Done.

Notice that this is basically a trial and error process.  If the master
key has less metal than the regular key(s) it can be done in a single
pass.  If however, the master has more metal in one or more positions,
several passes will be required.

In a major job with many locks and several levels of mastering, the
problem of a sparse master should never occur (unless the locksmith is
either lazy or incompetent).  Such jobs require significant planing and
all of the necessary pin segment lengths can be determined in advance.
Keying the locks is then a simple matter of dropping in the right pin
segments in the right order.  It is not even necessary to have the keys
cut yet.

Please note that I am not a locksmith, only an interested observer.

---Scott.
-----------[000028][next][prev][last][first]----------------------------------------------------
From:      trwrb!ries@ucbvax.berkeley.edu (Marc Ries)  20-Oct-1987 15:58:49
To:        <security@rutgers.edu>
>I once thought of all the fun I could have if I got a one hundred watt
>linear amp and attached my tiny garage door transmitter to it.
>
>An entire neighborhood with ONE remote control!

 I installed a new, higher horsepower garage door opener about  a
 year ago (after the old Genie died).

 Several times, several months back, I noticed  that  the  garage
 door  was up but shrugged it off as having forgotten to close it
 at night.

 A couple of weeks later the garage door was up again, only  this
 time, several things had been stolen out of the garage.

 I changed the codes, but several times at night  we  caught  the
 door just *opening* by itself with appearently no one around.

 Finally, I installed a "shunt" circuit to the  opener,  so  that
 the door can be manually switched to not open.

 In retrospect, the door has *never* come up by itself during the
 day.  The old door never came up by itself, period.  They do use
 different  controllers.  However,  most  (if  not  all)  of  the
 "openings"  have  been  before  or  after  military  hellicoptor
 passes.

 I remember reading about how alot of door openers get "openitis"
 when   the   Presidential  Air  Force  One  plane  is  in  town,
 appearently having to do to with signal jamming.

 PS: The idea of "cycling thru the codes" is appearently also
     becoming a problem with the newer "remote" auto alarms.
-- 
		Marc A. Ries

		sdcrdcf!---\ 
                ihnp4!------\----- trwrb! --- ries
-----------[000029][next][prev][last][first]----------------------------------------------------
From:      oster%dewey.soe.Berkeley.EDU@berkeley.edu (David Phillip Oster)  20-Oct-1987 16:07:25
To:        misc-security@ucbvax.berkeley.edu
A friend of mine just returned from a math convention. He tells me that the
story circulating there is:

The NSA is now funding research not only in cryptography, but in all areas
of advanced mathematics. If you'd like a circular describing these new
research opportunities, just pick up your phone, call your mother, and
ask for one.
-----------[000030][next][prev][last][first]----------------------------------------------------
From:      steinmetz!barnett@vdsvax. (Bruce G Barnett)  20-Oct-1987 20:17:56
To:        misc-security@uunet.uu.net
Murray Karstadt writes:
|Does anyone have any experience with on of these systems in a PC lab?
|Is there a cheaper way of securing disks while maintaning an open access 
|system? 

I don't have a cheap solution, but one alternative is to use a product
that provides NFS service to the PC's (yes you need an ethernet card).
You would only need one copy of the programs on a hard disk, and the
floppies wouldn't be necessary. (Assuming the programs themselves can
run on a hard disk without floppies) One such product is available
from Sun (PC-NFS). There may be others.
-- 
	Bruce G. Barnett 	<barnett@ge-crd.ARPA> <barnett@steinmetz.UUCP>
				uunet!steinmetz!barnett
-----------[000031][next][prev][last][first]----------------------------------------------------
From:      warren hik <hik%cascade.carleton.cdn%ubc.csnet@RELAY.CS.NET>  21-Oct-1987 00:56:37
To:        security@RED.RUTGERS.EDU
> The question is: How can we have a relatively open environment and not
> have the disks and manuals ripped off. 

Put the manuals in a LOCKED manual rack, or have them chained 
to a table.

Have one pc in your lab designated as a file server.  Students
must bring their own floppies and copy any needed software off
off the (read-only) hard disk of the file server onto THEIR OWN DISKS.
The file server would not be used except for this purpose
to ensure that it was available.

Who needs electronic surveillance...

-Wren
-----------[000032][next][prev][last][first]----------------------------------------------------
From:      James Deibele <jamesd%percival%reed%tektronix.tek.com@relay.cs.net>  21-Oct-1987 03:12:22
To:        tektronix!misc-security%reed.uucp@relay.cs.net
>The question is: How can we have a relatively open environment and not
>have the disks ripped off.
>It would be nice to have one of these systems installed  at the lab.

 Those devices are manufactured by the Knogo corporation and are extremely
expensive.  They are not terribly effective, and you need to have someone 
keeping a close eye on things---an easy way to beat the system is to put the
tagged item underneath or above the sensor panels.  The tags are easy to find
if you're looking for them, and not very difficult to remove.  I spent a year
managing a B. Dalton Software Etc. store, and we always had shoplifting 
problems.  I'd recommend having people check out software by handing over their
student ID or whatever instead.  We were told that the Knogo system was there
solely to scare amateurs: seeing the sensor device, which probably worked, the
amateur would not rip off the store.  This cuts down shortage (which also 
includes employee theft, I think) from 30% (unprotected) to 3% (!).  Paying a
work-study student will probably cost a lot less than installing the alarm
system, and you won't have false alarms, etc.  Even properly tagged, activated
software won't always set off the alarm, so I'd say you're looking at catching
someone 7 out of 10 times (if you're lucky)...

-- 
James S. Deibele   jamesd@qiclab or jamesd@percival
TECHBooks: The Computer Book Specialists   (800) TECH-BKS
3646 SE Division  Portland, OR  97202      (503) 238-1005
TECHBooks One BBS (#1:105/4.0); 3/12/24    (503) 760-1473
-----------[000033][next][prev][last][first]----------------------------------------------------
From:      kludge@pyr.gatech.edu (Scott Dorsey)  21-Oct-1987 10:51:49
To:        misc-security@gatech.edu
 Kaptain Kludge's Cheap and Easy Telephone Tap:

     --------+----| |------------) (-----------------
phone        |        .1 MFD     ) (                    to mike input of cheap
line         |         or so     ) (                    cassette recorder
     ---+----|----| |------------) (-----------------
        |    |
        |    )                600-1000 ohm transformer,
        |    (              or old transistor radio output
        +----)                 transformer
to  ----+----   48V relay
tape ---+---^  (110Vac relay works too... not well, though)
control  

   Total cost: assuming broken transistor radio is lying around, and a tape
recorder can be 'borrowed' from somewhere: $5.00 or so for an RS relay.
-- 
Scott Dorsey   Kaptain_Kludge
SnailMail: ICS Programming Lab, Georgia Tech, Box 36681, Atlanta, Georgia 30332
Internet:  kludge@pyr.gatech.edu
uucp:	...!{decvax,hplabs,ihnp4,linus,rutgers,seismo}!gatech!gitpyr!kludge
-----------[000034][next][prev][last][first]----------------------------------------------------
From:      campbell@maynard.BSW.COM (Larry Campbell)  22-Oct-1987 02:28:10
To:        misc-security@seismo.css.gov
<>Does anyone know where to conveniently purchase some kind of device
<>to place in a car to track where that car is going?

There's a local company that makes a gizmo called a LoJack.  It's
a gizmo you conceal in your car.  If the car is stolen, you call the
police, who transmit an encoded activation signal.  The LoJack receives
this signal and activates a radio beacon, and police homing radios can
then locate the car in a few hours.  Apparently it works quite well
and has a range of several or even several dozen miles.  It is currently
available, but I think it's not cheap (wild guess: $500).

I don't know, and rather doubt, whether you can buy one for your own
use.  You have to register it with the State Police when you install it,
presumably so they have a record of the activation code or something.
(For paranoids only:  this is really so they can track you whenever
they want.)  And you probably need some sort of license for the transmitter
on either end.
-- 
Larry Campbell                                The Boston Software Works, Inc.
Internet: campbell@maynard.bsw.com          120 Fulton Street, Boston MA 02109
uucp: {husc6,mirror,think}!maynard!campbell         +1 617 367 6846
-----------[000035][next][prev][last][first]----------------------------------------------------
From:      ISA@ISEC-OA.ARPA  22-Oct-1987 10:34:13
To:        SECURITY@RED.RUTGERS.EDU
FOR MURRAY KARSTADT <MURRAY@ANDROMEDA.RUTGERS.EDU>

Read your request for info regarding securing floppy's and have this to pass
on.  While attending a seminar in Colorado Springs on computer security a firm
na med Media Security Inc demonstrated their products.  Two of their products
will  fit your needs and are not very expensive.  The first is called
"SECUR-DISKETTES" which contain a paper-thin passive-resonant ciruit.  These
circuits can be retro-fitted on the outside of your existing media (diskette
labels).  The second product is the Door Detection Unit (DDU) which detects
the passive-resonant circuit.  The DDU is similar to a metal detector with a
36 inch walk-through pathway. You can contact them in Colorado Springs at
303-531-9411.

Hope this will help you out.  We are considering purchasing these items to
implement Army wide.
Good Luck

Jim Vavrina
Computer Security Specialist
Assistant Chief of Staff for
Intelligence and Security
US Army Information System
Engineering Command
Ft. Belvoir, VA
DDN: ISA@ISEC-OA.ARPA
Phone: 703-664-3339
-----------[000036][next][prev][last][first]----------------------------------------------------
From:      gatech!codas!ki4pv!tanner@RUTGERS.EDU  23-Oct-1987 07:40:52
To:        security@red.rutgers.edu
The contents of that magical little card (or of the anti-shoplifting
device, which is (as suspected) applied to a sample of the merchandise):
One of more (for a 4-digit system, 4) layers of metal foil, cut in
such a way as to resonate at a certain frequency.

Contents of the door-watching box: an rf source, set to sweep across
the range of frequencies for which the foil layers are set.  Further
contents: an rf dip detector, which notices at which frequencies the
RF power takes a sudden dive (being sucked up by foil layers).

The freqs are numbered, of course, and you can assign a number to any
set of M out of N selected.  Note that order is not important; thus
(eg) {1,4,8,17} will look the same as {1,8,17,4} to the device.

Simpler systems may just (like our school library) have one piece of
foil glued to the inside of the book.  If that freq dips suddenly,
you sound the alarm.  Print something such as the institution's name
on the foil sticker so that people don't realise that it is not just
a name-plate, of course.

					Tanner Andrews, Systems
					CompuData, Inc.  DeLand
-----------[000037][next][prev][last][first]----------------------------------------------------
From:      imagen!hedley@decwrl.dec.com (Hedley Rainnie)  24-Oct-1987 14:37:24
To:        security@RUTGERS.EDU
The discussion earlier of what safeguards can be made to protect ones
privacy remind me about a description in the new book on the CIA from
1977-1985 (???) I forget the book title, (its in hardback), It describes
an operation which Pollard subsequently had leaked to the Soviets, involving
the NSA and the Navy. The goal was to place a passive listening device 
AROUND the underwater cable. This device records the line transitions by
command for a one-shot eavesdrop on sensitive military data, The Soviets
were so convinced about the security of the cable they did not encrypt the
data, as opposed to Soviet land-based comm. which has excellent coding.
Once the recorder had done its stuff a submarine would launch a midget
earth walker/diver to collect the tape and insert a new one. 
The device was made so that if the Soviets decided to examine the cable, 
the device would fall away staying on the bottom, leaving the cable
'untouched'. I think the book called the operation 'Blue Bells' (?), anyway 
they realised when the device was missing that the job had been compromised.

I think a discussion about such interesting security penetrations would
be of interest to many.

Cheers, Hedley
-----------[000038][next][prev][last][first]----------------------------------------------------
From:      Jose Rodriguez <jrodrig@EDN-VAX.ARPA>  26-Oct-1987 14:06:42
To:        security@red.rutgers.edu
Talking about master keys and such, has anyone seen a type of
key that has no teeth and it is just a straight piece of metal?
I think they had "safety" stamped on them but I am not sure.
When I was a little kid I had a couple but never found out what 
they were for.

Jose
jrodrig@edn-vax.arpa
-----------[000039][next][prev][last][first]----------------------------------------------------
From:      <PGOETZ%LOYVAX.BITNET@wiscvm.wisc.edu>  26-Oct-1987 15:20:41
To:        security@red.rutgers.edu
        To Wendy Fraker, who wants to track cars: I have never seen such a
device advertised.  Unless it were a complicated (=expensive) inertial
guidance system gizmo, it would basically be something which gave off a signal
which you located by triangulation.  Maybe a Walkman (TM, or (R), or something)
connected to a cheap walkie-talkie would work.  But I think you'd need 2
distant locations which could both pick up the transmissions & communicate to
each other.
        To Phil Benchoff, who asks about magnetic shoplifting security devices:
Our library uses a magnetizable glue on its books (maybe some iron oxide is in
it).  They just put a drop in the binding of a new book.  So if the stores are
using glue, naturally you wouldn't find anything when you disassembled your
purchases.
-----------[000040][next][prev][last][first]----------------------------------------------------
From:      <PGOETZ%LOYVAX.BITNET@wiscvm.wisc.edu>  26-Oct-1987 15:21:50
To:        security@red.rutgers.edu
Murray: My favored way to keep students from ripping off original disks is
to use only unprotected software.  Only a jerk would steal the original
when he could make a copy in a minute.  Plus, you can keep backups in case
someone does, or just give students the backup and keep the original locked
away.
-----------[000041][next][prev][last][first]----------------------------------------------------
From:      GREENY <MISS026%ECNCDC.BITNET@wiscvm.wisc.edu>  26-Oct-1987 15:22:47
To:        <security@RED.RUTGERS.EDU>
> Not to mention the MASTER-master-key of most...

This is generally known as a Control Key.  Only the Locksmiths or Police
or other *trustworthy* people are supposed to have these keys.  At the school
I attend we have such a beastie (or BESTie) for a key system and one of 4 keys
will take care of opening any lock on campus.  These are

     1) Your individual key
     2) The Department Master Key
     3) The Police Master Key (opens any key with that particular core)
     4) The Control Key (which just pulls out the core so it can be changed
         or so that the latch can be turned with a screw driver....)

  In general, professional key systems are made so that you can't jiggle your
key and get it to open another lock, by 'hitting' the master pins....Usually
this is accomplished by using high tension springs or mushroom drivers if they
have to have a large # of keys open the lock.

bye for now but not for long
Greeny

Bitnet: miss026@ecncdc
Internet: miss026%ecncdc.bitnet@wiscvm.wisc.edu
-----------[000042][next][prev][last][first]----------------------------------------------------
From:      Andy Mondore <USERFMC6%mts.rpi.edu@itsgw.rpi.edu>  26-Oct-1987 18:18:16
To:        security@red.rutgers.edu, murray@andromeda.rutgers.edu
Here at RPI, we use a fairly low-tech solution for disk/manual
security in the public labs. During the hours that the lab is open,
a site monitor is always present. If a user needs a disk or manual,
the user gives his or her ID card to the monitor who then signs the
disk or manual out to them. When users return the item, they get
back their ID card. As far as I know, the system is fairly
successful.
-----------[000043][next][prev][last][first]----------------------------------------------------
From:      nuchat!steve@uunet.uu.net (Steve Nuchia)  26-Oct-1987 22:53:10
To:        security
> Often a program can be patched so as to remain the same size by using
> partially full pages or replacing seldom used routines. On many systems the
> modification date can also be changed back to the origional date (this is
> nice when copying files).

In general these schemes could be based on taking a checksum, CRC, or
similar data-reducing agregate function of the data.  If you keep several
mathematically independent functions of each file you can check the
system state with comparitively little overhead and acceptable certainty.
The idea is that it is hard to find a patch which simultaneously preserves
each check function.

> If you keep another copy of the program to run a diff against it should be
> hidden so that both the program and the copy aren't changed. Best would be
> to bring a copy in off some removable media to do the comparison.

Using the reduction allows one to base the scheme on a paper listing
or equally secure object.  Of course one has to trust the check program,
and recursively the tools used to load the program, etc.  If you postulate
that the system has been corrupted it is very difficult to see how
to get to a trustworthy checker.

Assuming unix, for instance.  You could mount a removable pack
containing the trusted program, and we can assume that the
virus hasn't invaded the mount system call.  Now what?  The
shell is corrupted, so you can't be too sure it will really
execute your checker.  The kernel may be infected and translates
calls to open on the kernel to open calls on a copy of the old
kernel.  Isn't security fun?

In general security, or trustworthyness, is a property of the
system which must derive by strict induction from a trusted
base condition.  Once the chain of induction is broken by
an event which _might_ allow a virus into the securtity base
you cannot trust the system again.

You _can_ freeze the system and audit it from the outside.  On my
system I would build an audit program on a bootable floppy and
keep it in a safe place.  I'm not that paranoid - I believe that
I'm not a sufficiently desirable target to expect really sophisticated
viral attacks.  But if I were I'd do a floppy boot and run a security
audit before I made backups each day.  The possibility of this is
assured by my faith that the hardware physically cannot alter the
bootstrap ROM.  Of course I have not proved the boostrap code, but
its operation is sufficiently removed from the area of interrest that
I'm pretty sure it cannot be subverted.
-- 
Steve Nuchia	    | [...] but the machine would probably be allowed no mercy.
uunet!nuchat!steve  | In other words then, if a machine is expected to be
(713) 334 6720	    | infallible, it cannot be intelligent. - Alan Turing, 1947
-----------[000044][next][prev][last][first]----------------------------------------------------
From:      ut-sally!ivan@uunet.uu.net (Ivan M. Milman)  27-Oct-1987 00:33:40
To:        misc-security@uunet.uu.net
>I'm doing some research on computer databases used for blacklisting
>purposes. 

An excellent source for such information is "The Rise of the Computer State"
by David Burnham.  He mentions a company called U.D. Registry which maintained
a list of tenants who had been involved in litigation with their landlords.

Ivan
-- 
Ivan Milman:  ivan@sally.utexas.edu  or {ihnp4,ctvax,seismo}!ut-sally!ivan 
"Basic research is what I do when I don't know what I'm doing." - Werner Braun
-----------[000045][next][prev][last][first]----------------------------------------------------
From:      EVERHART%ARISIA.decnet@ge-crd.arpa  27-Oct-1987 02:42:49
To:        AWALKER@RED.RUTGERS.EDU
I'm afraid Peter Wayner misunderstood what I had reported. I was told,
by some folks I was inclined to believe, that international communications
must be decipherable by NSA. This may be law, regulation with the force
of law, or simply misinformation that I was passed. I'm not a lawyer and
have neither time nor inclination to dig through the roomsfull of US
federal law and regulations to search for any such thing. However I was
told this by a few different sources several years back in the context of
DES ciphers etc...
	As I understand it, various agencies, some with 3 letter acronyms,
claim the right/power/etc. to require that you furnish the keys to your
unbreakable ciphers or that you use breakable ones, DES being breakable
when your computer resources include a few Crays, as some agencies' do.
	I did NOT report that DES is required for international communications.
In fact, I'm not sure that it's even a very good idea to use it...
glenn
-----------[000046][next][prev][last][first]----------------------------------------------------
From:      Jeffrey R Kell <JEFF%UTCVM.BITNET@wiscvm.wisc.edu>  28-Oct-1987 08:56:29
To:        SECURITY@RED.RUTGERS.EDU
One more lock note:  one of my first real paying jobs was as a bellman
(read: Flunkie) at a local franchise hotel.  They had just over 250 rooms,
plus assorted locked service areas (housekeeping, maintenance, storage,
etc).  Although not a real bona fide locksmith, one of my tasks was to
cut keys once a week, as plenty of people don't leave their keys when
they check out.  All the real keys are kept in a locked cabinet behind
the front desk (including masters) and all keys given to guests are just
copies.  There were three key blanks:  two for guest rooms (divided in
half by floors, there were two systems) and one for maintenance areas.

The maintenance areas were not on a master system at all (somewhat
obviously).

The rooms had (1) the "maid" key which was a straightforward master cut
from the regular room blank, and (2) the "security" master which was
identical to the "maid" key except that it had one additional pin; in
order to duplicate the "security" master (which you weren't supposed to
do, but you get tired of signing keys in/out to do room checks) you had
to cut the room master back one additional tumbler location and extend
the horizontal grooves back through the extra space.

The "security" master would open the deadbolt!

I've always felt safer with a chain or doorstop than a deadbolt ever since.

/Jeff/
-----------[000047][next][prev][last][first]----------------------------------------------------
From:      "Curtis C. Galloway" <cg13+@andrew.cmu.edu>  28-Oct-1987 10:34:41
To:        Security@RED.RUTGERS.EDU
>A friend of a friend bought a Video-Cypher II box some time ago with the
>intention of paying a fee to the various providers of signals he was
>interested in.  This weekend I learned that this person obtained a chip for
>the Video Cypher II box which will unscramble ALL signals at ALL times.

As I recall from a magazine article in Radio-Electronics, this particular
pirate chip actually contained a valid serial number from some unsuspecting
person.  The chip was then hacked up to turn on all the satellite services. 
The net result was that the scrambler company could disable all the
"universal" chips by simply deactivating the original serial number.  The
pirates could keep switching serial numbers, but at the time of the article
a few months ago, all the supposed "universal" chips used this technique,
and it was not possible to scan the satellite broadcasts for valid
encryption keys.

--Curt Galloway
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cg13+@andrew.cmu.edu
UUCP: ...!{seismo, ucbvax, harvard!andrew.cmu.edu!cg13+
Drop In Any Mailbox, Return Postage Guaranteed
-----------[000048][next][prev][last][first]----------------------------------------------------
From:      *Hobbit* <AWalker@RED.RUTGERS.EDU>  28-Oct-1987 17:03:33
To:        security@RED.RUTGERS.EDU
Creating master keys is *not* a trial-and-error process.  A correctly
configured system never sees brass until it's all planned out as a huge
chart of cut numbers, or actual thousandth-inch measurements.  All the
cuts conform to the basic common-sense rules of keying, like cuts must
be a certain minimum distance apart so you don't get the tiny-split-fell-out
screw, and the user keys don't have low cuts near the bow, and the master
cuts aren't necessarily all above or below the user cuts, etc.  There are
even programs for micros out now to help locksmiths plan mastered systems
that know these rules and the maximum cut heights of different brands of
locks.  They also aid the locksmith keep track of what key opens whose door
when repairs are needed, and print out the final chart of the whole thing.

Similarly, if you're going to try and determine the master combo for a given
system, you do need to take at least one example apart.  A pair of .001 inch
calipers is very helpful, because then one doesn't need the lock itself to
cut the key.  All you need is pin heights, spacing, and the outer diameter
of the plug minus a small slop factor.  [The MIT students someone mentioned
apparently didn't think of this.]

It gets even hairier when you have control keys for Best and friends.
Sometimes even *those* are mastered.

_H*
-----------[000049][next][prev][last][first]----------------------------------------------------
From:      gwyn@brl-smoke.arpa (Doug Gwyn )  30-Oct-1987 12:56:10
To:        misc-security@uunet.uu.net
 jcmorris@MITRE-BEDFORD.ARPA (Joseph C. Morris) writes:
>the keys were manufactured by students who had removed the door locks from
>the bathrooms in the main MIT building

I don't know of any techie university where this doesn't occur.
When I was at Rice, it was usually stairwell doors.  To make
matters worse, there was a "GreatGrandMaster" key that would
open most doors on the whole campus.

With Best locks (or ones of the same general style), disassembly
of a single cylinder (usually involving milling off the top) is
tantamount to obtaining the master key.  This is due to the fact
that generally a single "control key" is used to remove all
cylinder cores.  Having removed the core, a simple tool (or even
a large screwdriver) can be inserted to operate the cylinder.
Alternatively, the lock breaker could surreptitiously remove one
core at a time (presumably leaving in its place a core of his own,
possibly keyed to open on all alternate-numbered splits in each
column in case someone tries to enter while the substitute is in
place); removed cores can be taken home and disassembled at leisure.
Of course, the true master key bitting eventually emerges as the
common bitting that would open all examined locks.

There are several steps that institutions can take to minimize
the risk from such activity.  An obvious one is to avoid
excessive master-keying, especially the use of a single GGM.
Another is to not master-key doors that are usually left unlocked.
Periodic rekeying (including control keys) is also advisable.

The other big techie pastime at Rice was exploring the "steam
tunnel" system; these tunnels connected the major buildings to
carry water pipes, conduits, etc.  Generally once a single
entry was found, one could wander anywhere.

University administrations should consider why smart students
have to resort to such misdemeanors for intellectual stimulation.
One would think that the normal activities should provide that.

P.S.  I don't recommend this kind of activity, even if you feel
the need for some excitement.  If you get caught, you'll get
more excitement than you bargained for.  Try making nitrogen
triiodide, or trinitrotoilet tissue, or something else like that
for excitement.  Too bad you won't get any official credits for
it either.  Be careful!
-----------[000050][next][prev][last][first]----------------------------------------------------
From:      simsong@broadway.columbia.edu (Simson L. Garfinkel)  31-Oct-1987 16:56:10
To:        hunter-larry@yale.arpa, security@red.rutgers.edu
I just bought John M. Carroll's Computer Security, second edition,
which is really a terrible book that I cannot recommend, because it is
not adequately footnoted (ie: it doesn't have any references), is full
of anecdotal information that is just plain wrong, and has lots of
inaccuracies. 

But it does have some kernels of truth. one of them, about DES, is
instructive:

Anyway, there is a paragraph in the section on DES which is
interesting:

	"In all fairness to NSA, it should be noted that according to
the 1932 Treat of Madrid, every national government is responsible for
the nature and contents of all telecommunications messages originating
within its territory.  The national cipher agency may well have an
obligation in international law to be able to break ciphers used by
its citizens.  In some Western European countries, a private person or
firm wishing to use cryptography is obliged to deposit a copy of the
keylist with the national Post, Telephone and Telegraph Agency." (p.202)

Which is a great paragraph, except that it answers more questions then
it raises: which countries, what are the penalties for not doing this,
does it apply in United States or Canada (Carroll is a Canadian), and
things like that.

................................................................simson

BTW: If John M. Carroll *is* reading this mailing list, or if somebody
on this mailing list knows him, please ask him to send me a message. I
would like to ask him the reasons for some of the inaccuracies in his
book.  I'm curious if they are intentional or if they are for some
sort of "security" reason.
-----------[000051][next][prev][last][first]----------------------------------------------------
From:      kludge@pyr.gatech.edu (Scott Dorsey)   1-Nov-1987 12:46:45
To:        misc-security@gatech.edu
>        To Wendy Fraker, who wants to track cars: I have never seen such a
>device advertised.  Unless it were a complicated (=expensive) inertial
>guidance system gizmo, it would basically be something which gave off a signal
>which you located by triangulation.

   The solution is to install a small oscillator transmitting on the Class C
Citizens band in the remote car.  Just put out a continuous signal at whatever
power you can manage.  If possible, run a wire to the car antenna, but a drag
line will work.
   Now in the chase car, you have a loop antenna mounted on the roof (or
a ferrite loopstick if you wish to be less conspicuous and can afford to
lose the gain), going into a shortwave set with a BFO and an S-meter (like
an old military rig or a ham mobile set).  By rotating the antenna you can
determine the direction of the signal from you.  if the car is moving, you
can follow it, keeping it at 0' at all times and hope that you are gaining.
If it's stationary, you can take a bearing, move over a few blocks, take 
another bearing and triangulate.
   Years ago, Fudalla and Associates made a CB beeper.  I think Miles
Wireless Intercom made one using the FM band, and R.B. Clifton made a
49 MHz version, but it's been a long time since I've been looking at
such devices.
-- 
Scott Dorsey   Kaptain_Kludge
SnailMail: ICS Programming Lab, Georgia Tech, Box 36681, Atlanta, Georgia 30332
Internet:  kludge@pyr.gatech.edu
uucp:	...!{decvax,hplabs,ihnp4,linus,rutgers,seismo}!gatech!gitpyr!kludge
-----------[000052][next][prev][last][first]----------------------------------------------------
From:      gwyn@brl-smoke.arpa (Doug Gwyn )   1-Nov-1987 19:48:37
To:        misc-security@uunet.uu.net
In my previous message about techie school lock cracking,
I forgot to mention a couple of other important issues.

If one has an ordinary unprivileged operating key for a
lock, and if the lock is master-keyed, then by disassembling
the lock one can quickly determine possible master-key bittings.
In particular, in a one-level mastering system, any split in
a pin column that does not match the operating key bitting is
almost certain to match the master key; if there is only one split
in a column, then the master key must have the same bitting as
the operating key in that column.

This and the previous information I posted makes it clear that
in order to gain reasonable security in a master-keyed system
in an environment such as a college campus, the lock cylinders
must be protected from removal for disassembly and inspection.
Properly-installed Best mortise lock cylinders have this property,
because they are fastened not only with the typical long screw
against a notch in the side of the cylinder that can be loosened
after removal of the plate on the side of the door, but they also
have an internal diagonal set-screw that prevents simple removal
of the cylinder unless the core is first removed with the control
key.  If the whole system is properly installed, there is no first
loose cylinder to be removed to figure out the control key..

Use of restricted key sections can help, too, since one cannot
simply buy such a blank at the local 7-11.  However, a diligent
lock cracker can make his own blanks.  I knew a fellow who filed
one out of a piece of stainless steel; if you have access to a
milling machine, it is not hard to make a suitable key blank.

I again remind you that I'm not recommending this activity,
which involves more risks than anyone in his right mind should
decide to take!  It also usually involves property damage,
which is unethical.  I hope this information will help campus
locksmiths improve the security of their lock systems to the
point that few students will find this activity sufficiently
rewarding to bother with, compared to the effort required.

END OF DOCUMENT