[Noisebridge-discuss] Problem: people seeing NB as a backup shelter

Sat May 10 20:24:58 UTC 2014

Naomi et al,

Henner, Dana and I met today and discussed some steps that we could take to
possibly implement an RFID reader system. Some action items we already have
planned are to buy a 13MHz card reader, look into using the existing 950MHz
reader at the door, and to un-block the latch on the faceplate of the
space's front door and see how it works and whether it's possible to be
locked.

We are not planning on locking the door or instating any sort of time-based
access control until we discuss this with the community at large. I think
the first step should be to bring this up at the next Security Working
Group meeting. Do you have a planned date for it? I know it was originally
going to be this Thursday but it was moved because of 5MOF.

Once we have agreed upon a final course of action, we can bring this up at
a Tuesday meeting.

Jeffrey

On Fri, May 9, 2014 at 5:28 PM, Naomi Most <pnaomi at gmail.com> wrote:

> I'm just reiterating my own stances said elsewhere.
>
> Basically, I'm a proponent of Approach #3.
>
> Important points:
>
> * the front door key is not a form of security; it's a meme promoting
> Noisebridge.
>
> * changing the way the front door operates requires the use of social
> capital w/ the landlord and tenants.  Right now the landlord is
> disturbed by the Electrical Situation -- not a good time to bother him
> about other things.
>
> * installing RFID at the top door seems like the smartest addition of
> security in terms of workingness (keyfobs are less easily duplicable
> than key codes and just as revokable) and in terms of the work
> involved (not removing anything from the front door, just installing
> something new).
>
> * yes, this is still basically security theater -- unless we also
> restrict access via the elevator.
>
> --Naomi
>
>
> On Fri, May 9, 2014 at 4:31 PM, Jeffrey Carl Faden <jeffreyatw at gmail.com>
> wrote:
> > We have been discussing this for a few hours on Slack and #noisebridge
> and
> > have come up with a few solutions. I thought I'd share a few ideas that
> have
> > been thrown around so far.
> >
> > Here's the current system, for those watching from home. At all hours of
> the
> > day:
> > - Someone can use a key to get into the building and space.
> > - Someone can use a keycode to get into the building and space.
> > - Someone can buzz the intercom and be allowed in by someone inside who
> has
> > a keycode. (or they can walk downstairs)
> >
> > And now, for some new ideas...
> >
> > Idea #1: Move the keypad from the gate to the door. Keypad only active
> > during newly instilled associate/regular members hours. Physical key, or
> > someone buzzing you in, required to enter the building.
> > Benefits:
> > - Robotically enforced "members-only" hours, instead of human-enforced
> like
> > in the past
> > - Semblance of 2-factor auth, if you ignore the ubiquity of keys and
> > keycodes
> >
> > Idea #2: idea #1, plus replacing gate lock with RFID sensor.
> > Additional benefits:
> > - RFID fob can be revoked if shared, while key cannot (or it's much
> harder
> > to do so).
> >
> > Idea #3: keep lock/keypad as-is, install members-hours-only RFID sensor
> at
> > door.
> > Additional benefits:
> > - No need to change existing setup.
> > - RFID sensor is less likely to be tampered with.
> >
> > In all three cases, it will be less easy (but nothing is impossible) for
> a
> > random person looking for a way to abuse the space to find their way
> inside.
> > Of course, much like how things are now, there's a significant amount of
> > security theater that goes into these "solutions." There is no silver
> > bullet.
> > - In all forms, someone can still shadow someone else being let in.
> > - With idea #2, replacing the lock with an RFID sensor could
> inconvenience
> > other tenants, and RFID sensor could be subject to on-the-street
> vandalism.
> > - In the past, people have complained about their access/whereabouts
> being
> > tracked by being tied to an RFID fob.
> > - Anyone could use the elevator to get past any form of authentication at
> > the door.
> > -- The elevator is either off-limits, cost-prohibitive, or both to add an
> > additional keypad or sensor to.
> >
> > Either way, this is what we've been discussing. If you didn't read the
> > previous paragraph, I said that this is all ultimately in the name of
> > security theater. But I think they're all improvements on what we have
> now.
> >
> > If you're interested in discussing these (beyond the discussions we've
> > already been having on this list, on Slack, on Freenode, and now on this
> > Etherpad I made the mistake of creating), please consider coming to a
> > meeting of the Security Working Group. I'll defer to Naomi or someone in
> > #security-wg on Slack for details about when that will happen.
> >
> > If you haven't read the antepenultimate paragraph or the one prior to it,
> > this is all in the name of security theater. Please do not complain about
> > holes in any of these systems that already exist within our current one.
> > Thanks again!
> >
> > Jeffrey
> >
> > On Fri, May 9, 2014 at 4:01 PM, Johny Radio <johnyradio at gmail.com>
> wrote:
> >>
> >> Ya gotta love the "Let's somebody else do it." Classic.
> >>
> >>
> >> Jeffrey Carl Faden <jeffreyatw at gmail.com> wrote:
> >>
> >> This thread is taking a worrying turn toward "wishful thinking" and away
> >> from "doing".
> >>
> >> On Fri, May 9, 2014 at 1:08 PM, Naomi Most <pnaomi at gmail.com> wrote:
> >> >> >> Let's do that.  Who's around who likes installing keypads?
> >
> >
> >
> > _______________________________________________
> > Noisebridge-discuss mailing list
> > Noisebridge-discuss at lists.noisebridge.net
> > https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
> >
>
>
>
> --
> Naomi Theora Most
> naomi at nthmost.com
> +1-415-728-7490
>
> skype: nthmost
>
> http://twitter.com/nthmost
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20140510/d119ddf0/attachment.html>