|
All That Is Old Is Not Obsolete
by David G. Hinkley
|
|
by David G. Hinkley
>>>>>[It is simply amazing what one can find when one looks under the right rock. I ran across this article last week, and thought it might be interesting. And it is not due to be published for at least a month. So get here just hot before the presses]<<<<<
-Phantom (H:M:S/D-M-Y)
While the use of highly skilled computer enhanced operators located
on site to oversee elaborate security systems has become the accepted
standard among security professionals. It is not the only way
to provide security. Many of the older proven systems are still
effective and can provide high levels of security at reasonable
cost. Central Station Alarm Systems, CCTV alarm systems, locks,
and card access systems are still effective deterrent to undesirable
activities.
>>>>>[Undesirable activities.....could they be talking about us?]<<<<<
-Fast Eddy (08:42:43/9-04-57)
>>>>>[Only if they are attempting to stop thefts from children's piggy-banks and other similar hard targets :)]<<<<<
-Boomer (10:23:57/9-04-57)
Many businesses and individuals needing human monitored alarm systems can not reasonably afford the costs of an on site security specialist. Thanks to the existence of Seattle's numerous high quality Central Station Alarm Monitoring Services, they need not to do without a monitored Security System. basically a Central Station System connects a business's on-site alarm systems to a remotely located monitoring station operated by the service provider. This monitoring station would monitor the alarm systems of many unrelated subscribers.
A central station system is fully capable of monitoring all types
of alarms and security systems. These Central Station Services
can also be contracted to provide a number of additional services
including Armed alarm response, Alarm system installation and
repair, fire and hazmat alarm systems, and card access systems.
>>>>>[If central stations are so good why do the corps spend money on their own security centers?]<<<<<
-Boomer (10:24:02/9-04-57)
>>>>>[Where should I start...first is security, only their people are in control of the system. Second is system response time...it takes time for a signal to go to the station and back. Physical response time... the response team is not on site, it takes time for them reach the site. And finally Magical security is difficult to implement. By the way most corps do use central stations...theirs...to provide security to small out lying offices and installations]<<<<<
-Shadowrider (11:27:42/06-06-44)
There are currently four methods of connecting a site to the central
station, they are phone lines, dedicated hard wire, fiber optic
cable and radio. Each has its own particular advantages and disadvantages
most of which are technical in nature and are too site dependent
to be discussed here. A good Security Consultant can properly
evaluate a particular site and determine the best method for your
particular needs.
>>>>>[Can anyone supply a brief evaluation of each methods and its weak points?]<<<<<
-Boomer (05:54:59/9-05-57)
>>>>>[Do I detect a more than passing interest in the weak points? Well enthusiasm like that should not go unrewarded. Phone lines are already in place, they connect almost every place and cost little to use. But they are subject to the control of others (i.e. the building management and the phone company), have limited band width, and require encoding and verification of data. Hard wire systems have wider band width, are much easier to secure but are expensive and time consuming to install, have to be maintained are difficult to change or update. Fiber Optics provides the widest band width, is the easiest to secure and otherwise has all the rest of the advantages and disadvantages associated with hard wire systems. Radio is the most flexible, has reasonable band width and is the hardest to secure and is subject to both intentional and un-intentional jamming. ]<<<<<
-Fingers (23:42:15/9-07-57)
>>>>>[Un-intentional jamming?]<<<<<
-Sweet Sue (01:43:27/9-08-57)
>>>>>[There are a limited number of radio frequencies available for alarm transmitters, so in most areas there are several (up to hundred) transmitters on the same frequency. The alarm system designers have come up with a simple solution, first the signal is coded and the receiver only accepts properly coded signals and the transmitters send their signal five times. Since the time of transmission is effectively random it is unlikely that two transmitters would be broadcasting all five times at the exact same time. That is at least one of the five would get through. It works. By the way putting a jamming transmitter near the alarm transmitter, while effective is not perfect as it also jams the
control centers periodic status polling. No reply trips an alarm. Sorry chummers, no free lunch here.]<<<<<<
-Fingers (16:34:15/9-10-57)
With the addition of a hard-wired computer the basic Close-Circuit
Television system can become a difficult to detect motion detection
alarm. In simple terms the signal from a single CCTV camera is
run through the computer which monitors the color value (gray
value in monochrome systems) of all the pixels in the alarmed
area. If the value should change suddenly, the computer triggers
an alarm. In most cases the alarm response, is an audible alarm,
and the switching of that camera's picture to a display monitor.
This system is commonly used to provide surveillance within clean
rooms as it can be relocated without the need to relocate wires
or drill holes. It is only effective in areas that are free of
motion. While it is a generally reliable, false alarm trouble
shooting can be quite difficult at times.
>>>>>[For an old design these are extremely effective, The turn the common CCTV camera into a motion detector. And if that was not bad enough, the system also trips when a loop-back unit is spliced into the camera system.]<<<<<
-Fast Eddy (01:42:51/9-09-57)
>>>>>[Not all the time, it just takes the right touch......or a mouse.]<<<<<
-Shadowrider (11:28:34/03-07-63)
>>>>>[A mouse?]<<<<<
-Fast Eddy (23:45:01/9-12-57)
>>>>>[When ever I think there maybe a live operator or one of these systems, I release a mouse or two just as I make the connection. When the picture pops up on the screen, the operator sees the mouse and goes back to his comic book.]<<<<<
-Shadowrider (14:42:56/18-06-15)
>>>>>[hey what does hard wired mean?]<<<<<
-Mork the Ork (18:34:28/9-09-57)
>>>>>[A hardwired computer is one that has its program wired in. Once it is built you can't reprogram it. Deckers hate the things, cause there is nothing they can do with them]<<<<<
-Sweet Sue (23:13:36/9-09-57)
The common lock is an often over looked component of a buildings security system. The selection of the correct lock for a use can enhance a security system while the wrong choice can defeat the most elaborate. Locking systems can be divided into three major groups, Common mechanical locks using keys, electronically controlled locking mechanisms and combination locks.
Key control is the most important factor in conventional pin tumbler
locking systems. While conventional locks can be picked it is
much easier to use the key. A lock will open for anyone who has
the key. Key control starts with the purchase of the lock. Cheap
locks are manufactured in numbers that greatly exceed that number
of key variations. The are also much easier to defeat with brute
force or the subtle manipulations of lock picks. The more exclusive
the key way the less likely a duplicate key exists. This is place
that spending a bit more gets a lot more results. After you have
the lock installed, you need to still need to properly control
keys. First only have made, the exact number of keys you need.
Do not label keys with either your address or license number,
doing so only makes it easy for the inconvenience of a lost key
ring to become a major loss. And don't hide a key outside your
home or on you car. There are no original hiding places, anyplace
you can think of someone else has used before.
>>>>>[Hey Phantom, anyway you could pull the plug on this? This guy is revealing all our secrets]<<<<<
-Fast Eddy (23:54:51/9-12-57)
>>>>>[That figures, I always thought that you would have trouble breaking into a paper sack with a sharp knife.]<<<<<
-Boomer (10:25:37/9-04-57)
>>>>>[Boomer haven't you heard Eddy's mother doesn't let him play with sharp objects.]<<<<<
-Sweet Sue (23:14:46/9-09-57)
Mechanical locking systems have one advantage that is often over
looked in this electronic age, they are not connected. To open
them you have to be there with the correct key or combination
to open them. There is no way for a hacker to unlock them from
a terminal miles away. No computer glitch will compromise your
security. If you don't have the key, you don't get in.
>>>>>[There is something positively un-American about this conspiracy]<<<<<
-Electroman (09:57:36/9-04-57)
>>>>>[Conspiracy?]<<<<
-Sweet Sue (23:15:51/9-09-57)
>>>>>[Yes conspiracy. First using rigger controls on security systems. Now locks that can't be opened by computer command. There ought to be a law. :)]<<<<<
-Electroman (10:47:27/9-12-57)
Many years ago locksmiths came up with a way eliminate the need
for a person to carry a separate key for every lock. Actually
it is two different ways, the first is keying several locks to
the same key. The other is creating a master key for a group of
locks. This is different from the first method in that the key
for one lock in the system will not open any other lock. Master
Keys systems are established at the same time the locks are pined.
Special split pins are used that make it possible for two different
keys (the master key and the regular key) to open the same lock.
With some locks it is possible to have three separate keys thus
making sub-mastering possible. With careful planning an entire
building can be keyed in a manner that provides proper levels
of security while not requiring management to lug a huge ring
of keys around.
>>>>>[A free hint chummers. While you can't tell a master key from a normal key, you can identify a masterkeyed lock by disassembling it. And most important it contains all the information you need to make a master key that works in all the locks in that buildings system. And if you are quick about it, they may never guess you did it.]<<<<<
-Fingers (23:44:57/ 9-07-57)
Electronic locking systems come in two major types, those that
use a electronically controlled solenoid to operate a mechanical
bolt and those that use electromagnetic force to secure a door.
Either type can be controlled either from a remote location or
at the door's location. Keypads, Maglocks and Pass Cards are commonly
used to provide local control.
>>>>>[Electromagnetic force...how effective can that be, especially when the power goes off]<<<<<
-Boomer (10:26:41/9-04-57)
>>>>>[Very effective, I have seen a door that was blown open with explosives and the electromagnetic lock was still functioning, the battery back up worked that well]<<<<<
-Shadowrider (11:32:01/7-10-71)
The classic combination lock used on safes and vaults is still
a reliable choice. The large number of combinations available,
the requirement that the lock be operated on site and on more
sophisticated systems the time lock result in a lock that is hard
to beat. The most important factor is the security of the combination.
The fewer people who know it the more secure it is, and like keys
There is no safe place to hide it.
>>>>>[Desk blotters and desk pull outs are the first place to look, then the Rolodex looking under "Safe". And if you can't find the one for the safe you need try other executive offices on the same floor because there is often a sealed envelope with the safe combinations for the other safes in one of them.]<<<<<
-Fingers (23:46:33/9-07-57)
>>>>>[If you use the envelope on a clean covert entry, put it back with the seal broken. The security types will have a suspect, after all it HAS TO BE an inside job, their building security is too good for some to get in undetected.]<<<<<
-Sweet Sue (23:16:56/9-09-57)
>>>>>[Now that is truly evil!!]<<<<<
-Boomer (10:27:36/9-10-57)
Time locks add a further dimension of security. They limit the
time that the lock can be opened with the combination. This permits
more individuals to have the combination permitting access during
business hours without them also being able to come back after-hours
and open the safe.
>>>>>[Unless you can speed-up the clock.]<<<<<
-Fingers (23:48:17/9-07-57)
>>>>>[Speed up the clock?]<<<<<
-Boomer (10:32:15/9-04-57)
>>>>>[All it takes is the right equipment. The Artificer is the man to see]<<<<
-Fingers (16:37:17/9-10-57)
Possibly the most secure and flexible access control system for
small to medium sized companies is the Card Access System. Systems
use a credit card sized plastic card encoded with a discrete identification
code. This code consists of two parts an installation or facility
code common to all cards for that particular plant or facility
and a individual number unique to that particular card. Normally
this coding is magnetic in nature but in some cases bar-code technology
is also used. It is also common to combine the access card with
a company identification card. When the card is presented to a
reader, the reader transmits the code number to a central computer
(normally a dedicated unit not used for any other function) which
checks the card code with a central listing for all the cards
in the system and determines the degree of access permitted. If
the bearer of the card is listed as being permitted to enter through
the door at the time the card was presented the signal is sent
to the reader to unlock the door and the transaction is recorded
in a access log kept on the systems main computer. If access is
not permitted then the attempt is also logged, the door is not
unlocked and an alarm may be sent for a human response if required.
>>>>>[They log unsuccessful attempts?]<<<<<
-Fast Eddy (08:49:15/9-04-57)
>>>>>[Sure, besides paranoia, a important trait for security types, logging unsuccessful attempts provides them with a lot of valuable information. It helps identify inquisitive employees as well as the enthusiastic types who just want an early start. It permits the fine tuning of access times and lastly it can reveal a pattern of intrusion attempts}<<<<<
-Big Bopper (12:16:45/9-09-57)
The current level of access for any particular each card is recorded
only on the central computer and can be changed at any time by
the system operator. It is not possible to determine what level
of access the card permits through the examination of the card.
Thus it is not possible to determine if a particular card is a
master card that opens all doors in the building or one that only
opens employee washrooms during business hours. While it is possible
to copy a particular card or to change the coding (depending on
the card type) the degree of access if any can not be set except
at the main computer.
>>>>>[This system sounds really easy to beat, just deck in and change the access for your card to all the doors, all the time and you are in like Flint. And just to make things truly interesting dump all the rest so security can not move in the building]<<<<<
-Fast Eddy (08:50:32/9-04-57)
>>>>>[Nice try Eddy, only one problem. You have to get to the computer first. These systems use small dedicated computers that are not connected to anything but the access control system]<<<<<
-Sweet Sue (23:16:57/9-09-57)
This computer polls all card readers, key pads, locking mechanisms
and biometric devises on a periodic basis (several times a minute).
In the event that a reader is cut-off from the main computer the
event is recorded and an alarm is sent. In most operations a human
guard is set to investigate. His response time would vary widely
depending on the size of the installation and the manpower available.
The effected card reader or readers revert in to stand alone mode.
This normally takes on one of three forms. The doors remain locked,
the doors automatically unlock or most commonly the readers perform
in what appears to the user to be a normal manner. That is the
door is unlocked upon the presentation of a card. The difference
is that the reader is granting access to any card that has the
correct installation code regardless of the programmed access.
As most individuals using the door have access they never know
the difference. It is not possible to determine if a particular
reader is in stand alone mode through external examination.
>>>>>[This is the weak spot Eddy. If you can get the reader into stand alone mode then any card from the system, even those that are dropped from the system as lost will work. And there is no record of the entry.]<<<<<
-Sweet Sue (23:17:37/9-09-57)
>>>>>[As long as the System Administrator is not truly paranoid and sets the readers to lock the door down if it is cut off from the central computer. I have seen systems where a communications failure meant could not get into the building at all]<<<<<
-Fingers (16:42:43/9-10-57)
The card access readers can control both electronic controlled
and combined lock systems and are often combined with keypads
or biometric devices. The latter is to overcome the single largest
drawback of these systems the card grant access to anyone who
presents the card. The use of a special computer, not connected
to the Matrix or other computer systems makes the system really
secure from outside tampering. However its largest strength is
that the level of access granted to a particular card can be changed
at any time whether or not the operator has access to the card.
While the there are a lot of new high tech security equipment
available, these old and proven methods should not be overlooked.
The keys to a good security system is defense in depth and utilizing
the right equipment for the right job. Remember this is a classic
case where old does not equal obsolete.
>>>>>[There is nothing made by the hand of man that can not be defeated by another slightly smarter man with that proper touch of larceny.]<<<<<
-Shadowrider (11:34:23/24-01-15)
>>>>>[ Shadowrider, are you on some sort of history kick?]<<<<<
-Sweet Sue (23:19:16/9-09-57)
>>>>>[Military History to be more precise.]<<<<<
-Shadowrider (24:24:47/07-12-41)
This technical skill deals with opening locked doors with out the use of the proper key or combination. A character with this skill understands the basic operation of mechanical locks and how to open them by manipulation. He also is aware of the physical weaknesses of doors, locks and safes and how to apply force to open them. A character with this skill would also need Demolitions skill to effectively use explosives to open a safe.
This skill is located on the Skill Web off the main Quickness stem separated by 2 circles from the main stem.
This Build/Repair (B/R) skill covers the maintenance and repair of locks and safes. A Locksmith can key or re-key locks, install locks, and make keys. A skilled locksmith can also pick locks and open combination locks by manipulation.
A character with this skill does not have the skills necessary to use explosives to open a safe or vault.
This skill is located on the Skill Web off the main Quickness stem separated by 2 circles from the main stem.
To determine the success of an attempt to open a lock by picking
it, roll a number of dice equal to the PC's Lockpicking skill
plus any task pool dice. The target number is that of the lock
plus any applicable modifiers from the table below. One success
means the lock is opened. Additional successes reduce the time
needed to open the lock. The base time is 5 minutes. A result
of all ones means that the keyway is jammed and the lock cannot
be opened either by manipulation or with a key.
| Situation | Modifier |
| Improvised picks | +1 |
| Rusty lock | +1 |
A master key can be made either from the records of the locksmith who keyed the set of locks or by disassembling and examining a master keyed lock. The target number is 1 + the level of the lock. The operative skill is Locksmithing.
A pin tumbler lock can be defeated by drilling the tumbler mechanism out. To do so roll dice equal to the characters Locksmithing or Lockpicking skill, the target number is the pin tumbler pick resistance target number - 2. A drill with the appropriate bit is required.
The descriptions of a safe or vault consists of 4 parts, the type and level of the locking system, the level of the door design, the Barrier Rating of the material or materials that the container is made of and whether or not it is equipped with a time lock. The locking system can be either key, combination lock or maglock.
Level 0: Cheap hardware store lock, target number = 3
Level 1: Quality lock, target number = 4
Level 2: Quality lock, limited available keyway, target number = 5
Level 3: Top quality lock, restricted keyway, target number = 6
Level 4: Top quality lock, custom keyway, target number = 8
Level 0: 4 digit single number lock, target number = 4
Level 1: 3 number, factory set lock, target number = 5
Level 2: 3 number, user set lock, target number = 7
Level 3: Manipulation resistant, 4 number, user set lock, target number = 9
Level 4: Double, Manipulation resistant, 4 number, user set lock, target number = 11
Level 0: Lockable metal cabinet. Barrier Rating 6, target number = 4
Level 1: Home wall safe. Barrier Rating 8, target number = 5
Level 2: Commercial Quality Safe. Barrier Rating 16, target number = 8
Level 3: Bank Vault. Barrier Rating 24, target number = 10
Level 4: Custom High Security Bank Vault, Barrier Rating 32, target number = 14
There are three approaches to opening a locked safe or vault. Manipulating the lock mechanism, mechanically defeating the lock mechanism, or going through the walls of the container. The last two approaches can use a wide variety of techniques using explosives, power saws, jack hammers and similar destructive devises.
To determine the success of an attempt to open a combination lock
by manipulating the dial, roll a number of dice equal to the PC's
Safe Cracking skill plus any task pool dice. The Target Number
is that of the lock plus any applicable modifiers from the table
below or special equipment used. One success means the lock is
opened. Additional successes reduce the time needed to open the
lock. The base time is 15 minutes. If the locking mechanism is
equipped with an activated time lock the lock cannot be successfully
manipulated until the time lock is either defeated or deactivates
its self.
| Situation | Modifier |
| Dead silence | -1 |
| Normal Background Noise | 0 |
| Moderate Noise | +2 |
| Loud Noise | +4 |
| Darkness | +1 |
| Damaged Lock | +3 |
| Rusty Lock | +1 |
| Lock Equipped With Error Limiter | +4 |
All locks on a safe or vault door must be defeated or unlocked before the door can be opened.
This devise limits the times that the lock can be opened to those preprogrammed on the time lock. Typically a time lock limits the opening times to normal business hours. The electronic versions are also programmed with weekends and holidays. The controls for a time lock are normally found on the inside of the safe or vault door. There are three ways to get around a time lock, reprogram the "open" times Change or accelerate the clock so that the "open" time comes sooner then intended by the programmer. Lastly is to limit the attempts to "open" times.
To determine the success of an attempt to force open a safe or
vault door, roll a number of dice equal to the PC's Safe Cracking
skill plus any task pool dice. The target number is that of the
lock plus any applicable modifiers from the table below or special
equipment used. The base time is level times two plus one [(level
x 2) + 1)] hour. Equipment capable of cutting or breaching the
door material (i.e. Barrier Rating) is required.
| Situation | Modifier |
| Successes from demolition test | -1 each |
| Have Plans of Safe or Vault door | -2 |
Entering the safe or vault through the side walls requires cutting a hole large enough to reach through or enter. This can be through the use of tools and equipment suitable for cutting the wall material (i.e. saw, jackhammer, cutting torch etc.) or through the use of explosives (use the demolition rules SRII, p.97)
Because of the manner they are constructed Access Cards cannot be copied like a credit card. The coding can be identified and an exact copy can be made. (Electronics B/R target number 8, 4 hours). If successful a card reader cannot tell the copy from the original. The system will record the access transaction and if the logs are checked the duplicate entries may be discovered. The copy will only have the access programmed for the original card.
There are two types of readers, surface and flush mounts. A surface mount puts the readers mechanism in the wall, surface mounts are in a armored case (Barrier Rating 24). The cabling is either in the wall or in armored conduit (Barrier Rating 16). Cutting the communication line between the reader and the controlling computer will put the unit into stand alone mode, the computer will discover the break during the next regular status check. Status checks are made about 30 times an hour.
The control computer is a dedicated free standing unit, that is not connected to either the matrix or other computers on the site. The computer may be connected to the computer that controls the rest of the security systems. The computer system is normally equipped with a back-up power supply that cuts in when the power fails. Cutting the computers communications with the readers will put them in stand alone mode.
A new card can be programmed (at the control computer) to any of the existing access levels in about 2 minutes (Computer, target number 4). A new access level can be programmed in about 20 minutes (Computer, target number 8). The systems password protection system must be defeated before any programming can occur (Computer, target number 13), system alarms with the fourth unsuccessful attempt.
Jump to the Underworld IndexReturn to the Decrypted Datafiles MenuReturn to the Big Knobi Klub