Securing TE to the bench?

[rickman]

On 8/15/2014 11:59 AM, Don Y wrote:

Hi Andrew,

On 8/15/2014 7:23 AM, Andrew Gabriel wrote:
In article<53edf70f.3071109@news.eternal-september.org>,
greenaum@gmail.com (greenaum) writes:
On Tue, 12 Aug 2014 01:56:35 -0400, Spehro Pefhany
speffSNIP@interlogDOTyou.knowwhat> sprachen:

A lot of test equipment products have the "port" for the standard
notebook security cable (I think Kingston originated it, but there are
plenty of knock-offs floating aboot).

Ah, you mean "Kensington". A brand-name that's become a standard.

They look very feeble to me. I never tried yanking on one to
destruction, but I find it hard to believe it wouldn't simply
snap the T-piece off the lock.

It doesn't even take that sort of effort! Most of the "locking devices"
that fit into the Kensington "slot" are very insecure -- easily "picked"
with a metal shim, etc.

Plastic cases with Kensington slots usually have a thin piece of
sheet metal on the inside to reinforce the "slot". But, it's still
relatively easy to grind away the plastic *and* that thin bit of sheet
metal (assuming the vendor hasn't decided to save a few micropennies
by eliminating it -- "locks keep honest people honest").

The laptop I fixed two days ago had an aluminum (?) case. It would have
taken all of 60 seconds to grind *around* the slot with a Dremel
(TmReg) and a small diameter "ball" milling tip. And, once free, clean
up the hole with the same tip. You could then LEAVE the clean hole
in place without fear of exposing the innards of the device as there is
usually an inner barrier to prevent the lock bits from infiltrating the
case!

Sun Microsystem's desktop kit used to have a small (1cm) cube
of metal on the back with two holes drilled through the center.

Actually, more of a prism than cube. A hole drilled "left to right"
(or top to bottom, depending on orientation) through it. Then,
another *recess* (square hole) cast into the piece normal to this
into which the fastening screw is placed and secured to the case.

One hole allowed you to screw the cube to the rear case (the
back of the hole was a smaller diameter to be clamped by the
screwhead). The other hole allowed you to pass a steel cable
through the cube, which when fitted, covered the screwhead so
you can't unscrew the block. I think the block fitted in a
slight recess in the case so you couldn't twist the block
itself to try and unscrew it (a locknut would do the same
if there was no matching recess).

As there is typically a plastic "skin" over an internal metal
structure (which receives the screw's threads), unless the
lock block is secured *well* (i.e., screwed down TIGHT), the
slop between the plastic case and inner metal frame is often
enough (with inward pressure) to allow you to rotate the block.
Of course, no guarantee that the screw head will rotate *with*
the block -- you could end up just spinning the block 'round
and 'round (with cable in the way while you are doing this!).

But, as with the Kensington approach, a Dremel can easily
grind through the little bit of metal "above" the cable to turn
the hole into a *slot* -- from which the cable can readily be
extracted. The locking block can then be removed and discarded
(if you don't want to be reminded of your transgression). Or,
replaced with another "borrowed" from another piece of kit
(the block and screw aren't typically needed to hold the case
closed; their function is largely anti-theft).

Locks keep honest people honest. As the OP still hasn't indicated
the level of threat that is faced (and attacker's motivation),
all this is just speculation.

You don't understand how a Kensington lock is intended to work. The
point is not to keep a laptop from being taken by brute force. The
intent is to require that enough damage be done to the laptop in the
process that no one will want the unit. Grinding a gaping hole in the
side greatly reduces any resale value of a laptop which is already not
much to begin with. Used laptops aren't worth much and one with obvious
case damage is nearly worthless.

That said, lab equipment is a different animal and is worth a large
portion of its original value. A hole in the side might reduce it some,
but there would still be plenty of value to make it worth stealing even
if it requires doing some damage.

--

Rick

 

[Don Y]

On 8/19/2014 3:46 PM, rickman wrote:

Locks keep honest people honest. As the OP still hasn't indicated
the level of threat that is faced (and attacker's motivation),
all this is just speculation.

You don't understand how a Kensington lock is intended to work. The
point is not to keep a laptop from being taken by brute force. The
intent is to require that enough damage be done to the laptop in the
process that no one will want the unit. Grinding a gaping hole in the

---------------^^^^^^ have you ruled out the *thief*? -- who may be
very happy with a $1500 laptop that has a "gaping hole" in the back
(that he has since covered with duct tape, Bondo, etc.)

side greatly reduces any resale value of a laptop which is already not
much to begin with. Used laptops aren't worth much and one with obvious
case damage is nearly worthless.

Cut the cable by which the "lock-mate" tethers the laptop to
<whatever>. Remove the remaining piece in the privacy/safety
of your own home. (this assume you have never hacked the locking
device in question -- and have never used a search engine to see
how easy it is!)

Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

 

[Cydrome Leader]

In sci.electronics.equipment Don Y <this@is.not.me.com> wrote:

On 8/19/2014 3:46 PM, rickman wrote:
Locks keep honest people honest. As the OP still hasn't indicated
the level of threat that is faced (and attacker's motivation),
all this is just speculation.

You don't understand how a Kensington lock is intended to work. The
point is not to keep a laptop from being taken by brute force. The
intent is to require that enough damage be done to the laptop in the
process that no one will want the unit. Grinding a gaping hole in the

---------------^^^^^^ have you ruled out the *thief*? -- who may be
very happy with a $1500 laptop that has a "gaping hole" in the back
(that he has since covered with duct tape, Bondo, etc.)

side greatly reduces any resale value of a laptop which is already not
much to begin with. Used laptops aren't worth much and one with obvious
case damage is nearly worthless.

Cut the cable by which the "lock-mate" tethers the laptop to
whatever>. Remove the remaining piece in the privacy/safety
of your own home. (this assume you have never hacked the locking
device in question -- and have never used a search engine to see
how easy it is!)

Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

Going out on a limb here- I doubt the local lockpicking club is the group
breaking into and robbing homes in the OP's area. You don't need a clever
locks on stuff.

Doped up, shitty, smash and grab then sell for 3% of actual value idiots
are probably at work.

If you make the job hard enough, people either move on or just get angry
and toss stuff around.

The neighbor across the back porch got broken into while I was home once.
They had a modern, thin, poorly installed door that broke down like old
crappy car. Hell, the thing looked like a bathroom door, but with glossy
paint. They never even tried my door, even though it's in a more hidden
area. My only guess is a 1000 year old solid wood door with 800 locks
would have been more work. I also keep enough junk by the door so you
can't even get the space for a good kick, not that that would break it
down anyways, which how most doors around here are compromised anyways.

 

[Cydrome Leader]

In sci.electronics.repair krw@attt.bizz wrote:

On Wed, 20 Aug 2014 15:51:26 +0000 (UTC), Cydrome Leader
presence@MUNGEpanix.com> wrote:

In sci.electronics.equipment Don Y <this@is.not.me.com> wrote:
On 8/19/2014 3:46 PM, rickman wrote:
Locks keep honest people honest. As the OP still hasn't indicated
the level of threat that is faced (and attacker's motivation),
all this is just speculation.

You don't understand how a Kensington lock is intended to work. The
point is not to keep a laptop from being taken by brute force. The
intent is to require that enough damage be done to the laptop in the
process that no one will want the unit. Grinding a gaping hole in the

---------------^^^^^^ have you ruled out the *thief*? -- who may be
very happy with a $1500 laptop that has a "gaping hole" in the back
(that he has since covered with duct tape, Bondo, etc.)

side greatly reduces any resale value of a laptop which is already not
much to begin with. Used laptops aren't worth much and one with obvious
case damage is nearly worthless.

Cut the cable by which the "lock-mate" tethers the laptop to
whatever>. Remove the remaining piece in the privacy/safety
of your own home. (this assume you have never hacked the locking
device in question -- and have never used a search engine to see
how easy it is!)

Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

Going out on a limb here- I doubt the local lockpicking club is the group
breaking into and robbing homes in the OP's area. You don't need a clever
locks on stuff.

Doped up, shitty, smash and grab then sell for 3% of actual value idiots
are probably at work.

If you make the job hard enough, people either move on or just get angry
and toss stuff around.

The neighbor across the back porch got broken into while I was home once.
They had a modern, thin, poorly installed door that broke down like old
crappy car. Hell, the thing looked like a bathroom door, but with glossy
paint. They never even tried my door, even though it's in a more hidden
area. My only guess is a 1000 year old solid wood door with 800 locks
would have been more work. I also keep enough junk by the door so you
can't even get the space for a good kick, not that that would break it
down anyways, which how most doors around here are compromised anyways.

You have no windows? If there is a window available, no steel door or
vault lock is going to do a damned thing. They're just for the honest
and insurance companies.

The doors have no windows. If you want climb in a window, you better have
a good extension ladder. Again, you can get in, it's just more on a pain
in the ass than breaking into the other units which don't require all the
effort.

 

[Cydrome Leader]

In sci.electronics.repair Michael A. Terrell <mike.terrell@earthlink.net> wrote:

Don Y wrote:

On 8/20/2014 9:21 AM, rickman wrote:
Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

All sorts of things are possible. A Kensington lock deters a large
percentage of would be thieves. It is a practical solution that provides
a reasonable amount of protection for a low price and a minimum
inconvenience. If you have a $1500 laptop and want to eliminate any
chance of it being stolen, you can always keep it in your safe deposit
box.

They keep folks who need a "gentle reminder" that "Thou Shalt Not Steal"
from stepping over the line. Most "protection devices" have obvious
flaws or simple exploits. E.g., many homes have sliding doors that
are installed improperly. Your neighbors won't exploit it to enter
your home while you are out -- but, a thief would be glad to do so!

Reasons/motivations for an actual "theft" vary.

When I was in school, picking locks was "just something you did".
No big deal.

A friend used to wander the basements of the school methodically
picking EVERY lock -- leaving the doors, etc. UNlocked when their
occupants arrived in the morning. To him, it was just "practice".

Apparently, one day, he decided to do more than just pick the locks,
no doubt encouraged by how *easy* it was. He was gone a few days
later.


They bragged about how secure the pushbutton locks were at a defense
plant where I worked. I laughed and told them they were useless. They
quoted the number of possible combinations. I shrugged, looked at the
lock, bunched five buttons and opened the door. They demanded to know
who gave me the combination. I smiled and told them, Your cleaning
service. I was told, in no uncertain terms that they were not given the
codes. Then I pointed out that they were not cleaning the face plates
so All I had to do was look at one of the locks to know the code. They
didn't believe me, so I walked down the hall, opening one restricted
area after another. The next day, the chrome bezels were clean and they
looked like they had been waxed. ;-)

simplex type locks are pretty hillarious, expecially when the codes can be
entered in any order, or just by hitting all the right buttons in any
order.

Of course, you need to add some high security master keyed 6 tumbler lock
cylinder into those things and some anti-jimmy plates to make it look
official.

The bathroom at work has a menacing looking electronic lock with delivery
folks and contractors always ask the code for. There is no code, you just
turn the handle and it opens. The lock was destroyed so many times the
building management decided to just stop fighting with the tennants and
just let folks take a piss without a key or door code.

 

[rickman]

On 8/19/2014 7:35 PM, Don Y wrote:

On 8/19/2014 3:46 PM, rickman wrote:
Locks keep honest people honest. As the OP still hasn't indicated
the level of threat that is faced (and attacker's motivation),
all this is just speculation.

You don't understand how a Kensington lock is intended to work. The
point is not to keep a laptop from being taken by brute force. The
intent is to require that enough damage be done to the laptop in the
process that no one will want the unit. Grinding a gaping hole in the

---------------^^^^^^ have you ruled out the *thief*? -- who may be
very happy with a $1500 laptop that has a "gaping hole" in the back
(that he has since covered with duct tape, Bondo, etc.)

side greatly reduces any resale value of a laptop which is already not
much to begin with. Used laptops aren't worth much and one with obvious
case damage is nearly worthless.

Cut the cable by which the "lock-mate" tethers the laptop to
whatever>. Remove the remaining piece in the privacy/safety
of your own home. (this assume you have never hacked the locking
device in question -- and have never used a search engine to see
how easy it is!)

Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

All sorts of things are possible. A Kensington lock deters a large
percentage of would be thieves. It is a practical solution that
provides a reasonable amount of protection for a low price and a minimum
inconvenience. If you have a $1500 laptop and want to eliminate any
chance of it being stolen, you can always keep it in your safe deposit
box.

--

Rick

 

On Wed, 20 Aug 2014 15:51:26 +0000 (UTC), Cydrome Leader
<presence@MUNGEpanix.com> wrote:

In sci.electronics.equipment Don Y <this@is.not.me.com> wrote:
On 8/19/2014 3:46 PM, rickman wrote:
Locks keep honest people honest. As the OP still hasn't indicated
the level of threat that is faced (and attacker's motivation),
all this is just speculation.

You don't understand how a Kensington lock is intended to work. The
point is not to keep a laptop from being taken by brute force. The
intent is to require that enough damage be done to the laptop in the
process that no one will want the unit. Grinding a gaping hole in the

---------------^^^^^^ have you ruled out the *thief*? -- who may be
very happy with a $1500 laptop that has a "gaping hole" in the back
(that he has since covered with duct tape, Bondo, etc.)

side greatly reduces any resale value of a laptop which is already not
much to begin with. Used laptops aren't worth much and one with obvious
case damage is nearly worthless.

Cut the cable by which the "lock-mate" tethers the laptop to
whatever>. Remove the remaining piece in the privacy/safety
of your own home. (this assume you have never hacked the locking
device in question -- and have never used a search engine to see
how easy it is!)

Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

Going out on a limb here- I doubt the local lockpicking club is the group
breaking into and robbing homes in the OP's area. You don't need a clever
locks on stuff.

Doped up, shitty, smash and grab then sell for 3% of actual value idiots
are probably at work.

If you make the job hard enough, people either move on or just get angry
and toss stuff around.

The neighbor across the back porch got broken into while I was home once.
They had a modern, thin, poorly installed door that broke down like old
crappy car. Hell, the thing looked like a bathroom door, but with glossy
paint. They never even tried my door, even though it's in a more hidden
area. My only guess is a 1000 year old solid wood door with 800 locks
would have been more work. I also keep enough junk by the door so you
can't even get the space for a good kick, not that that would break it
down anyways, which how most doors around here are compromised anyways.

You have no windows? If there is a window available, no steel door or
vault lock is going to do a damned thing. They're just for the honest
and insurance companies.

 

[Don Y]

On 8/20/2014 9:21 AM, rickman wrote:

Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

All sorts of things are possible. A Kensington lock deters a large
percentage of would be thieves. It is a practical solution that provides
a reasonable amount of protection for a low price and a minimum
inconvenience. If you have a $1500 laptop and want to eliminate any
chance of it being stolen, you can always keep it in your safe deposit
box.

They keep folks who need a "gentle reminder" that "Thou Shalt Not Steal"
from stepping over the line. Most "protection devices" have obvious
flaws or simple exploits. E.g., many homes have sliding doors that
are installed improperly. Your neighbors won't exploit it to enter
your home while you are out -- but, a thief would be glad to do so!

Reasons/motivations for an actual "theft" vary.

When I was in school, picking locks was "just something you did".
No big deal.

A friend used to wander the basements of the school methodically
picking EVERY lock -- leaving the doors, etc. UNlocked when their
occupants arrived in the morning. To him, it was just "practice".

Apparently, one day, he decided to do more than just pick the locks,
no doubt encouraged by how *easy* it was. He was gone a few days
later.

 

[Michael A. Terrell]

Don Y wrote:

On 8/20/2014 9:21 AM, rickman wrote:
Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

All sorts of things are possible. A Kensington lock deters a large
percentage of would be thieves. It is a practical solution that provides
a reasonable amount of protection for a low price and a minimum
inconvenience. If you have a $1500 laptop and want to eliminate any
chance of it being stolen, you can always keep it in your safe deposit
box.

They keep folks who need a "gentle reminder" that "Thou Shalt Not Steal"
from stepping over the line. Most "protection devices" have obvious
flaws or simple exploits. E.g., many homes have sliding doors that
are installed improperly. Your neighbors won't exploit it to enter
your home while you are out -- but, a thief would be glad to do so!

Reasons/motivations for an actual "theft" vary.

When I was in school, picking locks was "just something you did".
No big deal.

A friend used to wander the basements of the school methodically
picking EVERY lock -- leaving the doors, etc. UNlocked when their
occupants arrived in the morning. To him, it was just "practice".

Apparently, one day, he decided to do more than just pick the locks,
no doubt encouraged by how *easy* it was. He was gone a few days
later.

They bragged about how secure the pushbutton locks were at a defense
plant where I worked. I laughed and told them they were useless. They
quoted the number of possible combinations. I shrugged, looked at the
lock, bunched five buttons and opened the door. They demanded to know
who gave me the combination. I smiled and told them, Your cleaning
service. I was told, in no uncertain terms that they were not given the
codes. Then I pointed out that they were not cleaning the face plates
so All I had to do was look at one of the locks to know the code. They
didn't believe me, so I walked down the hall, opening one restricted
area after another. The next day, the chrome bezels were clean and they
looked like they had been waxed. ;-)


--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.

 

[Don Y]

Hi Michael,

On 8/20/2014 11:14 AM, Michael A. Terrell wrote:

They bragged about how secure the pushbutton locks were at a defense
plant where I worked. I laughed and told them they were useless. They
quoted the number of possible combinations. I shrugged, looked at the
lock, bunched five buttons and opened the door. They demanded to know
who gave me the combination. I smiled and told them, Your cleaning
service. I was told, in no uncertain terms that they were not given the
codes. Then I pointed out that they were not cleaning the face plates
so All I had to do was look at one of the locks to know the code. They
didn't believe me, so I walked down the hall, opening one restricted
area after another. The next day, the chrome bezels were clean and they
looked like they had been waxed. ;-)

Ha! "Ooops!"

It seems that most people don't have the skillset/mindset to be able
to look at problems from BOTH sides. Designing a lock? Think about
how you WILL be able to defeat it. If you can't find a flaw, then
you're not qualified to design the lock! :<

A colleague was touting use of a tool that automatically blocked
logins from a particular computer (i.e., IP address) after some
number of failed login attempts. He considered this a deterrent
to folks trying to hack into the system. I posed the following
scenario:
Every day, at lunch hour or before work (i.e., when few people
are around to observe me), I wander into each office/cubicle
and attempt to logon to the "bob" (my colleague) account several
times. So often that the system protects itself by locking out
login attempts for "bob" on that particular computer. As none
of these officeholders *are* "bob", it won't bother them; nor
will Bob likely ever attempt to access his account from *their*
office(s). I.e., I can take my sweet time doing this -- many
days! When all of the computers have been "poisoned", I can
now walk into Bob's office, before work, and repeat the process
for *him*! When he arrives and tries to logon, he'll be denied.
When he walks across the hall to Joe's office to try from there,
he will ALSO be denied. Etc.
Granted, I haven't "stolen" anything from Bob or the company...
except the time required to set this right -- Bob's trip to the
IT department to explain that he has been locked out of the
system for some reason (he probably hasn't considered that he's
just been locked out of these COMPUTERS... he's probably wondering
if he's going to be escorted out of the building in an unannounced
LAYOFF! :> ) But, a mechanism that he intended for one purpose
has been effectively used for another -- at some unintended expense!

One day, neighbor complained that their garage door was open when
it shouldn't have been. Apparently, happened several times!
Until they were outside one day as we drove in OUR driveway and
opened OUR door. As they saw *their* door open, they knew what the
problem was!

Listen to the folks who sell those sorts of devices and they will
tell you how "virtually impossible" it is to get the correct "code".
Yet, we did it purely by chance!

Come up with a proposed system; then, turn the bill on your hat
around and try to *break* it!

 

[rickman]

On 8/20/2014 2:14 PM, Michael A. Terrell wrote:

Don Y wrote:

On 8/20/2014 9:21 AM, rickman wrote:
Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

All sorts of things are possible. A Kensington lock deters a large
percentage of would be thieves. It is a practical solution that provides
a reasonable amount of protection for a low price and a minimum
inconvenience. If you have a $1500 laptop and want to eliminate any
chance of it being stolen, you can always keep it in your safe deposit
box.

They keep folks who need a "gentle reminder" that "Thou Shalt Not Steal"
from stepping over the line. Most "protection devices" have obvious
flaws or simple exploits. E.g., many homes have sliding doors that
are installed improperly. Your neighbors won't exploit it to enter
your home while you are out -- but, a thief would be glad to do so!

Reasons/motivations for an actual "theft" vary.

When I was in school, picking locks was "just something you did".
No big deal.

A friend used to wander the basements of the school methodically
picking EVERY lock -- leaving the doors, etc. UNlocked when their
occupants arrived in the morning. To him, it was just "practice".

Apparently, one day, he decided to do more than just pick the locks,
no doubt encouraged by how *easy* it was. He was gone a few days
later.


They bragged about how secure the pushbutton locks were at a defense
plant where I worked. I laughed and told them they were useless. They
quoted the number of possible combinations. I shrugged, looked at the
lock, bunched five buttons and opened the door. They demanded to know
who gave me the combination. I smiled and told them, Your cleaning
service. I was told, in no uncertain terms that they were not given the
codes. Then I pointed out that they were not cleaning the face plates
so All I had to do was look at one of the locks to know the code. They
didn't believe me, so I walked down the hall, opening one restricted
area after another. The next day, the chrome bezels were clean and they
looked like they had been waxed. ;-)

And they probably thought they had fixed the problem. All you need to
do is to apply something that is not so easily seen but easily removed
by touch. Then check it after the locks have been used, but before they
have been cleaned.

--

Rick

 

[Cydrome Leader]

In sci.electronics.repair krw@attt.bizz wrote:

On Wed, 20 Aug 2014 20:10:52 +0000 (UTC), Cydrome Leader
presence@MUNGEpanix.com> wrote:

In sci.electronics.repair krw@attt.bizz wrote:
On Wed, 20 Aug 2014 15:51:26 +0000 (UTC), Cydrome Leader
presence@MUNGEpanix.com> wrote:

In sci.electronics.equipment Don Y <this@is.not.me.com> wrote:
On 8/19/2014 3:46 PM, rickman wrote:
Locks keep honest people honest. As the OP still hasn't indicated
the level of threat that is faced (and attacker's motivation),
all this is just speculation.

You don't understand how a Kensington lock is intended to work. The
point is not to keep a laptop from being taken by brute force. The
intent is to require that enough damage be done to the laptop in the
process that no one will want the unit. Grinding a gaping hole in the

---------------^^^^^^ have you ruled out the *thief*? -- who may be
very happy with a $1500 laptop that has a "gaping hole" in the back
(that he has since covered with duct tape, Bondo, etc.)

side greatly reduces any resale value of a laptop which is already not
much to begin with. Used laptops aren't worth much and one with obvious
case damage is nearly worthless.

Cut the cable by which the "lock-mate" tethers the laptop to
whatever>. Remove the remaining piece in the privacy/safety
of your own home. (this assume you have never hacked the locking
device in question -- and have never used a search engine to see
how easy it is!)

Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

Going out on a limb here- I doubt the local lockpicking club is the group
breaking into and robbing homes in the OP's area. You don't need a clever
locks on stuff.

Doped up, shitty, smash and grab then sell for 3% of actual value idiots
are probably at work.

If you make the job hard enough, people either move on or just get angry
and toss stuff around.

The neighbor across the back porch got broken into while I was home once.
They had a modern, thin, poorly installed door that broke down like old
crappy car. Hell, the thing looked like a bathroom door, but with glossy
paint. They never even tried my door, even though it's in a more hidden
area. My only guess is a 1000 year old solid wood door with 800 locks
would have been more work. I also keep enough junk by the door so you
can't even get the space for a good kick, not that that would break it
down anyways, which how most doors around here are compromised anyways.

You have no windows? If there is a window available, no steel door or
vault lock is going to do a damned thing. They're just for the honest
and insurance companies.

The doors have no windows. If you want climb in a window, you better have
a good extension ladder. Again, you can get in, it's just more on a pain
in the ass than breaking into the other units which don't require all the
effort.

Again, locks or doors don't do anything to stop anyone who wants to
get in. It sounds like you're on the second floor, which is likely
why they went elsewhere. The quality of the door, and particularly
the lock, are irrelevant.

the methods they use to break down doors, old and new differs and the one
for old doors is actually pretty clever. None of which even involve
touching the lock, unless you've got a $12 Kwikset lock and nothing more.

Either way, when you're a harder target, people look elsewhere.

Take for instance robbing a bank. You walk in, hand over a note, get a
token amount of money, nobody puts up a fight and you walk out. It's
apparently not hard at all once you cross that moral line. Surprise,
there's lots of serial bankrobbers, and it would seem most never get
caught as banks only believe in slow-scan quarter VGA-res security
cameras.

 

[Cydrome Leader]

In sci.electronics.repair Michael A. Terrell <mike.terrell@earthlink.net> wrote:

Cydrome Leader wrote:

In sci.electronics.repair Michael A. Terrell <mike.terrell@earthlink.net> wrote:

Don Y wrote:

On 8/20/2014 9:21 AM, rickman wrote:
Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

All sorts of things are possible. A Kensington lock deters a large
percentage of would be thieves. It is a practical solution that provides
a reasonable amount of protection for a low price and a minimum
inconvenience. If you have a $1500 laptop and want to eliminate any
chance of it being stolen, you can always keep it in your safe deposit
box.

They keep folks who need a "gentle reminder" that "Thou Shalt Not Steal"
from stepping over the line. Most "protection devices" have obvious
flaws or simple exploits. E.g., many homes have sliding doors that
are installed improperly. Your neighbors won't exploit it to enter
your home while you are out -- but, a thief would be glad to do so!

Reasons/motivations for an actual "theft" vary.

When I was in school, picking locks was "just something you did".
No big deal.

A friend used to wander the basements of the school methodically
picking EVERY lock -- leaving the doors, etc. UNlocked when their
occupants arrived in the morning. To him, it was just "practice".

Apparently, one day, he decided to do more than just pick the locks,
no doubt encouraged by how *easy* it was. He was gone a few days
later.


They bragged about how secure the pushbutton locks were at a defense
plant where I worked. I laughed and told them they were useless. They
quoted the number of possible combinations. I shrugged, looked at the
lock, bunched five buttons and opened the door. They demanded to know
who gave me the combination. I smiled and told them, Your cleaning
service. I was told, in no uncertain terms that they were not given the
codes. Then I pointed out that they were not cleaning the face plates
so All I had to do was look at one of the locks to know the code. They
didn't believe me, so I walked down the hall, opening one restricted
area after another. The next day, the chrome bezels were clean and they
looked like they had been waxed. ;-)

simplex type locks are pretty hillarious, expecially when the codes can be
entered in any order, or just by hitting all the right buttons in any
order.


These had to be in the right order, but that was no problem since
each time someone pushed a button, they wiped some crud off their
fingertips. You just punched them in order of the descending crud.

One facility I worked at had some "Department of Defense" certifed keypads
(whatever that means, if anything at all, I was never told a certification
level of spec they adhered to) that were fairly smart.

The keypad had LED displays inside each swith position in the form or a
telephone keypad that could only be read at sitting in a wheelchair height
at which they were mounted. The digits at each button always changed so it
was not possible to watching somebody enter a code and then repeat it as
you could not see what they were keying in. Wear on the keypads was kept
even too, and funny business with figuring out which keys were pressed
last was useless.

Those got disconnected and they went back to keycards for some reason.

 

[Michael A. Terrell]

Don Y wrote:

Hi Michael,

On 8/20/2014 11:14 AM, Michael A. Terrell wrote:

They bragged about how secure the pushbutton locks were at a defense
plant where I worked. I laughed and told them they were useless. They
quoted the number of possible combinations. I shrugged, looked at the
lock, bunched five buttons and opened the door. They demanded to know
who gave me the combination. I smiled and told them, Your cleaning
service. I was told, in no uncertain terms that they were not given the
codes. Then I pointed out that they were not cleaning the face plates
so All I had to do was look at one of the locks to know the code. They
didn't believe me, so I walked down the hall, opening one restricted
area after another. The next day, the chrome bezels were clean and they
looked like they had been waxed. ;-)

Ha! "Ooops!"

It seems that most people don't have the skillset/mindset to be able
to look at problems from BOTH sides. Designing a lock? Think about
how you WILL be able to defeat it. If you can't find a flaw, then
you're not qualified to design the lock! :

A colleague was touting use of a tool that automatically blocked
logins from a particular computer (i.e., IP address) after some
number of failed login attempts. He considered this a deterrent
to folks trying to hack into the system. I posed the following
scenario:
Every day, at lunch hour or before work (i.e., when few people
are around to observe me), I wander into each office/cubicle
and attempt to logon to the "bob" (my colleague) account several
times. So often that the system protects itself by locking out
login attempts for "bob" on that particular computer. As none
of these officeholders *are* "bob", it won't bother them; nor
will Bob likely ever attempt to access his account from *their*
office(s). I.e., I can take my sweet time doing this -- many
days! When all of the computers have been "poisoned", I can
now walk into Bob's office, before work, and repeat the process
for *him*! When he arrives and tries to logon, he'll be denied.
When he walks across the hall to Joe's office to try from there,
he will ALSO be denied. Etc.
Granted, I haven't "stolen" anything from Bob or the company...
except the time required to set this right -- Bob's trip to the
IT department to explain that he has been locked out of the
system for some reason (he probably hasn't considered that he's
just been locked out of these COMPUTERS... he's probably wondering
if he's going to be escorted out of the building in an unannounced
LAYOFF! :> ) But, a mechanism that he intended for one purpose
has been effectively used for another -- at some unintended expense!

I raised hell at Microdyne when i caught someone coming in early and
using my computer to access AOL. My boss told me it was none of my
business, so I escalated it, till they did something about it. Every
website visited or that someone tried to visit was logged in their
nannyware and I wasn't going to be blamed for some idiot watching porn
or infecting the computers. The same dumbass brought an infected floppy
disk to work, to create a bootdisk after he screwed up his computer. I
caught him as he screwed up the sixth computer on our production floor.

One day, neighbor complained that their garage door was open when
it shouldn't have been. Apparently, happened several times!
Until they were outside one day as we drove in OUR driveway and
opened OUR door. As they saw *their* door open, they knew what the
problem was!

Listen to the folks who sell those sorts of devices and they will
tell you how "virtually impossible" it is to get the correct "code".
Yet, we did it purely by chance!

Come up with a proposed system; then, turn the bill on your hat
around and try to *break* it!

--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.

 

On Wed, 20 Aug 2014 20:10:52 +0000 (UTC), Cydrome Leader
<presence@MUNGEpanix.com> wrote:

In sci.electronics.repair krw@attt.bizz wrote:
On Wed, 20 Aug 2014 15:51:26 +0000 (UTC), Cydrome Leader
presence@MUNGEpanix.com> wrote:

In sci.electronics.equipment Don Y <this@is.not.me.com> wrote:
On 8/19/2014 3:46 PM, rickman wrote:
Locks keep honest people honest. As the OP still hasn't indicated
the level of threat that is faced (and attacker's motivation),
all this is just speculation.

You don't understand how a Kensington lock is intended to work. The
point is not to keep a laptop from being taken by brute force. The
intent is to require that enough damage be done to the laptop in the
process that no one will want the unit. Grinding a gaping hole in the

---------------^^^^^^ have you ruled out the *thief*? -- who may be
very happy with a $1500 laptop that has a "gaping hole" in the back
(that he has since covered with duct tape, Bondo, etc.)

side greatly reduces any resale value of a laptop which is already not
much to begin with. Used laptops aren't worth much and one with obvious
case damage is nearly worthless.

Cut the cable by which the "lock-mate" tethers the laptop to
whatever>. Remove the remaining piece in the privacy/safety
of your own home. (this assume you have never hacked the locking
device in question -- and have never used a search engine to see
how easy it is!)

Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

Going out on a limb here- I doubt the local lockpicking club is the group
breaking into and robbing homes in the OP's area. You don't need a clever
locks on stuff.

Doped up, shitty, smash and grab then sell for 3% of actual value idiots
are probably at work.

If you make the job hard enough, people either move on or just get angry
and toss stuff around.

The neighbor across the back porch got broken into while I was home once.
They had a modern, thin, poorly installed door that broke down like old
crappy car. Hell, the thing looked like a bathroom door, but with glossy
paint. They never even tried my door, even though it's in a more hidden
area. My only guess is a 1000 year old solid wood door with 800 locks
would have been more work. I also keep enough junk by the door so you
can't even get the space for a good kick, not that that would break it
down anyways, which how most doors around here are compromised anyways.

You have no windows? If there is a window available, no steel door or
vault lock is going to do a damned thing. They're just for the honest
and insurance companies.

The doors have no windows. If you want climb in a window, you better have
a good extension ladder. Again, you can get in, it's just more on a pain
in the ass than breaking into the other units which don't require all the
effort.

Again, locks or doors don't do anything to stop anyone who wants to
get in. It sounds like you're on the second floor, which is likely
why they went elsewhere. The quality of the door, and particularly
the lock, are irrelevant.

 

On Wed, 20 Aug 2014 14:14:07 -0400, "Michael A. Terrell"
<mike.terrell@earthlink.net> wrote:

Don Y wrote:

On 8/20/2014 9:21 AM, rickman wrote:
Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

All sorts of things are possible. A Kensington lock deters a large
percentage of would be thieves. It is a practical solution that provides
a reasonable amount of protection for a low price and a minimum
inconvenience. If you have a $1500 laptop and want to eliminate any
chance of it being stolen, you can always keep it in your safe deposit
box.

They keep folks who need a "gentle reminder" that "Thou Shalt Not Steal"
from stepping over the line. Most "protection devices" have obvious
flaws or simple exploits. E.g., many homes have sliding doors that
are installed improperly. Your neighbors won't exploit it to enter
your home while you are out -- but, a thief would be glad to do so!

Reasons/motivations for an actual "theft" vary.

When I was in school, picking locks was "just something you did".
No big deal.

A friend used to wander the basements of the school methodically
picking EVERY lock -- leaving the doors, etc. UNlocked when their
occupants arrived in the morning. To him, it was just "practice".

Apparently, one day, he decided to do more than just pick the locks,
no doubt encouraged by how *easy* it was. He was gone a few days
later.


They bragged about how secure the pushbutton locks were at a defense
plant where I worked. I laughed and told them they were useless. They
quoted the number of possible combinations. I shrugged, looked at the
lock, bunched five buttons and opened the door. They demanded to know
who gave me the combination. I smiled and told them, Your cleaning
service. I was told, in no uncertain terms that they were not given the
codes. Then I pointed out that they were not cleaning the face plates
so All I had to do was look at one of the locks to know the code. They
didn't believe me, so I walked down the hall, opening one restricted
area after another. The next day, the chrome bezels were clean and they
looked like they had been waxed. ;-)

Hell, one place I worked had the "cipher" lock combinations written on
the door jams. Writing them backwards was even enough to keep the
dummies in security happy.

 

[Michael A. Terrell]

Cydrome Leader wrote:

In sci.electronics.repair Michael A. Terrell <mike.terrell@earthlink.net> wrote:

Don Y wrote:

On 8/20/2014 9:21 AM, rickman wrote:
Most of the Kensington devices that I have seen are easily
thwarted (shims, picks, etc. -- e.g., a thin sheet of CARDBOARD,
fragment of a soda can, etc!).

I understand how ALL locks work: locks keep honest people honest.
Period.

All sorts of things are possible. A Kensington lock deters a large
percentage of would be thieves. It is a practical solution that provides
a reasonable amount of protection for a low price and a minimum
inconvenience. If you have a $1500 laptop and want to eliminate any
chance of it being stolen, you can always keep it in your safe deposit
box.

They keep folks who need a "gentle reminder" that "Thou Shalt Not Steal"
from stepping over the line. Most "protection devices" have obvious
flaws or simple exploits. E.g., many homes have sliding doors that
are installed improperly. Your neighbors won't exploit it to enter
your home while you are out -- but, a thief would be glad to do so!

Reasons/motivations for an actual "theft" vary.

When I was in school, picking locks was "just something you did".
No big deal.

A friend used to wander the basements of the school methodically
picking EVERY lock -- leaving the doors, etc. UNlocked when their
occupants arrived in the morning. To him, it was just "practice".

Apparently, one day, he decided to do more than just pick the locks,
no doubt encouraged by how *easy* it was. He was gone a few days
later.


They bragged about how secure the pushbutton locks were at a defense
plant where I worked. I laughed and told them they were useless. They
quoted the number of possible combinations. I shrugged, looked at the
lock, bunched five buttons and opened the door. They demanded to know
who gave me the combination. I smiled and told them, Your cleaning
service. I was told, in no uncertain terms that they were not given the
codes. Then I pointed out that they were not cleaning the face plates
so All I had to do was look at one of the locks to know the code. They
didn't believe me, so I walked down the hall, opening one restricted
area after another. The next day, the chrome bezels were clean and they
looked like they had been waxed. ;-)

simplex type locks are pretty hillarious, expecially when the codes can be
entered in any order, or just by hitting all the right buttons in any
order.

These had to be in the right order, but that was no problem since
each time someone pushed a button, they wiped some crud off their
fingertips. You just punched them in order of the descending crud.

Of course, you need to add some high security master keyed 6 tumbler lock
cylinder into those things and some anti-jimmy plates to make it look
official.

The bathroom at work has a menacing looking electronic lock with delivery
folks and contractors always ask the code for. There is no code, you just
turn the handle and it opens. The lock was destroyed so many times the
building management decided to just stop fighting with the tennants and
just let folks take a piss without a key or door code.

--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.

 

[Don Y]

Hi Michael,

On 8/20/2014 2:53 PM, Michael A. Terrell wrote:

A colleague was touting use of a tool that automatically blocked
logins from a particular computer (i.e., IP address) after some
number of failed login attempts. He considered this a deterrent
to folks trying to hack into the system. I posed the following
scenario:
Every day, at lunch hour or before work (i.e., when few people
are around to observe me), I wander into each office/cubicle
and attempt to logon to the "bob" (my colleague) account several
times. So often that the system protects itself by locking out
login attempts for "bob" on that particular computer. As none
of these officeholders *are* "bob", it won't bother them; nor
will Bob likely ever attempt to access his account from *their*
office(s). I.e., I can take my sweet time doing this -- many
days! When all of the computers have been "poisoned", I can
now walk into Bob's office, before work, and repeat the process
for *him*! When he arrives and tries to logon, he'll be denied.
When he walks across the hall to Joe's office to try from there,
he will ALSO be denied. Etc.
Granted, I haven't "stolen" anything from Bob or the company...
except the time required to set this right -- Bob's trip to the
IT department to explain that he has been locked out of the
system for some reason (he probably hasn't considered that he's
just been locked out of these COMPUTERS... he's probably wondering
if he's going to be escorted out of the building in an unannounced
LAYOFF! :> ) But, a mechanism that he intended for one purpose
has been effectively used for another -- at some unintended expense!

I raised hell at Microdyne when i caught someone coming in early and
using my computer to access AOL. My boss told me it was none of my
business, so I escalated it, till they did something about it. Every
website visited or that someone tried to visit was logged in their
nannyware and I wasn't going to be blamed for some idiot watching porn
or infecting the computers. The same dumbass brought an infected floppy
disk to work, to create a bootdisk after he screwed up his computer. I
caught him as he screwed up the sixth computer on our production floor.

Different situation. The sort of computer I am talking about
has nothing "Michael" about it -- except it's physical location.
Much like your office phone -- while you may not welcome the idea,
if someone needed to pick up a page or make a call "in a pinch",
they could easily use your phone without any RISK to you or the
phone.

PC's are the bane of most IT dept's existence (yet, probably the only
JUSTIFICATION for their staffing levels! :< )

 

[Michael A. Terrell]

krw@attt.bizz wrote:

Hell, one place I worked had the "cipher" lock combinations written on
the door jams. Writing them backwards was even enough to keep the
dummies in security happy.

This was the old C.E. plant, on Glendale-Milford road. C.E. has a new
building and is now part of L-3. The security there was a joke, that's
why there were so many locks to keep them out of restricted areas.


--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.

 

[Michael A. Terrell]

Don Y wrote:

Hi Michael,

On 8/20/2014 2:53 PM, Michael A. Terrell wrote:

A colleague was touting use of a tool that automatically blocked
logins from a particular computer (i.e., IP address) after some
number of failed login attempts. He considered this a deterrent
to folks trying to hack into the system. I posed the following
scenario:
Every day, at lunch hour or before work (i.e., when few people
are around to observe me), I wander into each office/cubicle
and attempt to logon to the "bob" (my colleague) account several
times. So often that the system protects itself by locking out
login attempts for "bob" on that particular computer. As none
of these officeholders *are* "bob", it won't bother them; nor
will Bob likely ever attempt to access his account from *their*
office(s). I.e., I can take my sweet time doing this -- many
days! When all of the computers have been "poisoned", I can
now walk into Bob's office, before work, and repeat the process
for *him*! When he arrives and tries to logon, he'll be denied.
When he walks across the hall to Joe's office to try from there,
he will ALSO be denied. Etc.
Granted, I haven't "stolen" anything from Bob or the company...
except the time required to set this right -- Bob's trip to the
IT department to explain that he has been locked out of the
system for some reason (he probably hasn't considered that he's
just been locked out of these COMPUTERS... he's probably wondering
if he's going to be escorted out of the building in an unannounced
LAYOFF! :> ) But, a mechanism that he intended for one purpose
has been effectively used for another -- at some unintended expense!

I raised hell at Microdyne when i caught someone coming in early and
using my computer to access AOL. My boss told me it was none of my
business, so I escalated it, till they did something about it. Every
website visited or that someone tried to visit was logged in their
nannyware and I wasn't going to be blamed for some idiot watching porn
or infecting the computers. The same dumbass brought an infected floppy
disk to work, to create a bootdisk after he screwed up his computer. I
caught him as he screwed up the sixth computer on our production floor.

Different situation. The sort of computer I am talking about
has nothing "Michael" about it -- except it's physical location.
Much like your office phone -- while you may not welcome the idea,
if someone needed to pick up a page or make a call "in a pinch",
they could easily use your phone without any RISK to you or the
phone.

PC's are the bane of most IT dept's existence (yet, probably the only
JUSTIFICATION for their staffing levels! :< )

These were not to be used for anything personal. They were test beds
to program our products. Each was configured for that workbench, and
were off limits to IT other than security and installing updates for the
Win95.


--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.