home
news
columns
features
All That Is Old Is Not Obsolete
by David G. Hinkley
It is simply amazing what one can find when one looks under the right rock. I ran across this article last week, and thought it might be interesting. And it is not due to be published for at least a month. So get here just hot before the presses
Phantom
While the use of highly skilled computer enhanced operators located on site to oversee elaborate security systems has become the accepted standard among security professionals. It is not the only way to provide security. Many of the older proven systems are still effective and can provide high levels of security at reasonable cost. Central Station Alarm Systems, CCTV alarm systems, locks, and card access systems are still effective deterrent to undesirable activities.
Undesirable activities…..could they be talking about us?
Fast Eddy
Only if they are attempting to stop thefts from children’s piggy-banks and other similar hard targets :)
Boomer
Many businesses and individuals needing human monitored alarm systems can not reasonably afford the costs of an on site security specialist. Thanks to the existence of Seattle’s numerous high quality Central Station Alarm Monitoring Services, they need not to do without a monitored Security System. basically a Central Station System connects a business’s on-site alarm systems to a remotely located monitoring station operated by the service provider. This monitoring station would monitor the alarm systems of many unrelated subscribers.
A central station system is fully capable of monitoring all types of alarms and security systems. These Central Station Services can also be contracted to provide a number of additional services including Armed alarm response, Alarm system installation and repair, fire and hazmat alarm systems, and card access systems.
If central stations are so good why do the corps spend money on their own security centers?
Boomer
Where should I start…first is security, only their people are in control of the system. Second is system response time…it takes time for a signal to go to the station and back. Physical response time… the response team is not on site, it takes time for them reach the site. And finally Magical security is difficult to implement. By the way most corps do use central stations…theirs…to provide security to small out lying offices and installations
Shadowrider
There are currently four methods of connecting a site to the central station, they are phone lines, dedicated hard wire, fiber optic cable and radio. Each has its own particular advantages and disadvantages most of which are technical in nature and are too site dependent to be discussed here. A good Security Consultant can properly evaluate a particular site and determine the best method for your particular needs.
Can anyone supply a brief evaluation of each methods and its weak points?
Boomer
Do I detect a more than passing interest in the weak points? Well enthusiasm like that should not go unrewarded. Phone lines are already in place, they connect almost every place and cost little to use. But they are subject to the control of others (i.e. the building management and the phone company), have limited band width, and require encoding and verification of data. Hard wire systems have wider band width, are much easier to secure but are expensive and time consuming to install, have to be maintained are difficult to change or update. Fiber Optics provides the widest band width, is the easiest to secure and otherwise has all the rest of the advantages and disadvantages associated with hard wire systems. Radio is the most flexible, has reasonable band width and is the hardest to secure and is subject to both intentional and un-intentional jamming.
Fingers
Un-intentional jamming?
Sweet Sue
There are a limited number of radio frequencies available for alarm transmitters, so in most areas there are several (up to hundred) transmitters on the same frequency. The alarm system designers have come up with a simple solution, first the signal is coded and the receiver only accepts properly coded signals and the transmitters send their signal five times. Since the time of transmission is effectively random it is unlikely that two transmitters would be broadcasting all five times at the exact same time. That is at least one of the five would get through. It works. By the way putting a jamming transmitter near the alarm transmitter, while effective is not perfect as it also jams the control centers periodic status polling. No reply trips an alarm. Sorry chummers, no free lunch here.
Fingers
With the addition of a hard-wired computer the basic Close-Circuit Television system can become a difficult to detect motion detection alarm. In simple terms the signal from a single CCTV camera is run through the computer which monitors the color value (gray value in monochrome systems) of all the pixels in the alarmed area. If the value should change suddenly, the computer triggers an alarm. In most cases the alarm response, is an audible alarm, and the switching of that camera’s picture to a display monitor. This system is commonly used to provide surveillance within clean rooms as it can be relocated without the need to relocate wires or drill holes. It is only effective in areas that are free of motion. While it is a generally reliable, false alarm trouble shooting can be quite difficult at times.
For an old design these are extremely effective, The turn the common CCTV camera into a motion detector. And if that was not bad enough, the system also trips when a loop-back unit is spliced into the camera system.
Fast Eddy
Not all the time, it just takes the right touch……or a mouse.
Shadowrider
A mouse?
Fast Eddy
When ever I think there maybe a live operator or one of these systems, I release a mouse or two just as I make the connection. When the picture pops up on the screen, the operator sees the mouse and goes back to his comic book.
Shadowrider
hey what does hard wired mean?
Mork the Ork
A hardwired computer is one that has its program wired in. Once it is built you can’t reprogram it. Deckers hate the things, cause there is nothing they can do with them
Sweet Sue
The common lock is an often over looked component of a buildings security system. The selection of the correct lock for a use can enhance a security system while the wrong choice can defeat the most elaborate. Locking systems can be divided into three major groups, Common mechanical locks using keys, electronically controlled locking mechanisms and combination locks.
Key control is the most important factor in conventional pin tumbler locking systems. While conventional locks can be picked it is much easier to use the key. A lock will open for anyone who has the key. Key control starts with the purchase of the lock. Cheap locks are manufactured in numbers that greatly exceed that number of key variations. The are also much easier to defeat with brute force or the subtle manipulations of lock picks. The more exclusive the key way the less likely a duplicate key exists. This is place that spending a bit more gets a lot more results. After you have the lock installed, you need to still need to properly control keys. First only have made, the exact number of keys you need. Do not label keys with either your address or license number, doing so only makes it easy for the inconvenience of a lost key ring to become a major loss. And don’t hide a key outside your home or on you car. There are no original hiding places, anyplace you can think of someone else has used before.
Hey Phantom, anyway you could pull the plug on this? This guy is revealing all our secrets
Fast Eddy
That figures, I always thought that you would have trouble breaking into a paper sack with a sharp knife.
Boomer
Boomer haven’t you heard Eddy’s mother doesn’t let him play with sharp objects.
Sweet Sue
Mechanical locking systems have one advantage that is often over looked in this electronic age, they are not connected. To open them you have to be there with the correct key or combination to open them. There is no way for a hacker to unlock them from a terminal miles away. No computer glitch will compromise your security. If you don’t have the key, you don’t get in.
There is something positively un-American about this conspiracy
Electroman
Conspiracy?
Sweet Sue
Yes conspiracy. First using rigger controls on security systems. Now locks that can’t be opened by computer command. There ought to be a law. :)
Electroman
Many years ago locksmiths came up with a way eliminate the need for a person to carry a separate key for every lock. Actually it is two different ways, the first is keying several locks to the same key. The other is creating a master key for a group of locks. This is different from the first method in that the key for one lock in the system will not open any other lock. Master Keys systems are established at the same time the locks are pined. Special split pins are used that make it possible for two different keys (the master key and the regular key) to open the same lock. With some locks it is possible to have three separate keys thus making sub-mastering possible. With careful planning an entire building can be keyed in a manner that provides proper levels of security while not requiring management to lug a huge ring of keys around.
A free hint chummers. While you can’t tell a master key from a normal key, you can identify a masterkeyed lock by disassembling it. And most important it contains all the information you need to make a master key that works in all the locks in that buildings system. And if you are quick about it, they may never guess you did it.
Fingers
Electronic locking systems come in two major types, those that use a electronically controlled solenoid to operate a mechanical bolt and those that use electromagnetic force to secure a door. Either type can be controlled either from a remote location or at the door’s location. Keypads, Maglocks and Pass Cards are commonly used to provide local control.
Electromagnetic force…how effective can that be, especially when the power goes off
Boomer
Very effective, I have seen a door that was blown open with explosives and the electromagnetic lock was still functioning, the battery back up worked that well
Shadowrider
The classic combination lock used on safes and vaults is still a reliable choice. The large number of combinations available, the requirement that the lock be operated on site and on more sophisticated systems the time lock result in a lock that is hard to beat. The most important factor is the security of the combination. The fewer people who know it the more secure it is, and like keys There is no safe place to hide it.
Desk blotters and desk pull outs are the first place to look, then the Rolodex looking under ‘Safe’. And if you can’t find the one for the safe you need try other executive offices on the same floor because there is often a sealed envelope with the safe combinations for the other safes in one of them.
Fingers
If you use the envelope on a clean covert entry, put it back with the seal broken. The security types will have a suspect, after all it HAS TO BE an inside job, their building security is too good for some to get in undetected.
Sweet Sue
Now that is truly evil!!
Boomer
Time locks add a further dimension of security. They limit the time that the lock can be opened with the combination. This permits more individuals to have the combination permitting access during business hours without them also being able to come back after-hours and open the safe.
Unless you can speed-up the clock.
Fingers
Speed up the clock?
Boomer
All it takes is the right equipment. The Artificer is the man to see
Fingers
Possibly the most secure and flexible access control system for small to medium sized companies is the Card Access System. Systems use a credit card sized plastic card encoded with a discrete identification code. This code consists of two parts an installation or facility code common to all cards for that particular plant or facility and a individual number unique to that particular card. Normally this coding is magnetic in nature but in some cases bar-code technology is also used. It is also common to combine the access card with a company identification card. When the card is presented to a reader, the reader transmits the code number to a central computer (normally a dedicated unit not used for any other function) which checks the card code with a central listing for all the cards in the system and determines the degree of access permitted. If the bearer of the card is listed as being permitted to enter through the door at the time the card was presented the signal is sent to the reader to unlock the door and the transaction is recorded in a access log kept on the systems main computer. If access is not permitted then the attempt is also logged, the door is not unlocked and an alarm may be sent for a human response if required.
They log unsuccessful attempts?
Fast Eddy
Sure, besides paranoia, a important trait for security types, logging unsuccessful attempts provides them with a lot of valuable information. It helps identify inquisitive employees as well as the enthusiastic types who just want an early start. It permits the fine tuning of access times and lastly it can reveal a pattern of intrusion attempts
Big Bopper
The current level of access for any particular each card is recorded only on the central computer and can be changed at any time by the system operator. It is not possible to determine what level of access the card permits through the examination of the card. Thus it is not possible to determine if a particular card is a master card that opens all doors in the building or one that only opens employee washrooms during business hours. While it is possible to copy a particular card or to change the coding (depending on the card type) the degree of access if any can not be set except at the main computer.
This system sounds really easy to beat, just deck in and change the access for your card to all the doors, all the time and you are in like Flint. And just to make things truly interesting dump all the rest so security can not move in the building
Fast Eddy
Nice try Eddy, only one problem. You have to get to the computer first. These systems use small dedicated computers that are not connected to anything but the access control system
Sweet Sue
This computer polls all card readers, key pads, locking mechanisms and biometric devises on a periodic basis (several times a minute). In the event that a reader is cut-off from the main computer the event is recorded and an alarm is sent. In most operations a human guard is set to investigate. His response time would vary widely depending on the size of the installation and the manpower available. The effected card reader or readers revert in to stand alone mode. This normally takes on one of three forms. The doors remain locked, the doors automatically unlock or most commonly the readers perform in what appears to the user to be a normal manner. That is the door is unlocked upon the presentation of a card. The difference is that the reader is granting access to any card that has the correct installation code regardless of the programmed access. As most individuals using the door have access they never know the difference. It is not possible to determine if a particular reader is in stand alone mode through external examination.
This is the weak spot Eddy. If you can get the reader into stand alone mode then any card from the system, even those that are dropped from the system as lost will work. And there is no record of the entry.
Sweet Sue
As long as the System Administrator is not truly paranoid and sets the readers to lock the door down if it is cut off from the central computer. I have seen systems where a communications failure meant could not get into the building at all
Fingers
The card access readers can control both electronic controlled and combined lock systems and are often combined with keypads or biometric devices. The latter is to overcome the single largest drawback of these systems the card grant access to anyone who presents the card. The use of a special computer, not connected to the Matrix or other computer systems makes the system really secure from outside tampering. However its largest strength is that the level of access granted to a particular card can be changed at any time whether or not the operator has access to the card.
While the there are a lot of new high tech security equipment available, these old and proven methods should not be overlooked. The keys to a good security system is defense in depth and utilizing the right equipment for the right job. Remember this is a classic case where old does not equal obsolete.
There is nothing made by the hand of man that can not be defeated by another slightly smarter man with that proper touch of larceny.
Shadowrider
Shadowrider, are you on some sort of history kick?
Sweet Sue
Military History to be more precise.
Shadowrider
Gamemaster Information
Lockpicking/Safe Cracking Skill
This technical skill deals with opening locked doors with out the use of the proper key or combination. A character with this skill understands the basic operation of mechanical locks and how to open them by manipulation. He also is aware of the physical weaknesses of doors, locks and safes and how to apply force to open them. A character with this skill would also need Demolitions skill to effectively use explosives to open a safe.
This skill is located on the Skill Web off the main Quickness stem separated by 2 circles from the main stem.
Locksmithing Skill
This Build/Repair (B/R) skill covers the maintenance and repair of locks and safes. A Locksmith can key or re-key locks, install locks, and make keys. A skilled locksmith can also pick locks and open combination locks by manipulation.
A character with this skill does not have the skills necessary to use explosives to open a safe or vault.
This skill is located on the Skill Web off the main Quickness stem separated by 2 circles from the main stem.
Lock Picking
To determine the success of an attempt to open a lock by picking it, roll a number of dice equal to the PC’s Lockpicking skill plus any task pool dice. The target number is that of the lock plus any applicable modifiers from the table below. One success means the lock is opened. Additional successes reduce the time needed to open the lock. The base time is 5 minutes. A result of all ones means that the keyway is jammed and the lock cannot be opened either by manipulation or with a key.
| Situation | Modifier |
|---|---|
| Improvised picks | +1 |
| Rusty lock | +1 |
Master Keys
A master key can be made either from the records of the locksmith who keyed the set of locks or by disassembling and examining a master keyed lock. The target number is 1 + the level of the lock. The operative skill is Locksmithing.
Drilling Locks
A pin tumbler lock can be defeated by drilling the tumbler mechanism out. To do so roll dice equal to the characters Locksmithing or Lockpicking skill, the target number is the pin tumbler pick resistance target number - 2. A drill with the appropriate bit is required.
Safe And Vaults
The descriptions of a safe or vault consists of 4 parts, the type and level of the locking system, the level of the door design, the Barrier Rating of the material or materials that the container is made of and whether or not it is equipped with a time lock. The locking system can be either key, combination lock or maglock.
Pin Tumbler locks
Level 0: Cheap hardware store lock, target number = 3
Level 1: Quality lock, target number = 4
Level 2: Quality lock, limited available keyway, target number = 5
Level 3: Top quality lock, restricted keyway, target number = 6
Level 4: Top quality lock, custom keyway, target number = 8
Combination Locks
Level 0: 4 digit single number lock, target number = 4
Level 1: 3 number, factory set lock, target number = 5
Level 2: 3 number, user set lock, target number = 7
Level 3: Manipulation resistant, 4 number, user set lock, target number = 9
Level 4: Double, Manipulation resistant, 4 number, user set lock, target number = 11
Safes And Vault Door Ratings
Level 0: Lockable metal cabinet. Barrier Rating 6, target number = 4
Level 1: Home wall safe. Barrier Rating 8, target number = 5
Level 2: Commercial Quality Safe. Barrier Rating 16, target number = 8
Level 3: Bank Vault. Barrier Rating 24, target number = 10
Level 4: Custom High Security Bank Vault, Barrier Rating 32, target number = 14
Safe Cracking
There are three approaches to opening a locked safe or vault. Manipulating the lock mechanism, mechanically defeating the lock mechanism, or going through the walls of the container. The last two approaches can use a wide variety of techniques using explosives, power saws, jack hammers and similar destructive devises.
Lock Manipulation
To determine the success of an attempt to open a combination lock by manipulating the dial, roll a number of dice equal to the PC’s Safe Cracking skill plus any task pool dice. The Target Number is that of the lock plus any applicable modifiers from the table below or special equipment used. One success means the lock is opened. Additional successes reduce the time needed to open the lock. The base time is 15 minutes. If the locking mechanism is equipped with an activated time lock the lock cannot be successfully manipulated until the time lock is either defeated or deactivates its self.
| Situation | Modifier |
|---|---|
| Dead silence | -1 |
| Normal Background Noise | 0 |
| Moderate Noise | +2 |
| Loud Noise | +4 |
| Darkness | +1 |
| Damaged Lock | +3 |
| Rusty Lock | +1 |
| Lock Equipped With Error Limiter | +4 |
All locks on a safe or vault door must be defeated or unlocked before the door can be opened.
TimeLocks
This devise limits the times that the lock can be opened to those preprogrammed on the time lock. Typically a time lock limits the opening times to normal business hours. The electronic versions are also programmed with weekends and holidays. The controls for a time lock are normally found on the inside of the safe or vault door. There are three ways to get around a time lock, reprogram the “open” times Change or accelerate the clock so that the “open” time comes sooner then intended by the programmer. Lastly is to limit the attempts to “open” times.
Forcing The Door
To determine the success of an attempt to force open a safe or vault door, roll a number of dice equal to the PC’s Safe Cracking skill plus any task pool dice. The target number is that of the lock plus any applicable modifiers from the table below or special equipment used. The base time is level times two plus one [(level x 2) + 1)] hour. Equipment capable of cutting or breaching the door material (i.e. Barrier Rating) is required.
| Situation | Modifier |
|---|---|
| Successes from demolition test | -1 each |
| Have Plans of Safe or Vault door | -2 |
Breaching The Walls
Entering the safe or vault through the side walls requires cutting a hole large enough to reach through or enter. This can be through the use of tools and equipment suitable for cutting the wall material (i.e. saw, jackhammer, cutting torch etc.) or through the use of explosives (use the demolition rules SRII, p.97)
Card Access Systems
Access Cards
Because of the manner they are constructed Access Cards cannot be copied like a credit card. The coding can be identified and an exact copy can be made. (Electronics B/R target number 8, 4 hours). If successful a card reader cannot tell the copy from the original. The system will record the access transaction and if the logs are checked the duplicate entries may be discovered. The copy will only have the access programmed for the original card.
Card Readers
There are two types of readers, surface and flush mounts. A surface mount puts the readers mechanism in the wall, surface mounts are in a armored case (Barrier Rating 24). The cabling is either in the wall or in armored conduit (Barrier Rating 16). Cutting the communication line between the reader and the controlling computer will put the unit into stand alone mode, the computer will discover the break during the next regular status check. Status checks are made about 30 times an hour.
Control Computer
The control computer is a dedicated free standing unit, that is not connected to either the matrix or other computers on the site. The computer may be connected to the computer that controls the rest of the security systems. The computer system is normally equipped with a back-up power supply that cuts in when the power fails. Cutting the computers communications with the readers will put them in stand alone mode.
Programming
A new card can be programmed (at the control computer) to any of the existing access levels in about 2 minutes (Computer, target number 4). A new access level can be programmed in about 20 minutes (Computer, target number 8). The systems password protection system must be defeated before any programming can occur (Computer, target number 13), system alarms with the fourth unsuccessful attempt.