[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /sec/ - 2170



File: 1477808469853-0.png (253.16 KB, 169x300, 20161014_234929_resized.jpg)

File: 1477808469853-1.png (197.21 KB, 169x300, 20161014_234940_resized.jpg)

File: 1477808469853-2.png (225.2 KB, 169x300, 20161014_234935_resized.jpg)

No.2170

Seems to me that physical security is just as important as digital security.

Personally, I've never picked a lock, but I'm considering learning. Watching some videos of experts has made me much more conscious of my choice of lock.

On a somewhat unrelated note, this is the setup for a server room at my uni. I kinda want to go in there and poke around, but I don't know what these boxes do. The lock itself seems pretty flimsy, once I learn I could probably break it. I'm more worried about security measures that I don't know about.

  No.2171

File: 1477809866403.png (1.56 MB, 200x100, now_you_see_it__04823.jpg)

>>2170
Concealed security is better and more affordable. If the gov wants in your safe, they are getting in unless you have that bad boy concealed as well. If you live in a country where the gov mandates you to open your safe for inspection/investigation, you are even more out of luck.

Something like this is the better solution.

  No.2172

>>2171
I'm thinking more along the lines of theft than gubmint gonna break in.

  No.2173

>>2172
a thief can force you to open a safe at gunpoint. Concealed is still the better option.

  No.2174

sounds like a good way to get into a soykaf ton of trouble. Breaking in is not the same as pissing about from a workstation. That they expect and put up with daily, but if you get the wrong admin, bum blasted over you invading "his" server, you're fcuked.

besides if you ask around they will just let you in and tell you all you want to know. More than you could learn by looking at some blinking port LEDs at any rate.

  No.2175

>>2173
What theif is willing to do that? They shoot someone, they're risking life in prison.

Also, if I'm not there, the point is moot.

  No.2195

>>2175
>they shoot someone, they're risking life in prison

Do you really believe that police is flawless, that they will "serve and protect" you always?

  No.2197

>>2195
I said risk. Murderers get way more resources put into catching them. Not to mention most thieves don't want to kill anyone.

  No.2208

>>2173
>a thief can force you to open a safe at gunpoint
What thief is going to break in while you're there to get into a safe? If they want to get into a safe that they know is there it would be safer for them to observe you for a while, break in while you're at work, and bring a pry bar or angle grinder with a cutting wheel to open your safe (both of which are sufficient for the vast majority of safes that people have). You are also forgetting that concealed storage of items generally runs into problems with lack of storage space which results in you not being able to protect as much from a smash and grab burglar who wouldn't have tools to get into a safe.

  No.2210

>>2175
>>2197
>What theif is willing to do that?
Addictions do amazing things to the human brain and people will do anything to satisfy them. The new thing around here is criminals taking you to an ATM in the middle of the night and forcing you to empty your account. This has actually happened several times in my community. This is a different kind of person than the one who breaks into your shed or your car when they think no one is around.

  No.2211

>>2210
so you're telling me I should be afraid of shitty theives. I suppose I should, but then again, if such a shitty thief breaks in, points a gun at you, and tells you to give them all your valuables, if you hide them that doesn't help much.

Anyway, security is about prevention, not mitigation. If the FBI breaks into your house and tortures you to give up your key, either steganographic or cryptographic(one hallmark of torture is they keep going even if they think they have everything they need), no amount of clever security will protect you.



Change of topic: anyone know of a good way to get into lockpicking? Do you need fancy tools? How much to they go for? Are guides any good or is it best to learn by trial and error?

  No.2212

>>2211
You've been arguing with different people by the way. I was only emphasizing the point that yes, there are people who will hurt you, threaten to kill you, or actually kill you for your belongings but it's almost always because they are craving some fix.

  No.2213

>>2212
>You've been arguing with different people by the way.

Oh, I always am.

  No.2214

>>2213
There's medication for that. It's been known to quiet the voices, Lain.

  No.2223

>>2211
bumperino

  No.2224

>>2223
You must be new here. Lainchan is a slow site and there were only 2 threads higher than this one on this board before you bumped it. Please refrain from bumping threads without contributing.

  No.2225

>>2170
I was a Jr Infosec Admin in a past, stressful, painful life.

Yes, physical locks can be flimsy aaand I just saw the picture. Tbh it looks like a timed magnetic lock + shitty door lock.

I don't know what uni has such shit locks on their server rooms. We had keypad + badge readers with the doors mag-locked.

Yeah, judging by their physical security fail, they've probably got 0 cameras, but still something I wouldn't fuck with.

Sometimes smart people do dumb shit because they don't have it in them to not sacrifice anything in the name of best practice o r they don't have funding or other reasons.

Then again, there are just some dumb motherfuckers in infosec that are attracted be the "hacker allure." Trust me. My university graduated some people in our Computer Science - Info Security focus bachelors and masters who are literally job security for the rest of us. Great at school, terrible at applying said knowledge.

IMHO, physical security super damn important. Yes, it's a pain in the ass to unlock racks, man traps, blah blah blah, but if you're protecting important information, you simply cannot afford to neglect the fact that digital security can be sometimes circumvented (and forensically analyzed) with physical access if someone RIPS THE UNIT FROM THE RACK AND TAKES IT HOME.

>>2211
Toool's $25 pick set is great to get into it. Tbh, I use mine all the time. Check out your local infosec cons. They usually have a physical/lockpicking table/village.

>>2224
yeah, I'm honestly glad it is though. There's waaaaaay less toxicity and skid shit here than there is on other forums.
>how 2 maek keylogger or virus
>FUD RAT
>post dox

  No.2333

File: 1478556646143-0.png (16.25 KB, 200x163, clippy_paper.jpg)

If you're concerned about lock-picks or break-ins. Get a Segal lock with a Medeco cylinder, metal door with concrete fill-in, a solid metal doorjamb built into the surrounding structure with a built in strike plate.

They can still get in with a hydraulic jack, but you'd hear that from a mile away. Or just break through the wall.

Possibly, just don't store high-profile shit in your house?


  No.3939

>>2357
Should probably just post the pdf, lain

  No.3940

>>3939
65.6 Megabytes, darling. File limit is 25.

  No.4115

>>2175
>What theif is willing to do that? They shoot someone, they're risking life in prison.

Are you serious? Criminals are unstable individuals who leave their house prepared to commit extreme violence upon people in order to get what they want. Do not call their bluff; they will see it as a challenge and feel like they have to shoot you in order to save face.

  No.4440

>>4115
lol, you've clearly never met a criminal.

  No.4446

>>4440
Or he met one and never realized it because they aren't all deranged violent killers

  No.4449

>>4440
>>4446
I thought Lain was being sarcastic. At least, I chuckled at that post.

  No.5000

>>2175
Basic rules of thumb when someone points a gun at you:
1. Assume it's real
2. Assume it's loaded
3. Assume they're willing to use it

  No.5003

>>5000
I like ur post number, lain.