TRACcess
For years our company used to use special keys (the kind that had
`
do not copy' engraved on them) to control who had access to
our remote cellphone radio rooms. This got very impractical very
quickly as keys got lost, contractors had to go through all sorts
of trouble to obtain keys and we often needed keys for not only the
radio room, but the rooftop door or a fence etc, etc.
About 5 years ago we invested literally a few million dollars in an
electronic system developed by General Electric. Everyone now has a
little electronic
key that takes a four digit pin code. We can then issue new
door codes to these keys every week and every keys' history is
transmitted back to us every week. Basically we can now log the
exact time every door opened and who opened it. So far so
good.
This week one of our contractors had left his key at home and
called me in a big panic because he needed to access one of our
sites to fix something. I said I would see what I could do and
scrounged around to see if I could get a temporary key for him.
When I called him back he had already entered the site. I asked him
how he did it and he explained that these locks are very simple to
circumvent.
As it turns out all you need to do to open one of these is measure
what voltage is sent to the two metal pins when you enter a correct
code, and use any kind of battery that sends the same voltage. I am
no electrical engineer but I know you can buy resistors and such
things at Radio Shack that will reduce 9v down to whatever this key
needs.
When I told my boss this he laughed his ass off. When I asked one
of our engineers about this seemingly incredible design flaw he
also laughed and said
"yeah, that seems about right".