Keyless entry...........

---snip---

tricks and procedures

professionals. I'm

there are already private groups like TNL and Clearstar for this purpose. discussing tricks and procedures on this open forum could be interpreted as discussing defeating instructions.

I'll pass..

I don't know. I started to give the same response but maybe he or she means business tips and techniques like how to avoid fraudulent chargebacks for example.

for

be

maybe he or she means

chargebacks for

maybe thats what he meant ?

I believe the FAQ has our standard comments on this topic. If not, they should be added.

My personal opinion remains that there are some topics which should be discussed in guarded terms in a public list, and some which should not be discussed at all. As noted, there are somewhat more secure discussion areas where these would be more appropriate. As with locks themselves, the issue is one of "raising the bar" sufficiently that most of the folks who are dumb/lazy enough to risk the law are also dumb/lazy enough not to get past the barrier.

By the nature of the net, I can't stop you from violating those guidelines here on the alt-group. But you should expect to be discouraged/flamed repeatedly if you do so, and you shouldn't expect a lot of support from those of us who are serious about the craft.

There are lots of tricks we can share without getting into that space.

BTW, in case it isn't obvious: Discussion of "keyless entry" in the sense of products designed to provide security without keys -- combinations, biometrics, and so on -- isn't a problem. The rule is against discussing techniques for defeating security.

there's nothing wrong with full disclosure. I work in UNIX and network security, full disclosure is good. it helps people understand whats going on, how to patch it, and provides them a good mark to go from to look for other related holes. we don't keep secrets and you don't need to. what comes out on public forums can lead to the compromise of corperate and government networks. however, people like me see it at the same time and it takes much less time to patch than it does to develop a functional exploit. a much larger problem that some criminal spending 10 minutes on someones door with a couple pieces they picked up online when they have a brick in the other hand. infact I see your concern completely negated by the use of force that criminals use. that's like saying teaching marksmanship will lead to increased death in law enforcement. by your standards I don't see why anyone should trust you with this 'highly sensative information'. you've never used it to commit a crime? how do we know? for all I know you're a career criminal. maybe you'll break into my house? I'd hate to have to put you down like a dying animal.

G'day Mark. I really think the MLA would take a dim view of it's members disclosing 'trade confidential' opening techniques on an open 'public' forum. I'm a member of the Locksmith's Guild Of Australia', and we have a dedicated secure members forum on their web site to share all sorts of good info. Haven't MLA got something similar on their site ?. I use to look in on The National Locksmith site and also subscribe to their mag for several years, but not a lot of USA cars / products that are relevant here in Oz. But this newsgroup can still be a great avenue for general trade conversation, as well as a few laughs and stories from time to time. I've been a regular here for the past 5 or 6 years, and I have made some great mates in that time. Cheers Mark.

the 'public' knows how to properly use information, you're not here to babysit them.

There is free and open discussion of computer security problems to a point. The information is out there just as it is for most physical security exploits. However if you go to a public forum, even most hacker or cracker forums and ask specifically how to compromise this or hack that your odds of getting helpful information are not going to be any better than they are here. This is true in spades if your intent is obviously criminal since most hackers, contrary to popular notion, are not and do not want to be associated with criminals. The difference is that there is simply much much more available information on computer security already in public access than there is for physical security. It's more widely discussed, by far more professionals, since there are far more computer professionals than locksmiths, and it's simply easier to find.

The best explanation which has been given here which I have seen why not to freely give out defeating information is to simply set the bar high enough to disscourage those who are too lazy to put forth any real effort. There is a direct parallel in computer security. Perhaps if exploits were a bit harder to obtain my firewalls wouldn't log dozens of attempted intrusions by script kiddies with no understanding of the true workings of the exploit they are trying to put to use. They have simply downloaded somebody elses code from somewhere and haven't the remotest concept of how it works. The classic example are those blindly trying to trigger a trojan on machines where they have no reason to believe the relevant code even resides.

With either computer security or physical security the downside of course is that the public remains largely uniformed and weak designs remain on the market. The 10 cut Ford which has been mentioned here of late is a great example. There is NO excuse for the use of a lock that weak in that application, especially when it's weakness happens to be to the first thing even a completely ignorant car thief would just happen to try. It is essentially a defect and should have been recalled. If you have a car with that ignition I would seriously recomend a kill switch. Preferable wired to open the ignition or fuel injection circuit and leave the starter working to confuse the thief as much as possible about why the car won't start. Openess is no gaurantee either that the public will make itself informed. How many computer intrusions occur because the systems owner or administrator has failed to patch a known vulnerability? I'm willing to bet that 90+% of such intrusions are by those who would never have figured out the exploit on there own and usually don't really understand how it works when it's handed to them.

-snip-

There are very few 'trade confidential' opening techniques anymore. They are virtually all available to the public via one chanel or another albeit often not for free which is the main limiting factor for those unwilling to invest time or cash. That doesn't mean that they should be handed out for free to anyone who happens to ask though. Make them work or at least pay for the knowledge.

I guess this is why billions a year are not lost to cyber crime and hacker mischief. Myself I worry about some punk learning to defeat a cheap lock and depriving another kid from his bicycle or something simular.

Locksmithing has ethics, computer programming has something else.

for

could be

and

understand

mark to

secrets and

lead to the

time to

door

a brick

negated by

teaching

enforcement.

with this

commit a

criminal.

you down

here we go again. this is already answered in the Faq

Will people on this newsgroup give me information about picking locks, etc.? Yes and No. These is a serious debate, based on serious principles. Most experienced people here are quite willing to discuss the basics of lock construction and operation. Few (if any) are willing to give specific answers regarding opening a particular lock or safe - without knowing the asker or having other evidence that the inquiry is legitimate. Another balancing act regards the general effect of information. As Joe K. put it succinctly, "On one side there are the idealists who believe that even weak security should not be further compromised without good reason; on the other there are those who believe that weak locks should be forced out of the market. There's never going to be agreement here... can we just agree that reasonable people can disagree, and have done with it?" People have contrasted locksmithing "security by obscurity" with practice in the software arena (in which it has generally been considered to be misguided and therefore be bad for society.) Exposing flaws as a social good breaks down when there are hundreds of thousands of current owners of the product who don't know that the flaw has been exposed. Even if they find out, there is another big difference. This is the cost of correcting the flaw (upgrading.) Installing the patches on your copy of software takes a bit of effort, but you don't have to throw out and purchase a new physical product (such as a lock.) The manufacturer of the lock is pretty certain not to make it available for free. Basically you have to buy a new item and have it replaced, and this adversly impacts users, many of whom do not have the budget to correct the flaw. Therefore publishing the security flaw costs users *much* more for a lock than for a piece of software. And the fact is that a nominally flawed product _does_ provide adequate security against the unmotivated and ignorant who are the primary folks attacking physical security systems (as opposed to the motivated and clueful who attack electronic security and can do it from a distance without physical presence).

bullshit, full disclosure.

the admins that get rooted had it comming, they didn't do their job. and of course comp sec is much more fluid than physical security.

it's not lost, the money is used to put up better protection and hire people that know what the f*ck they're doing. there are alot of lazy people that wont even patch.or whole countries like japan. that's beside the point. full disclosure does not increase attacks. it will become public eventually and at that point the people that haven't patched when it became known still aren't patched.

so you don't want to give out information because of the cost of replacement? I would that that would be good for you, not bad. Everyone is aware that people can pick locks, just as aware as they are that peole can also throw things through your windows. this is not a large concern because it doens't happen that often, people have alarm systems, and guns. telling someone how to launch something through a window and unlock the door or window from the inside will increase burglaries and theift just as much as disclosing defeating information.

new

Clearstar

UNIX

people

good

someones

have

completely

saying

you

to

put

about

quite

regarding

asker

of

are

there

the

we

with

for

of

and

for

have

(as

cost of

bad.

aware as they

this is

people

launch something

inside will

defeating

faqs are faqs !

Hey kid, I think your nappy needs a change.

Listen fugi, in REAL LIFE, (not the I.T. world), the securing of real property comes down to $$$. Just what type and brand of locks do YOU have on your doors at home EH !, I'd really love to know. Bet they are bloody cheap Kwiksets or some crappy Chinese knock off. The vast majority of people won't pay thousands of dollars on high security locks for their homes, and in general the corporate word also, unless they are 'the big end' of town or a Government Dept. Hell, most people cringe when you charge them $120.00 to install a good quality deadbolt on their front door. In the real world there has to be a little bit of 'security through obscurity / secrecy' if only to help protect people that don't have the funds to go all out on expensive high tech stuff, I'm sure you can understand these basic principals, and if not, you need to get back in touch with reality.