Hacker News new | ask | show | jobs
by roenxi 3343 days ago
Furious agreement that locks aren't a great analogy. I'd hazard that for most organisations locks are actually to remove temptation from employees; and the quality of the lock is largely irrelevant.

A lock is only as good at stopping someone entering as the windows and doors are resistant to being removed. The advantages to locking something are: * There is evidence that the door was forced after the event * Very clear signaling of who is and isn't supposed to have access to a room.

Unless serious money is spent, I would expect that locks are delaying access by a matter of maybe up to hours. If IT security were that poor, the world would look different. A better analogy would be spending the money on security guards.
1 comments
gozur88 3343 days ago
I locked myself out of the house one day and called a locksmith. It took him less than thirty seconds to pick the lock on my front door.

You're right about the signaling aspect, though. You can't very well pretend you didn't know you were supposed to be in a room if you had to get past a locked door to get in.

link
closeparen 3343 days ago
Except when organizations decide it would be too much of a security risk to give every authorized person keys/cards, or doesn't do so in a timely manner. Then the one designated key-holder is too busy/important to personally let everyone in, so the "secure" door gets propped open and/or opened in response to a knock from anyone, authorized or not. When low-level but authorized staff need access to further secure spaces, they start by tracking down someone with higher access privileges to borrow a card from. People with high-privileged access then start to reflexively toss their credentials to anyone who asks, because most of the time the request is necessary.

Super common with event venues during rehearsals and preparation (below the level of production value where there's a security desk checking IDs).

link
RyJones 3343 days ago
My locksmith didn't pick my lock. He asked if I wanted a show of lock picking or my door open. I said open. He turned the doorknob, held it on the stop, leaned on the door, slid in a thin plastic shim, and turned the doorknob the rest of the way.

Impressive!

link