[daeken]

It really depends on the implementation. There are a lot of ways this can all be done securely (from magstripes -- ignoring the ease of copying -- to chip cards or NFC with smartphones or ...), but at the end of the day, it comes down to the implementation. With some slightly different choices, Onity's system could've been rock solid, but they dropped the ball.

[samstave]

can you expand on what would have made it rock solid?

[daeken]

Well, from what I know of its failures:

- Use an industry-standard (for the time) crypto algorithm for cards, and use the biggest key size possible. As it stands, they use a (horrible) proprietary algorithm and 32-bit keys.

- Make the lock know which door it's actually for and encode a list of acceptable lists along with the code key values on the card. This prevents a card from one door from opening another door. Not a huge security issue, but it happens more often than you'd think.

- Use secure, authenticated protocols for programming the lock. This is really the critical part; unauthenticated, raw memory reads/writes are just not OK.

[kamaal]

You were planning to do a Reddit AMA on reversing in General.

Did that ever happen? Have you written anything on that?

[daeken]

I did indeed -- http://www.reddit.com/r/IAmA/comments/yeiac/iama_reverse_eng...

It went better than I could've ever imagined; it was topping the front page for a while! Seriously awesome experience.

[wglb]

And I thought it went very well--it answered all the questions that I was going to ask you via email.

Thanks for doing it.