01-22-2024, 10:44 AM
Tobias on Locks and Insecurity Engineering
English | 2024 | ISBN: 1119828252 | 722 pages | True PDF | 23.51 MB
Locks and keys, in various forms, have been employed to protect people, places, information, and assets for the thousands of years. And just as long as there have been locks, there have been people who want to open them without the key or combination. While improvements in lock design, metallurgy, integration of electronics in locks, and other advances should make locks more reliable, the truth is that for a persistent attacker, locks are just as vulnerable as ever and in some cases, even more so. This book examines the multitude of ways that locks are built and designed. More importantly, it then looks at the even greater variety of ways that lock pickers and hackers have found to open locks. Copying a key no longer takes a complex grinder and instead can be done with an easily available 3D printer. If you don't know the digital code to open a lock, what happens to it when you attack it with RF or an EMP generator? And has the designer of the tubular lock your company is spending millions to promote compared the size of the locking mechanism to an off the shelf ball point pen? The book compiles the knowledge Marc Tobias accumulated when he started breaking things at the age of five years. He has since made a career of discovering and exploiting security and related legal vulnerabilities in locks, safes, and security systems. The business of locks is complex and involves liability and compliance issues as well as engineering requirements. This book analyzes different basic lock designs and presents many case examples of often-catastrophic design failures that in some instances resulted in death and property destruction, or compromise of critical information, and millions of dollars in damages. "Tobias on Locks and Insecurity Engineering" is written for design engineers, security and IT professionals, risk managers, government services, law enforcement and intelligence agencies, crime labs, criminal investigators, and lawyers. Even for these professionals, there is a lack of understanding of how to evaluate locks in terms of specific security requirements. Relying upon industry standards does little to define what security means and how to defeat it when considering forced entry, covert entry, and key-control issues. The reader will gain an in depth insight into lock designs and technology and how to better assess whether specific solutions will meet security requirements for their needs. The author presents detailed information that can help prevent manufacturers from producing locks that are insecure, and assist risk management personnel in reviewing current or proposed systems. For risk management, criminal investigators and crime laboratories, the information provides a roadmap as to how locks and security systems can be or may have been compromised by criminals or rogue employees.