Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The Risks of Key Photographs
#1
For most purposes and intents, keys are immutable security devices. You cannot lend a key to a friend, then log in and change it like you may a password.

A key is a token that, through its physical characteristics, is made to enter a lock and allow it to open. If you want to use a different key, you may have to disassemble the lock to the point where you add additional pins.

For this reason, you should protect your keys. Imagine taking your passwords, throwing them onto a keyring, and laying them on the bar. Or at the counter of a gas station.

Through this site, I would like to see awareness spread about leaving keys where they are visible. If you decide to share a key of your own in a thread, feel free -- however you should treat that key as compromised, as well as the locks it goes to.

Cases of Key Photography
There have been several documented cases of key photographs causing some major headaches. Lets take Diebold for example. Some time ago, they had posted a purchase page for keys that would open voting machines. To further the impact, all of the voting machines within that model used the exact same key and bitting. The photo below is of their website -- and it actually led to key compromise:

[Image: diebold.jpg]


Next up -- we have the beloved Transportation Security Agency (TSA). To prevent locks from being cut off, and while offering travelers some semblance of security -- Travel Sentry and the TSA came out with a series of keys and locks that TSA agents could use to inspect your bag without damaging the lock. These are pretty easy to identify by the diamond logo on these locks.

The Washington Post decided to do a story, where they posted a photograph of not one... but ALL of the TSA keys:


[Image: tsa.jpg]



It didn't take long before nice and clear images became available, and of course 3D printer files so you can make your own at home.

BTW: Just about any lock you come across uses TSA007...

The takeaway here being -- if you're going to share photos of your keys, do so on this site, and do so knowing that the key will probably be decoded and maybe even copied. Don't leave your keys out. People rarely need to snatch them to get copies. Everybody has a camera in their pocket.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)