Re: [88attendees] elevator security theater

Ted Lemon <mellon@fugue.com> Sat, 16 November 2013 13:46 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: 88attendees@ietfa.amsl.com
Delivered-To: 88attendees@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CB4F11E8118 for <88attendees@ietfa.amsl.com>; Sat, 16 Nov 2013 05:46:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.824
X-Spam-Level:
X-Spam-Status: No, score=-1.824 tagged_above=-999 required=5 tests=[AWL=0.775, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z7O6YAMpS12y for <88attendees@ietfa.amsl.com>; Sat, 16 Nov 2013 05:46:36 -0800 (PST)
Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by ietfa.amsl.com (Postfix) with ESMTP id B94E111E80EC for <88attendees@ietf.org>; Sat, 16 Nov 2013 05:46:36 -0800 (PST)
Received: from [10.0.10.40] (c-174-62-147-182.hsd1.nh.comcast.net [174.62.147.182]) by toccata.fugue.com (Postfix) with ESMTPSA id A33BD23805A5; Sat, 16 Nov 2013 08:46:35 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1822\))
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <20131116131807.GE25947@x28.adm.denic.de>
Date: Sat, 16 Nov 2013 08:46:33 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <EB216995-2666-43F0-B171-36AC54049CB6@fugue.com>
References: <ho26bf7o.8t9ohlwxci3u@login5-be.medallia.com> <9CC8BA35-DAAF-4090-AD9E-69117B775B53@fugue.com> <20131116100946.GD25947@x28.adm.denic.de> <95B5FEA1-E170-4829-BFB2-F760E4BDA3B5@fugue.com> <20131116131807.GE25947@x28.adm.denic.de>
To: Peter Koch <pk@DENIC.DE>
X-Mailer: Apple Mail (2.1822)
Cc: 88attendees@ietf.org
Subject: Re: [88attendees] elevator security theater
X-BeenThere: 88attendees@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Mailing list of IETF 88 attendees that have opted in to the list." <88attendees.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/88attendees>, <mailto:88attendees-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/88attendees>
List-Post: <mailto:88attendees@ietf.org>
List-Help: <mailto:88attendees-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/88attendees>, <mailto:88attendees-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Nov 2013 13:46:42 -0000

On Nov 16, 2013, at 8:18 AM, Peter Koch <pk@DENIC.DE> wrote:
> that might actually be useful, at least for the good feeling.
> Allowing the target floor only, or making it the default,
> both reduce the search space for somebody who "finds" the key card.

The last hotel we stayed in that did this, IIRC, would let you go to any floor once you'd used the key card, and that sounds like what the person from Hyatt was proposing as well.   So yes, they are watching you with an unblinking eye, but no, the pickpocket who got your room key will not have a reduced search space.   OTOH, RFID keys make searching a floor for the room the key matches a lot easier.   Is this a real risk, or are we engineers with too much time on a Saturday morning/afternoon?