ACTA/DoorAccess

From Technologia Incognita
Jump to: navigation, search

Introduction; TLDR

Techinc has two doors that provide access to the space. One of them is available for members to get into via the use of an RFID-fob + Pin combination.

Both doors can be (also) opened by a key from the outside. The board and UR possess keys for these locks for emergency-purposes only.

History

Techinc has moved into the ACTA building managed by Urban Resort where entry into the building is provided by an RFID fob supplied by Urban Resort. For a while, members required having to use a FOB on the ACTA door, and a KEY on the space-door to get into the space. For this reason, work was put into producing a fully electronic method of access to the space, using the already-required RFID fobs instead of a key. Until 2021, the keys that were given out to members in the past were still able to open the door-lock, but a malfunctioning lock at the end of April 2021 required replacement of the lock by a new one. It is unclear how many keys were in circulation officially, how many copies had been made by members privately. Estimations are that less than 20 keys were in the possession of members, with a greater number either lost or in the possession of people who were no longer a member. Plans for replacing the door-lock had been in the making since 2018, but were never actioned upon until the malfunction in 2021 required it.

Considerations

Why is access-control such a hard thing to do, using (only) physical keys ? Why are RFID fobs a solution to some problems, but present problems of their own ? Keep on reading.

In 2018 (see above), there had been multiple discussions regarding the safety/security of the space. There was documented evidence of theft from the space. In at least one case, this involved money being taken from the 'cash-box'. A number of measures have been taken to prevent further damage to the association by installing a 'safety-box' that provides a secure way to store money. It was not clear at that point if the theft was by a member, or an ex-member-with-a-key.

While the safety-box prevented further money from going missing, it was also clear that there was a much larger 'elephant in the room' in the shape of the countless keys that were in circulation, a lot of which in the possession of ex-members. Not to mention the fact that keys can be duplicated, so there is no way of knowing how many are in circulation at any amount of time. Nor is there any way to revoke access-rights to an ex-member in any meaningful way. This, together with the evidence of theft, made it clear that replacement of the front-door lock was needed.

Of course, we could buy a new lock and issue new keys to all our current members requiring one, but it is clear from the story above just what that would lead to, again.

Since we have to use RFID-fobs to enter the ACTA building, this is an access-token which is largely 'unavoidable', unless you count sneaking into the building as valid solution. As such, it makes all kinds of sense to use the RFID-fobs also as the only way to enter the space-door. There are some comments to be made on this however:

- FOBS can be lost, just like keys - FOBS can be duplicated, (mostly) just like keys - FOB-readers (or the software behind it) can be used to track.

These two considerations are worth looking into in more detail.

Lost fobs

A fob that gets lost is just as susceptible to being used to enter a building as a lost key might be, unless extra care is taken to prevent this from being possible. For this reason, TechInc's door requires both a FOB and a PIN to open it. This prevents anyone from using a found fob.

Duplicated fobs

A fob can be duplicated. The process requires some skill to pull off, but chinese-made cloning hardware makes this relatively painless for those who know how. Essentially, if you OWN a fob, you can duplicate it and have it work on the door, using the same PIN as required for the original fob. This last bit is important to note as it requires: - The original FOB-owner needs to share the PIN for the fob. - The FOB can be disabled, invalidating access to both copies simultaneously.

The above makes duplicating a fob a much less useful tactic. An 'evil maid' attack on the fob will only give you the physical artifact required , not the PIN to complete the access-artifacts needed to authenticate succesfully.

Electronic means Software means Logs

The doorbot hardware and software has been designed to not keep a log on the device, nor send one out to any external logging service, by default. This was and is an intentional design-decision. If you do not keep logs, they cannot be stolen, leaked, or requested to be given to authorities with-or-without a suitable warrant.

Note however, that the doorbot DOES report the number of the fob that is used on the door, if one is logged in to the ADMIN-console via SSH. This feature is present to be able to identify a fob when it is held in front of the reader so as to be able to check if it is working, as well as to validate it has been entered with the proper (fob-)ID into the Doorbot AND into the space's member-administration (kept elsewhere).

The doorbot does not know who a certain fob belongs to. It can only validate whether: - A known fob was used - If that fob is granted access (at all) - If that fob has the correct PIN supplied

Much the same is true (apart from the PIN) for the fob-reader on the door at UR. They know if the fob is considered active, and if it was supplied to TechInc to be given out to a new member.

Conclusion

While the danger/risk access-logs is present with the use of RFID-enabled access-control, this issue can be addressed with careful software/systems-design. Effort has gone at doing so in the TechInc implementation. The other side of the medal is that by providing access to the space to our members ONLY via an RFID Fob, we are able to retract access to people who (no longer) have legitimate reason to be allowed access to the space. This provides: - Incentive to pay membership dues (ex-members can, and likely have, used the space as a tool-loan space upon occasion) - Assurance that any theft is an internal (only) issue (it decreases the size of the haystack of where to look, what options are available to mitigate further damage) - A single access-token for both doors (front + spacedoor)

2021-may: vandalism

On the 12th of may, 2021, it was discovered that somebody had vandalized the lock to the space-door by using super-glue on it. Work has gone into trying to salvaging the lock through using acetone (dissolving) and a blow-torch (burning), but it has remained stuck, requiring replacement. Total cost (together with the previous lock which had just been installed) will be in the order of 60-90 euros in total.

The motive behind it is unclear. Info is welcome. Techinc has asked UR to assist in this matter. Pictures of the lock, as found:

Of note are the droplets of glue dripping out at the back which are not present on the front of the lock. Instead , whoever did this, went through the trouble of wiping or scraping it off to make it less obvious what had been done.

After the lock was taken out, clearly visible on the inside of the lock that it is free of glue. Since there was glue in both keyholes and nothing in the middle of the lock, the glue must have been applied on both sides (outside, and inside the space).

Lock after taken out