As many of you know Matt Blaze a professor at Pennsylvania University has published an article that reveals proprietary techniques of safe penetration. It was featured on well known hacker website recently, and it came to our attention on Saturday. It includes information normally reserved to the trade, for good reasons that need not be discussed here.
The article is available to the general public without any restrictions whatsoever. We as professionals in the security field are outraged and concerned with the damage that the spread of this sensitive information will cause to security and to our profession. We know many of you will be too.
There are steps being taken to deal with this through proper channels, but we need your help and support. We doubt that his university would appreciate their resources being used for this kind of activity, but they may not be aware of it or of the negative impact that his so called work has on our industry. With concern for homeland security so important, we belive that your voice will be heard.
Attempts to reason with Blaze have been a failure in the past, he is the same joker who wrote about Master Keyed locks in the "New York Times" last year.
Blaze's boss is Chairman Fernando Pereira. Email: PERE...@CIS.UPENN.EDU His boss's boss is Dean Eduardo D. Glandt. Email: egla...@seas.upenn.edu The President of the University is Amy Gutman. Email: pres...@pobox.upenn.edu
These people need to hear from you. Tell them what you think polietly and firmly in your own words. Explain that you are a security professional and that your job is made harder by this sort of thing, and that security will suffer.
Also, very important. The article has photographs that may not belong to Blaze because they appear to be commercial. If anyone has information on the copyrights of any of these photos please let us know so we can let the copyright holders know how their property is being used possibly illegally and without their permission.
Forward this not as you see fit to others in the profession.
the_loc...@yahoo.com wrote: > Forwarded from the NYC-LOCKS list:
that's some good material, and great pictures to accompany it. I sent a couple emails praising the high quality of his work. thanks for the link.
-- Anyone who becomes master of a city accustomed to freedom and does not destroy it may expect to be destroyed by it; for such a city may always justify rebellion in the name of liberty and its ancient institutions. -Niccolo Machiavelli
> the_loc...@yahoo.com wrote: >> Forwarded from the NYC-LOCKS list:
> that's some good material, and great pictures to accompany > it. I > sent a couple emails praising the high quality of his > work. thanks > for the link.
The real problem is that people like Blaze are in positions of trust in society. Then he abuse it by publishing trade secrets in the name of research.
When they do things like this and get away with it it gives other peoples like him the idea that this is OK. We have to nip it in the bud or soon there will be no security left after these intellectuals get through with us. Ed "Lockie" NYC Locksmith, retired Real World Security Professional
The only thing about the article that could really be called a trade secret would be the section on manipulation. The only thing that stopped that so called secret from getting out before was the price tag on the books that cover it.
> The only thing about the article that could really be > called a trade > secret would be the section on manipulation. The only > thing that > stopped that so called secret from getting out before was > the price tag > on the books that cover it.
and a person with no security ethics named matt :-)
'Key <K...@ya.net> wrote: > "fugi" <f...@ultra.bl.org> wrote in message > news:crbv8r$nva$3@news.corenap.com... > > the_loc...@yahoo.com wrote: > >> Forwarded from the NYC-LOCKS list:
> > that's some good material, and great pictures to accompany > > it. I > > sent a couple emails praising the high quality of his > > work. thanks > > for the link.
> surly you're not in the profession ! > my2? > -- > "Key"
the free distribution of knowledge is essential to the development of the subject. don't think of yourself as a gatekeeper to the information that nobody but those in your circle have. it'll get you as far as the Maginot line got the French in WWII. those who only have a purely defensive stance will always fall to the offensive.
-- Anyone who becomes master of a city accustomed to freedom and does not destroy it may expect to be destroyed by it; for such a city may always justify rebellion in the name of liberty and its ancient institutions. -Niccolo Machiavelli
> 'Key <K...@ya.net> wrote: >> "fugi" <f...@ultra.bl.org> wrote in message >> news:crbv8r$nva$3@news.corenap.com... >> > the_loc...@yahoo.com wrote: >> >> Forwarded from the NYC-LOCKS list:
>> > that's some good material, and great pictures to >> > accompany >> > it. I >> > sent a couple emails praising the high quality of his >> > work. thanks >> > for the link.
>> surly you're not in the profession !
>> my2? >> -- >> "Key"
> the free distribution of knowledge is essential to the > development > of the subject. don't think of yourself as a gatekeeper to > the > information that nobody but those in your circle have.
just as I thought, you're definatly not in the physical security profession !
> it'll get you as far as the Maginot line got the French in > WWII. those who > only have a purely defensive stance will always fall to > the offensive.
disagree.. Ethics is a word you should learn a little about.
> >> > that's some good material, and great pictures to > >> > accompany > >> > it. I > >> > sent a couple emails praising the high quality of his > >> > work. thanks > >> > for the link.
> >> surly you're not in the profession !
> >> my2? > >> -- > >> "Key"
> > the free distribution of knowledge is essential to the > > development > > of the subject. don't think of yourself as a gatekeeper to > > the > > information that nobody but those in your circle have. > just as I thought, > you're definatly not in the physical security profession ! > > it'll get you as far as the Maginot line got the French in > > WWII. those who > > only have a purely defensive stance will always fall to > > the offensive. > disagree.. > Ethics is a word you should learn a little about. > -- > "Key"
what do you disagree with, the fact that the french fell to the germans? or the fact that they fell from fighting a defensive war?
-- Anyone who becomes master of a city accustomed to freedom and does not destroy it may expect to be destroyed by it; for such a city may always justify rebellion in the name of liberty and its ancient institutions. -Niccolo Machiavelli
Welcome to the land of the real. What Blaze has written about in his paper is AFAIK deducible from the locks themselves and therefore cannot be described as "proprietary information". If there are some parts that are very sensitive, let's talk about these and how publication of these facts hurts the lock industry or puts people's security at risk. Most crooks use rather blunt techniques (angle grinders, drills, torches) to open safes, so where's the problem?
Hats off to Blaze, it's about time that some serious Comp Sci/algorithmic work was applied to determine how secure the locks are that most people take for granted. The lock industry and the public stand to benefit from this scrutiny of the product range.
> As many of you know Matt Blaze a professor at Pennsylvania > University has published an article that reveals proprietary > techniques of safe penetration. It was featured on well known > hacker website recently, and it came to our attention on Saturday. > It includes information normally reserved to the trade, for good > reasons that need not be discussed here.
> The article is available to the general public without any > restrictions whatsoever. We as professionals in the security > field are outraged and concerned with the damage that the > spread of this sensitive information will cause to security > and to our profession. We know many of you will be too.
> There are steps being taken to deal with this through proper > channels, but we need your help and support. We doubt that > his university would appreciate their resources being used for this > kind of activity, but they may not be aware of it or of the negative > impact that his so called work has on our industry. With concern for > homeland security so important, we belive that your voice will be > heard.
> Attempts to reason with Blaze have been a failure in the > past, he is the same joker who wrote about Master Keyed locks > in the "New York Times" last year.
> Blaze's boss is Chairman Fernando Pereira. > Email: PERE...@CIS.UPENN.EDU > His boss's boss is Dean Eduardo D. Glandt. > Email: egla...@seas.upenn.edu > The President of the University is Amy Gutman. > Email: pres...@pobox.upenn.edu
> These people need to hear from you. Tell them what > you think polietly and firmly in your own words. Explain > that you are a security professional and that your job > is made harder by this sort of thing, and that security > will suffer.
> Also, very important. The article has photographs that may > not belong to Blaze because they appear to be commercial. > If anyone has information on the copyrights of any of these photos > please let us know so we can let the copyright holders know how > their property is being used possibly illegally and without their > permission.
> Forward this not as you see fit to others in the profession.
> Thank you for your Attention. > /////
> Forwarded by Ed "Lockie" > NYC Locksmith, Retired
>> >> > that's some good material, and great pictures to >> >> > accompany >> >> > it. I >> >> > sent a couple emails praising the high quality of >> >> > his >> >> > work. thanks >> >> > for the link.
>> >> surly you're not in the profession !
>> >> my2? >> >> -- >> >> "Key"
>> > the free distribution of knowledge is essential to the >> > development >> > of the subject. don't think of yourself as a gatekeeper >> > to >> > the >> > information that nobody but those in your circle have.
>> just as I thought, >> you're definatly not in the physical security profession >> !
>> > it'll get you as far as the Maginot line got the French >> > in >> > WWII. those who >> > only have a purely defensive stance will always fall to >> > the offensive.
>> disagree.. >> Ethics is a word you should learn a little about.
>> -- >> "Key"
> what do you disagree with, the fact that the french fell > to the > germans? or the fact that they fell from fighting a > defensive war?
I disagree with "a purely defensive stance will always fall to the offensive" as it applies to the subject.
the_loc...@yahoo.com wrote: > The real problem is that people like Blaze are in positions of trust in > society. Then he abuse it by publishing trade secrets in the name > of research.
> When they do things like this and get away with it it gives other > peoples like him the idea that this is OK. We have to nip it in the > bud or soon there will be no security left after these intellectuals > get through with us. > Ed "Lockie" > NYC Locksmith, retired > Real World Security Professional
I think you meant to say:
We have to nip it in the bud or soon there will be no __APPEARANCE_OF__ security left
This is so silly on so many levels. You sell a product that has known deficiencies so that you can break in when you need to. Then you act like it's a big deal when someone talks about it! On top of that you act like it's a matter of national security when, in fact, it changes nothing.
It does not take a brain surgeon to figure out that anyone can buy a safe, disassemble it and figure out it's weaknesses. The fact that every single copy of model X is built the same way is planned insecurity. Now THAT's a crime. That they are sold as secure when they are not is a crime.
If you want to get Blaze to protect your job, that's understandable. To villify him for openly discussing what is known within the industry to be common shortcomings is shear hypocrisy.
I'm still waiting for SCHLAGE to notify folks that it's recalling their defective entry locks. Wait, they can't so that without disclosing that they are insecure, so only the locksmiths and burglers know.
I must be in a foul mood, because I've seen 5 holier-than-thou posts in the last hour. If anyone should be proescuted for lessening the national security it's the companies that sell insecure locks and safes without warning their customers that they are vulnerable.
> >> >> > that's some good material, and great pictures to > >> >> > accompany > >> >> > it. I > >> >> > sent a couple emails praising the high quality of > >> >> > his > >> >> > work. thanks > >> >> > for the link.
> >> >> surly you're not in the profession !
> >> >> my2? > >> >> -- > >> >> "Key"
> >> > the free distribution of knowledge is essential to the > >> > development > >> > of the subject. don't think of yourself as a gatekeeper > >> > to > >> > the > >> > information that nobody but those in your circle have.
> >> just as I thought, > >> you're definatly not in the physical security profession > >> !
> >> > it'll get you as far as the Maginot line got the French > >> > in > >> > WWII. those who > >> > only have a purely defensive stance will always fall to > >> > the offensive.
> >> disagree.. > >> Ethics is a word you should learn a little about.
> >> -- > >> "Key"
> > what do you disagree with, the fact that the french fell > > to the > > germans? or the fact that they fell from fighting a > > defensive war?
> I disagree with > "a purely defensive stance will always fall to the > offensive" > as it applies to the subject. > do try and keep up > -- > "Key"
many instances in history disprove you. Infact, I'm not aware of a single event that will go along with your argument. then again a locksmith is like any other trade, I'll bet you have the education of a plumber or a construction worker. I guess I shouldn't expect much. carry on.
do try to keep up.
-- Anyone who becomes master of a city accustomed to freedom and does not destroy it may expect to be destroyed by it; for such a city may always justify rebellion in the name of liberty and its ancient institutions. -Niccolo Machiavelli
> >The lock industry and the public stand to benefit from > >this scrutiny of the product range.
> >G. Pulford > the public, is for the most part, not interested... EXCEPT, how > many $$$ is it.. > I can sell a KW, or I can sell a good lock, but why BOTHER > selling the good lock, when you are mounting it on cardboard or > less... > its only as good as the weakest link, and at the MOMENT, house > construction IS the weakest link... > --Shiva--
I see nothing good or bad coming out of this matter concerning Matt Blaze.
This is the information age. This info is out there already. He condensed it into an easier to read format but really nothing said by him is new to locksmiths or anyone who has bothered to take a safe lock apart to see how it works. It's no big deal. Safes have been the same for a very long time. Nothing has really changed in decades. I don't agree with his ethics but that matter is not important in cyberspace.
To try to restrict this un-patanted info from the public domain is pointless because the internet and the modern world we live in is alot different than it was years ago when it was possible to control information like this. The old timers out there should realise that things once reguarded not too long ago as close lipped just aren't the same in this land of cyberspace where the whole world is connected at the touch of a keyboard.
It's pointless to try and control un-patanted secrets anymore. The people in the security industry need to open their eyes and do a better job at securing their trade secrets so people like Matt Blaze who have a little time on their hands don't open up a 40 or 50 year old book on safes, write a paper, and get us all upset that he's spilling trade secrets. We can do this by advancing cheap security items like the standard pin cylinder locks to use as an example into the 21st century and quit relying on the same system that has been around since Yale invented the thing over a hundred years ago. I think the Europeons are ahead of the US concerning this example because they use mostly lever locks which are more difficult to pick and dont cost an arm and a leg for the old lady on SSI.
As far as the cheap Kwikset lock compared to the high dollar Medeco comparision goes, that Kwikset can be improved to the point where it would be almost impossible to pick at an extra production cost of less than one dollar a lock which could easily be passed on to the customer. Remember a size 14 boot will kick in a door no matter what lock it has on it if the door isn't up to par and if the crook cant kick in the door then he'll go through a window or a hole in the roof.
The fact of the matter is the lock manufactuers, Ingersol Rand and Black and Decker being the two largest ones here in the states, dont want to spend a dollar or two more on their locks to improve them. They would rather put out pot metal junk that offers only a since of security. If the public in general only knew what I know, that being the fact that Kwikset and Titan locks are junk, the famous Schlage 'Maximam Security Deadbolt' is pot metal, Yale is no longer up to par, Sentry safes are worthless... If the public only knew the US lock market is having to compete with China junk to the point where they are afraid raising the cost of their Home Depot locks that the average consumer buys by a few dollars in order to increase the locks security may put them out of buisness because the comsumer doesn't know any better...
>From: TheTO...@gmail.com >The only thing about the article that could really be called a trade >secret would be the section on manipulation. The only thing that >stopped that so called secret from getting out before was the price tag >on the books that cover it.
Not really. The manipulation information covered by Blaze has most all been in the public domain and easily available to anyone who bothered to look for at least several decades. I had a surprisingly good book on it when I was 15 or so. Cost was about $10.00 give or take. Drilling information has always been harder (read more expensive) to come by than manipulation info due to the sheer amount of research needed to compile it.
The drilling information Blaze covered isn't specific enough to enable anybody to do the most efficient job on a given box in most cases either.
The article is pretty harmless. Truth be told I could give someone exact instructions how to open a given container and 9 out of 10 people off the street would be unable to carry it out under hostile (i.e. while committing a crime) field conditions. The one that could wouldn't have much trouble getting the info on his or her own even if it meant buying the safe in question to study it.
"fugi" <f...@ultra.bl.org> wrote in message > I'll bet you have the education > of a plumber or a construction worker. I guess I shouldn't expect > much.
No Fungi, we have the edumakation of a Locksmith, which in fact seems to attract snotty superior twits such as yourself, as you are obviously drawn to this lowly 'blue collar' newsgroup, because as usual, all you superior bookworm nerdy types wouldn't know how to change a light globe without having to do a Google search and an MIT study coarse on the subject, then you'd be too scared to climb up on the chair, ha ha. And mate, what's with this rubbish that you seem to think will impress on us, just how 'incredibly superior' you are to us poor lowly tradesmen.
"Anyone who becomes master of a city accustomed to freedom and does not destroy it may expect to be destroyed by it; for such a city may always justify rebellion in the name of liberty and its ancient institutions. -Niccolo Machiavelli"
PLEASE,............. My face burns with embarrassment for you. Someone, anyone, please ... give this guy a wedgie.
>> I'll bet you have the education >> of a plumber or a construction worker. I guess I shouldn't expect >> much.
> No Fungi, we have the edumakation of a Locksmith, which in fact seems to > attract snotty superior twits such as yourself, as you are obviously drawn > to this lowly 'blue collar' newsgroup, because as usual, all you superior > bookworm nerdy types wouldn't know how to change a light globe without > having to do a Google search and an MIT study coarse on the subject, then > you'd be too scared to climb up on the chair, ha ha. And mate, what's with > this rubbish that you seem to think will impress on us, just how > 'incredibly superior' you are to us poor lowly tradesmen.
> "Anyone who becomes master of a city accustomed to freedom and does > not destroy it may expect to be destroyed by it; for such a city > may always justify rebellion in the name of liberty and its ancient > institutions. -Niccolo Machiavelli"
> PLEASE,............. My face burns with embarrassment for you. Someone, > anyone, please ... give this guy a wedgie.
--Shiva-- <no...@abuse.net> wrote: > On Tue, 4 Jan 2005 23:36:10 -0600, you wrote:
>> Remember a >>size 14 boot will kick in a door no matter what lock it has on it if the >>door isn't up to par and if the crook cant kick in the door then he'll go >>through a window or a hole in the roof. > thats what Matt doesnt understand.. that and $$$ that the end > user will pay..
> --Shiva--
If that were a valid excuse you'd never sell a medeco. After all, the glass windows can be shattered.
As long as the lock industry (including locksmiths) continue to sell and service junk that can be wrenched open, pulled apart and otherwise easily defeated, the public will continue to buy it.
Case in point; My relatives thought there was no difference between a kwikset and any other lock until I pointed out the weaknesses. All have upgraded to better locks.
In short, you won't value a quality lock if all the experts hide the shortcomings of a cheap imitation.
> a locksmith is like any other trade, I'll bet you have the education > of a plumber or a construction worker. I guess I shouldn't expect > much. carry on.
You just blew yourself out of the water with that low shot you effete snob.
You're probably too stupid to understand that to become a master at any mechanical trade requires the same kind of intelligence, diagnostic abilities and inquisitive mind needed to become a professional in the fields of law or medicine. To say nothing of the business know-how and common sense needed to put everything on the line and open your own shop.
It's attitudes like your which prevent many a person who'd be excellent for and happy in a trade from starting out in it; because their parents say things like, "What intelligent girl would want to marry a plumber?" and, "You'll never make a good living fixing locks." Those attitudes may in part account for the undesirable number of yutzes at the lower eschelons of most trades, particularly in urban areas, where people who have to use their hands along with their brains get little respect from the yuppies.
I lurk here because when I was an MIT student nearly 50 years ago there wasn't a lock on campus we students couldn't get by without leaving a trace, and it didn't hurt our minds to learn about those kind of things. I like to keep learning.....
>> >> >> > that's some good material, and great pictures to >> >> >> > accompany >> >> >> > it. I >> >> >> > sent a couple emails praising the high quality of >> >> >> > his >> >> >> > work. thanks >> >> >> > for the link.
>> >> >> surly you're not in the profession !
>> >> >> my2? >> >> >> -- >> >> >> "Key"
>> >> > the free distribution of knowledge is essential to >> >> > the >> >> > development >> >> > of the subject. don't think of yourself as a >> >> > gatekeeper >> >> > to >> >> > the >> >> > information that nobody but those in your circle >> >> > have.
>> >> just as I thought, >> >> you're definatly not in the physical security >> >> profession >> >> !
>> >> > it'll get you as far as the Maginot line got the >> >> > French >> >> > in >> >> > WWII. those who >> >> > only have a purely defensive stance will always fall >> >> > to >> >> > the offensive.
>> >> disagree.. >> >> Ethics is a word you should learn a little about.
>> >> -- >> >> "Key"
>> > what do you disagree with, the fact that the french >> > fell >> > to the >> > germans? or the fact that they fell from fighting a >> > defensive war?
>> I disagree with >> "a purely defensive stance will always fall to the >> offensive" >> as it applies to the subject.
>> do try and keep up >> -- >> "Key"
> many instances in history disprove you. Infact, I'm not > aware of > a single event that will go along with your argument. then > again > a locksmith is like any other trade, I'll bet you have the > education > of a plumber or a construction worker. I guess I shouldn't > expect > much. carry on.
you're correct, I do not have a college education. however, I didn't need it. I have been in business and have 23+ years education/expierence in the Locksmith/Security field and have earned enough $$$'s to retire 6 years ago at the age of 45.
Jeff Wisnia wrote: > I lurk here because when I was an MIT student nearly 50 years ago there > wasn't a lock on campus we students couldn't get by without leaving a > trace, and it didn't hurt our minds to learn about those kind of things.
That isn't quite how I got my start -- I arrived knowing some of the basics -- but it's where I first got intensive practice. Though you predate my stay at the 'tute considerably.
> I like to keep learning.....
That's the real key to this trade -- and to MIT, for that matter. If you don't like learning and aren't willing to continue studying, you're sunk, or at least doomed to low income.
I have read this message board for a while but this is my first posting here. Thanks to all of you for some very interesting food for thought over the years. I'm a safe tech in Delaware with customers up to Philadelphia and am familiar with this University. My shop does mostly commercial work these days mainly for some big companies you probably know and love. Still its a living and I woundnt trade it for the world.
I just wanted to let you all know that I sent E-Mail to University of Pennsylvania. I sent it to the three addresses here of Mr. Pereira and Mr. Glandt and Pres. Gutman. Plus I found another one that got a response that sounded concerend. That is Maureen S. Rush, M.S., CPP Vice President For Public Safety Division of Public Safety University of Pennsylvania Phone: (215) 898-7515 Fax: (215) 573-2651 E-Mail: mr...@publicsafety.upenn.edu
She responded promptly to my concerns. Obviously she understands the security problems with this kind of material. You should also send to the other 3 addresses too.
In my letter I explained my background and how this makes my job harder and will weaken security for everyone.
I dont want to put my letter in a public place here because I talked about what was right and wrong in the article and I dont want to give aid and comfort to criminals by pointing it out here. Any real pro will have no troble seeing whats fiction and what isnt in the article though.
Well thats it. Just wanted to say hi to my fellow pros and pass on this maybe useful info.
the_loc...@yahoo.com wrote: > Forwarded from the NYC-LOCKS list:
> As many of you know Matt Blaze a professor at Pennsylvania > University has published an article that reveals proprietary > techniques of safe penetration. It was featured on well known > hacker website recently, and it came to our attention on Saturday. > It includes information normally reserved to the trade, for good > reasons that need not be discussed here.
> The article is available to the general public without any > restrictions whatsoever. We as professionals in the security > field are outraged and concerned with the damage that the > spread of this sensitive information will cause to security > and to our profession. We know many of you will be too.
> There are steps being taken to deal with this through proper > channels, but we need your help and support. We doubt that > his university would appreciate their resources being used for this > kind of activity, but they may not be aware of it or of the negative > impact that his so called work has on our industry. With concern for > homeland security so important, we belive that your voice will be > heard.
> Attempts to reason with Blaze have been a failure in the > past, he is the same joker who wrote about Master Keyed locks > in the "New York Times" last year.
> Blaze's boss is Chairman Fernando Pereira. > Email: PERE...@CIS.UPENN.EDU > His boss's boss is Dean Eduardo D. Glandt. > Email: egla...@seas.upenn.edu > The President of the University is Amy Gutman. > Email: pres...@pobox.upenn.edu
> These people need to hear from you. Tell them what > you think polietly and firmly in your own words. Explain > that you are a security professional and that your job > is made harder by this sort of thing, and that security > will suffer.
> Also, very important. The article has photographs that may > not belong to Blaze because they appear to be commercial. > If anyone has information on the copyrights of any of these photos > please let us know so we can let the copyright holders know how > their property is being used possibly illegally and without their > permission.
> Forward this not as you see fit to others in the profession.
> Thank you for your Attention. > /////
> Forwarded by Ed "Lockie" > NYC Locksmith, Retired
> Forwarded by Ed "Lockie" > NYC Locksmith, Retired <the_loc...@yahoo.com> wrote in message: > There are steps being taken to deal with this through proper > channels, but we need your help and support. We doubt that > his university would appreciate their resources being used for this > kind of activity, but they may not be aware of it or of the negative > impact that his so called work has on our industry. With concern for > homeland security so important, we belive that your voice will be > heard.
What steps do you think you can take Ed ???
The U.S. Constitution specifically protects free speech in (Amendment 1) and also limits the period of time to which authors and inventors can have exclusive claim to their writings and dicsoveries (Article I, Section 8)
The "Homeland Security" concern is bullshit, and anyone who uses it in an argument is basically all but saying: "I have no other real point to make so I will say 'Homeland Security' in an attempt to scare you into taking me and my words more seriously than you would, because you don't or can't understand what I am talking about, and I want you to agree with me without questioning what I am saying"
> Also, very important. The article has photographs that may > not belong to Blaze because they appear to be commercial. > If anyone has information on the copyrights of any of these photos > please let us know so we can let the copyright holders know how > their property is being used possibly illegally and without their > permission.
Why not read up on copyright law, "Fair Academic Use" specifically...
Ed, it is quite unfortunate that you do not see that you and others like yourself who are so outspoken about Mr. Blaze and his work actually make it MORE credible the LOUDER your outcries against it are...
The fastest way to make something more interesting is to tell people not to look at it, or to say that it is so outrageous and shocking to "trade professionals"... If you truly want Mr. Blaze and his papers to fade into obscurity, then IGNORE them and they will fall into the cracks of the Internet and soon be forgotten...
WOW: Here is a really dumb NEON sign advertising the very thing you say is SOOO BAD... Ever thought of NOT contributing to the interest in the work you say is so dangerous for everyone's safety??
> Attempts to reason with Blaze have been a failure in the > past, he is the same joker who wrote about Master Keyed locks > in the "New York Times" last year.
I am sure that people could say the same thing about attempts to "reason" with you...
> Blaze's boss is Chairman Fernando Pereira. > Email: PERE...@CIS.UPENN.EDU > His boss's boss is Dean Eduardo D. Glandt. > Email: egla...@seas.upenn.edu > The President of the University is Amy Gutman. > Email: pres...@pobox.upenn.edu
> These people need to hear from you. Tell them what > you think polietly and firmly in your own words. Explain > that you are a security professional and that your job > is made harder by this sort of thing, and that security > will suffer.
I am sure that they would not like the fact that you linked their e-mail addresses in a UseNet Newsgroup... I am sure you have heard of the concept of SPAM... Next time names and titles would be good enough and anyone who cares to contact them could go to the UPENN website and look them up...
~~Evan (Formerly a Maintenance Man, Now a college student with a 3.85 GPA)
Welcome to the group Howie I hope we see some posts from you now and then. I don't post a lot because I specialize in antique autos & motorcycles and do Safe deposit box work so I don't keep up with the latest and greatest except what I read in the group. I subscribed to LL for many years when I was doing general locksmithing work but dropped it when I started doing the antique auto stuff. Good to see a new face....
> I have read this message board for a while but this is my first posting > here. Thanks to all of you for some very interesting food for thought > over the years. I'm a safe tech in Delaware with customers up to > Philadelphia and am familiar with this University. My shop does mostly > commercial work these days mainly for some big companies you probably > know and love. Still its a living and I woundnt trade it for the world.
> I just wanted to let you all know that I sent E-Mail to University of > Pennsylvania. I sent it to the three addresses here of Mr. Pereira and > Mr. Glandt and Pres. Gutman. Plus I found another one that got a > response that sounded concerend. That is > Maureen S. Rush, M.S., CPP > Vice President For Public Safety > Division of Public Safety > University of Pennsylvania > Phone: (215) 898-7515 > Fax: (215) 573-2651 > E-Mail: mr...@publicsafety.upenn.edu
> She responded promptly to my concerns. Obviously she understands the > security problems with this kind of material. You should also send to > the other 3 addresses too.
> In my letter I explained my background and how this makes my job harder > and will weaken security for everyone.
> I dont want to put my letter in a public place here because I talked > about what was right and wrong in the article and I dont want to give > aid and comfort to criminals by pointing it out here. Any real pro will > have no troble seeing whats fiction and what isnt in the article > though.
> Well thats it. Just wanted to say hi to my fellow pros and pass on this > maybe useful info.
>>As many of you know Matt Blaze a professor at Pennsylvania >>University has published an article that reveals proprietary >>techniques of safe penetration. It was featured on well known >>hacker website recently, and it came to our attention on Saturday. >>It includes information normally reserved to the trade, for good >>reasons that need not be discussed here.
>>The article is available to the general public without any >>restrictions whatsoever. We as professionals in the security >>field are outraged and concerned with the damage that the >>spread of this sensitive information will cause to security >>and to our profession. We know many of you will be too.
>>There are steps being taken to deal with this through proper >>channels, but we need your help and support. We doubt that >>his university would appreciate their resources being used for this >>kind of activity, but they may not be aware of it or of the negative >>impact that his so called work has on our industry. With concern for >>homeland security so important, we belive that your voice will be >>heard.
>>Attempts to reason with Blaze have been a failure in the >>past, he is the same joker who wrote about Master Keyed locks >>in the "New York Times" last year.
>>Blaze's boss is Chairman Fernando Pereira. >>Email: PERE...@CIS.UPENN.EDU >>His boss's boss is Dean Eduardo D. Glandt. >>Email: egla...@seas.upenn.edu >>The President of the University is Amy Gutman. >>Email: pres...@pobox.upenn.edu
>>These people need to hear from you. Tell them what >>you think polietly and firmly in your own words. Explain >>that you are a security professional and that your job >>is made harder by this sort of thing, and that security >>will suffer.
>>Also, very important. The article has photographs that may >>not belong to Blaze because they appear to be commercial. >>If anyone has information on the copyrights of any of these photos >>please let us know so we can let the copyright holders know how >>their property is being used possibly illegally and without their >>permission.
>>Forward this not as you see fit to others in the profession.
>>Thank you for your Attention. >>/////
>>Forwarded by Ed "Lockie" >>NYC Locksmith, Retired
>> Remember a >>size 14 boot will kick in a door no matter what lock it has on it if the >>door isn't up to par and if the crook cant kick in the door then he'll go >>through a window or a hole in the roof. > thats what Matt doesnt understand.. that and $$$ that the end >user will pay..
> --Shiva--
Blaze understands that perfectly well. He obviously feels that exposing the flaw is more beneficial than it is harmful. Or he may do it simply for the sake of study and dissemination of information in a moral/ethical vacumn. Why he does it or what he does or does not understand is irrelevant because he will continue to do as he has done. Even if he didn't there will always be others like him publishing flaws. It's the information age and there is no getting away from it. Personally I think the likelyhood of misuse of information in his safe lock article in particular is quite small.
