Call for volunteers

Showing 1-22 of 22 messages
Call for volunteers Alan Widmer 7/6/11 3:17 PM
If you have time to spend on this project please post here. We will need these skills (in no particular order)
  • Electronic design
  • Electronic build skills
  • Membership software skills
  • Security analysis and threat modelling
  • Mechanical packaging
  • Proposal writing
There are probably other task too, if you have other skills and want to help just post offering what you have.
 
Alan
unk...@googlegroups.com 7/6/11 3:20 PM <This message has been deleted.>
Re: Call for volunteers Trevor F. Smith 7/13/11 2:00 PM
Hey,

I'm one of the coders working on Nadine and I'll be happy to answer
any questions about the software or sit down for a design discussion.
I'd love to see open door locks integrated with Nadine.

- Trevor
http://trevor.smith.name/
Re: Call for volunteers Alan Widmer 7/13/11 2:18 PM
Awesome, thanks Trevor.

I hope tonight to be able to install Nadine and try it out. Once I have it installed I might have some questions.

I think that the only extension we would need is to link a "key ID number" to each member. This would be the ID of the RFID key they carry. I think it is a 32-bit int. Then export the member list to a CSV file with encryption to a server. The door lock firmware will download the encrypted files from the server periodically.

Thanks for your offer to help,

Alan
Re: Call for volunteers Roy Hardman 7/13/11 2:31 PM
I would like to be part of the project, but just for a limited aspect.    I would like to hear / be part of the physical plan.   Are you going to run metal conduit to each door to supply power and control to the door lock actuators?   Who will install the actuators?   How about doing one door?  How about using big enough conduit for camera / network cable?

Roy :)
RE: Call for volunteers Alan Widmer 7/13/11 2:44 PM

Roy,

 

We are going to make a proposal to the landlord at Inscape and see what they think. So if you want to participate we would like to have your suggestions for the installation.

 

One of the doors already has some old hardware installed and I think that we would start there for the first installation. There is already a card reader mounted on the outside wall of the building near this door. Directly behind the reader is a hole through the brickwork that has an electrical cable to a closet inside the building. Only low voltages go through this cable (12V I think). There is a  second cable from the closet to the electric door strike. All this cabling is inside the building and runs through a short conduit to a flexible conduit on the door.  I think that the electric door strike is also 12V.

 

The door controller we will build will be inside a metal, locking security box where the conduits will connect.

 

I have not looked at the other 3 doors yet but I expect that we will find somewhere close to each door to mount the controller box either on the wall or in a closet.

 

The controllers will need to communicate to each other and I don’t know how we will wire this up. I think it maybe wireless as the cost of running communication cable around the building will be very high.

 

Inscape told us that they would be happy to find a contractor to do the wiring which I assume would also include the installation of the conduit, outside card readers and door strike hardware. If you are licensed to perform this work then I’m sure we can persuade Inscape to use your services.

 

Any thoughts you have would be appreciated,

 

Alan

 

 

From: inscape-access...@googlegroups.com [mailto:inscape-access-control-system@googlegroups.com] On Behalf Of Roy Hardman
Sent: Wednesday, July 13, 2011 2:32 PM
To: inscape-access...@googlegroups.com
Subject: Re: Call for volunteers

 

I would like to be part of the project, but just for a limited aspect.    I would like to hear / be part of the physical plan.   Are you going to run metal conduit to each door to supply power and control to the door lock actuators?   Who will install the actuators?   How about doing one door?  How about using big enough conduit for camera / network cable?

 

Roy :)

RE: Call for volunteers Alan Widmer 7/13/11 2:50 PM

Roy,

 

I should have mentioned that our door controller will need a single 110V power connection. I don’t know anything about Washington state code but I assume that only licensed electricians are allowed to complete this part of the work.

 

Alan

 

From: inscape-access...@googlegroups.com [mailto:inscape-access-control-system@googlegroups.com] On Behalf Of Roy Hardman
Sent: Wednesday, July 13, 2011 2:32 PM
To: inscape-access...@googlegroups.com
Subject: Re: Call for volunteers

 

I would like to be part of the project, but just for a limited aspect.    I would like to hear / be part of the physical plan.   Are you going to run metal conduit to each door to supply power and control to the door lock actuators?   Who will install the actuators?   How about doing one door?  How about using big enough conduit for camera / network cable?

 

Roy :)

Re: Call for volunteers Duncan Thomas 7/16/11 6:03 AM
Hey

I'm with 091Labs hackerspace in Galway, Ireland. I'm interested in
security analysis and pentesting for this project if you don't mind
people breaking your stuff ;-)
Re: Call for volunteers Padraic Harley 7/17/11 3:26 PM
Hey all,

Same as Duncan, I'm from 091 Labs.

Don't think I have any of the first few skils tbh but might of use for
the proposal writing or something.

If ye can think of a use for me, just drop me an email!

P
Re: Call for volunteers Joseph Schlesinger 7/17/11 3:35 PM

So, the system we use at my space meets about 80% of your door requirements, with the rest being ones I already wanted to add anyway. I'm also integrating it into a large suite I'm calling SpacePal, to that handles all the billing, access control, membership etc for a space in a-la-carte components.

Nadine looks like a great system that I'm sure ill be swiping code from, and I would love to try working with that. The problem is we, (as I think Jigsaw is?) invested into Google Apps for most of our infrastructure, and I'm not sure how to reconcile that with their code.

For our system, a:

For database access, it talks over usb/serial to a junk laptop, that verifies users are active in the google apps database, and puts access log entries in the database, which is viewable to active members. Valid members can add their own card, and will soon be able to handle other aspects of their membership as well.

Right now its all internet-driven, but I am migrating the door system to be locally backed up, both on the chip and on the laptop. As I've written the system to be all entirely piecemeal, you can take whatever part of it you want. The door, the database talker, the app engine code, etc, to roll into your own. And I have actually commented code!

I guess right now I'm offering to do the door electronics and code, unless there is interest in using google apps. I don't think my web interface would work too well for you if you don't want to use google apps for it.

Re: Call for volunteers Lawrence Leung 7/17/11 4:18 PM

Cool. I have a few 32u4s around too. Ethernet could be added on too.

On Jul 17, 2011 3:35 PM, "Joseph Schlesinger" <joseph.sc...@makeitlabs.com> wrote:
>
>
> So, the system we use at my space meets about 80% of your door requirements,
> with the rest being ones I already wanted to add anyway. I'm also
> integrating it into a large suite I'm calling SpacePal, to that handles all
> the billing, access control, membership etc for a space in a-la-carte
> components.
>
> Nadine looks like a great system that I'm sure ill be swiping code from, and
> I would love to try working with that. The problem is we, (as I think Jigsaw
> is?) invested into Google Apps for most of our infrastructure, and I'm not
> sure how to reconcile that with their code.
>
> For our system, a:
>
>
> - $20 uab arduino (adafruit 32u4) on the door talks to a
> - wiegand rfid reader from ebay<http://cgi.ebay.com/Mini-WG26-34-Weatherproof-ID-Proximity-Reader-125KHz-/160459875814>($12), and operates a
> - strikelock from amazon <http://www.amazon.com/gp/product/B000NGVRF8>

> ($25).
>
> For database access, it talks over usb/serial to a junk laptop, that
> verifies users are active in the google apps database, and puts access log
> entries in the database, which is viewable to active members. Valid members
> can add their own card, and will soon be able to handle other aspects of
> their membership as well.
>
> Right now its all internet-driven, but I am migrating the door system to be
> locally backed up, both on the chip and on the laptop. As I've written the
> system to be all entirely piecemeal, you can take whatever part of it you
> want. The door, the database talker, the app engine code, etc, to roll into
> your own. And I have actually commented code!
>
> I guess right now I'm offering to do the door electronics and code, unless
> there is interest in using google apps. I don't think my web interface would
> work too well for you if you don't want to use google apps for it.
Re: Call for volunteers zeroknowledge 7/18/11 7:19 AM
Hi Alan,
 I am happy to give you a hand with "Security analysis and threat
modelling ". I am assuming this includes looking at the authentication
protocol as well :-), if we are not using a well known one.
regards
Anish


On Jul 6, 11:17 pm, Alan Widmer <alan.wid...@gmail.com> wrote:
> If you have time to spend on this project please post here. We will need
> these skills (in no particular order)
>
>    - Electronic design
>    - Electronic build skills
>    - Membership software skills
>    - Security analysis and threat modelling
>    - Mechanical packaging
>    - Proposal writing
Re: Call for volunteers (now: CheapID ?) Vinay Gupta - Hexayurt Project 7/19/11 11:10 AM

Hi guys, Budi Mulyo (Wise Cricket) suggested that this might be useful to you? I've worked extensively on some fairly sophisticated digital identity / resource access stuff which might be a good place to pull ideas from for this project. I'm not sure if it's within scope, but I'll repost the message I sent to Budi and let you judge!

In terms of skills, I'd say I'm more on the threat analysis side at this point, and that in a political and legal mode.

Hope I can help,

Vinay

=====

You may find my http://guptaoption.com/cheapid has some useful analysis. It's designed as a genocide-resistant biometric ID card standard and was commissioned by the US Office of the Secretary of Defense and overseen by the NSA (well, NCSC really, but Spookland at any count.)

It argues strongly for *not* having an access control database because People You Do Not Like can then abuse that access control database by, say, mass subpoena. CheapID suggests putting a cryptographic signature on access permission on a piece of paper (encoded as a 2D barcode) and having the certificate revocation list (CRL) be accessible online. Your devices may still cache the CRL but the CRL is small compared to the access control list. This is all pretty standard SPKI (simple public key infrastructure) stuff - and SPKI > GPG web of trust > X509 IMHO. You can store the CRL as the hash of the certificate hash, which prevents backing out from the CRL to a cert list also, which is quite useful.

What's nice about this is that there's no need for a central record of who was issued with which permissions. Somebody authorized unlocks the signing key, issues a document, and that person has access until the certificate is revoked. You still have full control, but without an inconvenient list of names lying around.

Or rather, without a *highly convenient* list of names hanging around.

You may wonder why a cypherpunk was hired by Spookland to design a biometric ID standard. The answer is that they wanted a system which was resistant to government abuse, in this case Iraq / Afghanistan / other client state government abuse. It's hard to find people with an instinctive distrust for government sufficient to design a system like that which *works* (albeit never deployed that I know of) who also have trust in the US government. So you wind up hiring me.

The system is fully public domain. The source is absolutely shit, you'd do better to start over. It was a pure proof-of-concept, uses the wrong cryptosystem (should be ECC, uses RSA) etc. It was just enough to prove concept and nothing more, do not build on it. No patents on any part of the system that I know of, but an exhaustive search has not been conducted, and there are certainly other biometric/barcode solutions out there which may or may not have submarine patents extant. In short: disclaimers apply.

$0.02, hope it's useful. It certainly ate up a goodly chunk of my life building the case for it and actually doing the design work. Those were tense seasons.

PS: also worth a look is Shamir's Secret Sharing stuff, i.e. splitting a secret into N parts of which M are required to cryptographically reconstruct the secret. Your application would be to take real names (i.e. an image of somebody's passport), split it up into N pieces of which M are required to reconstruct, to provide "jury of your peers" type anonymity - your real name can be disclosed if 7 of 12 people holding a share decide to disclose your identity on receipt of evidence. Ditto the cryptographic capabilities required to, say, issue a certificate revocation for an access card. Yes, this is Hacker Court, and you wouldn't want to build this unless you needed it, but it's nice to know that you *can*

There are various implementations of the Shamir scheme. I can't say I trust any of them because they're not in hugely heavy use (well, SSSS maybe more than others) so don't think of them as being in the same category of reliability as GPG - they just haven't had the same amount of oversight.

http://www.point-at-infinity.org/ssss/
http://www.pseudorandom.co.uk/src/gfcombinefs/
http://manpages.ubuntu.com/manpages/hardy/man1/gfsplit.1.html

However, I think all of this is fertile ground for exploration, particularly as we begin to talk about labs issuing ID cards which are used as credentials at *other* labs. If you call something a Passport, might be worth building the governance structures to go with it!

I suggest a five tier trust system, by the way:

1> admins of this lab
2> members of this lab
3> admins of other labs
4> members of other labs
5> other people

It's simple enough that people will actually use it, and maps nicely to the actual social trust dynamics which ID cards are being issued to support.

$0.00

Vinay

Re: Call for volunteers (now: CheapID ?) Vinay Gupta - Hexayurt Project 7/19/11 11:15 AM
PPS: I should also note that I'm looking at this very much from an object capabilities perspective, like

http://en.wikipedia.org/wiki/Object-capability_model

It's not a very common way of thinking about physical security, but the 2D barcode provides a handy way to actively instantiate object capabilities as physical tokens. Obviously the hard part is the CRL (certificate revocation list) but the question of "default locked or default opened" is still completely accessible within a CRL-based vs. an ACL-based model. Fail-closed and fail-open when faced with a non-internet-connected lock are still clear policy decisions. You can pick which way to err when somebody presents a valid ID but the lock can't reach the internet, in other words, even though the ACL vs. CRL model seems like you wind up on opposite sides of that decision when you can't reach the database.

In other words: the full range of behaviors are still available even with CRL-based systems.

Hope that helps,

Vinay

--
Vinay Gupta
Free Science and Engineering in the Global Public Interest

http://hexayurt.com - free/open next generation human sheltering
http://hexayurt.com/plan - the whole systems, big picture vision

"In the midst of winter, I finally learned that there was in me an invincible summer" - Albert Camus

Twitter/Skype/Gizmo/Gtalk/AIM: hexayurt
UK Cell : +44 (0) 7500 895568 / USA VOIP (+1) 775-743-1851
Απ: Call for volunteers TheHackerspace 7/20/11 10:35 AM
Hi Alan,

I 'm with Hackerspace in Thessaloniki, Greece (the-hackerspace.org). We would love to contribute to this project as we have already done some work w/ security and arduino and we have 2 projects that uitilise RFID sensors for authorization(among others). You can find our projects in our git repository (w/ full commented code, photos, spec etc) and we hope you'll find it useful for your project!

More info about these projects :

1. An embedded ad-hoc network supporting wireless devices remote control with RFID technology. The network consists of an intelligence identification node which can be trained for a particular application and a control node which controls the remote devices.

2. An Arduino embedded system for supporting security access control with multi-factor authentication (Voice Recognition, Keypad Password, RFID Tag Code). code (w/ comments)

Happy Hacking :)
Re: Απ: Call for volunteers Alan Widmer 7/20/11 11:10 AM
Great! I am busy this week with friends visiting but I will certainly look at your projects soon. Multifactor authentication is something we are thinking about for our rev 2 project. 

Alan 


Re: Απ: Call for volunteers VideoMan 7/26/11 11:11 AM
http://blog.shop.23b.org/2011/01/open-access-control-v20.html
http://code.google.com/p/open-access-control/

I'm in the process of building two of these, and would love to get
these setup for people to have some sort of "open door" policy.


-David
TC Makers / Hack Factory President

Re: Απ: Call for volunteers Wise Cricket 7/27/11 9:47 AM
Hi Dave, Open Door policy is what we are trying to build also. The passport system has not been solved though. Did you buy access control kits from 23b?  I'm trying to figure out the cost of the system. Do you have bill of materials and also sources where you get them?
Re: Απ: Call for volunteers David M. N.. Bryan 7/27/11 10:07 AM
It's 100$ for the whole kit with all the parts.  But I think you can just purchase the board, and order all the parts from digi-key too.  

23b.org has a bunch ready to go... 

-- 
David M. N. Bryan
612-978-9765
Sent from a mobile device.

On Jul 27, 2011, at 11:49 AM, Wise Cricket <celestia...@gmail.com> wrote:

Hi Dave, Open Door policy is what we are trying to build also. The passport system has not been solved though. Did you buy access control kits from 23b?  I'm trying to figure out the cost of the system. Do you have bill of materials and also sources where you get them?
Re: Απ: Call for volunteers David M. N. Bryan 7/27/11 1:22 PM
Sorry, this is the shop link: http://shop.23b.org

John is the one who put the kits together, his email is arclight@23.org- if you don't get a hold of him, let me know as I have other contact info.

The kit contains everything you need, and it's a very large board, so it's super easy to work on, and the components are meant for durability and longevity.

The original blog post is here: http://blog.shop.23b.org/2011/01/open-access-control-v20.html

-David


Re: Call for volunteers Jonathan Tzatzkin 8/2/11 2:33 PM
Hi!
I have 10 years of Electronic Security of experience.
Please tell me if you need my help on "Security analysis and threat modelling"
Regards,
Jonathan 
Re: Call for volunteers Adam Davis 8/3/11 12:52 AM

I was contacted via my youtube video on a similar project I worked on
last year:

http://www.youtube.com/watch?v=252cXD7avnc

The local coworking facility has two of those installed and they've
been working flawlessly for almost a year now.

I'm interested in further refining the design, incorporating new
features (touchscreen LCD for meeting/conference/class room
scheduling, machine controls, timers, etc), and restarting work on the
project as an open source product.

So I'm interested in participating here.

-Adam

On Jul 6, 6:17 pm, Alan Widmer <alan.wid...@gmail.com> wrote:
> If you have time to spend on this project please post here. We will need
> these skills (in no particular order)
>
>    - Electronic design
>    - Electronic build skills
>    - Membership software skills
>    - Security analysis and threat modelling
>    - Mechanical packaging
>    - Proposal writing
More topics »