Back to the main page

Mailing List Logs for ShadowRN

Message no. 1
From: dhinkley@***.org
Subject: Security Systems Additions
Date: Thu, 6 Jun 1996 00:12:02 -0700 (PDT)
Fellow Writers

As well as fitting in well with the consept for this NERPS publication,
he following article fills in some holes in FASA's Corporate Security Handbook.
It is not complete (about 75%) the main text is, it is the GM's section that
needs to be fleshed out. Your comments are both requested and desired. The
runners comments will be dated in the final version, I need to know what the
game date range for the publication so when I do it it is in the same date time
range as the other articles.

David Hinkley
dhinkley@***.org

Gurth
How do wee designate type faces, special characters, and the like that
is not available in the ASCII character set? Or would you like a finished
version (with all changes) sent to you as a file?

DH

=====================
Copyright (C) 1996
All rights reserved
David G. Hinkley

All That is Old is Not Obsolete

>>>>>[It is simply amazing what one can find when one looks under the right

rock. I ran across this article last week, and thought it might be interesting.
And it is not due to be published for at least a month. So get here just hot
before the presses]<<<<<
--Phantom

While the use of highly skilled computer enhanced operators to oversee
elaborate security systems has become the accepted standard among security
professionals. It is not the only way to provide security. Many of the older
proven systems are still effective and can provide high levels of security at
reasonable cost. CCTV alarm systems, Locks, and card access systems are still
effective deterrent to undesirable activities.

>>>>>[Undesirable activities.....could they be talking about
us?]<<<<<
-- Fast Eddy

>>>>>[Only if they are attempting to stop thefts from children's
piggy-banks and
other similar hard targets :)]<<<<<
-- Boomer

The addition of a hard-wired computer the basic Close-Circuit Television
system can become a difficult to detect motion detection alarm. In simple terms
the signal from a single CCTV camera is run through the computer which monitors
the color value (grey value in monochrome systems) of all the pixels in the
alarmed area. If the value should change suddenly, the computer triggers an
alarm. In most cases the alarm response, is an audible alarm, and the switching
of that camera's picture to a display monitor. This system is commonly used to
provide surveillance within clean rooms as it can be relocated without the need
to relocate wires or drill holes. It is only effective in areas that are free of
motion. While it is a generally reliable, false alarm trouble shooting can be
quite difficult at times.

>>>>>[For an old design these are extremely effective, The turn the common
CCTV
camera into a motion detector. And if that was not bad enough, the system also
trips when a loop-back unit is spliced into the camera system.]<<<<<
--Fast Eddy

>>>>>[Not all the time, it just takes the right touch......or a
mouse]<<<<<
-- Shadowrider

>>>>>[A mouse?]<<<<<
--Fast Eddy

>>>>>[When ever I think there maybe a live operator or one of these
systems, I
release a mouse or two just as I make the connection. When the picture pops up
on the screen, the operator sees the mouse and goes back to his comic
book]<<<<<
--Shadowrider

>>>>>[hey what does hard wired mean?}<<<<<
--Mork the Ork

>>>>>[A hardwired computer is one that has its program wired in. Once it is

built you can't reprogram it. Deckers hate the things, cause there is nothing
they can do with them]<<<<<
--Sweet Sue

The common lock is an often over looked component of a buildings security
system. The selection of the correct lock for a use can enhance a security
system while the wrong choice can defeat the most elaborate. Locking systems can
be divided into three major groups, Common mechanical locks using keys,
electronically controlled locking mechanisms and combination locks.

Key control is the most important factor in conventional pin tumbler
locking systems. While conventional locks can be picked it is much easier to use
the key. A lock will open for anyone who has the key. Key control starts with
the purchase of the lock. Cheap locks are manufactured in numbers that greatly
exceed that number of key variations. The are also much easier to defeat with
brute force or the subtle manipulations of lock picks. The more exclusive the
key way the less likely a duplicate key exists. This is place that spending a
bit more gets a lot more results. After you have the lock installed, you need to
still need to properly control keys. First only have made, the exact number of
keys you need. Do not label keys with either your address or license number,
doing so only makes it easy for the inconvenience of a lost key ring to become a
major loss. And don't hide a key outside your home or on your car. There are no
original hiding places, anyplace you can think of someone else has used before.

>>>>>[Hey Phantom, anyway you could pull the plug on this? This guy is
reveling
all our secrets]<<<<<
--Fast Eddy

>>>>>[That figures, I always thought that you would have trouble breaking
into a
paper sack with a sharp knife.]<<<<<
--Boomer

>>>>>[Boomer haven't you heard Eddy's mother doesn't let him play with
sharp
objects]<<<<<
--Sweet Sue

Mechanical locking systems have one advantage that is often over looked in
this electronic age, they are not connected. To open them you have to be there
with the correct key or combination to open them. There is no way for a hacker
to unlock them from a terminal miles away. No computer glitch will compromise
your security. If you don't have the key, you don't get in.

>>>>>[There is something positively un-American about this
conspiracy]<<<<<
--Electroman

>>>>>[Conspiracy?]<<<<

--Sweet Sue

>>>>>[Yes conspiracy. First using rigger controls on security systems. Now
locks
that can't be opened by computer command. There aught to be a law. :)]<<<<<
--Electroman

Many years ago locksmiths came up with a way eliminate the need for a
person to carry a separate key for every lock. Actually it is two different
ways, the first is keying several locks to the same key. The other is creating a
master key for a group of locks. This is different from the first method in that
the key for one lock in the system will not open any other lock. Master Keys
systems are established at the same time the locks are pined. Special split pins
are used that make it possible for two different keys (the master key and the
regular key) to open the same lock. With some locks it is possible to have three
separate keys thus making sub-mastering possible. With careful planning an
entire building can be keyed in a manner that provides proper levels of security
while not requiring management to lug a huge ring of keys around.

>>>>>[A free hint chummers. While you can't tell a master key from a normal
key,
you can identify a masterkeyed lock by disassembling it. And most important it
contains all the information you need to make a master key that works in all the
locks in that buildings system. And if you are quick about it, they may never
guess you did it.]<<<<<
--Fingers

Electronic locking systems come in two major types, those that use a
electronically controlled solenoid to operate a mechanical bolt and those that
use electromagnetic force to secure a door. Either type can be controlled either
from a remote location or at the door's location. Keypads, Mag-Locks and Pass
Cards are commonly used to provide local control.

>>>>>[Electromagnetic force...how effective can that be, especially when
the
power goes off]<<<<<
-- Boomer

>>>>>[Very effective, I have seen a door that was blown open with
explosives and
the electromagnetic lock was still functioning, the battery back up worked that
well]<<<<<
-- Shadowrider

The classic combination lock used on safes and vaults is still a reliable
choice. The large number of combinations available, the requirement that the
lock be operated on site and on more sophisticated systems the time lock result
in a lock that is hard to beat. The most important factor is the security of the
combination. The fewer people who know it the more secure it is, and like keys
there is no safe place to hide it.

>>>>>[Desk blotters and desk pull outs are the first place to look, then
the
Rolidex looking under 'Safe'. And if you can't find the one for the safe you
need try other executive offices on the same floor because there is often a
sealed envelope with the safe combinations for the other safes in one of them.
]<<<<<
--Fingers

>>>>>[If you use the envelope on a clean covert entry, put it back with the
seal
broken. The security types will have a suspect, after all it HAS TO BE an inside
job, their building security is to good for some to get in undetected]<<<<<

--Sweet Sue

>>>>>[Now that is truly evil!!]<<<<<
--Boomer

Time locks add a further dimension of security. They limit the time that
the lock can be opened with the combination. This permits more individuals to
have the combination permitting access during business hours without them also
being able to come back afterhours and open the safe.

>>>>>[Unless you can speed-up the clock]<<<<<
--Fingers

>>>>>[Speed up the clock?]<<<<<
--Boomer

>>>>>[All it takes is the right equipment. The Artificer is the man to
see]<<<<
--Fingers

Possibly the most secure and flexible access control system for small to
medium sized companies is the Card Access System. Systems use a credit card
sized plastic card encoded with a discrete identification code. This code
consists of two parts an installation or facility code common to all cards for
that particular plant or facility and a individual number unique to that
particular card. Normally this coding is magnetic in nature but in some cases
bar-code technology is also used. It is also common to combine the access card
with a company identification card. When the card is presented to a reader, the
reader transmits the code number to a central computer (normally a dedicated
unit not used for any other function) which checks the card code with a central
listing for all the cards in the system and determines the degree of access
permitted. If the bearer of the card is listed as being permitted to enter
through the door at the time the card was presented the signal is sent to the
reader to unlock the door and the transaction is recorded in a access log kept
on the systems main computer. If access is not permitted then the attempt is
also logged, the door is not unlocked and an alarm may be sent for a human
response if required.

>>>>>[They log unsucessful attempts?]<<<<<
--Fast Eddy

>>>>>[Sure, besides paranoia, a important trate for security types, logging

unsuccessful attempts provides them with a lot of valuable information. It helps
identify inquisitive employees as well as the enthosatic types who just want an
early start. It permits the fine tuning of access times and lastly it can reveal
a pattern of intrusion attempts}<<<<<
-- Big Bopper

The current level of access for any particular each card is recorded only
on the central computer and can be changed at any time by the system operator.
It is not possible to determine what level of access the card permits through
the examination of the card. Thus it is not possible to determine if a
particular card is a master card that opens all doors in the building or one
that only opens employee washrooms during business hours. While it is possible
to copy a particular card or to change the coding (depending on the card type)
the degree of access if any can not be set except at the main computer.

>>>>>[This system sounds really easy to beat, just deck in and change the
access
for your card to all the doors, all the time and you are in like Flint. And just
to make things truly interesting dump all the rest so security can not move in
the building]<<<<<
--Fast Eddy

>>>>>[Nice try Eddy, only one problem. You have to get to the computer
first.
These systems use small dedicated computers that are not connected to anything
but the access control system]<<<<<
--Sweet Sue

This computer polls all card readers, key pads, locking mechanisms and
biometric devises on a periodic basis (several times a minute). In the event
that a reader is cut-off from the main computer the event is recorded and an
alarm is sent. In most operations a human guard is set to investigate. His
response time would vary widely depending on the size of the installation and
and the manpower available. The effected card reader or readers revert in to
stand alone mode. This normally takes on one of three forms. The doors remain
locked, the doors automatically unlock or most commonly the readers perform in
what appears to the user to be a normal manner. That is the door is unlocked
upon the presentation of a card. The difference is that the reader is granting
access to any card that has the correct installation code regardless of the
programed access. As most individuals using the door have access they never
know the difference. It is not possible to determine if a particular reader is
in stand alone mode through external examination.

>>>>>[This is the weak spot Eddy. If you can get the reader into stand
alone
mode then any card from the system, even those that are dropped from the system
as lost will work. And there is no record of the entry.]<<<<<
--Sweet Sue

>>>>>[As long as the System Administrator is not truly paranoid and sets
the
readers to lock the door down if it is cut off from the central computer. I have
seen systems where a communications failure meant could not get into the
building at all]<<<<<
-- Fingers

The card access readers can control both electronic controlled and combined
lock systems and are often combined with keypads or biometric devices. The
latter is to overcome the single largest drawback of these systems the card
grant access to anyone who presents the card. The use of a special computer, not
connected to the Matrix or other computer systems makes the system really secure
from outside tampering. However its largest strength is that the level of access
granted to a particular card can be changed at any time whether or not the
operator has access to the card.

While the there are a lot of new high tech security equipment available,
these old and proven methods should not be overlooked. The keys to a good
security system is defence in depth and utilizing the right equipment for the
right job. Remember this is a classic case where old does not equal obsolete.

>>>>>[There is nothing made by the hand of man that can not be defeated by
another slightly smarter man with that proper touch of larceny.]<<<<<
--Shadowrider

================
GAMEMASTER INFORMATION
================

Lockpicking /Safe Cracking Skill : This technical skill deals with opening
locked doors with out the use of the proper key or combination. A character with
this skill understands the basic operation of mechanical locks and how to open
them by manipulation. He also is aware of the physical weaknesses of doors,
locks and safes and how to apply force to open them. A character with this skill
would also need demolitions skill to effectively use explosives to open a safe.
[This skill is located on the Skill Web off the main Quickness stem separated by
2 circles from the main stem.]

Locksmithing : This is a Build / Repair (B/R) skill covers the maintenance and
repair of locks and safes. A Locksmith can key or re-key locks, install locks,
and make keys. A skilled locksmith can also pick locks and open combination
locks by manipulation. [A character with this skill does not have the skills
necessary to use explosives to open a safe or vault] [This skill is located on
the Skill Web off the main Quickness stem separated by 2 circles from the main
stem.]

Pin Tumbler locks

Level 0: Cheap hardware store lock
Level 1: Quality lock,
Level 2: Quality lock, limited available keyway
Level 3: Top quality lock, restricted keyway
Level 4: Top quality lock, custom keyway

Combination Locks

Level 0: 4 digit single number lock
Level 1: 3 number, factory set lock
Level 2: 3 number, user set lock
Level 3: Manipulation resistant, 4 number, user set lock
Level 4: Double, Manipulation resistant, 4 number, user set lock

Safes and Vaults

Level 0: Lockable metal cabinet.
Level 1: Home wall safe
Level 2: Commercial Quality Safe
Level 3: Bank Vault
Level 4: Custom High Security Bank Vault

Safe and Vault descriptions consist of 4 parts the level of the locking system,
the level of the vault design, the barrier rating of the material the container
is made of and if it is equipped with a time lock. The locking system can be
either key, combination or mag-lock.

TimeLocks:

Master Keys: A master key can be made either from the records of the locksmith
who keyed the set of locks or by disassembling and examining a master keyed
lock. The target number is 1+ level of the lock. The operative skill is
Locksmithing.

Picking Locks: Target number is 2 + (locks level x2) Base Time is 1 minute + 30
seconds per locks level

Opening Combination Locks by Manipulation: Target Number is 4 +(locks level
x2)+modifiers Base Time 2 minutes x 4 minutes per level

Manipulation modifiers
Dead silence -1
Normal Background noise 0
Moderate Noise +2
Loud Noise +4
Lock equipped with error limiter +4

Safe Cracking: Target number is 4 +(level x2)+ barrier rating/4 Base time is 15
minutes plus 30 minutes per hour plus barrier rating times 10 in minutes
Message no. 2
From: "Gurth" <gurth@******.nl>
Subject: Re: Security Systems Additions
Date: Thu, 6 Jun 1996 11:26:13 +0100
dhinkley@***.org said on 0:12/ 6 Jun 96...

> How do wee designate type faces, special characters, and the like that
> is not available in the ASCII character set? Or would you like a finished
> version (with all changes) sent to you as a file?

I intend to use the Francis.ttf font (available from Paolo's page) for
the main text, and a font called Avantgarde BK for the decker comments.
Apart from that, if you want special fonts used, I think you should
indicate so in the text by adding a note (which I will delete -- it's a
bit silly to have an article in which it says "The next paragraph should
be in a bold 12 pt Arial font." :)
Special characters are a bit harder. Use Y for nuyen (I'll replace it by
the yen symbol), but for any other special characters you'll have to make
clear to me what you mean.

If you've got a finished version in some or another word processor format
(except for WP 6), you can email it to me so I can load it into Word
directly. Remember to post a text version on the list here as well, so
everbody can see your submission, and don't send anything to me directly
until you've finished the article completely.

> All That is Old is Not Obsolete
[snip]
> Electronic locking systems come in two major types, those that use a
> electronically controlled solenoid to operate a mechanical bolt and those that
> use electromagnetic force to secure a door. Either type can be controlled either
> from a remote location or at the door's location. Keypads, Mag-Locks and Pass
> Cards are commonly used to provide local control.
>
> >>>>>[Electromagnetic force...how effective can that be, especially
when the
> power goes off]<<<<<
> -- Boomer
>
> >>>>>[Very effective, I have seen a door that was blown open with
explosives and
> the electromagnetic lock was still functioning, the battery back up worked that
> well]<<<<<
> -- Shadowrider

Maybe you could add that there's another way for electromagnetic locks to
work: let a spring automatically close the lock as soon as the magnet
stops working, or have gravity-operated pins fall into the both top of the
door and into the floor. Cut off the power, and the lock slams shut.

> Possibly the most secure and flexible access control system for small to
> medium sized companies is the Card Access System. Systems use a credit card
> sized plastic card encoded with a discrete identification code. This code
> consists of two parts an installation or facility code common to all cards for
> that particular plant or facility and a individual number unique to that
> particular card. Normally this coding is magnetic in nature but in some cases
> bar-code technology is also used.

Or it culd be a chip embedded in the card. Phone cards use that today, so
access cards (no, not the credit card of that name :) could just as
easily.

> ================
> GAMEMASTER INFORMATION
> ================

Add that all these skills are Special Skills. It's quite obvious, but
maybe not obvious enough.

> [This skill is located on the Skill Web off the main Quickness stem separated by
> 2 circles from the main stem.]

Maybe you could better say that "A character may substitute his Quickness
for this skill, but must add a +4 modifier to all target numbers."

--
Gurth@******.nl - http://www.xs4all.nl/~gurth/index.html
We want to see you lead a normal life.
-> NERPS Project Leader & Unofficial Shadowrun Guru <-
-> The Character Mortuary: http://huizen.dds.nl/~mortuary/mortuary.html <-

-----BEGIN GEEK CODE BLOCK-----
Version 3.1:
GAT/! d-(dpu) s:- !a>? C+(++)@ U P L E? W(++) N o? K- w+ O V? PS+ PE
Y PGP- t(+) 5+ X++ R+++>$ tv+(++) b++@ DI? D+ G(++) e h! !r(---) y?
------END GEEK CODE BLOCK------

Disclaimer

These messages were posted a long time ago on a mailing list far, far away. The copyright to their contents probably lies with the original authors of the individual messages, but since they were published in an electronic forum that anyone could subscribe to, and the logs were available to subscribers and most likely non-subscribers as well, it's felt that re-publishing them here is a kind of public service.