From:	dhinkley@***.org
Subject:	Security Equip
Date:	Sun, 7 Jul 1996 03:50:37 -0700 (PDT)

Gentlemen
Here is the last of my submissions to Nerps. I am looking forward to
your recomendations and comments.

David Hinkley
dhinkley@***.org

============ Copyright (C) 1996
All rights reserved
David G. Hinkley

All That is Old is Not Obsolete

>>>>>[It is simply amazing what one can find when one looks under the right

rock. I ran across this article last week, and thought it might be interesting.
And itis not due to be published for at least a month. So get here just hot
before the presses]<<<<<
--Phantom (H:M:S/D-M-Y)

While the use of highly skilled computer enhanced operators located on site
to oversee elaborate security systems has become the accepted standard among
security professionals. It is not the only way to provide security. Many of the
older proven systems are still effective and can provide high levels of security
at reasonable cost. Central Station Alarm Systems, CCTV alarm systems, Locks,
and card access systems are still effective deterrent to undesirable activities.

>>>>>[Undesirable activities.....could they be talking about
us?]<<<<<
-- Fast Eddy (08:42:43/04-09-57)

>>>>>[Only if they are attempting to stop thefts from children's
piggy-banks and
other similar hard targets :)]<<<<<
-- Boomer (10:23:57/04-09-57)

Many businesses and individuals needing human monitored alarm systems can
not reasonably afford the costs of an on site security specialist. Thanks to the
existence of Seattle's numerous high quality Central Station Alarm Monitoring
Services, they need not to do without a monitored Security System. basically a
Central Station System connects a business's on-site alarm systems to a remotely
located monitoring station operated by the service provider. This monitoring
station would monitor the alarm systems of many unrelated subscribers.

A central station system is fully capable of monitoring all types of
alarms and security systems. These Central Station Services can also be
contracted to provide a number of additional services including Armed alarm
response, Alarm system installation and repair, fire and hazmat alarm systems,
and card access systems.

>>>>>[If central stations are so good why do the corps spend money on their
own
security centers?]<<<<<
-- Boomer (10:24:02/04-09-57)

>>>>>[Where should I start...first is security, only their people are in
control
of the system. Second is system response time...it takes time for a signal to go
to the station and back. Physical response time... the response team is not on
site, it takes time for them reach the site. And finally Magical security is
difficult to implement. By the way most corps do use central
stations...their's...to provide security to small out lying offices and
installations]<<<<<
--Shadowrider ( 11:27:42/06-06-44)

There are currently four methods of connecting a site to the central
station, they are phone lines, dedicated hard wire, fiber optic cable and radio.
Each has its own particular advantages and disadvantages most of which are
technical in nature and are too site dependent to be discussed here. A good
Security Consultant can properly evaluate a particular site and determine the
best method for your particular needs.

>>>>>[Can anyone supply a brief evaluation of each methods and its weak
points]<<<<<
--Boomer (05:54:59/05-09-57)

>>>>>[Do I detect a more then passing interest in the weak points?.. Well
enthusiasm like that should not go unrewarded. Phone lines are already in
place, they connect almost every place and cost little to use. But they are
subject to the control of others (i.e. the building management and the phone
company), have limited band width, and require encoding and verification of
data. Hard wire systems have wider band width, are much easier to secure but are
expensive and time consuming to install, have to be maintained are difficult to
change or update. Fiber Optics provides the widest band width, is the easiest to
secure and otherwise has all the rest of the advantages and disadvantages
associated with hard wire systems. Radio is the most flexible, has reasonable
band width and is the hardest to secure and is subject to both intentional and
un-intentional jamming. ]<<<<<
--Fingers (23:42:15/07-09-57)

>>>>>[Un--intentional jamming?]<<<<<
--Sweet Sue (01:43:27/08-09-57)

>>>>>[There are a limited number of radio frequencies available for alarm
transmitters, so in most areas there are several ( up to hundred) transmitters
on the same frequency. The alarm system designers have come up with a simple
solution, first the signal is coded and the receiver only accepts properly coded
signals and the transmitters send their signal five times. Since the time of
transmission is effectively random it is unlikely that two transmitters would be
broadcasting all five times at the exact same time. That is at least one of the
five would get through. It works. By the way putting a jamming transmitter near
the alarm transmitter, while effective is not perfect as it also jams the
control centers periodic status polling. No reply trips an alarm. Sorry
chummers, no free lunch here.]<<<<<<
--Fingers 16:34:15/10-09-57)

With the addition of a hard-wired computer the basic Close-Circuit
Television system can become a difficult to detect motion detection alarm. In
simple terms the signal from a single CCTV camera is run through the computer
which monitors the color value (grey value in monochrome systems) of all the
pixels in the alarmed area. If the value should change suddenly, the computer
triggers an alarm. In most cases the alarm response, is an audible alarm, and
the switching of that camera's picture to a display monitor. This system is
commonly used to provide surveillance within clean rooms as it can be relocated
without the need to relocate wires or drill holes. It is only effective in areas
that are free of motion. While it is a generally reliable, false alarm trouble
shooting can be quite difficult at times.

>>>>>[For an old design these are extremely effective, The turn the common
CCTV
camera into a motion detector. And if that was not bad enough, the system also
trips when a loop-back unit is spliced into the camera system.]<<<<<
--Fast Eddy (01:42:51/09-09-57)

>>>>>[Not all the time, it just takes the right touch......or a
mouse]<<<<<
-- Shadowrider (11:28:34/03-07-63)

>>>>>[A mouse?]<<<<<
--Fast Eddy (23:45:01/12-09-57)

>>>>>[When ever I think there maybe a live operator or one of these
systems, I
release a mouse or two just as I make the connection. When the picture pops up
on the screen, the operator sees the mouse and goes back to his comic
book]<<<<<
--Shadowrider(14:42:56/18-06-15)

>>>>>[hey what does hard wired mean?}<<<<<
--Mork the Ork (18:34:28/09-09-57)

>>>>>[A hardwired computer is one that has its program wired in. Once it is

built you can't reprogram it. Deckers hate the things, cause there is nothing
they can do with them]<<<<<
--Sweet Sue (23:13:36/09-09-57)

The common lock is an often over looked component of a buildings security
system. The selection of the correct lock for a use can enhance a security
system while the wrong choice can defeat the most elaborate. Locking systems can
be divided into three majorgroups, Common mechanical locks using keys,
electronically controlled locking mechanisms and combination locks.

Key control is the most important factor in conventional pin tumbler
locking systems. While conventional locks can be picked it is much easier to use
the key. A lock will open for anyone who has the key. Key control starts with
the purchase of the lock. Cheap locks are manufactured in numbers that greatly
exceed that number of key variations. The are also much easier to defeat with
brute force or the subtle manipulations of lock picks. The more exclusive the
key way the less likely a duplicate key exists. This is place that spending a
bit more gets a lot more results. After you have the lock installed, you need to
still need to properly control keys. First only have made, the exact number of
keys you need. Do not label keys with either your address or license number,
doing so only makes it easy for the inconvenience of a lost key ring to become a
major loss. And don't hide a key outside your home or on you car. There are no
original hiding places, anyplace you can think of someone else has used before.

>>>>>[Hey Phantom, anyway you could pull the plug on this? This guy is
reveling
all our secrets]<<<<<
--Fast Eddy (23:54:51/12-09-57)

>>>>>[That figures, I always thought that you would have trouble breaking
into a
paper sack with a sharp knife.]<<<<<
--Boomer (10:25:37/04-09-57)

>>>>>[Boomer haven't you heard Eddy's mother doesn't let him play with
sharp
objects]<<<<<
--Sweet Sue (23:14:46/09-09-57)

Mechanical locking systems have one advantage that is often over looked in
this electronic age, they are not connected. To open them you have to be there
with the correct key or combination to open them. There is no way for a hacker
to unlock them from a terminal miles away. No computer glitch will compromise
your security. If you don't have the key, you don't get in.

>>>>>[There is something positively un-American about this
conspiracy]<<<<<
--Electroman (09:57:36/04-09-57)

>>>>>[Conspiracy?]<<<<
--Sweet Sue (23:15:51/09-09-57)

>>>>>[Yes conspiracy. First using rigger controls on security systems. Now
locks
that can't be opened by computer command. There aught to be a law. :)]<<<<<
--Electroman (10:47:27/12-09-57)

Many years ago locksmiths came up with a way eliminate the need for a
person to carry a separate key for every lock. Actually it is two different
ways, the first is keying several locks to the same key. The other is creating a
master key for a group of locks. This is different from the first method in that
the key for one lock in the system will not open any other lock. Master Keys
systems are established at the same time the locks are pined. Special split pins
are used that make it possible for two different keys (the master key and the
regular key) to open the same lock. With some locks it is possible to have three
separate keys thus making sub-mastering possible. With careful planning an
entire building can be keyed in a manner that provides proper levels of security
while not requiring management to lug a huge ring of keys around.

>>>>>[A free hint chummers. While you can't tell a master key from a normal
key,
you can identify a masterkeyed lock by disassembling it. And most important it
contains all the information you need to make a master key that works in all the
locks in that buildings system. And if you are quick about it, they may never
guess you did it.]<<<<<
--Fingers (23:44:57/ 07-09-57)

Electronic locking systems come in two major types, those that use a
electronically controlled solenoid to operate a mechanical bolt and those that
use electromagnetic force to secure a door. Either type can be controlled either
from a remote location or at the door's location. Keypads, Mag-Locks and Pass
Cards are commonly used to provide local control.

>>>>>[Electromagnetic force...how effective can that be, especially when
the
power goes off]<<<<<
-- Boomer (10:26:41/04-09-57)

>>>>>[Very effective, I have seen a door that was blown open with
explosives and
the electromagnetic lock was still functioning, the battery back up worked that
well]<<<<<
-- Shadowrider (11:32:01/7-10-71)

The classic combination lock used on safes and vaults is still a reliable
choice. The large number of combinations available, the requirement that the
lock be operated on site and on more sophisticated systems the time lock result
in a lock that is hard to beat. The most important factor is the security of the
combination. The fewer people who know it the more secure it is, and like keys
there is no safe place to hide it.

>>>>>[Desk blotters and desk pull outs are the first place to look, then
the
Rolidex looking under 'Safe'. And if you can't find the one for the safe you
need try other executive offices on the same floor because there is often a
sealed envelope with the safe combinations for the other safes in one of
them.]<<<<<
--Fingers (23:46:33/07-09-57)

>>>>>[If you use the envelope on a clean covert entry, put it back with the
seal
broken. The security types will have a suspect, after all it HAS TO BE an inside
job, their building security is to good for some to get in undetected]<<<<<

--Sweet Sue (23:16:56/09-09-57)

>>>>>[Now that is truly evil!!]<<<<<
--Boomer (10:27:36/10-09-57)

Time locks add a further dimension of security. They limit the time that
the lock can be opened with the combination. This permits more individuals to
have the combination permitting access during business hours without them also
being able to come back afterhours and open the safe.

>>>>>[Unless you can speed-up the clock]<<<<<
--Fingers (23:48:17/07-09-57)

>>>>>[Speed up the clock?]<<<<<
--Boomer (10:32:15/04-09-57)

>>>>>[All it takes is the right equipment. The Artificer is the man to
see]<<<<
--Fingers (16:37:17/10-09-57)

Possibly the most secure and flexible access control system for small to
medium sized companies is the Card Access System. Systems use a credit card
sized plastic card encoded with a discrete identification code. This code
consists of two parts an installation or facility code common to all cards for
that particular plant or facility and a individual number unique to that
particular card. Normally this coding is magnetic in nature but in some cases
bar-code technology is also used. It is also common to combine the access card
with a company identification card. When the card is presented to a reader, the
reader transmits the code number to a central computer (normally a dedicated
unit not used for any other function) which checks the card code with a central
listing for all the cards in the system and determines the degree of access
permitted. If the bearer of the card is listed as being permitted to enter
through the door at the time the card was presented the signal is sent to the
reader to unlock the door and the transaction is recorded in a access log kept
on the systems main computer. If access is not permitted then the attempt is
also logged, the door is not unlocked and an alarm may be sent for a human
response if required.

>>>>>[They log unsuccessful attempts?]<<<<<
--Fast Eddy (08:49:15/ 04-09-57)

>>>>>[Sure, besides paranoia, a important trait for security types, logging
unsuccessful attempts provides them with a lot of valuable information. It helps
identify inquisitive employees as well as the enthusiastic types who just want
an early start. It permits the fine tuning of access times and lastly it can
reveal a pattern of intrusion attempts}<<<<<
-- Big Bopper (12:16:45/ 09-09-57)

The current level of access for any particular each card is recorded only
on the central computer and can be changed at any time by the system operator.
It is not possible to determine what level of access the card permits through
the examination of the card. Thus it is not possible to determine if a
particular card is a master card that opens all doors in the building or one
that only opens employee washrooms during business hours. While it is possible
to copy a particular card or to change the coding (depending on the card type)
the degree of access if any can not be set except at the main computer.

>>>>>[This system sounds really easy to beat, just deck in and change the
access
for your card to all the doors, all the time and you are in like Flint. And just
to make things truly interesting dump all the rest so security can not move in
the building]<<<<<
--Fast Eddy (08:50:32/ 04-09-57)

>>>>>[Nice try Eddy, only one problem. You have to get to the computer
first.
These systems use small dedicated computers that are not connected to anything
but the access control system]<<<<<
--Sweet Sue (23:16:57/ 09-09-57)

This computer polls all card readers, key pads, locking mechanisms and
biometric devises on a periodic basis (several times a minute). In the event
that a reader is cut-off from the main computer the event is recorded and an
alarm is sent. In most operations a human guard is set to investigate. His
response time would vary widely depending on the size of the installation and
the manpower available. The effected card reader or readers revert in to stand
alone mode. This normally takes on one of three forms. The doors remain locked,
the doors automatically unlock or most commonly the readers perform in what
appears to the user to be a normal manner. That is the door is unlocked upon the
presentation of a card. The difference is that the reader is granting access to
any card that has the correct installation code regardless of the programmed
access. As most individuals using the door have access they never know the
difference. It is not possible to determine if a particular reader is in stand
alone mode through external examination.

>>>>>[This is the weak spot Eddy. If you can get the reader into stand
alone
mode then any card from the system, even those that are dropped from the system
as lost will work. And there is no record of the entry.]<<<<<
--Sweet Sue (23:17:37/ 09-09-57)

>>>>>[As long as the System Administrator is not truly paranoid and sets
the
readers to lock the door down if it is cut off from the central computer. I have
seen systems where a communications failure meant could not get into the
building at all]<<<<<
-- Fingers (16:42:43/ 10-09-57)

The card access readers can control both electronic controlled and combined
lock systems and are often combined with keypads or biometric devices. The
latter is to overcome the single largest drawback of these systems the card
grant access to anyone who presents the card. The use of a special computer, not
connected to the Matrix or other computer systems makes the system really secure
from outside tampering. However its largest strength is that the level of access
granted to a particular card can be changed at any time whether or not the
operator has access to the card.

While the there are a lot of new high tech security equipment available,
these old and proven methods should not be overlooked. The keys to a good
security system is defence in depth and utilizing the right equipment for the
right job. Remember this is a classic case where old does not equal obsolete.

>>>>>[There is nothing made by the hand of man that can not be defeated by
another slightly smarter man with that proper touch of larceny.]<<<<<
--Shadowrider 11:34:23/ 24-01-15)

>>>>>[ Shadowrider, are you on some sort of history
kick?]<<<<<
--Sweet Sue (23:19:16/ 09-09-57)

>>>>>[Military History to be more precise.]
-- Shadowrider (24:24:47/ 07-12-41)

================
GAMEMASTER INFORMATION
================

Lockpicking /Safe Cracking Skill : This technical skill deals with opening
locked doors with out the use of the proper key or combination. A character with
this skill understands the basic operation of mechanical locks and how to open
them by manipulation. He also is aware of the physical weaknesses of doors,
locks and safes and how to apply force to open them. A character with this skill
would also need demolitions skill to effectively use explosives to open a safe.
[This skill is located on the Skill Web off the main Quickness stem separated by
2 circles from the main stem.]

Locksmithing : This is a Build / Repair (B/R) skill covers the maintenance and
repair of locks and safes. A Locksmith can key or re-key locks, install locks,
and make keys. A skilled locksmith can also pick locks and open combination
locks by manipulation. [A character with this skill does not have the skills
necessary to use explosives to open a safe or vault] [This skill is located on
the Skill Web off the main Quickness stem separated by 2 circles from the main
stem.]

Lock Picking: To determine the success of an attempt to open a lock by picking
it, roll a number of dice equal to the PC's Lockpicking skill plus any task pool
dice. The Target Number is that of the lock plus any applicable modifiers from
the table below. One success means the lock is opened. Additional successes
reduce the time needed to open the lock. The base time is 5 minutes. A result of
all 1s(ones) means that the keyway is jammed and the lock cannot be opened
either by manipulation or with a key.

Situation Modifier
Improvised picks +1
Rusty Lock +1

Master Keys: A master key can be made either from the records of the locksmith
who keyed the set of locks or by disassembling and examining a master keyed
lock. The target number is 1+ level of the lock. The operative skill is
Locksmithing.

Drilling Locks: A pin tumbler lock can be defeated by drilling the tumbler
mechanism out. To do so roll dice equal to the characters locksmithing or lock
picking skill, the target number is the Pin Tumbler pick resistance target
number -2. A drill with the appropriate bit is required.

Safe and Vaults: The descriptions of a safe or vault consists of 4 parts, the
type and level of the locking system, the level of the door design, the barrier
rating of the material or materials that the container is made of and whether or
not it is equipped with a time lock. The locking system can be either key,
combination lock or mag-lock.

Pin Tumbler locks

Level 0: Cheap hardware store lock TN#=3
Level 1: Quality lock, TN#=4
Level 2: Quality lock, limited available keyway TN#=5
Level 3: Top quality lock, restricted keyway TN#=6
Level 4: Top quality lock, custom keyway TN#=8

Combination Locks

Level 0: 4 digit single number lock TN#=4
Level 1: 3 number, factory set lock TN#=5
Level 2: 3 number, user set lock TN#=7
Level 3: Manipulation resistant, 4 number, user set lock TN#=9
Level 4: Double, Manipulation resistant, 4 number, user set lock TN#

Safes and Vault Door Ratings

Level 0: Lockable metal cabinet. Barrier Rating 6 TN#=4
Level 1: Home wall safe Barrier Rating 8 TN#=5
Level 2: Commercial Quality Safe Barrier Rating 16 TN#=8
Level 3: Bank Vault Barrier Rating 24 TN#
Level 4: Custom High Security Bank Vault Barrier Rating 32 TN#

Safe Cracking

There are three approaches to opening a locked safe or vault. Manipulating
the lock mechanism, mechanically defeating the lock mechanism, or going through
the walls of the container. The last two approaches can use a wide variety of
techniques using explosives, power saws, jack hammers and similar destructive
devises.


Lock Manipulation: To determine the success of an attempt to open a combination
lock by manipulating the dial, roll a number of dice equal to the PC's Safe
Cracking skill plus any task pool dice. The Target Number is that of the lock
plus any applicable modifiers from the table below or special equipment used.
One success means the lock is opened. Additional successes reduce the time
needed to open the lock. The base time is 15 minutes. If the locking mechanism
is equipped with an activated time lock the lock cannot be successfully
manipulated until the time lock is either defeated or deactivates its self.

Situation Modifier
Dead silence -1
Normal Background noise 0
Moderate Noise +2
Loud Noise +4
Darkness +1
Damaged lock +3
Rusty Lock +1
Lock equipped with error limiter +4

All locks on a safe or vault door must be defeated or unlocked before the
door can be opened.

TimeLocks: This devise limits the times that the lock can be opened to those
preprogrammed on the time lock. Typically a time lock limits the opening times
to normal business hours. The electronic versions are also programmed with
weekends and holidays. The controls for a time lock are normally found on the
inside of the safe or vault door. There are three ways to get around a time
lock, reprogram the "open" times Change or accelerate the clock so that the
"open" time comes sooner then intended by the programmer. Lastly is to limit the

attempts to "open" times.

Forcing the Door: To determine the success of an attempt to force open a safe or
vault door, roll a number of dice equal to the PC's Safe Cracking skill plus any
task pool dice. The Target Number is that of the lock plus any applicable
modifiers from the table below or special equipment used. The base time is
rating level times two plus one [(lvl*2)+1)] hour. Equipment capable of cutting
or breaching the door material (i.e. barrier rating) is required.

Situation Modifier
Successes from demolition test -1 each
Have Plans of Safe or Vault door -2

Breaching the Walls: Entering the safe or vault through the side walls requires
cutting a hole large enough to reach through or enter. This can be through the
use of tools and equipment suitable for cutting the wall material (i.e. saw,
jackhammer, cutting torch etc.) or through the use of explosives (use the
demolition rules SRII p97)

Card Access Systems

Access Cards: Because of the manner they are constructed Access Cards cannot be
copied like a credit card. The coding can be identified and an exact copy can be
made. (Electronics B/R TN# 8, 4 hours). If successful a card reader cannot tell
the copy from the original. The system will record the access transaction and if
the logs are checked the duplicate entries may be discovered. The copy will only
have the access programmed for the original card.

Card Readers: There are two types of readers, surface and flush mounts. A
surface mount puts the readers mechanism in the wall, surface mounts are in a
armored case (barrier rating 24). The cabling is either in the wall or in
armored conduit (barrier rating 16). Cutting the communication line between the
reader and the controlling computer will put the unit into stand alone mode, the
computer will discover the break during the next regular status check. Status
checks are made about 30 times an hour.

Control Computer: The control computer is a dedicated free standing unit, that
is not connected to either the matrix or other computers on the site. The
computer may be connected to the computer that controls the rest of the security
systems. The computer system is normally equipped with a back-up power supply
that cuts in when the power fails. Cutting the computers communications with the
readers will put them in stand alone mode.

Programming: A new card can be programmed (at the control computer) to any of
the existing access levels in about 2 minutes (Computer, TN# 4). A new access
level can be programmed in about 20 minutes (Computer, TN# 8). The systems
password protection system must be defeated before any programming can occur
(Computer, TN# 13), system alarms with the fourth unsuccessful attempt.