I attended DEF-CON during the early 2010s, and watched General Alexander (then-director of a three-letter agency) redefine definitions of words and phrases, in a still-then pre-Snowden world.
The most memorable thing from that talk was the given definition of "intercepted communication," which to their definition simply meant that a HUMAN agent had catalogued some piece of information.
The official story I was told, still pre-Snowden — while working a contract electrician gig for a state three-letter agency data center — was that it would simply be impossible to retain that much data [and I would then walk in to 100k-sqft+ floor with petabytes of storage].
In those days metadata was among the fancier data-gathering tools (ahh... simpler times!), and now we have machines which effectively think/schizoid-out on infinite amounts of data —— all non-human [so therefore non-intercepted] data.
As the recipient of a SLAPP lawsuit (~decade ago) for truth I published online, the biggest problem with Anti-SLAPP statutes is that laypeople (particularly poorer ones) have limited access to attorney representation... the judicial system isn't accessible/friendly to the pro se litigant.
So even if the case is clearly being used to strategicly silence you, it'll probably still work (from plaintiff's POV). Same for DMCA.
With a strong Anti-SLAPP statute, the person who files the lawsuit is on the hook for the defendant's legal fees, which would (in theory) let the defendant hire an attorney on contigency fees.
Of course, one of the other issues is there's no federal Anti-SLAPP statute, and circuits are split as to whether or not state Anti-SLAPP applies to federal lawsuits, so if someone can diversity jurisdiction you into a federal SLAPP lawsuit, you're kind of stuck.
Back in 2007, I published the first YouTube bypass of the Master Lock #175 (very common 4-digit code lock), using a paperclip.
After the video reached 1.5M views (over a couple years), the video was eventually demonetized (no official reason given). I suspect there was a similarly-frivolous DMCA / claim, but at that point in my life I didn't have any money (was worth negative) so I just accepted YouTube's ruling.
Eventually shut down the account, not wanting to help thieves bypass one of the most-common utility locks around — but definitely am in a position now where I understand that videos like mine and McNally's force manufacturers to actually improve their locks' securities/mechanisms.
It is lovely now to see that the tolerances on the #175 have been tightened enough that a paperclip no longer defeats the lock (at least non-destructively); but thin high-tensile picks still do the trick (of bypassing the lock) via the exact same mechanism.
Locks keep honest people honest, but to claim Master's products high security is inherently dishonest (e.g. in their advertising). Thievery is about ease of opportunity; if I were stealing from a jobsite with multiple lockboxes, the ones with Master locks would be attacked first (particularly wafer cylinders).
Actual thieves don't give a shit to learn lock picking, they can use a fine toothed sawzall or oxy-acetylene torch and defeat any lock just as fast without having to youtube the particular brand.
I used to rent a storage unit. I lost the key to it, and went to the manager. He came back to the unit with a small battery powered grinder. Cut the padlock's loop through in a few seconds.
Most locks are only good if the attacker doesn't have any tools.
I bought a giant pair of bolt cutters a while back for a use case other than bolt cutting (shark fishing; cut the big hook instead of putting your hand near the mouth).
I never caught any big sharks like I thought, but now my wife runs a restaurant and occasionally employees just don't show up to work and leave things in their lockers. Once in a while it's clear it's to be annoying (locking supplies in their locker).
Never met a padlock or combination lock I couldn't shear through easily. Totally has paid for itself.
Now, for a similar price, you can buy a hydraulic cutter powered by a hand pump. They also come with replaceable jaws so you dont wreck your cutters when attacking a hard lock.
To be fair to Sentry Safe, this product is designed to be resistant to fire. A better name for this product would be ‘fire resistant box’ instead of ‘fire safe’ but that’s what they call it for marketing reasons.
A hardened metal safe designed to be resistant to cutting can still be cut through, just not in seconds with a screamer saw (trade name for a metal cutting circular saw)
If you want truly secure, encase your metal box in concrete like John Wick. Access is difficult but security is high :)
FYI, most safes already have a decently thick concrete layer — that’s most of why safes are heavy! (Or, I guess you could say, adding a concrete layer is cheaper than making the steel thicker.)
But they also have a rubber or foam (often styrofoam in cheaper safes) layer, to “smooth out” the force from a sledgehammer, jackhammer, or just dropping the thing out the window.
And a layer of compressible wet(!) sand, to spread out the point stress from a hammer and chisel, impact gun, gunshot, or small explosive configured for concussive force. (The goal here is essentially to replicate the behavior of a bulletproof vest.)
Plus, they often contain a layer to bind and foul and dull (or even break) the teeth of drill bits and reciprocating/chain/band saws. This can be any number of things — low-melting-point plastics, recycled broken glass, etc — but look up “proteus” for a fun read.
If the safe’s designer is clever, just a few materials can serve several of these functions at once. But more is always better. Which is why good safes (and vaults) are so dang thick. It’s not to solve one problem really well; it’s to mitigate N problems acceptably well, for a frighteningly large value of N.
These jobsite storage boxes [0] are typically too heavy to steal (and can also be anchor-bolted), and the locks are highly-recessed within an enclosure... practically the only exposure is the keyway... and then there's thousands of dollars of tools inside.
Worth it for smarter crooks. I'm a former IBEW electrician, and I've seen both stranger and more-miraculous occurrences — but I've seen it all.
That is a subset of thieves. There are still plenty of situations where it is beneficial to have a lock that can't be opened in 5 seconds with a paperclip, like a school or gym locker room for example. Nobody is bringing a sawzall into the gym while it's open.
Similarly, I know the lock on my front door is not going to stop anyone who really wants to get inside, but it does stop drunk people or bored kids from wandering in because it's easy.
> Nobody is bringing a sawzall into the gym while it's open.
They are bringing in bolt cutters to locker rooms. The locker metal loop that the lock threads through is easier to cut than the lock. I've first hand seen lockers destroyed to remove the lock. Not while the break in is happening but it's easy piece the crime scene back together to understand their tools.
Manual bolt cutters are almost silent except for the "thunk" when it breaks the metal, and there are even battery operated bolt cutters that are quick and compact.
I'm convinced there is basically no foolproof way to secure a bicycle in public.
I've seen everything from braided steel being cut clean to combination bike locks getting picked (by the attacker actually figuring out the correct combination, not just brute-forcing it apart or wangjangling a paperclip).
They just need to steal 1 good bicycle to more than pay off the cost of their equipment. One stolen bicycle could feed a family for a week. In some place like the Bay Area where $1000 bicycles abound, the economics are just too appealing.
From what I've heard, the way to go about it is to not have a very nice bike, make it identifiable and loud (eg ripped up neon tape and graffiti), and then use both a chain lock as well as a U lock that're both thick enough. Also perhaps throw on extra locks to make other bikes look attractive.
Of course none of these work if the thief is part of a ring that is targeting your bike because it's high value.
Self driving cars won’t fix the real problem - cars take up too much space for the number of people they carry in any reasonably dense city. I’d be quite confident bike lanes should be improving traffic by taking cars off the road more than they are causing “headaches” for traffic.
There are well studied effects that show good bike infrastructure gets more people (especially the young, old, women etc.) cycling who would be too fearful to cycle in traffic, because separate cycle lanes are both in reality far safer but also feel far more safe.
And bike lanes are actually really good for mobility scooters and other kinds of ways for elderly and disabled to get around!
We broke into our own lockers the whole time with metal rulers back when I was in school because of forgotten keys or just because it was quicker opening them that way than actually unlocking and relocking them. (And of course the more students did this, the more worn the metal became and made it even easier the next time)
Most people would be absolutely astounded how bold you can get with a safety vest and/or a clipboard, and how passive most people are to an obvious suspicious situation.
I have used a grinder to take off a bike lock (I owned the bike) in broad daylight in Downtown Denver on a main street. A local business even allowed me to use their power outlets. Not one person questioned me or asked me to see proof of ownership. I was fully prepared to have to deal with cops or at least a good samaritan, but nope, plenty of people watched me do the exact thing a bike thief would do and didn't ask any questions.
> Most people would be absolutely astounded how bold you can get with a safety vest and/or a clipboard, and how passive most people are to an obvious suspicious situation.
I don't think they'd be surprised at all.
What the hell am I supposed to do if I see someone stealing a bike or whatever? Stop them? Hell no, if they have tools then it's a good bet they have weapons. Call the cops? They don't care; recently they don't even pretend to care.
Pretty much all you can do is say, "knock it off" and maybe they stop (they won't).
Yeah as long as we don't have unrealistic expectations from our $30 deadbolts and our $5 combo locks it's fine. But people sometimes buy the cheap thing and expect it to perform as well as a really expensive thing.
Some are still resisting this kind of attacks. The hiplok D1000 has a thick rubber like abrasive coating that makes it super hard to cut through the metal with power tools
Actual thieves are most interested in low effort/fast methods of bypassing locks. Master single pin picking to LPL's level and the thief might as well just turn locksmithing into a career instead of stealing. Low effort attacks like shimming, raking, bumping though might be worth a thief's time to learn.
It is actually surprising just how little brute force many semi-decent padlocks can handle. A decent mallet and some force concentrator and I think good amount of them will fail.
I just need to be able to show the insurance company a police report and obvious tampering. On video, someone using an aluminum shim looks the same as someone using a key, and any evidence would require some decent forensics. Same goes for skilled lockpicking and bump-keying. Ideally, the weakest link should be the door, the hinges, the shackle, etc.
I don't think there's much of a point. If the thief came prepared with tools and is willing to make a lot of noise, there's not a ton that can be done.
Without even exotic tools, what are the odds the door the lock is attached to will withstand a crowbar? Or the same mallet and force concentrator applied to the door/hinges/where the lock attaches?
But usually the thing that's locked up can survive even less brute force than the lock -- a storage unit near mine was broken into, and the unit owner (who was there with the police) said the thieves just pried off the storage unit lock, the sheet metal door literally tore and the entire locking mechanism came out.
This was an outdoor unit, the thieves came in over the fence (the barbed wire on the fence didn't slow them), and left the same way. If I had anything valuable, I'd keep it in an indoor unit where at least there's a locked door in the way.
Barbed wire is security theater. It was invented for cattle, and it does a reasonably good job of keeping cattle confined. (It doesn't work well for horses because horses are even more stupid than cattle and horses repeatedly injure themselves on it and the wounds get infected.)
Barbed wire doesn't work for humans, especially humans who have some familiarity with it.
Barbed wire worked well for human soldiers in WWI. It was part of a security system that also included trenches, artillery, machine guns, and active counterattacks, but it was a crucial part.
I assume that means humans with adequate tools. If I didn't at least have some wire cutters or a carpet I don't know how I would get through it without grievous injury. (I further assume we're not talking about the serious barbed wire from WWI.)
There are diminishing returns. Just look at bike locks. Anything higher than trash tier, and the issue is finding a dedicated bike stand, since anything else will get destroyed by the grinder faster than the lock.
Instead of declaring all bike thieves felons and imprisoning the 1% of them we manage to catch, we should spend our money on sting operations that catch the 50 or so individuals in each city that steal 80% of the bikes, and reserve the felony treatment for repeat offenders.
I helped catch one of these repeat offenders when my bike was stolen. When it was recovered they told me they had a huge warehouse of bikes that nobody would claim, and mentioned 90%-ish of all bikes aren’t recovered and they were having space problems just storing all the unclaimed bikes. First thing we actually need to do is get people to register their bikes before they’re stolen, and then report them missing after.
Funny side note, the cops actually offered to let me setup the sting, make contact with the thief and pose as a buyer. I was sure they’d sternly recommend I do not get involved, so I was very surprised, but it was a busy night when I called and they had no officers immediately available. I did make online contact, but due to delays setting up the meet, the cops ended up handling it without me, and when I went to pick it up they were rightfully very proud of catching the guy and being able to return the bike to me.
I like the bait bike operations some police departments do to catch the shops buying stolen bikes. Addicts steal things they can fence and cutting into the business side means you don’t have to catch nearly as many people, although Facebook is determined to fill some of the gaps.
I learned this as a kid: that big, chunky padlock on our garden shed could be busted open by a 10-year-old with a cricket stump and 3 seconds of pulling.
It depends on where you live. I guess it's not uncommon to hear about someone entering a building "as the delivery guy" just to try to pick a lock and see which one opens.
If you make too much noise people will get suspicious and might call the police.
Which is relevant when you're defending against Ocean's 11 or the Mossad, but for the other 99.999% of us, the lock is there to keep a bored teenager or a meth junkie out.
Or, more realistically, to convince an insurer that we've made a token effort to keep them out.
Yes. I once saw a guy open a bike U-lock using a car scissor jack and he was done in about 20 seconds and the bike was gone. Nowadays there are very good battery powered grinders that can take a cutoff wheel and no padlock is going to resist that.
Get a used pickup, get some vinyl letters at home Depot, put something like "a+ home services" on the side, and you can probably break into a few dozen suburban homes without anyone reporting you
A portable plasma cutter? What is this, Star Trek? Are there some extremely-high-power-density battery-operated plasma cutters available on Aliexpress that I haven't yet run across? Or maybe I should locate my safe far away from my stove/dryer receptacles?
But people have been welding with batteries for ages. The most primitive welder is a car battery and a couple of wire leads. Tons of videos of it on YouTube.
Yeah, fair enough. Two car batteries in series is even better.
Not easy on the batteries, but it will get the jeep out of the bush.
You can also make your own stick electrodes from coathanger wire tightly wrapped in paper.
I couldn't tell you how many pairs of sunglasses you should parallel to protect yourself...
This rig, on the other hand, is something you could pack into just about any plant and fix something with without raising any eyebrows. If you have $5,000 to spend, that is. Super handy for small jobs in hard to access places.
Batteries in series, typical stick welding voltage is ~27v. You might be able to light up on one battery, but you will quickly learn why it's called "stick" welding.
I wouldn't arc weld with any number of pairs of sunglasses, that was firmly tongue-in-cheek; but yes you are right, stacked glasses would be series.
Also, if you try this, before pulling the battery from the non-broken jeep, drive it to the top of a hill so you can bump start it later when the battery is too dead to turn the engine over.
I doubt you could charge them faster than the welder can run them down, so you might want three sets and two gang chargers if you want production anything like a plug-in machine.
A while back I was making a point about the border wall farce--and found everything I would need to do "portable" plasma cutting on said wall on Home Depot's website. Not pick it up type portable, but put it in a wagon type portable. (Generator, not batteries.)
I don't know how anybody can look at those rusty metal pylons and not think their natural habitat is at home on top of a 40 year old white Toyota pickup with a suspension that long ago achieved sainthood. Like if I were looking to attract illegal immigrants, those pylons would be exactly what I would use. But then again isn't this just the standard fascist pattern? Propose a comically self-defeating solution to some problem, and build a tribal identity around aggressively denying the obvious. It's like the social justice preaching to the choir writ large.
You can pick up a wholly self-contained plasma cutter in Lidl or Hofer in their "cool tools week" for about £100 these days.
It wouldn't be beyond the wit of man to hook that up to a biggish inverter and 24V worth of deep cycle batteries on a small trolley, maybe a wheelie suitcase.
Entirely depends on what manner of thief we are talking about here, what they're going after, how important it is to them, and how much they care about the owner knowing the lock was tampered with.
This is why I don't like such black-and-white opinions... I think the answer is rarely so simple.
I think it's largely a class or educational divide. I come from a very hick, redneck, working class area. People use black-and-white statements and course language with the understanding that corner cases will exist anyway. My use of this type of language common in more middle America is something I find the more silicon valley or tech centered HN constantly finds issue with.
It's common in more upper-crust / educated circles to shit on people that use more course, black and white language. I believe it has more to do with cultural divide than misunderstanding that rare/corner cases exist.
In another recent exchange on HN, I was damned for using the word 'never.' They didn't even explain why, just said they wouldn't believe people that used it. I was using it in the redneck sense "you'll never get that girl" as in it's extremely unlikely to the point it's hardly worth even considering, rather than the nerded out version that it means the chance is literally precisely 0.
FWIW I come from a non working class background ( but am not American ). My friends and I routinely debate in such a manner, and don’t see any problem with this. If confronted with a stranger we might be a bit more cautious ( basically we’ll state the rules of the conversation) but that’s about it. If needed, we’ll sometimes be a bit more accurate.
I understand your statements as you mean them - I default to giving you the benefit of the doubt, and automatically assume that black and white statements are shortcuts. Only, and only if you seem to not understand nuance then I will adjust my stance, but I usually assume you do!
I think the problem can be described as assuming good faith in the argument - that is, that you're talking with someone who you are presuming is attempting to communicate, not just "win" the conversation.
The difference becomes clear very quickly - if there's a genuine misunderstanding, someone will clarify and move on; if someone is trying to rules lawyer the conversation, it won't.
> Low-intelligence people are masters of black-and-white thinking. It's also part of a psychological defense mechanism called "splitting."
> They only seem to think in terms of opposites, ignoring the grey areas in between. Reality is too complex to be interpreted only in opposites.
> As a result, they tend to simplify everything. While simplification is useful sometimes, not everything can, or should be, simplified. Knowing what does and doesn’t require simplification signals high intelligence.
The problem is when you speak in absolutes while simultaneously "not meaning it" that way, is that this is not conveyed to the people you are speaking to, so we can only assume that you did mean it, and now we think you're being unreasonably generalizing.
And I think it's pretty hard to have a useful conversation if we cannot use agreed upon terms to convey what we mean. If you know that not everyone will understand your intention by saying it that way, then why do it?
I'm saying that some people don't understand that some cultural uses of black-and-white English indicate practical precision rather than absolute theoretical precision.
Issues with master locks are hardly new- back in the 1980s, I downloaded a file from a BBS explaining how to open a combo lock (basically by pulling on the shackle while turning, and a few other tricks.
In Texas, they implement "hurricane lanes," which just means during disasters, you can legally drive on the shoulder. In practice, I've seen it where all lanes are made outbound-only.
If you live within 10 miles of a US Nuclear Facility like me, NRC requires they send an annual calendar marked with siren-testing dates and escape-route maps. You can request free iodine tablets, for use while you're irradiated in traffic.
But IMHO both examples are mostly just coping mechanisms, designed to give panic direction.
That was such a bad book. Seeing how much of it is incorrect, made up, exaggerated etc. I never would have had much interest in the Soviet Union until I read a few trash books including that one that are hyped by westerners.
Though that quote is pretty good. Works well for liberal democracies in modern times
I don't use a cellphone anymore, but back when I did (circa iOS 12) it was not possible to have the text large enough for me to read while still displaying all ten digits of a phone number.
Example: `212-555-1234` would display as `212-555-12...` in my call list.
----
I have owned and primarily used Apple products since 1992; their accessibility options seem to be going backwards. An iPhone screen would still have more than enough space to display information if the UI weren't completely crammed full of junk.
It is so frustrating when I help older clients and (unbeknownst to them) some stupid notification re-focuses attention. Often they'll keep [-s-l-o-w-l-y-] typing and then get frustrated that "the computer did something I didn't tell it to, without even warning me it wasn't listening to my keystrokes anymore..." [e.g.] — this used to be eye-rolling user error, now it's just expected operating system behavior.
----
Pro-tip: You can essentially disable Apple notifications by setting `Do Not Disturb` from 3:01am - 3:00am
I spent few semesters of college sober, mostly just coasting through intro-level courses on my way to grad school. But it was magical when I actually cared about a subject / instructor, and got to know them during group study sessions / office hours. I learnt physical chemistry from one of the co-inventors of white LED — the baddest bitch in that college town (she did not gifeAF about anything but her own incredible inventions). Her equally-brilliant husband was my academic advisor (but you would never suspect they're married) =P
Our alumni network sends out a quarterly academic publication, and it's always nice to see how certain former peers/instructors "panned out" — e.g. a former classmate is now a nobel laureate (mutually-unknown, but I supported his team's hardware as a student job). My favorite are former TAs from my introductory labs that are now running their own quirky laboratories (many of us smoked.erryday.homies, at least at the time..).
It was only a decade after grad school that I realized how important people / networking can be. I am not a typical graduate, but "go Dores."
>What shocked me was the massive variation in prices for the same model [AMD v. nVidea]
I am not a tech wizard, but I think the major (and noticeable) difference would be available tensor cores — that currently nVidea's tech is faster/better in the LLM/genAI world.
Obviously AMD jumped +30% last week from OpenAI investment — so that is changing with current model GPUs.
The most memorable thing from that talk was the given definition of "intercepted communication," which to their definition simply meant that a HUMAN agent had catalogued some piece of information.
The official story I was told, still pre-Snowden — while working a contract electrician gig for a state three-letter agency data center — was that it would simply be impossible to retain that much data [and I would then walk in to 100k-sqft+ floor with petabytes of storage].
In those days metadata was among the fancier data-gathering tools (ahh... simpler times!), and now we have machines which effectively think/schizoid-out on infinite amounts of data —— all non-human [so therefore non-intercepted] data.
Add me to this list, too, clanker.
Happy surfing.
reply