Miguel’s last post pissed me off because I hate that fuck, The Lockpicking Lawyer.
This is a story from last week.
Unattended child shoots self in leg in Decatur Publix parking lot
Decatur police are investigating how a young boy shot himself in the leg in the parking lot of a grocery store this morning.
A police spokeswoman said the incident happened at 11:52 a.m. in the parking lot of Publix off Beltline Road S.W.
The child was left unattended in the car with his sister while their parents were in the store shopping, authorities say. Somehow the boy got the gun, which was loaded, and fired a round, shooting himself in the leg.
I have a gun in my car because I can’t carry it into work. It’s locked in one of those cable lock pistol boxes made by a large, reputable gun safe manufacturer.
It has a cylinder lock on it.
The Lockpicking Cocksucking Motherfucker Lawyer hates cylinder ocks. He has his special tool and picks them in seconds.
You know who doesn’t have a cylinder lock picking tool?
My six year old son.
So is a cable lock pistol box looped through the frame rails of the driver’s seat as secure as my over built Ft. Knox safe with the 1/4 inch thick body and S&G combination lock?
No.
Is it enough to keep my son from touching my gun if he gets out of his seat while sitting in the truck while I’m running into the gas station to get him a drink?
Yes it absolutely fucking is.
Is it enough to stop the guy why might open my door and grab what is lying on the seat while I’m pumping gas?
Almost certainly.
A $25 cylinder lock cable lock box is enough to do the job I expect of it under the circumstances I bought it for.
That it doesn’t give the Lockpicking Dipshit Lawyer a hard-on while he’s sitting at his table with his tools, he can go fuck himself with his cylinder lock picking tool.
Perfection is the enemy of good enough.
For want of a $25 good enough lock box, a child shot himself in the leg.
My kid won’t because I have the $25 good enough lock box.
“Miguel’s last post pissed me off because I hate that fuck, The Lockpicking Lawyer.”
My job here is done 😀
Some of the software I create does encryption or related security stuff. Anytime we have a design discussion, I always remind my colleagues of the first question to be answered: “What are the threats to be addressed, and what are the threats we do not need to address?”
If you don’t know the threats that matter, or you choose incorrectly, your design will be bad. It might miss a threat that matters, or it might be far too big / expensive to do the job that actually does matter.
The point J raises here is exactly that point, just applied to metal boxes instead of computer programs.
I dont understand your hatred for this guy.
Also your contractor box is not secure enough.
Because he evaluates locks from the perspective of a semi professional lockpick/security expert, from the comfort of his kitchen table with an array of tools, and no assessment of real world scenarios.
“This lock sucks, I picked it in a minute.”
Okay? And?
Maybe a $5 Master Lock he can pick is enough to lock a 6 foot chain link fence. Anyone willing enough could scale it faster than picking the lock.
If you own a $50,000 H&H double rifle, put that in a $10,000 AmSec TL15 safe.
If you have a couple of Taurus revolvers, the Stack-On Costco $399 special is sufficient.
This guy doesn’t give you perspective on cost vs effectiveness for given threats.
The guy attempting to steal your Taurus revolvers out of your Stack-On safe is 99.995% a junkie looking for something to trade for drugs. Not Ocean’s 11.
He berates people for “good enough” locks because that’s his fetish, but people treat him like a security expert.
Interesting perspective. I don’t recall a video where he berates anyone but I can’t say I’ve watched all of his videos either.
True enough I haven’t seen a video where he discusses cost vs effectiveness, but I also don’t really think that is his thing.
My take away from his videos and his criticism is you think you are buying security, but you are really just buying the marketing, the fancy packaging, or the idea of security.
The demonstration of defeating common security products with simple and widely available tools is to prove that point, and show the serious design flaws.
To me it is like how thieving rings that target cars, either the contents or the cars themselves, are starting to go around using programmable keys etc because they are widely available and easy to use and that is the same with these physical security products, that a “pro” could easily defeat it with minimal investment in tools, knowledge, and time. It isn’t a significant step up in sophistication.
But your cost vs effectiveness argument is not on deaf ears, for sure if all you need to do is prevent your kid from getting the gun while you run into the gas station yea anything lockable will work. If you are trying to truly securely store things then no, not sufficient.
Security in depth. That is the name of the game.
Every single security device I know of can be defeated with enough time and tools.
All those stories of people starving because they couldn’t open a can because no can opener? Rub the damn can against a rock in in a bit of time it will open.
My gun safe is not a huge deterrent. I bought it to meet Maryland requirements. I lost the keys in a move. It took 10 minutes with a drill to drill out the lock and open it. It took 15 minutes to install the new lock.
But you know what? My key ring has a tool that will open that safe in seconds with no damage.
To get to that safe you need to enter my home. My home has active defenses. You have to defeat this first.
That cheap cable box isn’t going to stop the lock picking prick. The locked car door will at time.
I know the lock box I use for quick access isn’t secure for long term attempts. It has a limited set of combinations. When I use it on a setting were people have access I don’t leave anything of value in it. But I have no problems transferring my carry weapon into it for the day when I’m going to be at or near my desk.
Do the right thing, sometimes that’s a half crap answer that is much much better than doing nothing.
Re MD requirements: safes have “work factor” ratings, which say how long it takes an expert equipped with a given set of tools to open the safe. You can buy a range of ratings for a range of money (and weight).
Insurance companies may require you to store certain kinds of valuables in a safe rated at least X, where X depends on what you’re dealing with. If you’re a jeweler, you’re probably dealing with something like that. If you live in a state that has gun storage rules, ditto. The gun storage container standards tend to be quite weak as a rule, I’ve noticed.
Here too you find analogous things in software security. With one exception, all encryption systems can be broken with sufficient effort. The design goal is to make breaking them “infeasible” — not likely to succeed before the data has lost its value.
(The one exception? “One time pad” — when used correctly.)
Yeah, not even a bank vault costing multiple tens of thousands of dollars is proof against professional thieves with enough uninterrupted time and the right tools. You have to assess the threat, assess your budget and location restrictions and act accordingly. I am amazed at the stupidity of people who refuse to do things (not just protection of valuables) because nothing is perfect so therefore there is no use doing anything. As for the dipshit lawyer, he deserves a severe beating with the cluebat of truth for violation of OPSEC.
Yea. Remember the guys in LA who went up the concrete spillway under a bank and drilled a 3foot hole in the floor of a bank vault? Anything can be defeated…. I dont care for his attitude. Hes too smug. I have a 3 foot pair of bolt cutters-THAT will defeat most locks heh heh.
One of the companies I worked for bought an old building to house the company. It was built back in the 1800’s and had a vault. An honest to goodness vault from the 1800s. It was locked when we bought the building and looked very sturdy. We were curious but not willing to pay to have it opened.
When our security officer was hired we asked him if we could use the vault for storage to meet current DoD standards. His answer was “hell no”. He walked up to the safe and within a few seconds, less than 30, he opened the safe.
Not only do security devices have to protect us now, they have to have a secure lifetime that is long enough to allow for an upgrade before security becomes a joke.
A Computer Science example of that is DES. The Data Encryption Standard. When it was made a federal standard the NSA was involved and everybody just assumed it was because they were putting in back doors. Doing things like reducing the key length from 64 to 56 bits didn’t help our confidence. Years later a new cryptoanalysis tool was “Discovered” and people applied it to DES. They found that DES was not susceptible to that attack. They then looked at the original submission and found that it WAS susceptible. I.e. The NSA took out a weakness that the public didn’t know about.
Regardless of that, a couple of years had passed and somebody announced they were going to do a DES challenge. They were going to encrypt something with DES using best practices, release the cypher text and the first person or team to crack the message would get a reward.
A bunch of people got set up to contribute spare cycles to the task, planing on using a distributed network to do the crack.
They announced the start and released the cypher text at 0000 UTC. I woke up the next morning and fired up my system to start the distribute crack. No work for my computers. I went and read the site and found that the cipher text had been cracked in less than 10 minutes, IIRC.
A university team made up of a bunch of grad and undergrad students in a “make custom chips” class had designed and manufactured a few thousand chips and got them all working. They were able to download the challenge to these chips and the chips did “we think this key might work” attacks and then a real computer would evaluate the “maybes”. Even they were surprised at how fast it went.
I see the lockpicking lawyer as entertainment. I’ve been playing with locks since I was in junior high, taking them apart, making keys, making picking tools, picking them, etc. When friends would ask me for recommendations for better front door locks, I’d always ask about the door, the windows near it, the construction of the frame, and the rest of the doors to the house. There’s no point in installing a Medeco double-cylinder deadbolt on a steel front door when you’ve got a plain wooden door with a Quickset key-in-the-knob lock at the back of the house. Worry more about kick resistance than pick resistance. In other words, as you say, protect against the likely threats before considering the unlikely threats.
Similarly, unless you need quick access to a gun safe, most people are far better off with the typical S&G mechanical combination lock than with any of the electronic substitutes. A student group of which I was a part at MIT, insisted on replacing S&G locks on a money safe with the MP (“manipulation proof”) version. I couldn’t convince them that it was far more likely that missing money was evidence of either dishonesty (money never made it to the safe, or was removed by someone with access) or carelessness (the safe wasn’t properly closed and locked) than manipulation of the lock. People always want to blame the hardware, when the weakest security link is always the people.
YMMV
I’ve watched several of his gun lock videos & I have noticed that when he’s talking about lock boxes, he makes an important distinction that you have not picked up on. He often says if a box is suitable for theft prevention or access control. Some of the boxes he defeats is with things like a butter knife or a friggin nail hook to turn a cheap ass wafer lock. No fancy tricks needed. I own a hornady tripoint because he showed it was resistant to the fancy tools & had to be hand picked, which is a lot harder to do in a parking lot.
I see a market for a strong universal lock box that you easily replace the lock system with your own. Such as with an Abloy cam lock or various other ones. So each unit might be different & you can put whatever you can afford in it yourself. All you need is a solid well designed 16 gauge steel box, hinges, and latching mechanism.