I worked at a company that had effectively no physical security during work hours until the second time someone came in during lunch and stole an armload of laptops.
Then we got card readers and a staffed front desk, and discovered our snack budget was too high because people from other companies on other floors were coming to ours for snacks too.
I never felt the office was insecure, except in retrospect once it was actually secure.
fxtentacle 1 days ago [-]
I once lived in Singapore for a while and we were all sure that nobody would steal anything anyway, so we just never bothered to lock the doors. (That was also very helpful if you wanted to stop for a quick coffee with a date in the middle of the night.) You could see the MacBooks from the street, but nothing ever went missing. I don’t know what exactly it was, but Singapore felt incredibly safe and crime-free.
I used to accumulate a pile of change on my desk from buying coffees.
Never got touched across about a hundred different offices around Australia (I’m a consultant).
Except once: the pile was replaced by a $50 note and a hand written apology saying the guilty party needed change for the parking lot machine. I had less than $30 there in coins so… profit!
dormento 7 hours ago [-]
I had mine stolen from my desk, way back when i had a job at a state company. I used to keep it inside a small metal can (i guess i just enjoyed the rattling sound it made). Thing is, I also kept a desk drawer key inside the can, so the thief also got my key.
There was video.
I had to have the desk drawer changed (which made for quite a spectacle in an open plan office).
None were punished.
jiggawatts 16 minutes ago [-]
> None were punished
So, did the video identify the perpetrator?
If so, I feel like there must be more to this story…
stevage 1 days ago [-]
Wait, explain the quick coffee bit? You'd let yourself into a random person's house to make coffee?
landgenoot 1 days ago [-]
I think it's the coffee machine at the office
halapro 16 hours ago [-]
And potentially some comfy couch
dominicrose 12 hours ago [-]
Meanwhile in the UK $250k worth of Cadbury bars stolen from shops...
1 days ago [-]
ThrowawayTestr 1 days ago [-]
>I don’t know what exactly it was, but Singapore felt incredibly safe and crime-free.
The extreme punishments for breaking the law might have something to do with it.
some_random 23 hours ago [-]
It's not actually the extreme punishments, it's the consistent small punishments. It's that you'll actually, seriously get a ticket for littering, even if it's a relatively small ticket. The "Fine City" enforces it's vision in a ubiquitous way, so people just don't break the rules.
lenkite 15 hours ago [-]
> It's not actually the extreme punishments, it's the consistent small punishments.
Not just the consistent small punishments, but the painful punishments. Pain is an extremely good, human motivator. Why destroy someones life and spend valuable taxpayer money with a 10 year imprisonment, when a rigorous caning session will be 10x more effective ? Many criminals will loudly thump their chest if punishment is merely jail but will dance on eggs to avoid buttock-pain.
Singapore recently introduced 24 strokes for scamming and fraud.
I guess Singapore doesn't have a lot of masochists?
lenkite 14 hours ago [-]
Even Masochists have a limit to Pain Tolerance. Unless you are talking about 1-in-a-billion "Ironman" guy with dead nerves or someone totally drugged, the overwhelming majority of human beings cannot last beyond the 10th stroke at the maximum without begging for mercy.
Singapore's judicial caning officers (jokingly called "commandos") are trained to deliver strokes in a way that inflicts MAXIMUM pain while staying within strict procedural limits to avoid permanent injury.
Officers undergo specific training on posture, swing technique, accurate aiming, and using full body weight to generate high force and speed, up to around 160 km/h at impact, with forces exceeding 800–900 Newtons.
"Strokes are precisely placed to avoid criss-crossing (creating a neat "ladder" pattern) and to ensure consistency and full effect rather than randomness."
The explicit goal of the technique is to maximize pain per stroke: they are trained to induce as much pain as possible with each blow.
There are several examples of criminals who had multiple arrests and jail sentences, but after their first and last caning session quit criminal life and turned over a new leaf.
bschwarz 11 hours ago [-]
Considering caning often creates scars I don't see how it avoids permanent injury.
stanac 14 hours ago [-]
Caning is really extreme. I watch a documentary on it. Punished person would avoid going to toilet (#2) for days because of how painful it is. They would not eat anything to prevent #2.
This seems like the most effective solution. Imagine if you knew that if you littered, there is a 100% chance you would get a $10 fine immediately. Almost no one would litter ever again, even though the fine is much smaller than the fine is in most countries.
Problem is it just takes a lot of resources to police, more than the fine revenue. But with CCTV and computer vision it's getting increasingly cheap.
Unfortunately, the US and many other countries have chosen the other path (sporadic enforcement with severe punishment) largely because it's easier to implement. There's a lot of momentum to change this but it's politically difficult at least in America.
acchow 21 hours ago [-]
> But with CCTV and computer vision it's getting increasingly cheap.
The barrier in the US isn't cost. It's a right to privacy and a culture of distrust of government.
tolerance 18 hours ago [-]
I think that barrier may be weakening. I reckon that the people most concerned about crime are willing to sacrifice their privacy and defer to their government to prevent crime.
yellottyellott 18 hours ago [-]
Some people, sure.
But I think the shenanigans of ICE are making people more aware of the importance of privacy. Look at the backlash Ring (lost dog superbowl ad) and Discord (age verification) and Nest (Guthrie case) received just this year.
tolerance 17 hours ago [-]
The people I have in mind are the rich, poor and those who fantasize becoming wealthy and fear going broke. I’m uncertain how much these demographics account for the US population and empirically speaking I’m unsure of the gravity of the PR stirs you named. I really don’t know if privacy is the foremost concern when the types of people I’m thinking of consider ICE either.
It really seems to boil down to whether these types of people can be effectively sold on the virtue of tearing down the barriers of privacy and government. If they aren’t already implicitly sold to that then all it takes is for the powers that be to do a better job at marketing their initiative.
20 hours ago [-]
yreg 14 hours ago [-]
My city semi-recently introduced a citywide parking system. They have hired plenty of inspectors and there is like 95% chance you will get a ticket if you don't pay for the parking.
No one breaks the rules intentionally anymore.
nkmnz 12 hours ago [-]
I‘d rather live in a littered place, thank you.
japanuspus 16 hours ago [-]
"Gnonom" by Nick Harkaway describes a society that takes this all the way to invasive mind-reading. A very special read.
pjc50 12 hours ago [-]
Yes, but it's a difficult equilibrium to reach. It's easy to ticket 100% of littering if not many people are doing it.
There is another side to this, which is that the police need to not hassle people who are not committing crime. Which is why you'd struggle to adopt this anywhere in America.
halapro 16 hours ago [-]
Don't people feel anxious all the time? I do when I visit certain places like Singapore, where any misstep feels illegal.
khafra 15 hours ago [-]
I spent a few days in Singapore, long ago. I felt slightly anxious, but mostly because I wasn't familiar with the rules. I'm confident that, if I spent a year or two there, I would quickly become far less anxious than in other places--because the rules are so clear and consistently enforced. The less of a judgement call is involved, the less there is to be uncertain about.
Think about it: Is it better to have a posted speed limit of 65mph and a real speed limit of 75mph, and you just have to learn from experience where the real limit is? Or is it better to post 75mph and fine any driver as soon as they exceed it?
account42 11 hours ago [-]
The point of poster a lower speed limit than what is applied is because both the sensors used by the police and in your card are inaccurate and it's unreasonable to constantly fine people who thought (and perhaps even were) within the limit.
And this applies to most other laws too - we can't expect everyone to know all the edge cases so some leniency for honest mistakes is needed.
linkregister 15 hours ago [-]
The residents of Singapore I've known seemed at ease in public. The rules really aren't that unreasonable. How much littering do you do annually? I would guess the annual litter count of my friends averages around zero.
Press freedom is limited in Singapore and that is a significant problem for its democracy. As a tourist this is unlikely to impact you. Otherwise, rule of law is paramount in Singapore.
HauntingPin 15 hours ago [-]
Don't litter, don't do drugs, don't chew gum, don't drink in public after 10:30pm, and only smoke in designated areas. It really isn't that difficult.
halapro 12 hours ago [-]
> It really isn't that difficult.
Surely the entirety of the law is encapsulated in your comment. Certainly you won't get in trouble for carrying something as innocuous as an empty vape cartridge. You won't get fined for crossing the road in the wrong place, absolutely.
Singapore is just an example. Its more invasive big brother can be found just north of it.
brirec 22 hours ago [-]
The failings of the broken windows theory[1] would strongly disagree.
So what are the failings? A quick skim through the Wikipedia article found plenty of criticism, but all the evidence I could find in my quick skim was in support of the theory. It's very likely I missed something in my skim; could you point to a specific section of the article where the evidence against the theory is presented?
z33k 13 hours ago [-]
I would be surprised if we ever got evidence against the broken windows theory, simply due to crime in general being a (wicked problem)[https://en.wikipedia.org/wiki/Wicked_problem].
wredcoll 1 days ago [-]
> The extreme punishments for breaking the law might have something to do with it.
Historically speaking, this is almost never true. People constantly think the solution is crueler punishments and we have hundreds of years of records of what happens.
hamdingers 24 hours ago [-]
People who commit crimes generally do not think they will be caught and therefore the punishment is of no concern to them. The better way to deter crime[1] is to convince more of the public that people who commit crimes are usually caught. Preferably by actually catching people who commit crimes.
1. aside from the obviously effective but difficult to implement deterrent of meeting everyone's physical needs
cortesoft 23 hours ago [-]
A lot of crimes are also committed by people who genuinely don't think about the consequences when they are acting. It doesn't matter how bad or how certain the consequence is, because they aren't thinking about it at all.
akoboldfrying 23 hours ago [-]
But apparently there are far fewer such people in Singapore. How would you explain this?
I think the explanation is that growing up in an environment where even small infringements are consistently punished makes people think about the consequences more.
rmunn 20 hours ago [-]
This is exactly right. People who get away with some rule-breaking, whether it's large or small, once will start to think maybe they can get away with it a second time. Get away with it a dozen times and you start to think you can get away with it every time, leading to the "people who genuinely don't think about the consequences when they are acting" that cortesoft mentioned. That sort of behavior isn't just a facet of personality, it's trained (or it might be more accurate to say, it wasn't trained out of them — all children act on impulse, it's the nature of children, but if their parents consistently punish them for sneaking cookies out of the cookie jar and they never get away with it, they eventually learn not to do it in the first place and to think about the consequences before they act).
So when a lot of people grow up in an environment where small rulebreakings are consistently caught and punished (the former is more important, can't punish what isn't detected), they learn from an early age that rulebreaking carries consequences nearly every time, and you end up with far fewer people willing to break the rules.
wredcoll 6 hours ago [-]
This is just... wildly vague. People break rules for all sorts of reasons, ignorance, desperation, mental impairment, sometimes just plain maliciousness or greed.
It's one thing to discuss something like a school campus with a small cohort of relatively similar wants and needs and a relatively small set of rules, it becomes much more complicated when dealing with the entire society's interaction with laws.
akoboldfrying 34 minutes ago [-]
How would you explain the observed difference in behaviour then?
decremental 22 hours ago [-]
[dead]
tsimionescu 16 hours ago [-]
I don't think that is a significant proportion of crime, though it certainly exists. Most crime is organized (theft, pickpocketing, robbery, kidnappings, drug trafficking, sex trafficking, racketeering), or it exists in an atmosphere of impunity, where there is a baseline assumption of no consequences (Epstein files, rape culture in certain industries).
lenkite 15 hours ago [-]
> People who commit crimes generally do not think they will be caught and therefore the punishment is of no concern to them.
The mere possibility of severe butt-pain keeps all the would-be criminals in line.
I can definitely get away with it, but just in case I cannot - it's not a mere jail holiday that I face as consequence - I wont be able to even sit down without screaming like a baby -> The foolish criminal becomes wise and the hardened criminal becomes enlightened with this fundamental realization.
The Possibility of Pulverizing Pain via the Holy Cane is the Divine Motivation to Obey the Law.
broken-kebab 23 hours ago [-]
"Hundreds of years of records" sounds like a big exaggeration. I don't think we can reliable talk about more than 150 years, and even that would be sparse, covering only some lucky countries. And this data is hard to evaluate as adjusting it to culture shifts, economy changes, and even to what constitutes "cruel" in different periods isn't easy.
I think, it's reasonable to suspect that demonstrative cruelty in crime punishment may have bad side-effects in the long run, but there are just a few cases in recent history where at least short-term outcomes seem to support the claim that it may reduce crime levels.
wredcoll 6 hours ago [-]
> but there are just a few cases in recent history where at least short-term outcomes seem to support the claim that it may reduce crime levels
Those studies would be interesting to read, can you link them?
Camus134 24 hours ago [-]
[dead]
irjustin 23 hours ago [-]
That is just the part that gets the most press. Having lived here for a while now.
1. At a young age, you're taught to follow the rules.
2. "Someone's always watching". Lots of CCTV. Community reports.
3. Plenty of police who have the ability and time to investigate even the most petty things.
Trust in the system starts with 1 but is really carried day to day by 3.
zdc1 6 hours ago [-]
As someone who's lived there, it's definitely more about the consistency. Generally speaking, if you make a police report, it will be investigated. This includes for smaller issues like lost items too. From what I understand, their courts also give fairly consistent sentences.
Combine this with the fact that Singapore is small and full of security cameras, and it create a situation where breaking the law carries a decent risk of getting caught as police will have the willingness and resources to investigate.
On top of this, a massive proportion of the population are there on work visas. For these people, any sort of crime or bad behaviour would mean deportation and loss of their job.
I would say it's the carrot and stick play, they're really good at it. Outsiders/foreigners only hear the things about fines and caning and the death sentence and no chewing gum. But they don't see the carrot part. For example they give conscripts something like a 401k top up and some other benefits to attend their reservist trainings. Of course if you don't turn up it's probably jail or some shit. They also pay them to keep in shape through PT exams, and they also reimburse your salary for the time taken. Conversely if you don't turn up there's a fine or some tedious make up sessions.
StopDisinfo910 1 days ago [-]
I don't think it explains everything.
I think social norms have a lot to do with it. It's like the actual social costs of being the one who broke the social trust is so high it dissuades people.
It worked for me on a lower level. Everyone cut queues and will grab an empty seat if it looks available at a packed restaurant here so I do it too but I never did that when I lived in Singapore because I knew that's not how things work there and people would genuinely be mad at me for doing it.
It's like a self-fulfilling, self-improving environment. Same with Japan and cleanliness.
State provided housing for most and a booming economy with low unemployment must help too.
ralferoo 12 hours ago [-]
I once worked at a place where the receptionist held the door open for a thief who made off with about 10 PCs, taken from random work desks near the entrance.
She thought that because he was wearing a suit and a badge from his "company" that he must have been supposed to be there, and assumed he was probably taking the computers away to be fixed.
There was surprisingly little repercussion for violating the "one card one person" door policy and by someone whose job it was to know which visitors would be on-site on any given day, and so should have known that this guy wasn't supposed to be there.
vidarh 12 hours ago [-]
> There was surprisingly little repercussion for violating the "one card one person" door policy
Presumably because "everyone" knows that "noone" complies with those policies, in part because it's socially awkward to e.g. close the door on someone who tries to tailgate, and so it needs to be heavily and consistently enforced before it becomes more socially unacceptable to be the person who potentially puts their colleagues at risk of disciplinary actions than to be the person who tells someone they need to swipe.
NoNameHaveI 8 hours ago [-]
When I began work at my last company, we all had to badge in to get in the parking lot, where there was 6 lanes 6-10a and just 2 other times. We also had to pass through 1 of 4 turnstyles, and we were subject to bag inspection going both in and out. We were trained to NEVER leave my badge in an unguarded location (ie my locked car at home, at lunch, etc). We were also trained to NOT display our badges off campus, especially when travelling.
This made me make DAMN SURE I knew where my badge was at at times. Same hook in the closet. When walking OUT through the turnstyle, I usually either put it in my bag if I had one, tucked into my shirt pocket, or just tucked under my shirt.
joshstrange 11 hours ago [-]
I once worked for a company that had a bad habit of not announcing employee departures (for both firing or quitting). At one point they let the VP of sales go and told practically no one. It came out that he was no longer with the company in an All Company meeting, not even on purpose. Someone asked “Where is X?” and the CEO was like “they are no longer with the company”.
After that I lobbied, successfully but not easily, to have them send out an email that just said “X is no longer with the company” regardless of how/why they left.
The “winning” argument was that if that VP had emailed me (or probably any of the developers) and asked for an export of data (our client list, stats, etc) we would have sent it to him. Probably even with him reaching out from a personal email address or via sms. What IC is going to tell a VP to “follow procedure”? Same deal with if he had followed me to the keycard door and told me he forgot his key card. No one is going to thank the IC who tells the VP they can’t let them in.
3rodents 1 days ago [-]
Twitch had badged entry and still managed to have a couple of incidents in which people walked in off the street to steal laptops. No snack theft though, thankfully some things are sacred.
russdill 22 hours ago [-]
Happened to me in downtown San Francisco. We had keycards, but my manager helpfully held the door for someone.
mikepurvis 1 days ago [-]
What year was that? I was at a startup from 2010 onward and I'm pretty sure we had physical keys until about twelve people and after that it was straight to badges. There was never a time where you could just walk in.
hamdingers 1 days ago [-]
Late 2010s. We actually did have badges but the doors were only locked outside work hours, so nobody carried them.
The thief had to walk past a security desk in the lobby, take the elevator up to our floor, walk past a front desk to the kitchen, then open a door to get to the office area. Probably sounded like enough layers for whoever was in charge of security at the time, but both desks were frequently unoccupied during lunch.
I know we had cameras too, but I never got updates on the investigation. I suspect it was an employee at one of the other companies in our building.
mikepurvis 1 days ago [-]
Interesting. I feel like most places still make you badge into the doors during business hours, and even specifically encourage not permitting tailgating, sometimes tied to a purported safety concern around being able to know who is in the building in an emergency... though honestly at most shops I bet no one has any idea how to get a report like "everyone who has badged in in since 6am this morning".
yreg 14 hours ago [-]
My company worked just like hamdingers describes until about 5 years ago. An x-box went missing at some point though.
lelandfe 22 hours ago [-]
It's been really, really top of mind here in NYC after a guy walked into a Midtown building last year and gunned down people.
PunchyHamster 1 days ago [-]
How the fuck nobody notices some randoms coming to steal snacks in the first place ?
bombcar 1 days ago [-]
There's a huge difference between a company with its own building, and a company that shares a building in some way with other companies.
Many I've seen have it setup so that if you get past the security guard at the lobby, you effectively had full reign of the entire building, including many companies that wouldn't lock the doors or common areas.
animal531 9 hours ago [-]
In the early 2000's I worked at a company where our IT section was in its own building with only about 18-24 or so people spread out over three mostly open plan areas between development, testing and infrastructure.
Even so we still had an incident where two guys walked in and just collected a few laptops before making their escape.
We like to think that we are hyper-vigilant and intelligent as human beings, but in general we tend to just focus on what is in front of us most of the time. We assume that when things are happening that they must be ordinary, or else why would they be happening?
hamdingers 1 days ago [-]
~400 person company spread across a few floors, but only one kitchen. It wasn't weird for people you didn't recognize to come off the elevator and get snacks to take back to their floor.
nkrisc 1 days ago [-]
I worked somewhere with a few hundred employees across 3 floors. If someone wearing business casual walked onto our floor I would have no idea if they worked for us or not.
mystifyingpoi 1 days ago [-]
I work at a company of ~200 people and I already don't recognize everyone. Seeing an unknown face, I just assume they are from some distant team that I never had to interact with, say hi and move on.
atulatul 18 hours ago [-]
Another aspect besides not recognizing everyone from your company is like this- even if someone knows for sure that a person from a different company is helping themselves to snacks, people are may avoid pointing it out. People may prefer to avoid conflicts or make someone else look bad. They are more likely to act if they see someone stealing from their desk, home, etc. That's kind of their domain.
Also, a few other things may also be there- people won't make noise if someone steals snack packets, but they may make noise if someone steals laptops.
Also, if one person steals it may get pointed out more than if a lot of people steal- where stealing is culture, etc.
SomeUserName432 11 hours ago [-]
Feels like every time I drop by the office there's 2-3 new faces I've never seen before.
People I know seems to not take issue with them being there, so I'm sure it's probably fine. Fine enough for it not to be my issue to deal with in any case.
kjs3 1 days ago [-]
We have nearly a 1000 people in my building. I don't track every rando that walks by, nor reasonably could I.
Normal_gaussian 1 days ago [-]
There is nothing here that really tells us the turnstile was security theatre? Or the various key card swipes.
There are many ways to skin a cat; and there are many ways to ensure authenticated / trusted access. If you have site wide security gates, it means you know everyone on site / on a given floor conforms to a given minimal security or trust level, so now you can conduct operations in that area with more freedom. This makes the risk assessments for other actions so much simpler. e.g. Now when the apprentice IT tech leaves the SLT's laptop trolley in the corridor it doesn't trigger a reflash of all of the machines. Or when a key individual misplaces their keyfob (e.g. in the kitchen) it doesn't trigger a lockdown of core systems, because they had it on the way in and its reasonable to trust that nobody stole it.
Obviously the implementation was botched in this case - but "feel secure" and "security theatre" are right as often as they are wrong.
mikeryan 1 days ago [-]
It also doesn’t describe any of the why the additional security measures were put in place. It sounds arbitrary, but could be an insurance or regulatory requirement that the acquiring company needed to meet. Similar for the login issue, it’s suboptimal but what constraints caused that solution to be put in place? And why wasn’t it fixed?
Sans context there’s not a lot to complain about here.
kuhaku22 1 days ago [-]
> Obviously the implementation was botched in this case
The long wait times could easily have been fixed by staggering employee start times. You could even optimize it per building/floor. Sadly, a lot of bureaucrats lack the imagination to do simple stuff like this. (Anyone with a desperate need to have 9 am meetings would just have to suck it up)
mystifyingpoi 1 days ago [-]
> staggering employee start times
Immediately reminds me of Severance.
formerly_proven 1 days ago [-]
Card readers in elevators are theater though. You would need separate vestibules to actually secure entry via elevator. That’s why most buildings have those.
XorNot 1 days ago [-]
Are they? The goal isn't to draw a hard boundary it's to create layered defenses which increase the difficulty and reduce opportunity.
If instead of open access you need to tailgate on a limited set of employees, that increases difficulty considerably and makes the opportunity much less common.
Real security analysis works this way: you don't assume you can build a wall which is never breached.
wtallis 18 hours ago [-]
I'm not sure the problem with card readers is that it's security theater, so much as it's a really inconvenient place to put the security check so the added security is not at all worthwhile. Putting the card readers on each floor so that you need to swipe immediately after exiting the elevator separates the security check from all the ordinary functions of an elevator, and splits up that security checking across a large number of floors instead of a smaller number of elevators. Everyone still needs to go through the same number of layers of security checks, but those checks aren't being imposed directly on top of what's already a bottleneck.
So the lesson that should be familiar to software developers is: retrofitting security (in the elevator) instead of planning for it from the start (with space for access controls between the elevator and the offices) will tend to make the security more painful than it could have been.
inigyou 16 hours ago [-]
Deviant Ollam talked about elevators a lot. You can have the fire marshal's key or an elevator technician's key and know where the secret panel is to override the controls on any elevator, take it to any floor you want, or even between floors, or tag it out of order and hide in there until everyone else goes home. Any elevator shaft should be treated like a door to the outside world, you never know who could come in from the elevator, even if there's a key card.
XorNot 11 hours ago [-]
You're missing the part about layered controls which is what elevator access control is.
Limiting the number of people who can incidentally travel to and loiter outside your primary office entrance is one level of control - it raises the visiibility of interlopers, and creates an initial barrier to even being near the objective.
Everything else you've listed though is also just a big list of additional breaches and crimes someone would have to commit before they can even get near to the target in the first place - i.e. they're relevant, but if you're ingress plan is "steal a bunch of elevator access keys" then you've already excluded a whole host of simple crimes of opportunity.
inigyou 8 hours ago [-]
You can buy elevator keys for not much money on eBay.
chihuahua 1 days ago [-]
Amazon is pretty serious about physical access security. Even back in 2002, you had to scan your badge while a security guard watches, to check if you are the same person as the badge picture.
The same guard also checked if your dog was registered (I think my dog got a badge with his picture, although I think that was just for fun, and not functional)
And no easy ability to enter through side doors - you couldn't open a side door with your badge. At the time, you could still lurk outside a side door until someone else opens the door to exit. Eventually (11 years later) they locked all the side doors because they noticed people doing this sort of thing.
More recently, I think you have to scan your badge to leave so they can even track how long you're in the building, and know when you're supposed to work on site but you were there only long enough to have a coffee and then went home to continue working from home. This last part is second-hand knowledge since I haven't work there in a long time.
xvedejas 1 days ago [-]
> they locked all the side doors
And this didn't get them in trouble with the fire marshal?
amethyst 1 days ago [-]
If it's anything like Facebook, the side entrances (which always had guards sitting by them anyways) were all converted to alarmed fire exits. So the fire marshal would still be happy, but it was far less convenient for employees.
SAI_Peregrinus 1 days ago [-]
Instead of locking they could alarm when opened. Slap a big "Emergency exit only, alarm will sound" sticker on it & link it into the pull alarm system. Treat opening the door without an emergency the same as pulling a fire alarm without an emergency.
malfist 1 days ago [-]
Amazon employees can just use all the ...water... bottles they keep around their workstation to put out the fires.
kuhaku22 1 days ago [-]
> Additionally, the weapon is not limited to offensive use, as it can be used to extinguish afterburn on oneself and teammates
Unmonitored entraces/exits at Texas Instruments had turnstyles or airlock style doors.
dheera 1 days ago [-]
I won't miss the days I had to take a full day of meetings from my car in the Amazon parking lot because there weren't enough meeting rooms onsite, but the badge swipes at the main entrance in-between meetings were needed to not be labeled as an "inconsistent badger".
It was laughable how much effort and money Amazon invested into badge tracking and enforcement instead of directing funds at making the office a nice place that people would want to spend time in and an efficient place to get work done.
Gigachad 23 hours ago [-]
All stick and no carrot. These companies would have to spend so much less effort dragging people in to the office if they just made the office a good place to work.
firefoxd 1 days ago [-]
Author here. I posted this on Sunday for a light read, but I guess it got traction today.
Based on the comments I see here, I think the focus is going on the turnstiles just as it did when I worked there. While the cookie credentials are pushed aside. I think that's the security theater. We are worried about supposed active shooters, different physical threats while a backdoor to the company is left wide open. The turnstiles are not useless, they give an active record of who is in the building, and stop unauthorized people. But they also give so much comfort that we neglect the other types of threats.
latexr 1 days ago [-]
> Based on the comments I see here, I think the focus is going on the turnstiles just as it did when I worked there.
You titled the piece after the turnstiles and spent the overwhelming majority of the post talking about them (and surrounding physical features). The Jira ticket felt secondary, and when it was introduced in the middle of the post I was genuinely confused, thinking why the heck the card system was contacting Jira.
People reading your writing are going to focus on whatever you did when you wrote it. The turnstiles read like the important part.
margalabargala 1 days ago [-]
The part about Jira is important because it highlights that while the company claims to take security seriously, they in fact do not take it seriously.
The incompetence of the turnstiles makes it a good focus for the story while the juxtaposition of the turnstiles with Jira exposes the company's hypocrisy.
Dylan16807 23 hours ago [-]
What's the threat model for cookie theft? That if someone gets access to your company hard drive, but not enough access to install a keylogger, then instead of invalidating a session you also have to invalidate the password too?
It's an issue but I wouldn't call it a particularly big issue. I don't think it's very damning for how much the company cares about security.
And it sounds like the turnstiles did work for actual security? Sure, they gave up on per-floor security, but that's a lot less important.
Edit: And if employees are reusing passwords then we should be getting them password managers (or SSO) as the top priority, much more than we worry about logins in cookies inside the building. I mean, there's a point where a single purpose password and a login token become the same thing.
firefoxd 20 hours ago [-]
A threat model is you can steal the creds of any high clearance officer in the organization. If they reuse the password on the network, you now have unfettered access.
SSO is much more common these days, but that it wasn't the case back then.
Dylan16807 19 hours ago [-]
Steal the creds by doing what, though? Most attacks could get their password even if it wasn't in the cookie.
And password managers have been plenty well known for a long time.
firefoxd 19 hours ago [-]
How do you get the password if it's not in the cookie? When it's in the cookies, any 3rd party script can swipe it.
Dylan16807 17 hours ago [-]
A third party script that's embedded into the task management website? Otherwise I don't see how it's going to get to the cookie. And if it is embedded into the website, it can force a fresh login and steal the cookie that way.
And you can set HttpOnly to stop javascript from being able to access the cookie... but that still won't stop the attack of making them log in again.
sciencejerk 15 hours ago [-]
The threat model I imagined here was:
1. Initial access to physical machine, most likely via phishing malware, reckless employees downloading untrusted content, or bad luck.
2. Malware looks for browser cookies, hoping to steal temporary credentials but instead gains persistent creds, which grant Jira access. People re-use passwords; malware tries this password against AdUser and any other systems or other corp user accounts it can find
3. Direct Jira access used to pivot, that custom Jira app is probed for app vulns (likely given design).
Dylan16807 13 hours ago [-]
So with a better system the malware has to wait an extra couple hours to get the password (by dropping the non-password authentication cookie and making the user log in again), and it can still prod Jira in the meantime. That doesn't strike me as a very big difference. It's an improvement in security but not a big one.
tosti 12 hours ago [-]
More likely:
1. Get e-mail from boss, look at headers, find boss IP addy
2. Failing that, memorize boss office number or workstation tag, run stealthy network scan, do reverse dns lookup
3. Be a router, arp spoof mitm attack
4. ?????
5. Profit
glitchcrab 1 days ago [-]
I believe like that was the intent, but the (very few) mentions of Jira feel like a bit of a non sequitur; they don't belong.
compass_copium 1 days ago [-]
I care a lot more about my life (or my car's catalytic converter, which was stolen off my car in my work parking lot before they inatalled a gate for the lot) than any of my work-related IT credentials. Health and safety threats are a much bigger deal to people than nebulous, difficult to exploit threats to IP.
angry_octet 1 days ago [-]
Except the turnstiles and swipe cards do almost nothing against an active shooter situation.
But missing in this discussion is a risk and consequence analysis. If the risk is armed attackers, do something that targets that. For physical theft, target that. Likewise IT risks. The core problem is that risks were not being identified (systematically or in response to expert feedback) and prioritised.
Incidentally, the solution to car park access is ALPRs, and the solution to most of the physical security is solid core doors at the workgroup level with EACS swipe and surveillance cameras there, and at the front desk have face level 4k video surveillance. With an on duty guard to resolve issues with access.
handoflixue 21 hours ago [-]
> The core problem is that risks were not being identified (systematically or in response to expert feedback) and prioritised.
Or the person who wrote the article just wasn't involved in that loop, or otherwise disagreed on what threat models mattered.
anigbrowl 1 days ago [-]
You're right, but the consequences of different security failure are different, no?
horeszko 1 days ago [-]
Perhaps part of the problem is that an active shooter is easy to visualize and understand whereas unsecured credentials stored in cookies are an abstract and difficult to visualize problem for management.
Furthermore, turnstiles are easy to promote and take credit for. Secure web authentication would have to be explained to and understood by the boss's boss before credit for it could be claimed.
I suspect it's these aspects of organizational reality that results in security theater.
margalabargala 1 days ago [-]
I think it has less to do with ease of visualization and more to do with priority of consequences.
Do a poll of whether people would prefer that a mass shooting or a mass data breach occur at their place of work while they are there. I bet I know which one wins.
kristianp 1 days ago [-]
The majority of commenters don't actually read the article, or at least not the whole thing.
gosub100 1 days ago [-]
I don't think you could take over the company with a jira token. Another factor for consideration with turnstiles is disability access and fire egress. Those are covered by building code but since this is a parable, it's worth noting that physical security has often caused tragic stampedes that have killed many.
firefoxd 23 hours ago [-]
You are right, it's much harder to compromise a system with the jira token, which is why it was the solution for the username/password stored as cookies. Plus the token was never exposed to the client.
layer8 1 days ago [-]
I was disappointed by the lack of photo of the single turnstile.
jez 1 days ago [-]
As others have mentioned, it comes down to the threat model, but sometimes the threat model itself is uncomfortable to talk about.
It’s sad to think about, but in my recollection a lot of intra-building badge readers went up in response to the 2018 active shooter situation at the YouTube HQ[1]. In cases like this, the threat model is “confine a hostile person to a specific part of the building once they’ve gotten in while law enforcement arrives,” less than preventing someone from coat tailing their way into the building at all.
No, the model there is something bad happened, we must do something. This is something, so we will do it.
I’m not saying that to diminish the value of the actual solution, but what the people want is literally something to make them feel better about a situation that is mostly out of their control.
Someone showed up to their workplace with a fucking gun. And now they have to go there every day, and hope it doesn’t happen again. They want and need the theater.
bombcar 1 days ago [-]
This is exactly it - most "security" isn't really built around actual threat models, nor is it ever verified. IT security is perhaps the weirdest in the world in that the security of your web server will be constantly probed, whilst your front door could go your entire lifetime and never be probed once.
Where people actually care about physical security, they develop things that do actually work; and often are so unobtrusive you never realize they're there.
Security theater necessitates that it be showy and in your face.
XorNot 1 days ago [-]
Except a decent part of security is literally just deterrence.
Will my front door stop someone robbing my house if they want to? No: I have sidelight windows you could just smash them and come through.
But the one time a house I was in got robbed, it was because we left the front door open and went out.
Which is odd if you think about it right? Statistically an open front door rather implies someone is home, not away so it's a terrible targeting priority - but our house was targeted and not say, our neighbors who also wouldn't have been home that day.
People are quick to claim security theater, talk about threat models, but equally ignore them anyway.
bombcar 1 days ago [-]
The "I don't have to run faster than the bear; just faster than you".
hinkley 23 hours ago [-]
PSA: If your buddy starts running from a brown bear, stand very, very still. They like to chase things and they're way faster than you are.
cozzyd 19 hours ago [-]
Also carry bear spray. Use it on your buddy.
Macha 1 days ago [-]
I doubt these card readers would prevent someone leaving the part of their building they’re in, as that’s a lesson written in charred corpses and was a foundational aspect of health and safety becoming a thing: https://en.wikipedia.org/wiki/Triangle_Shirtwaist_Factory_fi...
In theory it might prevent access to other buildings, but equally often the card readers are around doors of mostly standard glass or near internal windows of the same.
So if that’s the motivation, it doesn’t seem like a particularly effective mitigation
mikey_p 1 days ago [-]
Or the Victoria Hall disaster (183 dead), or Cocoanut Grove (492 dead), or The Station Nightclub (100 dead), or The Beverly Hills Supper Club (165 dead), or.....
Also in what world is a badge reader going to contain an armed gunman unless the walls, floors, doors, and windows are also bulletproof??
(Triangle shirtwaist fire resulted in 146 dead)
Gigachad 23 hours ago [-]
I've volunteered at events hosted in older buildings before and it's always such a top of mind thing to enforce a limit on the number of people in the building at any moment. Since these places have the capacity to hold a lot more people than can escape through the exits in the event of a fire.
XorNot 1 days ago [-]
Theres footage online of a basic security door stopping an armed robber from escaping despite him trying to shoot the lock.
Bullets aren't universal door openers, and shooting your way through one lock doesn't magically unlock the next one.
mikeyouse 1 days ago [-]
And the bullets and time spent getting through the door are bullets and time that aren’t used harming the people behind that door.
yannyu 1 days ago [-]
If an active shooter is the anticipated threat, how does a turnstile effectively stop that? Many of these turnstiles are specifically meant to allow people through in emergencies, and aren't strong enough to withstand bullets or even a sturdy kick. The elevator restrictions would be a better chokepoint, but as the article noted they didn't turn those back on.
hinkley 1 days ago [-]
Many turnstiles can be jumped over. In this case it’s more about preventing theft and espionage.
I knew someone years and years ago who worked as an assistant to lawyers. The firm had a second office in the state capital, turns out someone was walking in and stealing laptops. I think they had done it three times the last I had heard.
Lawyer laptops going missing is a problem. I don’t know how they ended up fixing that.
fc417fc802 1 days ago [-]
> Lawyer laptops going missing is a problem.
It shouldn't be. If there was a particular profession that I would expect to properly secure their devices lawyers would be near the top of the list.
gosub100 1 days ago [-]
It doesn't effectively stop it, but it forces them to give up some element of surprise. They have to either start the attack or start a trespassing action that will initiate contact with police.
nine_k 1 days ago [-]
If forced partition of a building were the primary goal, that goal could be achieved without badges. Or, at least, without having to badge into every door. Just have locks on every door that are normally disengaged, but which can be locked remotely and promptly.
(While at it, I once worked on an access control system. It was aeons ago; the system ran under OS/2. We installed it on a factory. It worked well, until we ran it in demo mode under production load, that is, the stream of morning shift turnstile registration events. The DB melted. I solved the problem trivially: I noticed that the DB was installed on a FAT volume for unknown reasons, so I moved it to an HPFS volume, and increased the RAM cache for the disk to maximum. Everything worked without a hitch then.)
avidiax 1 days ago [-]
This actually exposes how this type of system is just security theater usually.
A shooter can get a badge. Most partitions aren't bulletproof (and probably don't have security film), and a shooter doesn't fear getting a cut on some tempered glass.
The thing that would be effective is 24/7 security monitoring with a building lockdown and reinforced entrances/partitions. Of course, the victims whose badges were disabled during lockdown will sue.
So instead, just install badge readers and say that "something was done".
tetha 1 days ago [-]
One uncomfortable, but wise truth is: Actual security is bound to the number of minutes until people with big guns arrive. A lot of other measures just exist to bridge time and limit damages until that happens.
We learned this during a funny situation when a customer sent us the wrong question set for vendors. We were asked to clarify our plans for example for an armed intrusion by an armed, hostile force to seize protected assets from us. After some discussion, we answered the equivalent of "Uh Sir. This is a software company. We would surrender and try to call the cops".
During some laughter from the customer they told us, the only part missing from that answer was the durability rating of our safes and secure storages for assets, of which we had none, because they just had to last until cops or reinforcements arrived. That was a silly day.
avidiax 24 hours ago [-]
> Actual security is bound to the number of minutes until people with big guns arrive
Ask the people of Uvalde, TX about that security model.
1 days ago [-]
hinkley 1 days ago [-]
Shooters tend to be mentally ill people who have been pushed too far by a system, trying to burn that system down.
Killing a boss with a keycard that opens everything might not just be possible but also preferable. Fuck you Tom, you made me work through memaw’s funeral
MrJobbo 1 days ago [-]
Hand out weapons to the workers?
bombcar 1 days ago [-]
Places that really do care about security do exactly that. Military bases routinely prohibit on-duty soldiers from carrying arms - except the guards at the gate and the military police.
CoffeeOnWrite 1 days ago [-]
Allegations of security theater should start with discussing the threat model. This is just somebody complaining about a crappy key card system.
ableal 1 days ago [-]
To be fair, he was pointing out that the invisible "credentials in cookies" issue was much harder to get fixed:
The turnstiles were visible. They were expensive. They disrupted everyone's day and made headlines in company-wide emails. Management could point to them and say that we're taking security seriously. Meanwhile, thousands of employees had their Jira credentials stored in cookies. A vulnerability that could expose our entire project management system. But that fix required documentation, vendor approval, a month of convincing people it mattered. A whole lot of begging.
CoffeeOnWrite 1 days ago [-]
Again, not security theater. Signs of general dysfunction yes. Embarrassing. Fun to tease about for sure.
Aside: the more times I re-read the article the more annoyed I am with the self-righteous tone. It feels like the author is mimicking the style of legendary Usenet posts, but the story just isn’t that interesting and the writing not that witty, it falls flat.
summermusic 1 days ago [-]
If it isn't outright fake it's at least embellished. It even has the "and then everyone clapped" line!
mcbits 1 days ago [-]
The writing is clearly AI-generated or at least AI-assisted, so I think it's safe to assume it's also a work of fiction.
leephillips 1 days ago [-]
I’ll take your word for that. I don’t know how to tell. But I did notice that the writing was conspicuously terrible throughout. Entire sentences make no sense, such as “I'd slip in suspiciously while they contemplated the email that clearly said not to let anyone in with your own card.”
Rapzid 1 days ago [-]
Turnstiles aren't theater and Redis doesn't make password storage secure so the entire thing seems a little el-el-emish..
But what about that sentence does that not make sense? They are describing tailgating..
leephillips 1 days ago [-]
It doesn’t make sense as a whole. But, for example, what was he suspicious of?
Rapzid 1 days ago [-]
"I'd slip in suspiciously" means the "slipping in" was suspicious.
leephillips 1 days ago [-]
You sure? I wasn’t.
“John regarded Mary suspiciously”
“Sharon suspected her husband of cheating. She looked through his emails suspiciously.”
tczMUFlmoNk 1 days ago [-]
It can mean either. "Suspicious behavior" doesn't mean that the behavior thinks that you've done something wrong.
"She's suspicious" can mean either that I suspect her intentions or that she suspects someone else's intentions.
mcbits 1 days ago [-]
The last two paragraphs are mainly what stood out. I've spent hours trying to get LLMs to stop writing like that. It's hard because you can't just say things like "don't write lists of three items" because sometimes you want a list of three items. The rest of the text could be written by a person as it's kind of disjointed, but that could also be the result of trying to prompt out the AI-isms.
dryarzeg 1 days ago [-]
[dead]
alexchamberlain 1 days ago [-]
I'm not going to comment on the security implications of either situation, but is there a companion piece by the facilities team complaining about the amount of paperwork required to install turnstiles only for a software engineer to come along and lock them out of Jira on a whim?
mikestew 1 days ago [-]
Bad implementations do not "security theater" make. When I did some work for a large coffee company, they had turnstiles at their building entrances, and I don't remember any lines in the morning. The scan/auth/enter process went about as fast as if there was no turnstile.
I remember when I started at Microsoft decades ago that there were still "old-timers" who were pissy about having to use card keys to enter the building. With that attitude, man, did that ever explain Microsoft application and OS security in the early 2000s.
amluto 1 days ago [-]
Turnstiles have a genuine security benefit compared to door and elevator security: convincing people not to let their coworkers in the door or up the elevator is difficult because the actual request (“close the door behind you, this blocking the friendly person trying to go through, so their scan their card”) is genuinely obnoxious. But a turnstile really does fundamentally let one person through, even if it’s easy to bypass.
Izkata 1 days ago [-]
And then there's full-body turnstiles. Ugly, but good luck bypassing that.
TYPE_FASTER 1 days ago [-]
Put on a UPS/FedEx uniform, put somebody in a box, and drop them off at receiving.
XorNot 1 days ago [-]
So they can die from dehydration while we spend 3 days trying to figure out who ordered the weird coffin sized box no ones coming to claim?
Apreche 1 days ago [-]
I’ve been to many very large office buildings with turnstile systems, and I have never seen any kind of line, even during the busiest hours. Yes, they are security theater to a large extent, but they do legitimately help to make the elevators run a lot more efficiently.
hinkley 1 days ago [-]
I’ve only worked two places as big as OP described, but you probably see this more when your company leases a third of a floor on a giant office building. Or a floor and a half, or two half floors because it was easier to expand onto the 12th floor.
Elevators do back up, especially when everyone has to scan for their floor. Not like the author suggests, but you can lose a good few minutes a couple times a day that way. It does start some people on an exercise kick of using the stairwell to leave the building. Not great exercise though.
The one place solved this by not building parking garages. Flat parking that went to the horizon. By the time I got to work the spot I parked at was going to be over half a mile from my desk. I bought a grownup scooter with oversized wheels, first day I used it security tracked me down and said those aren’t allowed on company property (I had half a mind to use it on the sidewalks around the outside of the property but didn’t, since I’d still be carrying the stupid thing into the building). But I spent a lot on that scooter and had no other use for it, so I was mad.
My coworker had convinced me that this was billable hours (court precedent about a factory that had a bad setup for employees to get to the time clock) so I started phoning into standup when I was on site but still eight minutes from my desk.
When you’re walking half a mile to the security doors it tends to stagger the arrival times. Which is a feature, if the dumbest one.
nine_k 1 days ago [-]
This text is another reminder about the fact that as organizations grow, they become more and more dysfunctional. They function despite that, because the economies of scale are apparently still larger than the loss of functionality due to the increased size.
Humans' most important achievement is the ability to create structures larger than the Dunbar number. But this is not achieved for free.
(And this is another reason why I strive to work at startups more than at huge corporations.)
okanat 22 hours ago [-]
It is not the economies of scale but entry cost increase per each new player entering the same market. The real world markets are guarded, price fixing oligopolies.
The most important thing a startup is expected to do is not to get profitable quick but suffocate all possibilities of competition. Dysfunctionality is not a bug, it is a feature of our economic system.
knallfrosch 1 days ago [-]
Those turnstiles were inefficient (slowed legitimate users down), but not security theater (they really blocked unauthorized access.)
jacquesm 1 days ago [-]
Funny. We had a security guard that had memorized all the faces of the employees. If he knew you he'd buzz you through. If he didn't know you you'd have to be vouched for by someone that he did know or by showing your credentials. By day #3 he'd know you, and he also somehow knew when you were no longer with the company.
There never was a line and there were 1400 people in those buildings.
I never realized how incredibly that guy's contribution was but this story made it perfectly clear.
Also, I don't actually buy the story as related here. It would seem to me that within minutes of that queue building up the turnstiles + card system would be disabled because something clearly was not working.
hughw 1 days ago [-]
Also... three buildings with 13 storeys? With all the trouble builders go to to avoid 13th floors.
class3shock 1 days ago [-]
This is the opposite of security theater. It was an apparently an implementation of security with issues but restricting physical access, both for people and vehicles, is absolutely a real improvement to security.
donatj 9 hours ago [-]
There was an active shooter in our area a number of years ago and they locked the building down. No one was injured, it was a domestic dispute in a neighborhood a few blocks away. The police caught the guy hiding in some bushes.
In response to the perceived need to "do something", my company put cameras in the hallway we share with other companies and gave the receptionist monitors for the cameras and a panic button that locks all the doors.
It's not a terrible thing, it's largely security theater though. Someone would have to be clearly brandishing a weapon and our receptionist would have to notice this amongst all her other duties and out of all the people in the hall. It could happen, but it seems unlikely.
Scubabear68 1 days ago [-]
Many years ago I was doing due diligence on a point of sale hardware company, I had to head up to an acquisition they had done. People bitched and moaned about the level of physical security added, and when I asked them why they were so upset, they told me to go to the loading dock in the back.
The loading dock was kept completely open "because it's hot and we don't have A/C back here!".
albert_e 19 hours ago [-]
I feel both cases involved documentation, approval, months of lead time -- only the OP didnt have to deal with paperwork themselves in the physical securtiy domain.
In every sphere there are attempts at security that either achieve a practical balance of fit versus downsides.
The failure of access cards is probably analogous to a well intentioned sofware authentication system that was implemented without simulating or testing for the scale of deployment, and had to be rolled back when it failed in production.
ARandomerDude 1 days ago [-]
Whenever I see this in practice I always think a determined killer would clearly know not to attack the “secure” building. Rather, attack the densely-packed line of people waiting to swipe their badges.
Unnervingly, this usually occurs to me when I’m waiting patiently in the densely packed line of fellow targets.
21 hours ago [-]
CydeWeys 1 days ago [-]
I'm not really sure what the point of this article is. Yes, obviously, you need to implement systems that are secure and performant so that you don't get a backed-up line of people waiting an hour just to get into the office in the morning. But that's a notably flawed rollout; millions of employees go into badge-in-required offices every day without issue. And it's kind of hard to imagine running a large office while lacking such basic physical security as "keep unauthorized people out of the building". Having electronic badges and readers is table stakes.
SiempreViernes 1 days ago [-]
Yeah, it got very strong "hello, I'm from the internet and this meatspace thing you are doing is wrong" vibes.
1 days ago [-]
Rapzid 1 days ago [-]
I thought the point is store your passwords in Redis because it's WebSecure.
closeparen 19 hours ago [-]
The corporate security theater that kills me is insisting that everyone tap their badge on the reader next to an already-open door. Even in the presence of a guard, this merely ensures that everyone passing through the open door has some object, plausibly badge-shaped, to hold near the reader. Essentially any NFC card will make it beep. Only a valid credential will actuate the lock, but the door is already open, and the click is too subtle for its absence to alarm anyone.
There is a device you can deploy if you're serious about ensuring that every single individual in a moving crowd has a valid credential... a turnstile! Assuming you've calculated the appropriate number of them for the expected traffic flow.
crazygringo 19 hours ago [-]
> I waited in line for at least 30 minutes just to make it to the lobby... Scanning was already slow, you had to wait to be approved. But once you passed the turnstile, there was another line for the elevators.
I'm baffled. I've worked in multiple buildings with turnstiles. There's never been a line. They take about a second to scan. Is this just some horrible broken implementation?
I get why they're used. They protect randos from walking in and stealing stuff. It's not about "feeling" secure. When you have someone make off with 10 laptops, it's actual security. And that's before you start worrying about more serious threats that come from plugging in USB keys...
ryanjshaw 1 days ago [-]
Could have been worse. Anybody remember that story where the keycard readers would randomly work and eventually it was discovered the log file had grown huge and was being appended by reading the whole thing into memory over the network, appending the line, and writing the whole thing back out again, thus creating what the random pattern because I guess it would sometimes time out?
jp57 1 days ago [-]
Am I the only one who finds this post weird because this is a solved problem? I've worked for 18 years at companies where everyone had to badge into every building. There have never been lines of people waiting to get in. Once I worked in a 12-story building. Of course, the badging wasn't in the elevators: the elevator lobbies on each floor had doors with badge readers.
The feel of the piece is that the entire effort was misguided, when the real story seems to be, "My company was somehow unable to implement something that every other company does easily."
cozzyd 19 hours ago [-]
Yes, I sometimes work in the Hancock building in Chicago. The turnstiles are never congested.
arjie 1 days ago [-]
Electronic audit trail makes SOC2 report easier for auditors. You can use paper trail instead, but electronics makes it easier. Few things in the world are required, but some of these compliance things are 'viral' in that if you're a vendor to a guy who needs compliance you need to practice the standards as well.
Besides, visibility is sufficient as a deterrent. Back in India, there'd be a big difference between leaving an old man in a chair in front of the shop and having exactly zero people in front of the shop. There are classes of people you deter with the former who will not be deterred by the latter. The old man is not 'security' - anyone motivated can shut him up without much effort. And yet his presence works.
Liftyee 1 days ago [-]
Lift (elevator) sidenote: there are fancy well designed ones where the turnstile communicates what floor you need to go to to the lift, and a "destination dispatch" system assigns/batches groups of passengers with similar/same destinations to the same lift car to improve efficiency.
mdavid626 1 days ago [-]
I feel the same way. Once I worked with junior developer, who was really eager to develop stuff. He was tasked to create a development environment, where we can tests features. Nothing fancy, just some scripts and simple containers.
He used copies of the production database, but forgot to set the admin password. The machine in ec2, public on the internet.
It was fixed few weeks later. But the connection still doesn’t use SSL, sends passwords plain text.
Yeah, he doesn’t really like criticism about his work…
I always think about the phrase:
“Security is our highest priority”
Sure.
SkiFire13 15 hours ago [-]
At the company I work at we have turnstiles that you open with an app on your phone, however the reason seems to be to know if anyone is in the elevators in case of emergency.
kevin_thibedeau 17 hours ago [-]
Kodak had man trap turnstiles that would lock you in them if you went through too slow or got snagged while carrying things. You had to reach through the bars and swipe the reader again to unlock it.
1 days ago [-]
1 days ago [-]
heytakeiteasy 1 days ago [-]
Security theater, perhaps. Don't underestimate the degree to which those turnstiles were intended to serve the purpose of tracking employees' movements.
robomartin 1 days ago [-]
Interesting. I have worked in ITAR environments with serious security and have never experienced 30 minute lines at the door. In fact, I can't remember lines at all. Hard to understand what happened here.
Was it really a single turnstile for a building with over 10 floors? That's kind of silly, isn't it? Mass transit operations have this figured out. Most recently for me, taking the monorail in Las Vegas for the CES show. No problems for the most part. It would be interesting to know what this company actually installed.
wildzzz 1 days ago [-]
I don't see how any of this wasn't already a problem. In the story, everyone shows up to the office at the same time, how did they use to work out the elevator issue? This story has a bunch of AI telltales so I doubt it's real anyway.
TYPE_FASTER 1 days ago [-]
In the story, they implemented table (building) and row (floor) level permissions simultaneously. So you had to swipe into the building, then in the elevator to get the elevator to stop at your floor.
I guess I could see contention possibly happening as described if everybody arrived almost simultaneously and both swiping points had very high latency. But why not keep the door checkpoints armed and disable the elevator swipes? That makes me think it's a contrived example.
UltraSane 17 hours ago [-]
I worked for a manufacturing company that actually put turnstiles that required RFID cards to enter AND LEAVE factories. I never understood how this was legal.
UltraSane 17 hours ago [-]
Epic the EMR company in Verona Wisconsin is pretty unique in that during work hours The entrances to all office buildings do not require RFID cards. The Epic campus is enormous with almost 14,000 people with relatively high turnover so a random non-employee isn't likely to be noticed. I even kept my ID card in my wallet and was never reprimanded. The RFID readers were all at perfect rear pocket height.
jiggawatts 1 days ago [-]
“If the security is not in your face, then it’s not sufficiently theatre!”
That’s a quote I tell security people in jest when they suggest yet another door literally or figuratively slamming in someone’s face to let them know that there is a security procedure in place.
Seriously though, “security” is an overloaded word used for two unrelated business goals:
1. Having security.
2. Appearing to have security.
The latter is strongly preferred by management that just wants someone else or something else to blame.
To reiterate: this isn’t an error! It’s done on purpose.
OutOfHere 1 days ago [-]
If you as an employer are not doing physical engineering or working with large or unsafe physical objects, you don't need an office, period. For computer work alone, you don't need an office at all. If you fix the "office theater", the physical security problems disappear.
Rendered at 22:34:42 GMT+0000 (Coordinated Universal Time) with Vercel.
Then we got card readers and a staffed front desk, and discovered our snack budget was too high because people from other companies on other floors were coming to ours for snacks too.
I never felt the office was insecure, except in retrospect once it was actually secure.
Never got touched across about a hundred different offices around Australia (I’m a consultant).
Except once: the pile was replaced by a $50 note and a hand written apology saying the guilty party needed change for the parking lot machine. I had less than $30 there in coins so… profit!
There was video.
I had to have the desk drawer changed (which made for quite a spectacle in an open plan office).
None were punished.
So, did the video identify the perpetrator?
If so, I feel like there must be more to this story…
The extreme punishments for breaking the law might have something to do with it.
Not just the consistent small punishments, but the painful punishments. Pain is an extremely good, human motivator. Why destroy someones life and spend valuable taxpayer money with a 10 year imprisonment, when a rigorous caning session will be 10x more effective ? Many criminals will loudly thump their chest if punishment is merely jail but will dance on eggs to avoid buttock-pain.
Singapore recently introduced 24 strokes for scamming and fraud.
https://apnews.com/article/singapore-caning-scam-law-4f12fbb...
Pain keeps Singapore Polite!
Singapore's judicial caning officers (jokingly called "commandos") are trained to deliver strokes in a way that inflicts MAXIMUM pain while staying within strict procedural limits to avoid permanent injury.
Officers undergo specific training on posture, swing technique, accurate aiming, and using full body weight to generate high force and speed, up to around 160 km/h at impact, with forces exceeding 800–900 Newtons.
"Strokes are precisely placed to avoid criss-crossing (creating a neat "ladder" pattern) and to ensure consistency and full effect rather than randomness."
The explicit goal of the technique is to maximize pain per stroke: they are trained to induce as much pain as possible with each blow.
There are several examples of criminals who had multiple arrests and jail sentences, but after their first and last caning session quit criminal life and turned over a new leaf.
https://m.youtube.com/watch?v=XB7R0ZxNgC4
Problem is it just takes a lot of resources to police, more than the fine revenue. But with CCTV and computer vision it's getting increasingly cheap.
Unfortunately, the US and many other countries have chosen the other path (sporadic enforcement with severe punishment) largely because it's easier to implement. There's a lot of momentum to change this but it's politically difficult at least in America.
The barrier in the US isn't cost. It's a right to privacy and a culture of distrust of government.
But I think the shenanigans of ICE are making people more aware of the importance of privacy. Look at the backlash Ring (lost dog superbowl ad) and Discord (age verification) and Nest (Guthrie case) received just this year.
It really seems to boil down to whether these types of people can be effectively sold on the virtue of tearing down the barriers of privacy and government. If they aren’t already implicitly sold to that then all it takes is for the powers that be to do a better job at marketing their initiative.
No one breaks the rules intentionally anymore.
There is another side to this, which is that the police need to not hassle people who are not committing crime. Which is why you'd struggle to adopt this anywhere in America.
Think about it: Is it better to have a posted speed limit of 65mph and a real speed limit of 75mph, and you just have to learn from experience where the real limit is? Or is it better to post 75mph and fine any driver as soon as they exceed it?
And this applies to most other laws too - we can't expect everyone to know all the edge cases so some leniency for honest mistakes is needed.
Press freedom is limited in Singapore and that is a significant problem for its democracy. As a tourist this is unlikely to impact you. Otherwise, rule of law is paramount in Singapore.
Surely the entirety of the law is encapsulated in your comment. Certainly you won't get in trouble for carrying something as innocuous as an empty vape cartridge. You won't get fined for crossing the road in the wrong place, absolutely.
Singapore is just an example. Its more invasive big brother can be found just north of it.
[1]: https://en.wikipedia.org/wiki/Broken_windows_theory?wprov=sf...
Historically speaking, this is almost never true. People constantly think the solution is crueler punishments and we have hundreds of years of records of what happens.
1. aside from the obviously effective but difficult to implement deterrent of meeting everyone's physical needs
I think the explanation is that growing up in an environment where even small infringements are consistently punished makes people think about the consequences more.
So when a lot of people grow up in an environment where small rulebreakings are consistently caught and punished (the former is more important, can't punish what isn't detected), they learn from an early age that rulebreaking carries consequences nearly every time, and you end up with far fewer people willing to break the rules.
It's one thing to discuss something like a school campus with a small cohort of relatively similar wants and needs and a relatively small set of rules, it becomes much more complicated when dealing with the entire society's interaction with laws.
The mere possibility of severe butt-pain keeps all the would-be criminals in line.
I can definitely get away with it, but just in case I cannot - it's not a mere jail holiday that I face as consequence - I wont be able to even sit down without screaming like a baby -> The foolish criminal becomes wise and the hardened criminal becomes enlightened with this fundamental realization.
The Possibility of Pulverizing Pain via the Holy Cane is the Divine Motivation to Obey the Law.
I think, it's reasonable to suspect that demonstrative cruelty in crime punishment may have bad side-effects in the long run, but there are just a few cases in recent history where at least short-term outcomes seem to support the claim that it may reduce crime levels.
Those studies would be interesting to read, can you link them?
1. At a young age, you're taught to follow the rules.
2. "Someone's always watching". Lots of CCTV. Community reports.
3. Plenty of police who have the ability and time to investigate even the most petty things.
Trust in the system starts with 1 but is really carried day to day by 3.
Combine this with the fact that Singapore is small and full of security cameras, and it create a situation where breaking the law carries a decent risk of getting caught as police will have the willingness and resources to investigate.
On top of this, a massive proportion of the population are there on work visas. For these people, any sort of crime or bad behaviour would mean deportation and loss of their job.
As an aside, here's an interesting CNA documentary on their prisons: https://youtu.be/tJqRPycWUDg
I think social norms have a lot to do with it. It's like the actual social costs of being the one who broke the social trust is so high it dissuades people.
It worked for me on a lower level. Everyone cut queues and will grab an empty seat if it looks available at a packed restaurant here so I do it too but I never did that when I lived in Singapore because I knew that's not how things work there and people would genuinely be mad at me for doing it.
It's like a self-fulfilling, self-improving environment. Same with Japan and cleanliness.
State provided housing for most and a booming economy with low unemployment must help too.
She thought that because he was wearing a suit and a badge from his "company" that he must have been supposed to be there, and assumed he was probably taking the computers away to be fixed.
There was surprisingly little repercussion for violating the "one card one person" door policy and by someone whose job it was to know which visitors would be on-site on any given day, and so should have known that this guy wasn't supposed to be there.
Presumably because "everyone" knows that "noone" complies with those policies, in part because it's socially awkward to e.g. close the door on someone who tries to tailgate, and so it needs to be heavily and consistently enforced before it becomes more socially unacceptable to be the person who potentially puts their colleagues at risk of disciplinary actions than to be the person who tells someone they need to swipe.
After that I lobbied, successfully but not easily, to have them send out an email that just said “X is no longer with the company” regardless of how/why they left.
The “winning” argument was that if that VP had emailed me (or probably any of the developers) and asked for an export of data (our client list, stats, etc) we would have sent it to him. Probably even with him reaching out from a personal email address or via sms. What IC is going to tell a VP to “follow procedure”? Same deal with if he had followed me to the keycard door and told me he forgot his key card. No one is going to thank the IC who tells the VP they can’t let them in.
The thief had to walk past a security desk in the lobby, take the elevator up to our floor, walk past a front desk to the kitchen, then open a door to get to the office area. Probably sounded like enough layers for whoever was in charge of security at the time, but both desks were frequently unoccupied during lunch.
I know we had cameras too, but I never got updates on the investigation. I suspect it was an employee at one of the other companies in our building.
Many I've seen have it setup so that if you get past the security guard at the lobby, you effectively had full reign of the entire building, including many companies that wouldn't lock the doors or common areas.
Even so we still had an incident where two guys walked in and just collected a few laptops before making their escape.
We like to think that we are hyper-vigilant and intelligent as human beings, but in general we tend to just focus on what is in front of us most of the time. We assume that when things are happening that they must be ordinary, or else why would they be happening?
Also, a few other things may also be there- people won't make noise if someone steals snack packets, but they may make noise if someone steals laptops.
Also, if one person steals it may get pointed out more than if a lot of people steal- where stealing is culture, etc.
People I know seems to not take issue with them being there, so I'm sure it's probably fine. Fine enough for it not to be my issue to deal with in any case.
There are many ways to skin a cat; and there are many ways to ensure authenticated / trusted access. If you have site wide security gates, it means you know everyone on site / on a given floor conforms to a given minimal security or trust level, so now you can conduct operations in that area with more freedom. This makes the risk assessments for other actions so much simpler. e.g. Now when the apprentice IT tech leaves the SLT's laptop trolley in the corridor it doesn't trigger a reflash of all of the machines. Or when a key individual misplaces their keyfob (e.g. in the kitchen) it doesn't trigger a lockdown of core systems, because they had it on the way in and its reasonable to trust that nobody stole it.
Obviously the implementation was botched in this case - but "feel secure" and "security theatre" are right as often as they are wrong.
Sans context there’s not a lot to complain about here.
The long wait times could easily have been fixed by staggering employee start times. You could even optimize it per building/floor. Sadly, a lot of bureaucrats lack the imagination to do simple stuff like this. (Anyone with a desperate need to have 9 am meetings would just have to suck it up)
Immediately reminds me of Severance.
If instead of open access you need to tailgate on a limited set of employees, that increases difficulty considerably and makes the opportunity much less common.
Real security analysis works this way: you don't assume you can build a wall which is never breached.
So the lesson that should be familiar to software developers is: retrofitting security (in the elevator) instead of planning for it from the start (with space for access controls between the elevator and the offices) will tend to make the security more painful than it could have been.
Limiting the number of people who can incidentally travel to and loiter outside your primary office entrance is one level of control - it raises the visiibility of interlopers, and creates an initial barrier to even being near the objective.
Everything else you've listed though is also just a big list of additional breaches and crimes someone would have to commit before they can even get near to the target in the first place - i.e. they're relevant, but if you're ingress plan is "steal a bunch of elevator access keys" then you've already excluded a whole host of simple crimes of opportunity.
The same guard also checked if your dog was registered (I think my dog got a badge with his picture, although I think that was just for fun, and not functional)
And no easy ability to enter through side doors - you couldn't open a side door with your badge. At the time, you could still lurk outside a side door until someone else opens the door to exit. Eventually (11 years later) they locked all the side doors because they noticed people doing this sort of thing.
More recently, I think you have to scan your badge to leave so they can even track how long you're in the building, and know when you're supposed to work on site but you were there only long enough to have a coffee and then went home to continue working from home. This last part is second-hand knowledge since I haven't work there in a long time.
And this didn't get them in trouble with the fire marshal?
https://wiki.teamfortress.com/wiki/Jarate
It was laughable how much effort and money Amazon invested into badge tracking and enforcement instead of directing funds at making the office a nice place that people would want to spend time in and an efficient place to get work done.
Based on the comments I see here, I think the focus is going on the turnstiles just as it did when I worked there. While the cookie credentials are pushed aside. I think that's the security theater. We are worried about supposed active shooters, different physical threats while a backdoor to the company is left wide open. The turnstiles are not useless, they give an active record of who is in the building, and stop unauthorized people. But they also give so much comfort that we neglect the other types of threats.
You titled the piece after the turnstiles and spent the overwhelming majority of the post talking about them (and surrounding physical features). The Jira ticket felt secondary, and when it was introduced in the middle of the post I was genuinely confused, thinking why the heck the card system was contacting Jira.
People reading your writing are going to focus on whatever you did when you wrote it. The turnstiles read like the important part.
The incompetence of the turnstiles makes it a good focus for the story while the juxtaposition of the turnstiles with Jira exposes the company's hypocrisy.
It's an issue but I wouldn't call it a particularly big issue. I don't think it's very damning for how much the company cares about security.
And it sounds like the turnstiles did work for actual security? Sure, they gave up on per-floor security, but that's a lot less important.
Edit: And if employees are reusing passwords then we should be getting them password managers (or SSO) as the top priority, much more than we worry about logins in cookies inside the building. I mean, there's a point where a single purpose password and a login token become the same thing.
SSO is much more common these days, but that it wasn't the case back then.
And password managers have been plenty well known for a long time.
And you can set HttpOnly to stop javascript from being able to access the cookie... but that still won't stop the attack of making them log in again.
1. Initial access to physical machine, most likely via phishing malware, reckless employees downloading untrusted content, or bad luck.
2. Malware looks for browser cookies, hoping to steal temporary credentials but instead gains persistent creds, which grant Jira access. People re-use passwords; malware tries this password against AdUser and any other systems or other corp user accounts it can find
3. Direct Jira access used to pivot, that custom Jira app is probed for app vulns (likely given design).
1. Get e-mail from boss, look at headers, find boss IP addy
2. Failing that, memorize boss office number or workstation tag, run stealthy network scan, do reverse dns lookup
3. Be a router, arp spoof mitm attack
4. ?????
5. Profit
But missing in this discussion is a risk and consequence analysis. If the risk is armed attackers, do something that targets that. For physical theft, target that. Likewise IT risks. The core problem is that risks were not being identified (systematically or in response to expert feedback) and prioritised.
Incidentally, the solution to car park access is ALPRs, and the solution to most of the physical security is solid core doors at the workgroup level with EACS swipe and surveillance cameras there, and at the front desk have face level 4k video surveillance. With an on duty guard to resolve issues with access.
Or the person who wrote the article just wasn't involved in that loop, or otherwise disagreed on what threat models mattered.
Furthermore, turnstiles are easy to promote and take credit for. Secure web authentication would have to be explained to and understood by the boss's boss before credit for it could be claimed.
I suspect it's these aspects of organizational reality that results in security theater.
Do a poll of whether people would prefer that a mass shooting or a mass data breach occur at their place of work while they are there. I bet I know which one wins.
It’s sad to think about, but in my recollection a lot of intra-building badge readers went up in response to the 2018 active shooter situation at the YouTube HQ[1]. In cases like this, the threat model is “confine a hostile person to a specific part of the building once they’ve gotten in while law enforcement arrives,” less than preventing someone from coat tailing their way into the building at all.
[1] https://news.ycombinator.com/item?id=16748529
I’m not saying that to diminish the value of the actual solution, but what the people want is literally something to make them feel better about a situation that is mostly out of their control.
Someone showed up to their workplace with a fucking gun. And now they have to go there every day, and hope it doesn’t happen again. They want and need the theater.
Where people actually care about physical security, they develop things that do actually work; and often are so unobtrusive you never realize they're there.
Security theater necessitates that it be showy and in your face.
Will my front door stop someone robbing my house if they want to? No: I have sidelight windows you could just smash them and come through.
But the one time a house I was in got robbed, it was because we left the front door open and went out.
Which is odd if you think about it right? Statistically an open front door rather implies someone is home, not away so it's a terrible targeting priority - but our house was targeted and not say, our neighbors who also wouldn't have been home that day.
People are quick to claim security theater, talk about threat models, but equally ignore them anyway.
In theory it might prevent access to other buildings, but equally often the card readers are around doors of mostly standard glass or near internal windows of the same.
So if that’s the motivation, it doesn’t seem like a particularly effective mitigation
Also in what world is a badge reader going to contain an armed gunman unless the walls, floors, doors, and windows are also bulletproof??
(Triangle shirtwaist fire resulted in 146 dead)
Bullets aren't universal door openers, and shooting your way through one lock doesn't magically unlock the next one.
I knew someone years and years ago who worked as an assistant to lawyers. The firm had a second office in the state capital, turns out someone was walking in and stealing laptops. I think they had done it three times the last I had heard.
Lawyer laptops going missing is a problem. I don’t know how they ended up fixing that.
It shouldn't be. If there was a particular profession that I would expect to properly secure their devices lawyers would be near the top of the list.
(While at it, I once worked on an access control system. It was aeons ago; the system ran under OS/2. We installed it on a factory. It worked well, until we ran it in demo mode under production load, that is, the stream of morning shift turnstile registration events. The DB melted. I solved the problem trivially: I noticed that the DB was installed on a FAT volume for unknown reasons, so I moved it to an HPFS volume, and increased the RAM cache for the disk to maximum. Everything worked without a hitch then.)
A shooter can get a badge. Most partitions aren't bulletproof (and probably don't have security film), and a shooter doesn't fear getting a cut on some tempered glass.
The thing that would be effective is 24/7 security monitoring with a building lockdown and reinforced entrances/partitions. Of course, the victims whose badges were disabled during lockdown will sue.
So instead, just install badge readers and say that "something was done".
We learned this during a funny situation when a customer sent us the wrong question set for vendors. We were asked to clarify our plans for example for an armed intrusion by an armed, hostile force to seize protected assets from us. After some discussion, we answered the equivalent of "Uh Sir. This is a software company. We would surrender and try to call the cops".
During some laughter from the customer they told us, the only part missing from that answer was the durability rating of our safes and secure storages for assets, of which we had none, because they just had to last until cops or reinforcements arrived. That was a silly day.
Ask the people of Uvalde, TX about that security model.
Killing a boss with a keycard that opens everything might not just be possible but also preferable. Fuck you Tom, you made me work through memaw’s funeral
The turnstiles were visible. They were expensive. They disrupted everyone's day and made headlines in company-wide emails. Management could point to them and say that we're taking security seriously. Meanwhile, thousands of employees had their Jira credentials stored in cookies. A vulnerability that could expose our entire project management system. But that fix required documentation, vendor approval, a month of convincing people it mattered. A whole lot of begging.
Aside: the more times I re-read the article the more annoyed I am with the self-righteous tone. It feels like the author is mimicking the style of legendary Usenet posts, but the story just isn’t that interesting and the writing not that witty, it falls flat.
But what about that sentence does that not make sense? They are describing tailgating..
“John regarded Mary suspiciously”
“Sharon suspected her husband of cheating. She looked through his emails suspiciously.”
"She's suspicious" can mean either that I suspect her intentions or that she suspects someone else's intentions.
I remember when I started at Microsoft decades ago that there were still "old-timers" who were pissy about having to use card keys to enter the building. With that attitude, man, did that ever explain Microsoft application and OS security in the early 2000s.
Elevators do back up, especially when everyone has to scan for their floor. Not like the author suggests, but you can lose a good few minutes a couple times a day that way. It does start some people on an exercise kick of using the stairwell to leave the building. Not great exercise though.
The one place solved this by not building parking garages. Flat parking that went to the horizon. By the time I got to work the spot I parked at was going to be over half a mile from my desk. I bought a grownup scooter with oversized wheels, first day I used it security tracked me down and said those aren’t allowed on company property (I had half a mind to use it on the sidewalks around the outside of the property but didn’t, since I’d still be carrying the stupid thing into the building). But I spent a lot on that scooter and had no other use for it, so I was mad.
My coworker had convinced me that this was billable hours (court precedent about a factory that had a bad setup for employees to get to the time clock) so I started phoning into standup when I was on site but still eight minutes from my desk.
When you’re walking half a mile to the security doors it tends to stagger the arrival times. Which is a feature, if the dumbest one.
Humans' most important achievement is the ability to create structures larger than the Dunbar number. But this is not achieved for free.
(And this is another reason why I strive to work at startups more than at huge corporations.)
The most important thing a startup is expected to do is not to get profitable quick but suffocate all possibilities of competition. Dysfunctionality is not a bug, it is a feature of our economic system.
There never was a line and there were 1400 people in those buildings.
I never realized how incredibly that guy's contribution was but this story made it perfectly clear.
Also, I don't actually buy the story as related here. It would seem to me that within minutes of that queue building up the turnstiles + card system would be disabled because something clearly was not working.
In response to the perceived need to "do something", my company put cameras in the hallway we share with other companies and gave the receptionist monitors for the cameras and a panic button that locks all the doors.
It's not a terrible thing, it's largely security theater though. Someone would have to be clearly brandishing a weapon and our receptionist would have to notice this amongst all her other duties and out of all the people in the hall. It could happen, but it seems unlikely.
The loading dock was kept completely open "because it's hot and we don't have A/C back here!".
In every sphere there are attempts at security that either achieve a practical balance of fit versus downsides.
The failure of access cards is probably analogous to a well intentioned sofware authentication system that was implemented without simulating or testing for the scale of deployment, and had to be rolled back when it failed in production.
Unnervingly, this usually occurs to me when I’m waiting patiently in the densely packed line of fellow targets.
There is a device you can deploy if you're serious about ensuring that every single individual in a moving crowd has a valid credential... a turnstile! Assuming you've calculated the appropriate number of them for the expected traffic flow.
I'm baffled. I've worked in multiple buildings with turnstiles. There's never been a line. They take about a second to scan. Is this just some horrible broken implementation?
I get why they're used. They protect randos from walking in and stealing stuff. It's not about "feeling" secure. When you have someone make off with 10 laptops, it's actual security. And that's before you start worrying about more serious threats that come from plugging in USB keys...
The feel of the piece is that the entire effort was misguided, when the real story seems to be, "My company was somehow unable to implement something that every other company does easily."
Besides, visibility is sufficient as a deterrent. Back in India, there'd be a big difference between leaving an old man in a chair in front of the shop and having exactly zero people in front of the shop. There are classes of people you deter with the former who will not be deterred by the latter. The old man is not 'security' - anyone motivated can shut him up without much effort. And yet his presence works.
He used copies of the production database, but forgot to set the admin password. The machine in ec2, public on the internet.
It was fixed few weeks later. But the connection still doesn’t use SSL, sends passwords plain text.
Yeah, he doesn’t really like criticism about his work…
I always think about the phrase:
“Security is our highest priority”
Sure.
Was it really a single turnstile for a building with over 10 floors? That's kind of silly, isn't it? Mass transit operations have this figured out. Most recently for me, taking the monorail in Las Vegas for the CES show. No problems for the most part. It would be interesting to know what this company actually installed.
I guess I could see contention possibly happening as described if everybody arrived almost simultaneously and both swiping points had very high latency. But why not keep the door checkpoints armed and disable the elevator swipes? That makes me think it's a contrived example.
That’s a quote I tell security people in jest when they suggest yet another door literally or figuratively slamming in someone’s face to let them know that there is a security procedure in place.
Seriously though, “security” is an overloaded word used for two unrelated business goals:
1. Having security.
2. Appearing to have security.
The latter is strongly preferred by management that just wants someone else or something else to blame.
To reiterate: this isn’t an error! It’s done on purpose.