It is shocking to learn that while the University of Washington Housing and Food Services own nine residence halls with a total capacity of nearly 5000 students, the security barring access to individual students’ rooms can be compromised with little more than a little research and a good story. For the first homework assignment, I reviewed the security of the dorms. I thought of ways to get into other residents’ rooms and found that it wouldn’t be as difficult as one might hope. I tried the “attack” on myself, trying to gain access to my own room. It’s not surprising that I got into my room (in fact it’d be more surprising if I couldn’t), yet the attack could be used against others, especially those the adversary knows well.
\n
\nAll the dorm entrances are protected with card readers. Yet, anyone who has lived in the dorms knows how easy it is to tailgate your way into the dorms. When my girlfriend lived in the dorms, she only had to come let me in two or three times. The rest of the time I would tailgate my way in. It wasn’t difficult at all. No one likes to be the rude person to quickly close the door behind them. Even if you get to the door and there’s no one to follow, it’s easy to wait until someone gets there and then fumble around in your pocket when they do. Assuming you can’t find your card, they usually take compassion and simply open the door. An “I forgot my card” works even better.<\/p>\n
While getting into the residence halls may be easy, getting into someone else’s room seems at first a lot more difficult. Yet this last week, while reviewing the security of everything, as Yoshi prompted us, I began to doubt the security of my own room. From lecture and the readings, bump keys and lockpicking were fresh in my mind, and although this would work, I felt that the neighboring residents may become curious of the pounding noise as you learn how to bump. But what if the adversary had a key that fit my lock exactly? Could they get this? How?<\/p>\n
The answer was so simple, it scared me: Ask for it. Other than a little research, that’s practically all they’d have to do. Let me backtrack. When a resident looses their key, or locks it in their room, they go to the front desk and ask for it. So, to test how hard it would be for someone to impersonate me, and gain my key, on my way to class I stopped at the front desk and asked for it.<\/p>\n
“Do you have your Student ID?”
\nMe: “No, it’s locked in my room.”
\n“Ok, I’ll need you to fill out this form.”<\/p>\n
She handed me a form that asked for name, hall, room number, phone number, my signature and the date. She took the form behind the desk, talked her supervisor, and a few minutes later came back out with a few “security” questions.<\/p>\n
“What is your student ID number?”
\n“What is your birthday?”
\n“Who was your room mate last year?”<\/p>\n
I was shocked at how easy these questions were. I have very little doubt that my roommate from last year would have any trouble with these questions, especially the last. The best part is that after answering the questions correctly, she not only handed me a key to my room, but also a key card to get into the building. Now the front desk was waiting for Chad-the-Resident to return the key, yet Chad-the-Resident had no idea that he had checked out a key nor did he have any reason to expect the fine for not returning it. Chad-the-Adversary had the key and a key card to the hall.<\/p>\n
Student ID numbers are commonly tossed around, in fact, later that same day I had to sign up into a group for one of my courses. The TA required us to put down our name, student ID number and the group number we wanted to be in. Birthday’s are also easily obtained just by asking or perhaps by looking it up on facebook. And the name of your last room mate would probably be well known by your circle of friends.<\/p>\n
Now, maybe there are cameras watching the front desk or the employee at the front desk checked my signature, yet it still was quite shocking that I could have greeted my last roommate with a hello and then handed him a key to his own room.<\/p>\n","protected":false},"excerpt":{"rendered":"
It is shocking to learn that while the University of Washington Housing and Food Services own nine residence halls with a total capacity of nearly 5000 students, the security barring access to individual students’ rooms can be compromised with little … Continue reading