Forgot your password?
typodupeerror
Toys

Barcode-Controlled Home? 323

Posted by michael
from the do-it-yourself-toll-gate dept.
MC68040 writes "The guy at this site managed to build something together that's actually quite neat in the way he built it, all hand-crafted system that uses a linux box to unlock his door. Maybe not the coolest of solutions, but actually a pretty good idea as for security in my humble opinion."
This discussion has been archived. No new comments can be posted.

Barcode-Controlled Home?

Comments Filter:
  • Great (Score:3, Funny)

    by vjmurphy (190266) on Saturday January 11, 2003 @10:32PM (#5064832) Homepage
    We Slashdotted the guy's door. So much for security. :)
    • Re:Great (Score:4, Interesting)

      by Anonymous Coward on Saturday January 11, 2003 @10:34PM (#5064838)
      Does he have a back-up way of getting into the house, if the power goes out (and he doesn't have a UPS)? Or, would he resort to climbing into a back-window, which should have red-flagged his security plans earlier?

      Just wondering...
      • Does he have a back-up way of getting into the house
        Dunno. Can't read the article.

        Still, I wonder how many people can have the `distinction' of having to call a locksmith when their Linux box crashes :)

      • Re:Great (Score:2, Informative)

        by dypstick (125799)
        If you looked at the link, you would see that he specifically states, "The door still functions as it did before". He used an electric striker plate, which releases when power is applied to it. So if the power goes out, he just uses a key.

        RTFL
    • Re:Great (Score:4, Funny)

      by long_john_stewart_mi (549153) on Saturday January 11, 2003 @10:44PM (#5064877)
      Now that we're in, I say we Slashdot his liquor cabinet. =)
    • Now Slashdot has crashed his server and he probably can't get
      indoors to reboot it. :-)
  • by Anonymous Coward
    He uses a CueCat!
    • by Harald Paulsen (621759) on Saturday January 11, 2003 @10:38PM (#5064858) Homepage

      CutCats are cool, I got a friend in the USA to send me one. Thought about hooking it up to a computer near my refridgerator to keep track of groceries and expiration dates.

      Hmm, imagine using it for access entry. "Sorry, you have to carry a bottle of jolt to gain access here", or "what, a pepsi!? No access for you!"

      • Access for everyone! (While not /.ed of course.)
      • by Frater 219 (1455) on Sunday January 12, 2003 @12:46AM (#5065226) Journal
        Hmm, imagine using it for access entry. "Sorry, you have to carry a bottle of jolt to gain access here", or "what, a pepsi!? No access for you!"

        ] inventory

        You are currently holding the following: a set of keys, a brass lantern, a case of Jolt Cola[tm], and no tea.

        ] look

        You are in the Cubicle of the Mountain King, with passages in all directions.

        A huge green fierce programmer bars your way!

        ] n

        You can't get by the programmer!

        You're in Cubicle of Mt. King.

        A huge green fierce programmer bars your way!

        ] drop jolt

        The programmer attacks the Jolt Cola[tm], and in an astounding fury rushes off to enter the International Obfuscated C Code Contest.

        ] n

        You are in a low north/south hallway at a hole in the floor ....

    • The scanner has a CCD; I don't have to slide the barcode.

      Funny, and I've implemented something similer with a CueCat, but he would have to slide the barcode if it was a CueCat. Also, barcodes for entry arn't very secure. If anyone gets ahold of your card for 10 seconds, they can make a photocopy and have your security level. A magnetic stripe would have been a better choice for REAL security however, because it takes more elaborate equipment to duplicate.
      • Also, barcodes for entry arn't very secure. If anyone gets ahold of your card for 10 seconds, they can make a photocopy and have your security level.

        Personally, I see this as an upgraded form of "security through obscurity": security through weirdness. People know where the average person puts their keys and where the average person puts plastic cards (which most magnetic strips are put on)... but a barcode? W(here)TF does someone keep their BARCODE? A potential invader or an unscrupulous friend will be stunned by it. You can't look for a Hide-A-Key. He's not keeping it on a key rack. He probably can't just throw it down on his desk when he gets home. Hell, for all they know, his spare could be tattooed to his left ass cheek.

        It's not obscurity, which is what the Hide-A-Key is. It's just weird, and on an individual basis, that could work for security.
  • tattoo (Score:3, Interesting)

    by Anonymous Coward on Saturday January 11, 2003 @10:34PM (#5064837)
    he should tattoo the barcode on his hand... kinda like a "fingerprint"
    • Re:tattoo (Score:3, Interesting)

      by rainman31415 (576575)
      he should tattoo the barcode on his hand... kinda like a "fingerprint"

      yeah, but why does that remind me of soemthing in the Bible? seems kinda apocalyptic if you ask me, and if he personally brought the beginning of the end of the world, i'd kick his ass.....

      will eat script kiddies for fun....
      rainman
    • Re:tattoo (Score:2, Funny)

      by Synithium (515777)
      An alternative to this would be like a passive-active system where you have a chip embedded into your skin. Then when you are in proximity to the active scanner and try to turn the doorknob the thing recognizes you and unlockes the door.

      Of course, someone could hack your arm off and get in your place but at that point I'd think you'd have more worrisome things on your mind.
      • "Then when you are in proximity to the active scanner and try to turn the doorknob the thing recognizes you and unlockes the door."

        Unless you are Steven Wright, in which case your house starts up and you drive it around awhile.
    • That'd work until someone walked behind you with a camera and took a good photo of your hand. A few minutes with the perspective tool in The GIMP (come on, you know the theif would be a nerd), and some filtering, and you have yourself a key.

      It's kinda like using fingerprints for keys. You leave them everywhere you go, and you can't change the locks when somebody gets the 'key'.
    • he should tattoo the barcode on his hand... kinda like a "fingerprint"

      If this worked, it wouldn't for long.

      I've got my SSN tattooed as a barcode on my forearm. It's just for looks, since even if by some miracle the artist was able to make the lines as razor-straight as they need to be, the change in size of your muscles and skin over time would distort it enough to make it non-machine-readable.

      The last time I went to the dentist, one of the assistants saw my tattoo and told me a long story about her son who was in the US special forces. Apparently they'd had some kind of plan to use them as replacements for dog tags, but ditched it in favour of implanted microchips like you can get for pets, since there's a lot less hassle involved. Obviously I can't confirm the truth of that though.
  • 23 years ago... (Score:5, Interesting)

    by Pig Hogger (10379) <pig,hogger&gmail,com> on Saturday January 11, 2003 @10:35PM (#5064841) Journal
    23 years ago, I was involved in a project to make a portable computer for data-entry, to replace optically-readed mark-sense sheets.

    The final solution was to have no keyboard at all, but rather a computer whose motherboard was embedded in a 3-ring binder, with sheets.

    On the sheets, were some barcodes, arranged in roughly the same layout the mark-sense cards were.

    (For the geeks, the machine was MC6809-based, and had 56K CMOS RAM. The LCD display was always powered, but the computer shut down after it finished decoding a barcode and processing the "keystroke".)

  • by MBCook (132727) <foobarsoft@foobarsoft.com> on Saturday January 11, 2003 @10:36PM (#5064843) Homepage
    Does he have to scan a can of Spam to check his e-mail? Note: Don't blame me, only one post and it's already /.ed, how am I supposed to read it?
  • Hum (Score:4, Insightful)

    by Anonymous Coward on Saturday January 11, 2003 @10:39PM (#5064864)
    What happens if the power goes out?
    • FSCK (Score:4, Funny)

      by Devil's BSD (562630) on Saturday January 11, 2003 @11:56PM (#5065101) Homepage
      What happens if the power goes out?

      Then, when the computer restarts when the power comes on (because he's using a linux box) he can say "I CANT OPEN THE FSCKING DOOR!!!!!!"

    • Simple: Just create a battery powered circuit which states that if no power is going to the computer/scanner then allow for key entry... of course making it would be harder than that.
    • Re:Hum (Score:2, Funny)

      by yomegaman (516565)
      Well, according to Jurassic Park all the doors would fling wide open. :-)
    • He fails to mention that the scanner scans more than just barcodes. When it scans the correct barcode, it makes the door unlock. When it scans a boot or shoulder, it makes the door self-destructed
  • by timothy (36799) on Saturday January 11, 2003 @10:39PM (#5064866) Homepage Journal
    What's cool about this idea (to me) is that it actually has the great thing about many modern hotel keys (the ones with little holes, or mag strips), which is reprogrammability, but without the major hassles (specialized equipment to punch holes or re-stripe a card).

    With a system like this, you can provide time-bounded access -- the petsitter can come by while you're gone part of this week, but her code might not be on the approved list for, say, 1 a.m. next Saturday night. Not that it would stop a real burglar, but all security systems are a series of intentional nuisances to bad guys. This way, there's no "spare" key floating around to be lost and worried about.

    Plus you can send someone who needs to come by when you're not there (that petsitter, or the neighbor you've asked to check up on things) to open the door a "key" as a JPG file; they print it out, and it's their open sesame, at least at the times you've set them as welcome.

    Since I like to think of houses as cell walls (hey, metaphors are meant to be reversed and amplified!), this lock system really resonates with me.

    timothy
    • a "key" as a JPG file; they print it out, and it's their open sesame
      Problem: most barcode readers fail when trying to read fuzzy barcodes, making JPG a very bad choice. Also, unless you have a nice barcode reader, you'll probably have issues with barcodes if they were not produced by a laser printer; inkjets simply do not give the definition you need. (Besides which, laser printing is good for other reasons -- if your key gets wet, you won't have ink smearing all over.)

      If you used PNG and could guarantee that the receiver had a laser printer (or thermal, for that matter), then it would work. If you want to use JPG and inkjet, well, good luck. :-)
      • Use PDF and the JPG problem is solved. Make sure that the "print scaled" option is selected, and your printed barcode is identical to the original (assuming a decent printer is used).
      • Rob at Cockeyed.com [cockeyed.com] didn't seem to have problems with his personal bar-code project.

        It looks like an inkjet printer, but I could be wrong.

      • Eh?

        Barcoding isn't a very demanding exercise.

        Where I work, we've got a few barcodes taped to the counter. Thermal-printed, been there for years: the paper is turning brown, and the black is a somewhat-vague purple.

        We scan these fairly frequently on a daily basis, without problem.

        The USPS seems to be happy with uneven dot-matrix printed barcodes; look at the lower-right corner of the stuff that drops through your mailslot sometime. And this is for so-fast-it's-blurry mail-sort systems, on particularly-lumpy material.

        I've noticed 2-dimensional UPS barcodes (the funky ~1" square you see on some shipping labels, with a circular target in thing in the middle) printed dot-matrix, too.

        And I've seen no indication that either system is in any way flawed.

        So. We've established that the scanners aren't very particular; let's talk about printers.

        Laser printing isn't so hot. Bend it a feww times, and the toner begins flaking off.

        Lexmark, and probably others, offer what they claim to be waterproof ink. This is probably at least as durable as laserprint in a typical wallet.

        The Alps MD-1000 I have here prints using wax ribbons. It tends not to flake, it tends not to fade, and it's definately waterproof. Oh, and it was cheap.

        Most laser printers top out at 1200dpi. 2400dpi inkjets are now commonplace.

        UPC barcodes have only two line widths - features which, given the scalability of barcodes, are probably quite easily implemented with a 24-bit printer at reasonable size.

        Coca-Cola uses very large, sprayed dot-matrix barcodes on their 24-can cases of 6-packs. They're very rough, and I imagine they work justfine.

        Now that we've got printing out of the way, let's talk about the barcodes I carry in my wallet:

        I've got an Ohio driver's license, dye-sub printed plus holographic lamination, made 2.5 years ago. The barcode is quite plain and obviously usable, as sharp as I remember it being when it was issued.

        I've got a Blockbuster membership card. 24-pin dot-matrix printed, issued at least 5 years ago, and laminated: The barcoode is quite plain, and obviously usable.

        I've got a Sam's Club membership, issued a few years ago, printing style unknown (but probably thermal). The barcode is wearing off, but is still quite usable.

        Obviously, you don't want to take a crucial water-soluable barcode out in the rain and use it. However, I feel that you need to look around a bit more: There's a plethora of low-res, functional barcodes attached to items in the world around you which you are obviously oblivious to, many of which are expected to be exposed to the elements.

        And remember: Anything can be laminated, usually at a shop within walking distance. Why might one expect to be able to print barcoded keys at home, while conventional machined brass keys require a trip downtown? One shouldn't, at this point: Let's take it one step at a time, starting with email delivery.

        Oh. And JPEG, as a format, is fine. It can encode sharp lines with ease, as long as the encoder is aware of the requirements and/or the quality settings are set sanely (which is not a problem with standard libjpeg) -- efficiency, in this instance, is rather not relevent. PNG, as a purist ideal, would be somewhat better. But even monochromatic BMP (or XBM or PBM...or PCX for old-school PC users)-format barcodes would be quite sufficient for the task at hand. Not to mention GIF, which will be readable by everything for a really.long.time. You could probably even distribute barcodes as HTML tables with colored backgrounds without problems.

        Thus, I find all of your presented points to be misleading, inaccurate FUD.

        Think now, post later. K?

    • by MORTAR_COMBAT! (589963) on Saturday January 11, 2003 @11:08PM (#5064961)
      Indeed a cool idea. I would add that the holder of a 'key' should definitely keep it in a sleeve, though, lest high-res photography would allow for a duplicate key to be easily created.

      The 'sending a JPG' to the baby-sitter starts out as a very neat idea, but what happens when baby-sitter has a popular e-mail virus which sends her e-mail to 100 people in her address book? Instant house party? Naturally they would only have the same access time slice as the baby-sitter, but they could just wait until after he/she is alone in the house and walk on in.

      but without the major hassles (specialized equipment to punch holes or re-stripe a card)

      It also means any Joe with a printer can make themselves a valid access card. I thought for quite a while about putting a similar setup at my house, but I decided instead to go with an extremely similar method, except instead of bar-codes I use hand prints. A lot of the advantages (time slices for the maid and sitters) without being able to be so easily produced (until advanced cloning techniques allow people to commonly grow copies of my hand).

      And w.r.t. the people who keep asking about 'power outages' for (1) ever heard of generators of batteries and (2) naturally a physical key still works in the lock, duh!
      • $10 and I'm in (Score:2, Interesting)

        by missing000 (602285)
        All I really need is available at my local radioshack, as discussed here [counterpane.com]
        • Well, the difficulty bar is raised a bit from the 'bar code'. It seems reasonably more difficult to both (1) secure an object with a clear figerprint of mine and (2) use said fingerprint to etch a 3D image onto some PCB board than to (1) use a photocopier or camera/printer to copy a bar code.

          That insecurity is indeed real. Although those systems which were compromised were single-finger systems, and my system uses 3 as well as hand shape. Being able to get 3 clear fingerprints and mimic hand shape is more difficult than simply picking the lock, anyway, so your efforts would be better served in investing a a few dollars worth of decent lock-picking tools instead of a set of hobbyist PCB boards and etchers.
      • The 'sending a JPG' to the baby-sitter starts out as a very neat idea, but what happens when baby-sitter has a popular e-mail virus which sends her e-mail to 100 people in her address book? Instant house party?

        That highlights the real beauty of this system. The only access to your house is wanted access or forced access. If the sitter realizes that she has a virus or just thinks that someone else may have figured out your key, they can just call you on vacation and you can VNC into your Linux box or send an e-mail to it to change the code, then email them a new one or email one to someone else.

        For as long as there have been door locks that you can buy in stores, people have been changing their locks because of stolen keys, angry family members or former lovers, and missing keys that may or may not been in someone else's hands. Under the current system, you have to buy new locks for every external door in your house if you want to change the key. Under this system, all you have to do is type up a command on a keyboard.

        And yes, I'm aware that having door locks that can be controlled via the internet is insecure, but the point is that you can control it any way that you want. If you think you can set up a really good network that is unlikely to be hacked anyway, you can make it so it can be set through the internet. If you can't set up a really good network, you can just tell your sitter what to do over the phone.
  • Keypad (Score:2, Insightful)

    by EvanED (569694)
    It seems like a keypad would almost be a better solution. You don't have to carry something around, only remember the combination. I don't know how reliable this is; from what I've seen in stores, these don't read fairly often, and he's going through glass.

    Of course, you'd have to make the password sufficiently strong.
    • Re:Keypad (Score:5, Funny)

      by glenebob (414078) on Saturday January 11, 2003 @10:56PM (#5064926)
      Haven't you seen Star Wars? All you have to do to get past that is either shoot the keypad with a lazer gun, or tear it off the wall and short out the wires in the back.
    • Re:Keypad (Score:4, Funny)

      by iapetus (24050) on Sunday January 12, 2003 @12:29AM (#5065184) Homepage
      Good idea. Or maybe use some sort of mechanical device that won't open normally, but will when you insert some sort of identification device - you could make it out of metal for strength and encode the identity in notches down the side. Sure, you have to carry something, but it's small and portable, and could easily fit into a pocket.

      Hey, I might see if I can patent that one...
      • While this deserves the +3, funny, there are significant advantages to having a lock that doesn't require you to carry around a physical object, as I have discovered numerous times when I have returned to my house (usually after school) and realized I had forgotten my key. (My favorite time was when I was using a keyed lock for my locker and put both my house key and the key to said padlock *inside* my locker before shutting and locking it. While incredibly annoying at the time, I have had many laughs about it since.)
  • Barcodes (Score:5, Informative)

    by siliconshock.com (531040) <slashdot.siliconshock@com> on Saturday January 11, 2003 @10:41PM (#5064872) Homepage
    I was just reading about barcodes the other day...
    Check out This [howstuffworks.com] if you are interested.
  • Honestly, really (Score:4, Insightful)

    by Anonymous Coward on Saturday January 11, 2003 @10:44PM (#5064878)
    This isn't flamebait or a troll but I think I'm starting to agree with other people: Whats the point of posting a story on a guys personal site if its almost certain to be slashotted?
    • Re:Honestly, really (Score:5, Interesting)

      by sbaker (47485) on Sunday January 12, 2003 @12:28AM (#5065182) Homepage
      I agree.

      Slashdot really, truly, utterly needs to have a local cache of the
      pages it references. It's getting to where Slashdotting is as bad as a
      denial of service attack - and that's a terrible thing to inflict
      on *anyone*.

      Probably 50% of web sites referenced from main news items are down within
      an hour of Slashdot mentioning them - and they stay down until a couple
      of days have passed. That sucks.

      They could easily implement some kind of opt-in thing where you put a META tag
      in your web page telling Slashdot that you grant them explicit permission
      to mirror the site for (say) a week after mentioning it - so Slashdot would
      have no legal/copyright come-backs. At the end of the week the Slashdot
      mirror could revert to become a redirect to the real site so you don't have
      problems with people bookmarking the Slashdot cache instead of the real
      site.

      The whole process could be automated.

      People who do cool things like this door lock would surely be aware that
      they could get Slashdotted and prepare for the event in advance by
      inserting the tag - and private individuals are the people who are
      most likely to have their server die.

      Companies that want to profit from their slashdotting by advertising from
      their page or taking orders off of it could just leave off the META tag
      and handle the traffic as now.

      An opt-in cache mechanism is a win-win-win solution. Slashdot wins because
      more people will use the service if it doesn't continually refer to dead
      sites. Readers will win because less sites will be dead-on-arrival - and
      web site operators will win (if they want to) by not having their site
      die from Slashdotting.

      • Slashtip #108: If you do something interesting, put your webpage on an AOL account and let them take the slasdotting :)
      • No, Actually (Score:3, Informative)

        by waldoj (8229)
        Slashdot really, truly, utterly needs to have a local cache of the pages it references. It's getting to where Slashdotting is as bad as a denial of service attack - and that's a terrible thing to inflict on *anyone*.

        Read the FAQ [slashdot.org]:
        Slashdot should cache pages to prevent the Slashdot Effect!

        Sure, it's a great idea, but it has a lot of implications. For example, commercial sites rely on their banner ads to generate revenue. If I cache one of their pages, this will mess with their statistics, and mess with their banner ads. In other words, this will piss them off.

        Of course, most of the time, the commercial sites that actually have income from banner ads easily withstand the Slashdot Effect. So perhaps we could draw the line at sites that don't have ads. They are, after all, much more likely to buckle under the pressure of all those unexpected hits. But what happens if I cache the site, and they update themselves? Once again, I'm transmitting data that I shouldn't be, only this time my cache is out of date!

        I could try asking permission, but do you want to wait 6 hours for a cool breaking story while we wait for permission to link someone?

        So the quick answer is: "Sure, caching would be neat." It would make things a lot easier when servers go down, but it's a complicated issue that would need to be thought through in great detail before being implemented.
        They could easily implement some kind of opt-in thing where you put a META tag
        in your web page telling Slashdot that you grant them explicit permission to mirror the site for (say) a week after mentioning it - so Slashdot would have no legal/copyright come-backs.


        You're a genius! Oh...wait...no... You just haven't read the FAQ [slashdot.org] :
        Is it possible to have META tags that Slashdot looks for in a story link before allowing it to be submitted/posted? Many times a server can't handle the load of a Slashdotting. So can the site have tags to prevent it from being added to a Slashdot story?

        Not inconceivable, but I don't really think it's worth the work. Most of the sites that are Slashdotted are prepared for it, and the sites that get smashed usually are caught completely off guard; they wouldn't know of this mysterious opt-out meta tag. (See also Caching Slashdot Stories).
        It's not rocket science to configure Apache to handle a Slashdotting. I've been hit three times in the past five years. Every time, my little 333MHz eMachine has done just fine. I just followed the instructions in the Apache guide. This guy took another fine route -- he took his pages off-line for the time being. Either route works.

        People who put up websites should recognize that people are going to look at it. Sometimes, a lot of people might look at it, as a result of a link from Slashdot or any of hundreds of other sites. People who bitch and moan about being linked to from Slashdot remind me of the companies who whine when people link to "confidential" webpages -- guess what, if it's on the web, it's not confidential.

        -Waldo Jaquith
        • Re:No, Actually (Score:2, Offtopic)

          by mad_cow (152516)

          Of course, most of the time, the commercial sites that actually have income from banner ads easily withstand the Slashdot Effect. So perhaps we could draw the line at sites that don't have ads. They are, after all, much more likely to buckle under the pressure of all those unexpected hits. But what happens if I cache the site, and they update themselves? Once again, I'm transmitting data that I shouldn't be, only this time my cache is out of date!

          Who cares? For them to get noticed on Slashdot, the interesting bits will still appear in the cache. Also, having the content cached doesn't mean that a link to the original site couldn't still be provided.

          I could try asking permission, but do you want to wait 6 hours for a cool breaking story while we wait for permission to link someone?

          Bullshit. If I want "breaking news", I go to CNN. I can't remember the last time I read a Slashdot article where the content of the article was time sensitive. It's just casual information to entertain and maybe educate the bored geek. Six hours is nothing. By the time Slashdot gets the news, it's already out in the open. It's not like they're going to get scooped.

          Not inconceivable, but I don't really think it's worth the work. Most of the sites that are Slashdotted are prepared for it, and the sites that get smashed usually are caught completely off guard; they wouldn't know of this mysterious opt-out meta tag. (See also Caching Slashdot Stories).

          So if the site doesn't have the magical opt-out tag or extra instruction tag, then fire up your e-mail client and get permission. Or just cache it and be done with it.

          People who put up websites should recognize that people are going to look at it. Sometimes, a lot of people might look at it, as a result of a link from Slashdot or any of hundreds of other sites. People who bitch and moan about being linked to from Slashdot remind me of the companies who whine when people link to "confidential" webpages -- guess what, if it's on the web, it's not confidential.

          The point is that it would be a decent thing for Slashdot to provide some mechanism to minimize the inconvenience caused by having a site or page linked on the front page. The points listed in the FAQ are weak. The bottom line is that some sort of cacheing would benefit both the owners of the content being linked (it wouldn't nuke their site) and the readers of Slashdot (no more seeing a cool story on Slashdot only to have to wait to read it because the Slashdot effective is already underway).


          Truth be told, there is already an informal Slashdot cache -- you often see kind users copying the meat of the page into a comment which always gets modded up to +5. Further proof that an official Slashdot cache would be well received.


          The only real argument against a cache would be the load that it would place on the Slashdot servers. They are tuned to handle their current content, but I wonder if they would be able to handle the load of serving up all that extra content in addition to the stuff that they already do.

        • by Fastolfe (1470) on Sunday January 12, 2003 @05:31AM (#5065920)
          I don't buy the FAQ's explanation. I think they're deliberately oversimplifying or just saying "it'll be too complicated and annoying for everyone" because they're lazy.

          At a very minimum, use a caching HTTP proxy to feed a "mirrors.slashdot.org" site. Links would be set up under their own, unique path on this site (e.g. mirrors.slashdot.org/some.site/path/document or even mirrors.slashdot.org/50449) and this would funnel into a caching HTTP proxy. So long as the other site set up reasonable cache headers, there is no reason why the sites would object to their pages being cached in this fashion. This is built into HTTP, for fuck's sake. Wherever they have advertising being done, they're probably doing that in an iframe with its own caching policy. HTTP would handle all of this perfectly fine. Set an artificially low max-age value (overriding the site's) if you're really worried about things getting stale, but even this is unnecessary.

          This is all fairly trivial to do. Slashdot authors/programmers have just gotten lazy in the last few years. They don't innovate or improve, they just watch over the slashcode "open source" project and occasionally toss out a few minor releases.

          From your quote of the FAQ:

          I could try asking permission, but do you want to wait 6 hours for a cool breaking story while we wait for permission to link someone?

          Why don't you use some fucking common sense, ask yourself, "Do I think this site will survive linking?" And if the answer is "probably not," then e-mail them or call them, give them a head's up, and only if you fail to get a response in a reasonable amount of time would I ever think it's OK to link to them anyway.

          They do have the information posted online, so any link and any amount of traffic is fair, but at least have the goddamn courtesy to mitigate the amount of damage you're knowingly causing. That's all that's being asked for: courtesy. Slashdot authors are lazy, that's all there is to it.
    • by KalvinB (205500)
      My site is running on a 256K DSL connection and survived the beating. Sure it was running at 600bytes per second but I could still access it. People just need to make their pages more bandwidth friendly. From acceptance to front page my story took about a day to be posted. That's plenty of time to rework a page if it's too bulky.

      However, if weren't possible to make it bandwidth friendly, Slashdot needs to take advantage of resources out there like their own server or SourceForge and work a deal to use temporary space upon request of the owner of the linked site. The owner could easily package up the relavent portion of the site and e-mail it over to be put up at the temporary location.

      If nothing else it would at least eliminate all the stupid "hey look it's slashdotted" posts.

      Currently, Slashdot is just a link site with commentary. If it's keeps killing all it's stories it's going to be a pretty irrelevent link site at that.

      Ben
  • by zaffir (546764)
    A video store gave me a little keychain barcode which I'm using here.

    So i just have to work at his video store (or have a friend who works there), make myself a copy of his barcode, and i get free reign of his house? Sweet.
  • Not very secure (Score:5, Insightful)

    by Anonymvs Cowardvs (253637) on Saturday January 11, 2003 @10:48PM (#5064889)
    Humble opinions aside, I can't see describing this as secure, at least compared to an "unpickable" modern lock (i.e., a lock that's tough enough to pick that you'll just go through a window instead).

    To get into my house, you need to have my key, or a copy of my key. If I let you look at my key, you won't be able to copy it; you have to have my key in your possession to make a copy.

    To get into this guy's house -- and please note that the pictures wouldn't load, so I'm going by the captions -- you need to have his barcode, or a copy of his barcode. If I look at his barcode, I can remember the information I need to copy it, even if I don't have his key when I make the copy!

    It's a neat hack, and *maybe* it's more convenient than putting a key in a lock (but it's also more complex -- I picture him standing at the door in the rain during a power failure), but it's not secure. Even a PIN pad would be more secure, becaues you can memorize the PIN -- you *have* to write down the barcode.
    • Re:Not very secure (Score:2, Insightful)

      by LFS.Morpheus (596173)
      You contradict yourself in your post, saying you have to write down the barcode, but you can remember the data if you were to look at his barcode...

      Contradiction aside, most people, and especially common thieves, would have no idea how to make a barcode. I personally know you can do it with some software, but I'm not familiar with any of it and have never done it. I do know there are several types of bar codes so that throws another hardball at you; you have to get the right type.

      In this case, also, if this person lost his bar code, it's his video rental card. It doesnt exactly scream "this is the key to my house." *No one* is going to think its the key to his house. That. Is. Cool. Of course, if he doesnt have a copy or cant get another copy of from the video store, he's also screwed, etc etc.

      On the other hand, if a thief were to somehow get your pin, I bet he would be able to remember the pin long enough to write it down, and entering it into your numpad is trivial.

      I think its at least more secure then you give it credit.
    • Re:Not very secure (Score:4, Insightful)

      by jjshoe (410772) on Sunday January 12, 2003 @12:35AM (#5065204) Homepage
      you can remember 12 digits? there was a time when i could remeber the 1st 6 of hp's barcode because i was often looking hp stuff up in our system.. 08689 who knows now.. that was a while ago.. but the point is most people cant look at 12 digits and just remember it...


      i use my drivers liscence to switch to root on my box.. its not nesecery, in fact its probly over kill and pointless. however. most importantly it makes me think for a second if im about to do something as root.


      plus, its something neet to brag about, which is part of the geek world. because you dont like it doesnt mean that himself and his friends dont like it

    • Re:Not very secure (Score:3, Interesting)

      by pongo000 (97357)
      If I let you look at my key, you won't be able to copy it; you have to have my key in your possession to make a copy.

      Don't go betting all your wordly possessions on this. An experienced locksmith (or someone who knows what they are looking for) can come up with a reasonable facsimile of your key based on the key cuts and the type of lock (probably imprinted on your key as well) if given a chance to look at your key. Keys can be traced and/or photocopied as well. A good reason why you should never leave your house key on the key ring when you hand over your car keys to someone you don't know or trust (valet, mechanic, etc.)
  • What's about power outages ? Let's say, are you going to be alone, signing in the rain along with lightnings?
  • by olrs (534447) on Saturday January 11, 2003 @10:51PM (#5064904)
    I hope his security system isn't on the same box as his webserver or we may have just locked him out of his house... hope its not raining.
  • by Ben Jackson (30284) on Saturday January 11, 2003 @10:55PM (#5064923) Homepage
    All you need to break into this guy's house is a few seconds with his "keys" and a photocopier. Though I guess if you were really worried about that you could put a small label printer by the door and get a new key every time you left...
  • Re: Power outages? (Score:5, Informative)

    by TheGatesofBill (637809) <sunookitsune@kitsunet.org> on Saturday January 11, 2003 @10:55PM (#5064924) Homepage
    The key still functions. From his site: "The door still functions as it did before, but now I have an additional way to allow the door to open."
  • by papasui (567265) on Saturday January 11, 2003 @11:14PM (#5064980) Homepage
    "..Maybe not the coolest of solutions, but actually a pretty good idea as for security in my humble opinion..."
    Unless you happen to have a 13oz can of Campbell's Cream of Mushroom soup lying around to pick the lock with....
  • I can see it now...

    <press release>

    Coming in 2004 from Microsoft, the leader in enterprise security, Microsoft Home Security .NET version 1.0!

    Not only can you now keep track of your MSN (tm) Instant Messenger Buddies on your computer, they can instantly know when you get home too! And don't forget about exciting new features like Internet Explorer In The Bathroom (version 8.0!) and a free Tablet PC with every purchase! Now you can feel secure about your home knowing that Microsoft's Award Winning Security Task Force is on your side! Sign up today and get 10% off the already 100% marked-up price!

    And coming soon, look for Microsoft's answer to Parking Lot security, Security Guard Who Looks Like A Drunk Bum Lying Near The Booth version 2.0! Hackers will never figure that one out!

    </press release>
  • I think this guy needs to invest in some sandpaper and some paint. Having a neat-o super keen way to get into your house is great, but if it your house looks like shit to begin with...

    That's mainly why I try to avoid "pimping out" my car. What's the point of a nice paint job and a fart pipe if the brakes are failing and the engine's falling apart?

    PAINT YOUR HOUSE
    • I think this guy needs to invest in some sandpaper and some paint. Having a neat-o super keen way to get into your house is great, but if it your house looks like shit to begin with...

      ...? What? What has the condition of the paint on the house got to do with securtity?

      That's mainly why I try to avoid "pimping out" my car. What's the point of a nice paint job and a fart pipe if the brakes are failing and the engine's falling apart?

      Your post makes the perfect example of contradiction ;)

    • We've all been paying attention to part two, making it hard to get into, but part one, which you noticed immediatetly, is that he's made his house look like there's nothing worth stealing in there in the first place.
  • Little wristband with my id on it, as I enter a room, get scanned, it sets the lighting, mood music I want...
    • why not just go one step furthur and get a barcode on your neck? that way all the companies can track you and beam "personalized" ads into your ear?
  • Proposal (Score:4, Interesting)

    by ShoeHead (40158) on Sunday January 12, 2003 @01:00AM (#5065260) Homepage
    This is getting rediculous--most small, independent websites like this can't take a slashdotting, and it's making it almost pointless to link it.

    It seems to me Slashdot could offer to mirror the content for a price, so that the linkee gets ad money, while slashdot carries the bandwidth burden.

    Is there no way to:

    1) Contact the website owner
    2) Alert him of the amount of bandwidth he's going to need
    3) Offer to mirror his pages such that ad referals still go to him
    4) Everybody profits?
    • Re:Proposal (Score:2, Informative)

      by swtaarrs (640506)
      I agree, that page and all the images took about 5 minutes to load on my computer, and I have cable modem. A simple, somewhat reliable solution for the present is to take advantage of google's page cache. Go to http://www.google.com and do a search for "cache:url_to_page" (without the quotes). True, it only gives you text, and not every page is cached in google, but google's servers are fast, and it can be of great help if the original page isn't loading at all.
  • by nautical9 (469723) on Sunday January 12, 2003 @01:03AM (#5065264) Homepage
    Dave Bowman: Open the pod bay doors, HAL.
    HAL: I'm sorry Dave, I'm afraid I can't do that.
  • Not. Half of /. doesn't understand how TiVo is diffrent than a VCR. And /. is suppose to be a geek crowd. Worse than that, X10 has been around since the 70's, and maybe a quarter of /. knows what X10 is.... Most of the people here probably think it's a windowing system for Linux (and to make it clear, you SHOULD know, it's NOT a windowing system for Linux, that would be X11, and that is a windowing system for UNIX, not Linux, and X10 has absolutely NOTHING to do with that...)

    PS: History and naming may show more meanings for X10 and X11, however, it's the common usage that I am refering to.

    • For those that lost the relevance to bar-coding.... My point was, how in the world can you expect something like bar-coding as a house key be important, significant, even remotely accepted as something that will ever happen in the future? The general population still is 1 step ahead of the 1800's "skeleton key" and not to tech savy. Even /. Readers are not so savy to make this happen in a moderate scale. How is this guys project even remotely significant?
  • Site Text (Score:2, Informative)

    by npendleton (255215)
    Google Cached Site text with photos removed:

    The front of the house. The windows on the left are to my room.

    In my window sits a cheap barcode reader. It's powered by a computer power supply I ripped from an old computer.

    Anyone who wants to get into the house can scan a barcode that they carry. A video store gave me a little keychain barcode which I'm using here. The scanner has a CCD; I don't have to slide the barcode. The scanner actually has a beeper that I can control from the computer. You can hear it beep from outside the window.

    Here's the driver circuit I slapped together for the barcode reader. It's just a MAX232 chip that converts CMOS/TTL levels to the RS232 spec. The output connects to the serial port of one of my Linux boxes. That box runs a trivial python program to read a packet from the serial port and send it via TCP/IP to another computer in the house.

    The receiving computer is connected to this K8000 experimenter board. I2C chips on this board . If your barcode was on the list of allowed keys, I raise output 7 on this board for 6 seconds. Input 6 (the right-hand illuminated LED) shows that the door was closed when I took this picture. See below for how I sense if the door is opened or not.

    Some successful reads.

    When the K8000 board raises the right output signal, this driver circuit sends 24VDC to the door strike, shown below.

    In this electric strike is a solenoid that relaxes the part of the strike that was holding the door closed. The door still functions as it did before, but now I have an additional way to allow the door to open.

    This is the top of the door frame, where I have wedged a reed switch into the wood. There's a magnet on top of the door that closes the switch when the door is closed (hence the turned-on LED in the picture above).

    Closeup of the reed switch in the wood.


    ###
    -Mac Refugee, Paper MCSE, Linux Wanna-be

  • This used to be an interesting page about the barcode scanner door entry system I built with Python and Linux. I posted this page because I'd like to share my project with others. I've answered emails giving people circuit diagrams, and I've had various online discussions about my design decisions.
    Now MC68040 and michael@slashdot.org decide that it's time for me to go down. They didn't ask me if they could link; they didn't ask if I'd like to put up a mirror somewhere else. At least michael-the-slashdot-editor knew that I'd be down in minutes if he made a link.

    I'd love to put this page back up, and maybe in several days I'll remember to do so. If you're interested in interfacing Linux with serial devices or electric door strikes, drop me an email at drewp@bigasterisk.com.


    Bitter?
  • USB Keychains (Score:4, Insightful)

    by milkmandan9 (190569) on Sunday January 12, 2003 @03:20AM (#5065687)
    Something occured to me when I read the blurb (as the article is dead).

    Instead of a barcode, why not use one of those USB-keychain things? Seems easier to rig under Linux -- just get the kernel to automount the device when it sees it and check some file on the device. Fit a USB socket into the wall and carry around your wee USB keychain.

    Authentication is the least of concerns...just dump a gazillion random bits to the drive and compare them with the copy on the house. I imagine you could probably rig up some spiffo public-key crypto, but I don't really see the point. One-pads work fine here.

    As usual, you've got the problem that if somebody steals your keychain, they can make a copy of it, but this is the same problem you have with regular keys or this barcode thing.

    Another benefit is you can rewrite the key on the USB drive after every use. If $BAD_GUY steals your key without your knowledge but you manage to get back to the house first, his key is worthless.

    The max # cycles isn't so hot on those flash drives, but I imagine you can get a few years worth of entry without any problems.

    Plus, with a 64MB keychain, you've got enough space for as many keys as you could possibly every need (640k, anyone?)
  • This used to be an interesting page about the barcode scanner door entry system I built with Python and Linux. I posted this page because I'd like to share my project with others. I've answered emails giving people circuit diagrams, and I've had various online discussions about my design decisions.

    Now MC68040 and michael@slashdot.org decide that it's time for me to go down. They didn't ask me if they could link; they didn't ask if I'd like to put up a mirror somewhere else. Of the two of them, at least michael-the-slashdot-editor should have seen that I'd be down in minutes if he made a link.

    I'd love to put this page back up, and maybe in several days I'll remember to do so. If you're interested in interfacing Linux with serial devices or electric door strikes, drop me an email at drewp@bigasterisk.com.

    "I posted this page because I'd like to share my project with others."
    "They didn't ask me if they could link; they didn't ask if I'd like to put up a mirror somewhere else."

    Now, I've got a lot of respect for people who come up with new ideas and actually make them happen. I appreciate it when they tell the world how to do it. I think it kicks ass when Linux is their tool of choice. But what the hell is this guy thinking? "Stop looking at the information I want you to see!" It's pathetic when some stupid company wants to restrict linking, but it's inexplicable when a hacker does it.

  • My commends (Score:2, Informative)

    by MC68040 (462186)
    First of all, as you see on this guy's site now, he's taken it offline due to the load. I've sent him an email explaining that there woulden't be a slashdot effect if nothing was posted on slashdot but that I'm sorry anyway.
    Second of all, as for security.
    I was not considering this as a high-level mumbo-jumbo super-secure system but I'm just of the opinion that it was pretty neat (atleast more neat that just sliding your magnetic stripe card throught a reader) and a easy way to provide users with time-limited access not for it to be a failsafe system =) It's just cool.

    My 0,5 cents.

"Whoever undertakes to set himself up as a judge of Truth and Knowledge is shipwrecked by the laughter of the gods." -- Albert Einstein

Working...