Schneier on Security

A blog covering security and security technology.

« 1959 Random Number Generator | Main | How Not to Test Airport Security »

December 17, 2004

Burglars and "Feeling Secure"

From Confessions of a Master Jewel Thief by Bill Mason (Villard, 2003):

Nothing works more in a thief's favor than people feeling secure. That's why places that are heavily alarmed and guarded can sometimes be the easiest targets. The single most important factor in security -- more than locks, alarms, sensors, or armed guards -- is attitude. A building protected by nothing more than a cheap combination lock but inhabited by people who are alert and risk-aware is much safer than one with the world's most sophisticated alarm system whose tenants assume they're living in an impregnable fortress.

The author, a burglar, found that luxury condos were an excellent target. Although they had much more security technology than other buildings, they were vulnerable because no one believed a thief could get through the lobby.

Posted on December 17, 2004 at 9:21 AM • 4 Comments

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

Rich • December 17, 2004 12:29 PM

I Had an experience back in the late 1970's at LAX where I saw repeated failure of the hand scanner of the only gate attendant there.
I asked to chat with a supervisor about the fact that an OVERLY SENSITIVE detector was an overt invitation to breach security.
.....They threatened to turn me over to the FBI for my public critisism of them!

Dylan • December 19, 2004 10:18 PM

kstreetfriend - wtf?

Regarding the blogpost, agree. This cuts to the heart of professional shoplifting and other 'in plain sight' scams.

The answer? I don't know, I really don't feel like being my family's watchdog 24/7.

Ted Demopoulos • December 22, 2004 7:21 AM

I am reminded of a theft that amazed me when I was a child. Two men picked up an aluminum boat on display at a Sears and walked out the door. No one stopped them - who would ever steal something so brazenly? That taught me an important lesson.
Years later while developing gambling software for a large gambling syndicate, I was getting endless flack about very minor security details when there were far more important issues to deal with. To make a point, I breached several levels of physical security, bluffing my way past several guards while flashing fake credentials and insisting that my job was very important and time critical and they had best not impede me.
I got through, called the manager hassling me from the "very secure" main server room and told we had some issues with physical security which needed to be addressed first.
Of course i should have gotten permission for my physical pen test first, but I was young and brash at the time:)

Clive Robinson • December 31, 2004 2:43 PM

Ted, you where lucky when I proved to the Cheif Enginner at a company I was working at that the new design for a nice expensive finger print scanner could be easily circumvented with the wax from an Edam cheese, some WD40 (thin penetrating oil) and some Copydex (ruber solution glue) I got sidelined and then pushed out the door within six weeks.

Oh the idea although I discovered it for myself was not original, read Sherlock Holms stories for the earliest refrence I can find to faking fingerprints with wax...

Post a comment

Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.

Subscribe via Kindle

Blog Menu

Search

Powered by DuckDuckGo

Blog Home Page
100 Latest Comments

Archives by Date

2013 J F M A M
2012 J F M A M J J A S O N D
2011 J F M A M J J A S O N D
2010 J F M A M J J A S O N D
2009 J F M A M J J A S O N D
2008 J F M A M J J A S O N D
2007 J F M A M J J A S O N D
2006 J F M A M J J A S O N D
2005 J F M A M J J A S O N D
2004 J F M A M J J A S O N D