Schneier on Security
A blog covering security and security technology.
« Security-Breach Notification Laws |
| Defeating the Shoe Scanning Machine at Heathrow Airport »
December 13, 2007
Bank Vault Plans Found in Trash
A Berlin hairdresser discovered top-secret plans for a safety vault at the Bundesbank's Berlin branch in a bin, the German central bank said Thursday.
Posted on December 13, 2007 at 12:32 PM
• 28 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
It would be interesting to see these documents. But they are probably not being disclosed.
In America they would charge her with a crime for finding those plans. "Unauthorized possession of intellectual property with intent to embarrass" or some such nonsense. (Or running with scissors.)
Or they would put card locks on public recycle bins ;>
At the rate at which German banks are beginning to go under, it may be a mute issue to have plans of the vault available to the public.
BTW, "Bundesbank" is not just another German Bank ... it is _the_ Federal Bank ...
> A Bundesbank spokeswoman ... said
> she believed it would be impossible
> for anyone to break into the safety
Famous last words.
I guess that Bundesbank has yet to even discover a shredder?
Being not an expert at breaking into vaults, is this not akin to revealing the code for an electronic security system? I.e. if well-designed, its not a big deal?
P.S. In college I found (still have, somewhere) complete blueprints for a reasonably nearby supermax prison expansion. I presume that if the FBI ever busts down the door, that will be added to my crimes.
shoobe01, I guess I'm kind of like you. If I found secret plans I'd hang onto them until I figured out something useful to do with them.
This kid never should have reported the blueprints. But he did, the authorities confiscated them, and now Bundesbank will probably learn the plans.
I don't know if this "found in the dumpster" story is going to hold up under waterboarding. He may be headed to a prison near you. Maybe you should dig out those old blueprints and lend the guy a hand.
Not to worry, the concerned citizen brought the plans straight to Germany's flashiest tabloid - Bild - which promptly ran them on its front page
Has a 'photo galllery', in which you can get at least a bit of an idea of the type of document.
"What, these? I... uh... I found them in the trash! That's right! The trash!"
That story is fantastic - arrested as a terrorist for walking on a public bicycle path.
I quite liked this quote:
'Ms Cameron said: “It is utterly ridiculous that such an inoffensive person as myself should be subject to such heavy-handed treatment.��? '
She's got them sussed, even if she doesn't realize it - where they slipped up was in treating a wealthy white lady poorly. If they'd just stuck to scary brown-skinned people, it would all have been fine.
I think rummaging around in a trash can is a much more serious offence than taking photographs from a train!
> “We will robustly prosecute anyone
> [except Ms. Cameron] who breaches
> these new security measures because
> they have been introduced by the
Perhaps when mainstream people (and real estate developers) realize what stupid controls our governments are "introducing" on us, more people will laugh in the face of authority.
Then again, maybe we're all neutered sheep.
I wonder if this was some sort of Cold War-style dead drop that was intercepted?
Thanks. I hope someone will release hi-res scannings of the plans on the web. The images in the "gallery" is not worth much.
Bundesbank is probably just trying to prove that security by obscurity is unnecessary.
That is what you call the weakest link of the chain.
What scares me is that there may be weaker links than the ones discovered.
Also, weak links are there in all chains...
Many Bothans died to bring us this information.
(from the article posted by "m")
"because of September 11, I would be arrested and charged."
What was she going to do? Run into a building (repeatedly) to bring it down?
This really is sad. I can't think of a better word for it. Next thing you know, having your car parked longer than you have paid for will be classified as "terrorism". This should have been, at most, a traffic offense, and I'd be laughing if she would have gotten a ticket for that.
It's something like running a red light with your bicycle in the Netherlands. Of course that is an offense, but just about everyone does it, and people very rarely get more than a verbal warning and have to promise they'll never do it again.
How can someone who is walking be a security risk, when a cyclist isn't? What if she was riding her bike there, and she had to walk because she got a flat tire? Would that be a threat as well?
Anybody remember Ray Bradbury's "The Pedestrian"? From the 50s sometime.
Anybody have a record of an earlier incident of detention for the crime of walking than this?-- Summer of 1962, LA suburb with no sidewalks because nobody would walk there, guy walking, picked up as suspicious character. Of course, I don't have the clipping any more.
Aren't vaults like crypto algorithms. There security is based on the secrecy of *only* the combination/key. The plans should not change anything....
Reminds me of the time I was in junior high and I wanted to make a Doom level modeled after my school (sounded like a cool idea at the time). Note this was before any of these senseless public school shootings began to take place.
I told the school that I wanted to make a 3D model of the school on my computer at home. Not only did they give me blueprints to the school to take home, but they gave me their only copy of the blueprints. I traced it at home and promptly returned it the next day (wanted to minimize the potential of it getting lost). Never got around to making that level (probably for the better).
Looking back on it given the recent school shootings that have taken place, I wouldn't dare ask something like that even if I had the best of intentions. But it still baffles me that they just gave me the blueprints (I was expecting some sort of security protocol to go through). I guess they too wouldn't dare do something like that nowadays either. Interesting how times change.
@At the rate at which German banks are beginning to go under, it may be a mute issue to have plans of the vault available to the public.
Maybe those weren't plans. Those were real-estate prospectuses (prospecti?)
re: doom levels for schools.
If I was the local SWAT, that's precisely what I'd want --- accurate doom levels for my SWAT to *practice* with. It's all a question of making sure that you pick the right "bad guys"
In my area of the U.S., it's illegal to go 'dumpster-diving'. If you're seen rummaging through trash bins of any business or privately own garbage bin other than your own, you will be jailed and charged for criminal trespass.
Didn't see this one, but the big "secret" in many bank vaults is that the door side is the only strong part, which works out as most crooks are dumb and try to go in the same way as the employees do.
Near here, recently, a small bank branch was robbed by a couple of guys with a pickup truck who simply rammed the outside brick wall and thus broke down the "back wall" of the safe.
Avoids the usual inside the bank alarms.
Of course, they were soon caught, many things in that safe had recorded serial numbers, and no point having what you can't use.
"...they were plans that would lead the Rebel forces to the main reactor."
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.