Announcement

Collapse
No announcement yet.

Medeco responds to bump key stuff from this year...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Schuyler
    replied
    Re: Medeco responds to bump key stuff from this year...

    The deny deny deny is common, we often get lucky if a silent patch ever comes along. There are a lot of parallels and a lot of hubub about responsible disclosure right now. As a friend of mine, CS guy, not an LP guy, said "There is no debate about responsible disclosure, these issues have been solved already." referring to the struggles of the hacker community.

    What's happening with Medeco is interesting. Elsewhere they mention that they will be headed to Florida to see the attacks and address at least the deadbolt bypass. It's my hope that they will take a first hand look at the bump attack as well.

    I wouldn't mind seeing the USGov on Abloys anyhow, though.

    Leave a comment:


  • astcell
    replied
    Re: Medeco responds to bump key stuff from this year...

    So if you close your eyes and believe hard enough, it makes it so.

    Leave a comment:


  • sk00t
    started a topic Medeco responds to bump key stuff from this year...

    Medeco responds to bump key stuff from this year...

    From Wired.

    Probably old news to the LP ninjas, but it was interesting to me. In the other talk last year on this I kept thinking (having no lock-fu myself) that this reminded me of the early battles with software vendors in the 90's: deny, deny, then silently patch.

    From Medeco's director of tech:

    "We stand behind our locks," Roberson said. "We don't believe you can use a bump key on Biaxial or M3 (locks) at all, whether it's with a paper clip or not. We believe that this information is factually incorrect."

    Umm... Okay...
Working...
X