Keycode Access: Difference between revisions

From Noisebridge
Jump to navigation Jump to search
(12 intermediate revisions by 10 users not shown)
Line 1: Line 1:
==Contact & Info==
This page documents the current implementation of the entry keypad, and proposed additions. If you would like to help out, you might want to make this page more accurate, or implement some of the wishlist. This system is a delicate balance of different people's needs and concerns, so changing the basic way that it operates would be poor form. To build an alternative way to access Noiseridge, consider building software that accesses the [[API]].
Feel free to add yourself here if you plan to work on the project. There will be some email-based discussion and record keeping for this project, and that info will be added here if you just want to lurk and complain.


===Team===
= Meta =
*[https://twitter.com/DBAHULK Hurtstotouchfire]
*[https://twitter.com/DRUNKHULK Tom]
*[https://twitter.com/Real_Hulk Jake]
*[https://twitter.com/securityhulk SuperQ]
*[https://twitter.com/FilmCritHULK Terry]
*[https://twitter.com/feministhulk FEMINIST HULK]
*[https://twitter.com/ryanobjc ryan]  (software)
*[https://twitter.com/feministhulk davidme]


==Current Implementation==
==Team==


Keypad hardware hooked up to Minotaur at /dev/ttyS3 - [https://www.noisebridge.net/pipermail/noisebridge-discuss/2012-February/028485.html The fucking doorkeypad is finished]
Please add yourself here if you're a stakeholder on this project.


==== Backend software (baron.py) ====
*[[User:Hurtstotouchfire]]
On Minotaur:
*[[User:Flamsmark | Tom]]
*[[User:Jake]]
*[[User:SuperQ]]
*Terry
*[[User:Dj ryan]]  (software)
*[[User:Davidme]]


/usr/local/share/noisebridge-baron/baron.py - baron script, takes arguments --port=/dev/whatever and --codefile=/var/blablabla/codes
= Implementation Status =


/etc/init/baron.conf - jesse's init script
== Overview ==


/usr/local/share/noisebridge-baron/codes.txt - codes file, any line starting with a 4-7 digit number (ignoring whitespace) is interpreted as a valid code, # is used for comments
A script on [[Minotaur]] called <tt>[https://github.com/noisebridge/noisebridge-baron baron]</tt> manages the payphone keypad stationed outside Noisebridge's gate. The payphone is connected to Minotaur by a long blue CAT5 cable which runs up the stairwell and across the ceiling. This cable carries two-way serial data and 12VDC to power the arduino in the payphone.  When a use enters a valid code followed by <tt>#</tt>, <tt>baron</tt> uses the Noisebridge [[API]] to open the [[gate]], while the payphone LED flashes blue, and a "happy" sound is heard. If an incorrect code is entered, or enough time passes between button presses, the payphone LED flashes red, and a "sad" sound is heard. If the gate API throws an error, the light turns red and a sad noise is played three times.


==== Behavior ====
== Minotaur ==
* Keypad accepts 4-7 digit codes.
* When a valid code is entered, the light turns green, a happy noise is played, and the gate is buzzed.
* When 7 digits are entered (that are not a valid code), the # or * keys are pressed, or 5 seconds passes after the last keystroke, the light turns red and a sad noise is played. (And the key buffer is reset.)
* If the gate API throws us an error, the light turns red and a sad noise is played three times.
* The list is checked at each keystroke, so if both 3345 and 334567 are valid codes, 334567 will never be usable — the gate will open immediately once a user types 3345. This was a design decision to make it faster/easier to enter a code, but it can be changed if desired. (Just remove "and digits not in codes" from baron.py, and you'll be able to use # and * to terminate a code less than 7 digits long.)


==== Todo ====
* The keypad hardware hooked up to Minotaur at /dev/ttyS3 https://www.noisebridge.net/pipermail/noisebridge-discuss/2012-February/028485.html
* Add an access log of some sort, and switch out stdout debug/error messages for something more useful
* The hardware above actually runs on 12V (not 5V) and the Arduino code in the above post is outdated.
* Add a way to add/remove codes (from Pony?), somehow syncing the file to Minotaur.
* Updated Arduino code for the doorkeypad hardware can be found here: http://spaz.org/~jake/r/mccad/arduino/doorkeypad3/doorkeypad3.pde
* If you change the way codes are loaded, please ensure it's done in a way that won't interrupt a user in the middle of using the keypad. (So, don't just restart the process.) Currently, it tries to refresh the codes list in a background thread every 30 seconds — if the file is corrupted or missing, it continues with the last good list.  
* <tt>/usr/local/share/baron/noisebridge-baron/baron.py</tt> - baron script, takes arguments --port=/dev/whatever and --codefile=/var/blablabla/codes
* Add a "bad" codes list, to block codes from being reused.
* <tt>/etc/init/baron.conf</tt> - jesse's init script
* Add the ability to expire codes - maybe a comment in the codes.txt file?
* <tt>/usr/local/share/baron/codes.txt</tt> - codes file, any line starting with a 4-7 digit number (ignoring whitespace) is interpreted as a valid code, # is used for comments


==Keycode System Features==
Please label your codes so that others know who to contact and when to expire them.
*Numberpad on front door
*Database of codes... on pony? With notes? Probably we need a basic schema for what info we do and don't want to log.
**Tom wants it to be a text file with a pin or rfid code per line and comments delimited by hash marks
*Logging keycodes (necessary to be able to shut off problem codes)
**keycodes not formally associated with individuals
**member keycodes differentiable in some way
**keep logs for 7 days
**require 2 users to access logs (cryptographically)
*Keycode Generation
*Distribution
**how to distribute without leaving electronic records associating code with individual?
**the most paranoid users will not trust the system anyway
*Disabling keycodes
**presumably not a feature needed immediately.


==Hardware==
= Future Plans =
There are 3 components to a doorlock system:


# A code entry box (physical hardware)
To improve, the code, please issue a pull request against https://github.com/noisebridge/noisebridge-baron. It you improve the hardware, please document the new state here, and make note of your changes in the [[changelog]]. If you would like to make changes to '''how''' the system works, as opposed to just how elegantly it's implemented, please talk to the people named above.
# Security controller (computer) (we already have minotaur which controls the doorlatch)
# Electronic doorlatch (i.e. buzzer [may be silent])


Commercial door control systems usually have a central controller which is physically located inside the building and cannot be accessed from the entry box. The code entry box is connected to the controller via hard wires (usually serial). The controller can activate the doorlatch via the existing [[Getting In | Noisegate]] relay.
The software has to be gone over to make sure it can be run in multiple instances, because someday we will put a second keypad at the top of the stairs, so that buzzing someone in requires a code.


===Potential Products===
We should also create a web-accessible door-opener page which requires a code (from the same database) so that, in case we decide to end the uncredentialed door opener page, we will have a code-authorized alternative already in place.
*Jake has volunteered to design and make serially-accessed codepads, one for the gate and one for inside.
*[https://www.noisebridge.net/pipermail/noisebridge-discuss/2012-February/028485.html The fucking doorkeypad is finished]


*[http://www.hidglobal.com/prod_detail.php?prod_id=8 HID prox reader] - Supports RS422 and Wiegand
==Keycode Generation==
*[http://www.hidglobal.com/prod_detail.php?prod_id=347 HID keypad with 125KHz (prox) + 13.56MHz (iClass)] - Only supports Wiegand


*Will may need a Wiegand interface:
There can be any number of plugins that generate keycodes, as long as they are non-destructively copied to the codes file on Minotaur.
** http://en.wikipedia.org/wiki/Wiegand_interface
** Cost is about $100-150


*Talked to [http://www.sanfordpc.com/ Terry] tonight who says he has a friend who has a bunch of access system gear that we could get donated. linuxman2001@gmail -- [[User:Hurtstotouchfire]]
== Todo ==


===Implementation Considerations===
* Add a "bad" codes list, to block codes from being reused.
*Should we buy or build the controller?
* Add the ability to expire codes - maybe a comment in the codes.txt file?
*Shannon wants to replace the current keypad system with something fancy
* Add another keypad at the top of the stairs, so letting someone in requires a code
*Jake thinks we should just add the keypad onto the gate with U-bolts
* Create a web interface, so buzzing the door from laptop requires a code
**we would need to talk to the landlord to do this (unless we can do it without drilling?)
**at present, we plan to just add an additional keypad and only replace the button system if the keypad is successful

Revision as of 15:26, 4 October 2012

This page documents the current implementation of the entry keypad, and proposed additions. If you would like to help out, you might want to make this page more accurate, or implement some of the wishlist. This system is a delicate balance of different people's needs and concerns, so changing the basic way that it operates would be poor form. To build an alternative way to access Noiseridge, consider building software that accesses the API.

Meta

Team

Please add yourself here if you're a stakeholder on this project.

Implementation Status

Overview

A script on Minotaur called baron manages the payphone keypad stationed outside Noisebridge's gate. The payphone is connected to Minotaur by a long blue CAT5 cable which runs up the stairwell and across the ceiling. This cable carries two-way serial data and 12VDC to power the arduino in the payphone. When a use enters a valid code followed by #, baron uses the Noisebridge API to open the gate, while the payphone LED flashes blue, and a "happy" sound is heard. If an incorrect code is entered, or enough time passes between button presses, the payphone LED flashes red, and a "sad" sound is heard. If the gate API throws an error, the light turns red and a sad noise is played three times.

Minotaur

Please label your codes so that others know who to contact and when to expire them.

Future Plans

To improve, the code, please issue a pull request against https://github.com/noisebridge/noisebridge-baron. It you improve the hardware, please document the new state here, and make note of your changes in the changelog. If you would like to make changes to how the system works, as opposed to just how elegantly it's implemented, please talk to the people named above.

The software has to be gone over to make sure it can be run in multiple instances, because someday we will put a second keypad at the top of the stairs, so that buzzing someone in requires a code.

We should also create a web-accessible door-opener page which requires a code (from the same database) so that, in case we decide to end the uncredentialed door opener page, we will have a code-authorized alternative already in place.

Keycode Generation

There can be any number of plugins that generate keycodes, as long as they are non-destructively copied to the codes file on Minotaur.

Todo

  • Add a "bad" codes list, to block codes from being reused.
  • Add the ability to expire codes - maybe a comment in the codes.txt file?
  • Add another keypad at the top of the stairs, so letting someone in requires a code
  • Create a web interface, so buzzing the door from laptop requires a code