[Noisebridge-discuss] Access control & Safety, both personal and general space.

Shannon Lee shannon at scatter.com
Wed Feb 8 14:16:44 PST 2012


So what we need is a database which can

* associate a handle with a phone number (or hash), an RFID match-key (or
hash thereof), et cetera
* associate a handle with one or more upstream handles (or the designation
"consensed member" or something).

Once we've got that, we can start tying access systems to that.

LDAP anyone?

--S

On Wed, Feb 8, 2012 at 1:39 PM, Jonathan Lassoff <jof at thejof.com> wrote:

> On Wed, Feb 8, 2012 at 1:31 PM, Casey Callendrello <c1 at caseyc.net> wrote:
> > I like this classification, with one caveat: Only the Treasurer + Board
> > should be able to define Consensed Members. If this is enshrined in some
> > sort of system running on Pony, then anyone with sudo will be able to
> > l33t h4x0r it, but that's probably okay.
> >
> > One possible issue: if this is somehow stored programatically and used
> > for Caller-ID access, then there *will* be, on disk, a list of member
> > pseudonyms and their phone numbers (opt-in, of course). I think the
> > presence of such a list  is okay, and I'm comfortable with my own number
> > being there, but if someone is offended by the mere presence of such a
> > list *and* has a better suggestion, I'm all ears.
>
> Perhaps bcrypt the phone number and store that instead? That way, you
> can verify that something's in there, but it can't be easily figured
> out what it is.
>
> > Otherwise, I'll try and hack this together soon.
> >
> > I can also think of two decent hacker tests: first, if you can spoof
> > callerid to be from a specific number on the wiki, then you're okay.
> > Alternatively, anyone who can generate DTMF A-D is also worthy.
>
> Awesome! I think if we can detect 'em, KP or ST tones or a 2600 Hz
> tone should get you in :p
>
> It'd be awesome to be able to use a captain crunch whistle to get in.
>
> I'd love for nothing more than to be able to re-capture the joy and
> whimsy of trying something to hack ones way in that "just works".
>
> --j
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>



-- 
Shannon Lee
(503) 539-3700

"Any sufficiently analyzed magic is indistinguishable from science."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20120208/ec609d62/attachment.htm 


More information about the Noisebridge-discuss mailing list