Rocks vs Wiegand: Access Control Risks

By Brian Rhodes, Published Jul 14, 2021, 11:53am EDT (Info+)

Wiegand is an access control security risk but so are rocks. How should security professionals handle such risks?

IPVM Image

Access control manufacturer PDK's founder talked about their new OSDP enabled product while emphasizing that other fundamental risks still exist, such a simply throwing a rock through glass to break in.

Inside this report, we share:

  • PDK Founder contrasts Wiegand vulnerability to rock smashing risks
  • Comment on how OSDP used to segment access market
  • Why exploiting Wiegand does not take great complexity
  • OSDP importance as 'Industry Standard'
  • Examining how OSDP fixes Wiegand risk

For background, see OSDP (vs Wiegand) Access Control Guide.

PDK ******* '*** **** ****' ********* ****

****** ******* **** ****** ****, ** ****** ************ **** **** while **** ******** ******* ******** *******, physically ******** * ****** ** * major **** ******:

** *******, *** *** ********** *** new, ****** ******** ****-******* ******** ********* ***. *** *******'******-****** ******** **************** ******* **** *** ** *** support ****.

IPVM Image**** *****, ********* *** **-******* ** PDK (**********)****:

************'***********'.*******,************************,*'******************,***,******************? (*******?)*****,****,***'****************************************.*******,******'***************************************.********,*******,*************************************************************,******************.

**** **** '** ******* ******'

***** **** **** **** **** ** used ** ************* *** ******** ********** to ************ '******* *** ******' ** exclude ****** ********* **** ** *** have **:

****, ***** **** ** ***** ** the **** ****, *** ****, ***** in **** *****, *'* * ****** bit ** * ******** **** ****** like ****. ***, *** **'** *** a ***** ** *********** ****** *** organization **** *** *** **** ***** this ********** *** *** ** ********* what's **** *********.

*****'* ** ******** **** *****'* ********** in *** ********, ****'* ********* ** large ************* ** ******* *** ******, right?

*** ** ******* ******

*** ********* ********** *** '*******-********' ** using********(************* ****) ******* **** ***** *** doors ** *** *****:

**** ***'** ********* ** **** (******* door **********) ******, *** *'** *** my ********** *** ** *** ****, and *'* ******* ** ****, ***** three, ****, ** **** ****, **** the ******* ** **** ****, ** really ** *** ******* **** ******** is ***** ** *** * ******* and *** *** **** ***, *****, and ***** ***, *** ****, *** wires *** ******* ** **.

*******, ******** ********** *******'* ******** ** not ******* ******* ** ******. ** fact, ***** ******* ******* ****** **** than * *********** *** * *** minutes ** ***.*** ***** ***** ***** *** ******* are ********* *********:

******* ******** *** **** *** *********** to ***, **** **** **************** ~$** - $** ******.

OSDP ********* ** '******** ********'

***** ****** **** '********* *********' *** to ** ******** '** ******** ********' for ******, *** ******* ***** ** saying ** *** ******* ** ***** security:

**, *** ****, *'* *** ***** say **** * ***'* ******* ** OSDP, * ***** **** **'* ********* important. *** *** ***, ** *** the **** ** ***** ********* ******* it *** *** ***** ***** ** do *** ******* ********* *** ***** it. *** ****'* **** ** *** is ********* *** ****** ** ****. And *** ******* ** ****** **** out *** ***. *** **** ** truly ********** *** *** **** **** that **** **** *** **********. *** there *** ********* ***** ***** ** features **** *** **** ** **** adjustments ** ******* ** ******* ** becomes ** ******** ******** ** ******** specific.

OSDP **. ******* ****

**** ** ********* ******* ** **** security ** *** **** *********** ** access ******* ** ***********.

******** ******** ******* *.*.*, ***-*** *** ********** ** **** on **** ******* ****** *** **********. Previous ******** ** **** *** *** support **********, ** ** *** *** defined ** '*********' ***** ****.

**** **** ****** *******, *** ******** between ****** *** ******** ********** ** encrypted ******* **** ************ *** ********* copying **** '*** ** *** ****** devices.

******* **** *** ******* ******* ****. For *******,*** $** ******** ***$** *** **** ************ *** ********** **** (********** ** how ****** *** ****** **) *** makes ** **** ** ****, ******, or ********* ****** **** **** ** break **** ** ****** ******:

IPVM Image

****** ***** ****** ****** ** ********** to *** **** ** ******* ******* when ******** *** ********* ** *** reader. *** **** *********** **** ********* can **** ** **** ** ****** identical ****** ** ***** ***** ** to ****** ***** ******* ******* ** systems ********* ******* ********.

****/****

Comments (14)

***** !! ** ****** ** *** still * ****** ** ******* ****** on ****** *******. ***** **** * one-down-man-ship ******** ** ******** ******** *** we ***'* **** ********* **** * tamper ** *******.

***

Agree: 2
Disagree
Informative
Unhelpful
Funny

******** *** ** ***'* **** ********* have * ****** ** *******.

** **** * ****** ******, ** is *** ********** ** *********!

Agree: 2
Disagree
Informative
Unhelpful
Funny

*** * **** *****, ****. ** can ********** ****** * ****** ****.

IPVM Image

Agree
Disagree
Informative
Unhelpful
Funny: 4

********, *** ******* ************* ** **** access ******* ******* ** **********. ** need ** ***** * **** ******* the ******, **** **** *** ******* to ***** ** ***** *** ******** and **** **** ***** **. **** people **** **** ******** **** *** door **** *** *** **** *****. During ** ******** ***********, * **** that * *** *** **** * building ***** **** ********* **** **% of *** ****.

**** ********** ** **** ******* ******* of *** * ***-*******, ****-***** ******** to ******** **** ** *****. *** level ** **** ****** ******* **** facility ** ******** *** **** ** mandatory ** *** ******** ** *********** at *******.

******* ***** ** ********** *** *********** to ******** ***** ** ******* **** as ******* **** ************** ***** *** networks ** ************** ***********. *******, ** most **********, ***** *** *** ********** cases ** ** ******** ******* ****** using ***** *******. ***** *** *** easier **** ** ***** * ********: tailgating, ******** * *****, ** ****** looking *** * **** **** *** failed ** ***** ********.

**** **** ***** ****, * ***** that ** ** ************* *** * manufacturer ** ******** ** ***** ******** that **** ***** ******** *************** **** more ****** ******** *** ** ******** at ****** *** **** ****. **** consumers *** ***** *** ********** (******* false) **** *** ******** ******* **** by * * ********* ************ **** indeed ******* ********. ******* * ******* with ***** ******* ******* ** ********** in ** *******.

Agree: 20
Disagree
Informative: 1
Unhelpful
Funny

* *****'* **** **** ** ***** types ** ******* ** *** ***** anymore. *** **** ***** ** *** easiest ** ******* *** ****** *** you ***** ** **** ******* ** find ***.

* ******* *** **** ** ******** to ** ********* *** **** **** don't ****** ****. ***** ******* ** to ******* * *** ****** **** a *** ********** *** **** ***** are *** ******** **** ***** ********* cards ****. **** ******* * ******** to *** * ********** **** ** even * **** *** ** *** extra ****.

**** ** ****** *********** ** ****** bid ***** ******* *** *** **** readers.

Agree
Disagree
Informative
Unhelpful
Funny

* *** ******* ******* *** *** comments *** *** ********* **** * was ********. * ***** *** **** question ****** **, "*** **** ** your ********* **** ***** ******** *****?"

*** ** *** ****** * ******* the ******** ***** ** *** ********* at *** **** ** *** *** don't ****** ******** ** **** ** more ******. *** *** ******* *** a ***** ******* *** * *** floored **** **** ********* ****. * have **** *** *** **** **** installed ** *** **** *** *****. I ********** *** ******** ************** *** the **** *****, *** ***** ** no ****** *** ** ******* **** didn't **** ****** ******* ******.

** ******* *********, *** ******* ** often **********. ****** ***** ******* * mullion ** ********* **** ** ****.

* **** ****** ****** **** **** I **** ******* ***** ** ******* just ** *** *** ******** **. I **** ***** **** ** *** area ** ******* *** ****** *** as ****** *'* ******** ** ** there *** ********* ** *** **** anything. **** ** ****** **** ***** when *** ********* ***'* ********* **. If *** *** ******* *** *** part *** ******* **** ********* ********, people ********* ***'* ******** ***. **** when *** **** ********** **** ** raise ******. ****** **** ***'* ****** true. * *** ********* ******* ***** ago ***** * ****** *** *** back ******* * ******* **** ****** a ***** ** * **** ****. He *** ******** *** *** ***** time ** **** *** *** ******* and ** * ***** *** ****. The ***** **, ** ***** ***** for ****** ** **** *** ** employee **** * *****.

**** **** **** ******** *******, **** asked ***** *** **** ***. * said *** **** ******* ** ***** they ********* ****..."**, *** **** ********." This ********* **** **** ******* *** used ***** *** *** **** ****** at *** **** *** ***** **** the ***** *******.

Agree
Disagree
Informative: 1
Unhelpful
Funny

* ******* *** ******* "****" ******** risk *** ******* ****** ******* ***-***** remains *** ********* *********** *** *** ability *** **** ** ** ********** in ** ******* ** *** ***** grocery *****.

**** ** **** *** ******* ***** recognize **** ***** *********** *** ******** WORSE **** **** (******* **** *** spoofing * **** ****-****** *** ****** it **** **** **** ******* *** a **** ****** **** **** *** not) **** ********** ** ** **** to **** *** ****** *** ******* readers *** ***********.

********** *** ****** ****--*** *******--*** ******* way ** ******** * **** ****** entry *****.

******** ******* **** * **** *** gain ******* *****, *** ****'* **** a ********** ***** ****** ** *** (layered ********), ** * ***'* ***** it ** * ******* ***** ** PDK.

**** ** ********* *** ******-******** **********, "checks *** ***" *** * ******** manager *** ***** ** **** **/*** is ********* ****-*********, *** ************ **** the ******** ******** ** ******** *** tech.

Agree: 1
Disagree
Informative
Unhelpful
Funny

* ***** *** ***** ***** ***** a **** *********** ** **** *** may *** ** ***** ** *** intrusion *** * **** ****, ** ever. ** ** ** ******** ****** sensitive *********** *** *** *** ** aware. **** * **** ** **** be ****** ******* *** *** *** can ***** ** *** **** **** accessed ***** ******.

Agree
Disagree
Informative: 1
Unhelpful
Funny

********** *** ****** ****** *** **** actually **** ** ***** ** * duplicated **** ** ****. ********** ********* on *** *** **** *** ****** there ** ** ***** *** ** the *** ****** ******** ** *** non ****** ****. * **** *** seen **** ** ** ****** ************* though.

Agree
Disagree
Informative
Unhelpful
Funny

* *** *** ***** ****. ***********. I **** *** *** *** ******** and **** ** ****.

Agree
Disagree
Informative
Unhelpful
Funny

**** *** **** * ***** *** so ***'* **** *** **** ** the ****!

Agree: 1
Disagree
Informative
Unhelpful
Funny

* ******* **** ** **** **** the *** ******* ******.

Agree
Disagree
Informative
Unhelpful
Funny

*****, *** ** ****** **** ** saying **** * ******* ****** ** alerting ********* *** ** ******** ****** is ****** **** *** ****** ** alerting ****** *** ** ******** ******.

*******, ** **** *****'* ********* *********** the ********* ** *** ******** ** much ** *** ********, * ***'* know **** *****.

************: "***, ***** ** * *********** flaw ** **** ******, *** **'** provided ** ***** ** *** ***** know ** **'* **** *********!"

********: "***...*** ***'* *** **** *** the ****? **** ** **** * lot ** *****?"

************: "**...**..."

********: "**, **** ** **** ** really, ****** ********* ** *********, *****?"

************: "*** ** ****..."

** ***********...*****, ***** ** *** *** actually ****** * ********, *** *** fact **** *** ******** ** * whole *** *** ********* **** ** such ** ********** ** ** ***...

Agree: 1
Disagree
Informative
Unhelpful
Funny

********* ** *** ********, ****** ******* is **** ** * ********** ** actual ********. ** **** * ******** that ********* *** ****** *** ****'* want ** **** *** **** ** register *** ** *** ********* ** the **** ** *** ****** ****-***. So **** ********** *** ****** ********** to **** *** **** **** ** an ************ **** *** *********. **** was **** **** * ****** *** and *** ******* ***** ****'* ******* even ***** **'** ********* **** ***** it ** ******** ********* ******** **** to *** *** *****.

Agree
Disagree
Informative
Unhelpful
Funny
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports