[hackerspaces] RFC: security alarm and access control systems in use

Brendan Halliday wodann at gmail.com
Wed Jun 17 04:33:29 CEST 2015 

At HSBNE we have a few generations of dedicated networked hardware for RFID
locks based on avr chips. All of them have operated with a really basic php
+ json flatfile db backend running on apache for the 4-5 years we've had
them implemented. All have used the eeprom on the avr chip to store a db of
approved cards in case the server went down for any reason (This happened a
lot until we got to a premises we could designate a server room in).

First there was Snarc (http://old.hsbne.org/projects/SNARC) - It was single
door focused, lacked filtering caps on the 5v and 3.3v regulators and
overheated lots until we started putting rediculously huge heatsinks on it.
(Yay graphics cards heatsinks!) It was also mosfet based, and the
wiznet5500 module on it tended to randomly drop network, necessitating a
wire fix to allow us to reset the ethernet every 5-10 minutes just in case.
I believe the previous president who developed this is still trying to sell
them.

Then there was Snarc+ (http://old.hsbne.org/projects/snarcplus) which is
POE powered, designed by an (employed) embedded hardware guy and replaced
the mosfet with a relay. For some reason it was kinda slow when it came to
network comms and so you'd wait up until 30 seconds before your card ID was
in the eeprom.

Now we have Netrol (
http://circuitcellar.com/wp-content/uploads/2014/10/WZ1262_Project_Pic-150x150.jpg
and https://github.com/lhovo/Netrol which is also designed by the same guy
as the Snarc+. It's sexy, can operate 12v door strikes and bolts with ease
via PoE and is a nicely integrated system at this point. We have these
installed in waterproof boxes with ip67 cable glands and waterproof
external potted RFID coils that talk rs232, as we ended up giving several
Snarc and Snarc+ boards viking burials after someone hot glued them against
plywood boards and the weather got in.

We're now running entirely on Netrols (mostly) and Snarc+ boards at 12
different endpoints within our site and I'm currently implementing
zone-control code on the server end that has been needed for a while.

On Wed, Jun 17, 2015 at 5:03 AM, Bob Bownes <bownes at gmail.com> wrote:

>
>
> Pretty simple implementation. Card reader, microcontroller, wifi or
> ethernet, and some Big Ass Relays. The list of authorized cards is sent out
> to the stations when it is updated. The card must be present in the reader,
> and, if valid for that station, turns on the relays placed in the power
> line. Pull out the card, relays turn off. Sure, you can hack it by taking
> the box apart and bypassing the relays, but by the time you get done doing
> that, someone else will have come in and asked wtf is going on. Not to
> mention the cameras.
>
> Komradebob
>
>
> On Tue, Jun 16, 2015 at 2:09 PM, Pete Prodoehl <raster at gmail.com> wrote:
>
>>
>> Any info on how you are doing the system? We've discussed using RFID for
>> machine access multiple times but no one has stepped up to design (or
>> build, or fund) a system yet.
>>
>>
>> Pete
>>
>>
>> On 6/16/15 10:14 AM, bownes wrote:
>>
>>>
>>> At the CoG, we are using an off the shelf card system but are
>>> implementing our own rfid system for the new building.  Cost and
>>> flexibility are the motivations. We need to control >10 doors, >10 locking
>>> cabinets, and a similar number of machine tools, 3d printers, etc.
>>>
>>> Nothing on the market will drive that many doors that for under $$$$.
>>> The building system that was quoted handled 12 doors and was >$30k. And it
>>> went up exponentially from there. Not to mention it was a closed system so
>>> we could not tie it into our CRM/member management system.
>>>
>>> The result is a system based on COTS hardware (Commercial door strikers,
>>> magnetic locks, card readers, biometric scanners, TiVa C and Ethernet relay
>>> boards) and an open API.
>>>
>>> Komradebob
>>>
>>> On Jun 16, 2015, at 10:49, Shirley Hicks <shirley at velochicdesign.com
>>> <mailto:shirley at velochicdesign.com>> wrote:
>>>
>>>  The Red Mountain Makerspace has been using a commercial APT system in
>>>> March, in combination with keyed locks.
>>>>
>>>> Yes, this is not terribly hackerish, but we needed to get
>>>> infrastructure in place in a relatively short period of time to deal with
>>>> some real security concerns. We're in an old building in a transitioning
>>>> neighborhood. We need to grow our org as quickl to address real community
>>>> needs for tech education, exploration and community development, so we've
>>>> chosen to pay for services that will take time and skill to develop, while
>>>> using the inhouse talent pool to complete tasks within their existing
>>>> skillsets.
>>>>
>>>> Going with a commercial solution for the next few years allows us to
>>>> focus on growing our introductory circuitry, 3D printing, CNC, open source
>>>> and programming offerings and to support development of the local tech
>>>> community. Our plan is to switch to RFID cards tied to membership dues
>>>> payment within the next nine months. (we'll probably get it done sooner,
>>>> but we are practicing allowing for the worst and working towards the best
>>>> possible outcomes).
>>>>
>>>> Shirley Hicks
>>>> Secretary/Business Admin/Programmer/Maker
>>>> Red Mountain Makers
>>>> http://www.redmountainmakers.org <http://www.redmountainmakers.org/>
>>>> Twitter: @redmountainmake
>>>> Facebook: Red Mountain Makers
>>>> Meetup: meetup.com/redmountainmakers <
>>>> http://meetup.com/redmountainmakers>
>>>>
>>>>
>>>> On Jun 15, 2015, at 8:14 PM, Paul Brown <paul90brown at gmail.com <mailto:
>>>> paul90brown at gmail.com>> wrote:
>>>>
>>>>  "Hackerspace people are among the most likely to know how laughable
>>>>> security is with them, yet so many hackerspaces use them?"
>>>>>
>>>>> Here's a good podcast that covers a related topic:
>>>>> http://99percentinvisible.org/episode/perfect-security/
>>>>>
>>>>> tl;dr: "It’s not just locks that keep us safe—it’s the existing social
>>>>> order."
>>>>>
>>>>>
>>>>> On Mon, Jun 15, 2015 at 7:47 PM, Brett Dikeman <
>>>>> brett.dikeman at gmail.com <mailto:brett.dikeman at gmail.com>> wrote:
>>>>>
>>>>>     A hackerspace I belong to has probably hit the point of needing
>>>>>     an alarm and access control system. I'm wondering what good
>>>>>     solutions have been created - what the "state of the art" is in
>>>>>     hackerspace security these days.
>>>>>
>>>>>     https://wiki.hackerspaces.org/Doorlock
>>>>>
>>>>>     It'd be awesome if that were updated with any new projects - and
>>>>>     if some of the existing writeups could be updated or better
>>>>>     documented; a number of them say "this writeup needs to get
>>>>>     updated" or the writeup is super sparse. This is a very common
>>>>>     and basic need, so more info/guidance would be very beneficial.
>>>>>     Not just what people have made, but tradeoffs, lessons learned,
>>>>>     mistakes made, etc.
>>>>>
>>>>>     Also: why do so many of these hackerspace access control systems
>>>>>     use RFID / proximity cards? Hackerspace people are among the
>>>>>     most likely to know how laughable security is with them, yet so
>>>>>     many hackerspaces use them? It's...weird.
>>>>>
>>>>>     -B
>>>>>
>>>>>
>> _______________________________________________
>> Discuss mailing list
>> Discuss at lists.hackerspaces.org
>> http://lists.hackerspaces.org/mailman/listinfo/discuss
>>
>
>
> _______________________________________________
> Discuss mailing list
> Discuss at lists.hackerspaces.org
> http://lists.hackerspaces.org/mailman/listinfo/discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hackerspaces.org/pipermail/discuss/attachments/20150617/7b4443c1/attachment-0001.html>

More information about the Discuss mailing list