I'm setting up a USB extension to run somewhere on my door-frame in a discreet place until I can afford a proper RFID reader. I've set up a script that is triggered when the USB stick is plugged in and detected by Girder. The log shows something like "Arrival J/0". So far the groundwork is done and the GML detects the stick, looks for a certain .txt file, reads the first line to a variable, compares that variable to another string (the password) and then triggers one of two events, depending on whether the strings match or not.
So far, so good.

My question is this: Aside from the obvious risks involved (however unlikely), such as someone running a current through the wire and frying my system, what are the risks involved? Does anyone know if it would be possible for someone to access my drives and/or control my system? I'm guessing that it would be easy to plug in a USB keyboard and control my system blindly, but is it possible to hook up a laptop and gain access without first setting something up on my system to allow the connection?

I noticed that when I plug in most of my USB devices I get an event that is prefixed by "HID-" and then a series of numbers and letters. Would it be possible to use Devcon ( http://support.microsoft.com/kb/311272 ) to remove the device using the identity that Girder displays somehow?

Thanks for any insight that you can provide.

Hmmm, not sure how safe this can be made. As you say they can plug in anything and it does not have to be a HID device....

Hmmm, not sure how safe this can be made. As you say they can plug in anything and it does not have to be a HID device....

I thought that maybe I could create a table of all of my devices, then setup a macro that would be triggered if anything is plugged in, comparing the list of connected devices to the table and using Devcon to remove any discrepancies. Sound feasible?
Doesn't every device that's plugged in generate some sort of event?

What I'm going to do is set up a bunch of relays that will break the connection to the USB port and switch over to another circuit if the code doesn't match, and send 220 volts through the wire directly into the external USB connection.



;) just kidding.

It is a shame you can't use the 1-wire plug in with some of dallas i buttons

It is a shame you can't use the 1-wire plug in with some of dallas i buttons

I'd like to, but I just quit my job, so it's kind of bad timing to be shopping for new toys. I'd likely go a little overboard as I often do. Ultimately I'm going to implant an RFID chip into my hand (the kind that they use for pets). I've been waiting to do that for ages, but a good reader is +/- $500. I just haven't found the extra spending money yet. There's so many other responsibilities to take care of first. >:|

Out of curiosity, what kind of setup were you thinking of?

I was looking over the Dallas site again, and I think I may have to bite the bullet and go with the ibuttons. It seems like the most sensible way to do it. Thanks for the suggestion, Dan.

Man, that iButton was cool! So you're going to redefine yourself as a cat with a cat door collar, Quixote? ;)
But have you checked with your insurance company that they won't refuse to cover anything if you make a homebuilt electronic access system?

I'm not concerned about insurance. Believe me, I'm more paranoid than they are. If I don't have faith in the system, I will not be using it.
Besides that, I have my front external door and then the door at the top of the stairs which I will be reinforcing and installling a fingerprint reader so that I have a two-tier system. That, plus I may even put an accelerometer on the door to alert my system if there is an abnormally abrupt interaction with the door. I've built a camera into the front door and I can set it to take screen shots and then email them off-site in case something happens.

A camera? What kind of bleeding heart liberal thing is that to have against burglars?! You whimp! Man, with your skills and Girder the least you could do was to turn two MAC-10's, one AK-47 and a few shotguns into a kickass sentry gun at your door! ;) If you need ideas, try Googling The Quintessential Sentry Gun

hahahaha

Well, I was toying with the idea of turning my front entry stairway into a tear-gas chamber, but I may need to break a few laws to do that. Also, the turret would have to be non-lethal in case there was an accident, but I was thinking it would be funny to incapacitate a burglar with a taser and then have it on a timer so that every time he thinks he has the strength to make his escape, it zaps him again. That way I could return home at my leisure once I get the call.

;)

Or just get a mastiff... Here's a story I heard (second hand, but I trust the guy who told it to me, it was one of his mastiff's siblings): A IBM guy was assigned to Japan some years ago (early 90's). He had with him his english mastiff to keep him company, a dog that was big, lazy and never seemed particularly dangerous (like most mastiffs until they are provoced). Local gangsters wanted to break in, and one of them stuck his arm through the letter opening to reach for the door lock. Suddenly he felt teeth around his wrist! Not very hard, just enough to hold him. He tried to drag his arm back, but every time he moved, the bite got a little harder, as if to say "I woldn't do that if I was you...". When the IBM guy came home from work that evening, he found a thief/industrial spy/would be kidnapper, or whatever the plan was, who had wet himself and had locked up muscles everywhere, and the crook was willing to admit to everything from WW2 to killing Kennedy to get out of there. The IBM guy called the police, and when they came told the dog through the door to "let go" (something it's very smart to learn a mastiff when it's young, it's a pain in the butt to rip cats, toys and other items out of their mouths by force - I had to do that with a porcupine once!).

That should be enouh or most people! Other stories of the more common kind is about people coming home to deadly scared burglars on top of tables, cupboards and even in the kitchen sink with a mastiff half a sleep on the floor in front of them! Which just goes to show: Mastiff's are nice to have, and they are gentle when not provoked. And unlike a lot of dogs they are actually able to adjust the amount of aggression to what's needed and lazy enough not to get more worked up than necessary to control the situation!

Btw why is it illegal to do a tear gas chamber? If tear gas is legally sold where you live, it shouldn't be possible to make laws that prohibit the use to defend your home! As long as you remember to warn elder relatives, of course. Tear gas can cause nasty heart conditions...

Dogs crap too much. I prefer something that takes less maintenance and no vet bills.

Tear gas is illegal in Canada. The folks that run this place are a bunch of pansies when it comes to stuff like that.

I'm going to attempt this project anyhow because it's piqued my curiosity and I think that it would be very possible, as long as Girder provides an event everytime something is plugged in.
I'll put something together and maybe if I can get some of you guys to test it and try to break it we can see if it's any good. I've always been interested in Girder's potential for security related tasks.
Once a while back I knew that this guy at work that I was enemies with was using my computer before I arrived in the morning to check his mail (I saw it in my browser history), so I downloaded a trial version of Girder and set up a little macro. When he came in the next morning and tried to log into hotmail the page closed and it jumped to a series of pictures of people giving him the finger, ending with a bunch of little old ladys flashing him the bird, then shut down the computer. He was so infuriated that he poured water all over my chair. Fortunately I was late that day, because my supervisor arrived before I did and sat down at my work station to update something. :D
The guy that tried to get my pants all wet ended up soaking one of his superiors and got in total sh*t. hahaha it was one of the best days there that I can remember.

Thanks Girder!

;)

as long as Girder provides an event everytime something is plugged in.



I assume that you're still talking about one-wire...

in that case, the answer is no...

you will have to write lua code yourself, to poll at regular intervals, check for new devices, compare the ibutton's address with a list of allowed addresses and create your own event...

(I do a similar thing, but with a bluetooth phone instead of ibutton (BT devices also have a unique MAC address))

Marcel

hi,

just as an alternative...

you could use one of those USB numkey-pads instead of a key.
It would take some DIY to make a stirdy housing for it though ;)