Some days we start at 5am and don’t stop working until after midnight. There’s plenty of time for a nap in between jobs though!
Today I only had a few jobs and it left me some time to reflect on increasing door security (these are the things locksmiths muse about). A common mantra amongst the security conscious is that your total security is only as good as the weakest link in the chain. A good lock is only as good as the door and the door frame if somebody kicks your door.
The good news is that you don’t have to be a locksmith or a genius to improve your door security. You can certainly call a pro and get it done right probably, but you can also just buy a strip of steel and cut holes in it and screw it into your doorframe. One of my favorite sites has a walkthrough for how to do this.
Illustrating the idea is this wonderful video from a “master locksmith” in Atlanta:
I can also install a door jamb reinforcer for $60. As mentioned above, you can do this yourself by screwing a strip of steel with holes for your strikes. Or you could buy this thing for the same price as I charge to install one.
Don’t use kwikset smartkey!
I just bought this great key copier from a guy in Port Angeles who is getting out of the business. I don’t know what he paid for it, but it looks like it must have been about $1000 after shipping. He sold it to me for considerably less because he lost a retainer screw for the key stop that guides you where to put the key for copying. It is the same retainer screw used in kwikset levers so I had a spare put in right fast. A few small adjustments and I am in business. The very first copy worked in my door. I got curious about all of the various dials, though I think most of them are self-explanatory. I wanted to make sure I understood this thing before I did something that would harm it so I emailed lockpicks.com and asked for the manual which they emailed to me. Now I am in turn posting it so that anybody else with one of these doesn’t have to go to all the fake manual sites that are actually adwords spam farms like I did.
Many of you may have read in the news about the US government’s tracking of your internet and phone activities. Some of you may use the common refrain, “I don’t do anything illegal, why should I care?” I am interested in security and privacy. My business has revolved around this from building fences to installing locks and modifying current locks and doors to increase security, and by way of increasing security, increase privacy.
My interest in secuirty and privacy extends to computers, and I am going to share a few tips on how to increase your security and privacy on your computer in the next few paragraphs.
Obviously you want to install a password on your computer, and probably want to install a password on your screensaver as well. This makes it impossible for somebody to easily get your data if they break into your house and your computer is running. To further improve this security aspect, have your computer housed in a desk that locks shut, and buy a computer case that has a locking door. Also put a password in your BIOS. And when you leave, lock your doors and windows.
To further improve your security, consider encrypting your home directory. All of the major operating systems offer this feature. This means that if somebody takes your hard drive home with them after a break-in, they can’t recover any data that was in your home directory without attempting to crack your password (you did pick a password with letters, numbers, and symbols in it, right?)
Use a different password for every website that has your personal information. For forums or websites where you don’t care if somebody steals your password, use the same password but use a fake name. Keep all of your passwords stored in a password keeper program like keepass. Save your passwords in firefox but put an administrator password on your passwords that is difficult.
Put a password on your router and make sure it is wpa or wpa2 and has letters, numbers, and symbols. There are rainbow tables for l33tsp3@k so don’t trust that. Make sure that you install a scriptblocker like noscript and disable third party cookies.
Now that everything is encrypted and password protected, you may want to consider installing a proxy if you are concerned about google et al. knowing where you are browsing to. Installing tor is a great way to anonymize what you are reading. Install tor and then install foxyproxy in firefox and then run the tor wizard. Then browse away. One caveat: if you use tor, the NSA will automatically be barking up your tree. The NSA probably also runs a few tor exit nodes as well out of interest in what people are using anonymous proxies in the USA for.
Don’t use smartphones. They record everything you do and everywhere you go. If you want to be private, use a dumbphone at the very least, and preferably use a landline only. Who knows, all the warnings about testicular cancer and brain cancer from cellphone use may turn out to be true and then you would be ahead of the game. If you do buy a smartphone, register a new email address with it that you don’t trust, and use cash when you buy a phone plan that is month to month, like simplemobile. If you want to be really really private, buy the burner app and buy a new phone number to give out.
Don’t use social media like facebook and tumblr. These are made to track you. There is a reason you don’t pay for them: you are the product. Your information is sold to advertisers to fund the expensive bandwidth and maintenance of these websites. My rinkydink website hardly anybody visits costs a fair amount a month, so I hate to know what facebook pays per month for bandwidth.
If you follow all of this advice, the NSA will most likely be very interested in your behaviour. If a lot of us follow this advice, the NSA will have difficulty tracking us. They may remedy this situation by increasing their budget from congress but free software programmers will no doubt up the ante by releasing new and better tools for maintaining your privacy and security. Good luck with maintaining these hard-to-find and disappearing facets of a free country.
6/20/13 Update: Yelp has filtered five out of six of my reviews. Whether as a response to this posting or to increase pressure on me to pay advertising dollars or just coincidence, I leave you to decide. Whatever the case, I am taking my advertising dollars and using them anywhere but yelp, where I have six reviews that are five stars each, all written by real people, and almost none of them visible.
Many people don’t know, but there have been a lot of bad reviews of yelp, the review site. The reason? Yelp has been accused of extorting money out of people to have their ads appear higher in yelp’s search results. It has actually been shown that yelp will hide good reviews and promote bad reviews of people who don’t pay for yelp advertising. As soon as they do start paying for yelp advertising, they promote good reviews and hide bad reviews, and don’t put competitor’s ads on your “page”. Think about that for a second.
The reputation of a website that deals in reviews should be like that of a locksmith: you need to have trust in that company. I lost my trust in yelp when I decided that today I would look into advertising on yelp but came to realize that yelp was actually hiding me in search results for locksmiths. They have been asking me to start paying for advertising over the last few months and I suspect this is related. Following is documentation featuring screen captures of yelp search results sorted in different ways. I have five reviews that are each five stars, but when I sort locksmiths in North Seattle by “Highest Rated” I don’t even appear on the first page. Who does appear? A lot of locksmiths who only have one star reviews.
For the first picture, we have:This clearly shows that number 17 is “Bill’s Locksmith Service who only has 3.5 stars with three reviews. I have 5 stars from five reviews. Anybody who graduated from high school knows that I should be above Bill. I have better ratings and more ratings.
Second, we have this picture which shows the top results for North Seattle and my neighborhood. As you can see, when listed by “Highest Rated” Maple Leaf Locksmith LLC does not show up. 24 Hour Locksmith does, even though they only have 1 star out of 4 reviews. That means every single reviewer left them 1 star. That means that Yelp is probably trying to pressure me to buy advertising, so that I might be reinstated to my rightful place in the search results. Search results that you rightfully assume are unbiased.
Third is this picture showing where I actually show up. “Shay” is the woman who is representing yelp and asking me to pay for advertising with them. I have notified her numerous times of fallacious listings in the locksmith category of yelp as well, yet here they all still are, coming in above me with one star reviews when the results are specifically sorted by average stars per review.
yelp has built a very good database of businesses built for free by people like you and me. They are using data we edited and collected to make money. They need to make sure that this data is presented is used to going to yelp and using it. I have been using yelp for restaurant reviews as well as everything else under the sun for years, but now that I know their business practices I am reluctant to believe what I read on yelp. I think I am going to try using Google Local instead. I emailed yelp to let them know that they would receive no advertising money until they changed how search results are displayed. If I have five stars, I want my business listed above somebody with four stars and it better be listed above a business with only one star. My email to Shay@yelp.com follows:
Shay, this is Bjorn the locksmith with Maple Leaf Locksmith LLC in Seattle. I looked at the advertising prices today and was impressed enough that I set up an advertising campaign but then when I went to preview the ad, my business didn’t even show up in the locksmith listings. I have five reviews and they are all five stars so I expect when I sort businesses by how well they are rated, my business will come in above a locksmith business that only has one star.
This is unfortunately not the case. I have attached a screenshot of the results I see when searching Seattle for a locksmith. I don’t even come up on the list. I have to zoom in to my own neighborhood before i come up, and my business is underneath businesses with only one star reviews. If yelp wants my money they had better fix this issue because I am not about to pay a lot of money for ads if your service isn’t going to even put me in search results. I have five reviews that are each five stars. I should be very high on the list of locksmiths when the list is sorted by rating.
The second picture I have attached is a list of locksmiths in the Green Lake area. There are only two legit locksmiths here. I have the results sorted by “most highly rated”. I am rated more highly than all but two locksmiths in the area, yet I come in as number 8. Why is that?
If yelp wants their website to continue being useful, yelp will sort results correctly. I get the impression that yelp is making me appear lower in search results because they are hoping that I will pay for ads. If I feel this kind of pressure I will just take my business to Angie’s List and google.
I will close by saying that I would be happy to enter an advertising agreement with yelp but only on the condition that my business appears where it should when locksmiths are sorted by “highest rated”. I have worked hard for these ratings and I feel cheated to not see my business ranked third where it belongs in the ratings. I look forward to hearing back from Yelp about this serious matter and seeing it rectified.
An additional letter to yelp:
Now I notice that yelp has filtered five out of the six reviews that I had. These were all written by real people who are customers. I feel strongly that yelp is attempting to extort money out of me for advertising and is punishing me for not buying in. I will not pay yelp for advertising after witnessing this. I will take my advertising dollars to the local newspaper and other forms of media instead. I will also no longer ask people to leave me reviews on yelp. If yelp continues this sort of thing they will find more and more people will start using google maps instead and yelp will fade into obscurity, just like citysearch did five years before.
Following is an interesting parable about a customer dealing with yelp extortion from the other side. He pulled his bad review from a business’s page because he felt bad for the business, and how they were being extorted. As soon as his review was removed, the ranking shot up three points!
I’ve seen this happen first-hand. I once submitted a 2 star review due to awful service at a business in town. It happened to be the first review.
A year later, the business owner called me, begging me to take down my review. It turns out they had gotten their act together, and had *22* 4/5 and 5/5 star reviews on Yelp after mine. However, Yelp’s “filtering” algorithm only took my review into account, so it showed a 2/5 star rating for the business and hid the other 22 reviews from site (you would have to click a link to see “more reviews”).
The business owner told me Yelp would “unlock” the hidden reviews if he advertised with them.
I realized how damaging this could be to businesses and decided to take down my review. His rating shot to 4.5/5. If Yelp hadn’t so clearly been trying to extort cash from small businesses, I would have left my review up, and told the owner to deal with it.”
Read this post and it will save you a service call from a locksmith. Consult yourself for the best way to improve security in your home or office. I sell locks to increase your security, but I will level with you: they are not the whole part of the story. Criminals and most people in general are like water: they typically take the path of least resistance. If you have an amazing $400 Mul-T-Lock deadbolt, they will go through the window. They may also go around the house and kick the basement door in. They won’t stand around picking your locks.
Therefore, when budgeting for a security increase, look at the whole picture. Do you have a balcony with an open door or window near a tree? Do you have large windows near your door that criminals could simply walk through? Are your doors hollow-core, thin, and lightweight?
There is a saying that locks only keep honest people out. I would like to amend it by also saying they keep lazy criminals out. You can work to keep slightly less lazy criminals out of your house by making sure you have a good door, and a good door frame, for your lock(s) to work in concert with.
If you have windows in or near your door that allow a criminal to reach the thumbturn of your deadbolt, you should consider buying a double-sided deadbolt or get rid of the windows.
If you are concerned about people kicking your door down, consider getting a metal or heavy wooden door that opens out with concealed hinges. To prevent bumpkeying or bumping your locks, consider hiring a locksmith to add heavy-duty springs to your locks. Ensure that your doors are well-lit and that all doors have the same level of security. It does little good to install expensive security if your neglected basement door is hollow-core and has a cheap “defiant” lock from home depot on it, and is in a dark stairway. This is ideal for thieves to pry open without direct line of sight from neighbouring houses.
A final warning concerning overall security of your home: where are your keys? Criminals know where people usually hide their keys and will check flower pots and door mats near the door. They will also obtain keys from lowlives that work in concert with them, perhaps changing your carpet or installing a new garage door opener. If you gave them a key, consider that key in the hands of the public. To prevent them coming back with that key, whenever I rekey somebody’s house i recommend that they leave one doorknob in the back of the house keyed differently than the rest of the house. Then, if you leave the deadbolt unengaged, workers can enter using the doorknob at pre-arranged times. When they are done, simply use the deadbolt. They or their friend cannot get in by simply unlocking the doorknob. They will have to either kick in the door (difficult with a well-installed deadbolt with long screws reaching the stud in the wall), pick the lock (most criminals are not this savvy) or bump the lock.
Another possibility for this scenario is to have one lock be an LFIC lock, which means that you can easily change out the cylinder to allow temporary access with a different key. When you want to disallow access with that guest key, change back to your home cylinder.
We can discuss these possibilities over the phone at no charge. Or, if I have piqued your interest we can do a walkthrough of your home and discuss the best way to increase your security and therefore your peace of mind.
Anybody can open a car in under a minute if they have a few tools and practice. It will usually set off a car alarm. However, criminals who are really smart or have really smart bosses can also quickly and easily unlock your car and disable the car alarm. If your car uses the keeloq or pkes systems, someone can copy your wireless transponder signature and unlock your car remotely just like you do.
You’ve already heard it but it bears repeating: don’t leave valuables in your car! Especially not in view of windows. It would be terrible if somebody smashed your window with a concrete block to steal $5 to fund their drug habit. You have to pay hundreds of dollars to fix it, and you will NEVER get all the broken glass out of your car!
Why would I link the papers above? A lot of the locksmithing and security world practices “security through obscurity”. They like to put their heads in the sand and hope that criminals don’t learn their tricks, but with the internet criminals will find out and they will do it really fast. Therefore, vulnerabilities must be published and talked about in order to allow people who own property protected by vulnerable security to fix it, and also maybe to shame manufacturers using shoddy security models to update them.
We all knew it was only a matter of time before software hackers eventually turned to the comparatively low-hanging fruit of automotive security. The people who are consistently hacking ssl have turned their sights on the radio signals that allow one to open a car, and they have succeeded according to film footage in this article.
In the footage, people walk up with some kind of wireless key fob and open every vehicle of certain makes they point it at and steal lots of stuff without setting off any car alarm. Car manufacturers appear to be stumped, as do security experts. If there is a way to do this, the criminals that developed it aren’t sharing and they didn’t get it from some place like hackaday where exploits are discussed.
This is hard because the wireless key fobs use rolling codes to unlock the door which means that the thieves must circumvent the rolling codes or they must somehow record all of them. You cannot brute force these because I believe the rolling code cars will stop listening if you do.
The current thought on how this is accomplished is either a taser or a bug zapper or something putting out a big spike of electricity to act on the solenoid in the car’s door that operates the lock. Time will tell. Until then, don’t leave anything valuable in your car!