Archive for January, 2007

Lifetime warranty?

Monday, January 29th, 2007

Not really related to locks, but what, exactly, does the term “Lifetime warranty” mean?

I see the term about the place, not relating to locks, generally, but I’ve seen it on handcuffs, flashlights, knives, and other “security industry” gear, and so I wonder.

Locks tend to have extremely long lifetimes. The ERA products we supply and fit, for example, have a 10 year warranty on manufacturing defects, and I know that some locks on safes and doors have been in constant use for over one hundred years. As a first-hand example, I repaired a very old single lever warded lock a few months back, and it was a little worn out. It was the original lock on a door on a house dated from about 1904, and had (and continues to be) used at least once a day, often many more. Even at just one un/lock cycle a day, that is over 35,000 times.
You wouldn’t want to offer a lifetime warranty on that, if you mean the lifetime of the installation, or, indeed, the lifetime of the owner. And if it was a lifetime warranty on the item, well, once it has worn out, surely that is the lifetime over, and the warranty is meaningless?

In the case of something bought by a company, the “lifetime” is effectively forever. Surely this is going to come back to bite some of these companies? And surely they must be building a hundred years of support costs into the product you are buying?

Possibly for these reasons, lifetime warranties are illegal in Germany, and are instead limited to 30 years. Perhaps the Germans realise that a lifetime warranty on something designed to last 100+ years without a hitch is something they should not leave behind for their kids’ kids running the place to have to deal with!

Posted in Commentary | No Comments »

Two videos by Barry Wels

Tuesday, January 23rd, 2007

http://video.google.com/videoplay?docid=-5898960163463189740 should be enough to make you wonder if there are still any secrets out there!

Watch as Barry Wels and Paul Crouwel show off a shiny Russian embassy lock. These are very, very hard to come by, as they are only used in Russian embassies. I’m sure someone in the GRU/KGB/internal security department will be asking a lot of questions when they find out about this!

Also, if you are still using a Kensington lock to protect your laptop from anything other than snatch-and-run, http://video.google.com/videoplay?docid=6560787668346205814 shows that you shouldn’t be. After watching this, you will realise one of the truths about security, that if you use a combination lock it can be broken after at most x amount of time, but at least x can be roughly guessed at. A key lock is either almost un-openable, or, with the right knowledge, it is very quickly opened (even if, in the extreme, that knowledge is the shape of the key!)

Posted in Commentary, on-line | No Comments »

Hacking around in Google Maps

Saturday, January 20th, 2007

A brilliant feature of the already brilliant Google Maps system is that you can now place multiple markers, and get directions. Forget your old route finding tricks with a paper map, or even your GPS or a site like the AA’s. This is so fast and easy.

You are going out for the day to do a warrant run. You obviously don’t know the area like the back of your hand, and there are, in our example, 6 jobs.

Grab the postcodes, and do the following in a text editor, or even right there in the google maps page at http://maps.google.co.uk

from:BB5 7DD to:BB5 0EE to:BB5 5HH to:BB5 3JJ to:BB5 3QQ to:BB5 3EE (Don’t click this link)
First, it validates the postcodes (useful when making up examples like this!) It really should be

from:BB5 6DD to:BB5 5HH to:BB5 3QQ to:BB5 0EE to:BB5 3EE to:BB5 3JJ

A sample routePress go again, and the amazing Maps API at maps.google.co.uk will show you a neatly zoomed map with route directions (hidden by the little [x] until you click on each leg to expand it)

Now, that isn’t the best route. So you could re-type the string as

from:BB5 6DD to:BB5 5HH to:BB5 0EE to:BB5 3EE to:BB5 3JJ to:BB5 3QQ

and see if that makes things better. However, because Google programmers know their javascript, and how it should be used, you can do this instead. Go to the left side, where the postcodes are, then click and drag one. This will rearrange the map for you within moments. Visually, you will see the markers change if you tweak the first and last ones, and the mileage between each stop will also be recalculated in a few moments! After all of 30 seconds, you can optimise your route for the day. Brilliant.

For the next trick, switch to “Hybrid” mode in the top right of the map. This is my favourite view, and it pops up a road map overlayed on an aerial photgraph. Et voila! I’ve optimised my route. Now for a smart part 2. Zoom the map right in, then click on any of the markers. This will zoom to the destination. Now, using my leet locksmithing sense, I can tell that we are looking at a house, not a factory unit, and this tells me what sort of locks I can expect. The third one could be either, and the fourth looks like a garage, or at least somewhere without enough parking! And the last two are rows of houses again. Looks like a large house in a good area
Not that this part makes much odds. Were this a real run, the doors would be opened regardless. Also, we normally do commercial one day, and residential another. I just like to know! Gives me some idea of where to leave the van too – all those tools are heavy!

Posted in Cheers & Jeers, Jobs, on-line | No Comments »

“Is cash ok?”

Wednesday, January 17th, 2007

Well, a few days ago I got called out to a flat. Usual story, a nice place, new build, falling rapidly to bits, but a good quality EVVA cylinder on the door.

So the chap is very worried to show me his drivers license, etc. and we get chatting while I work about how sometimes people scam locksmiths. I was fairly sure he was ok, though. He was dressed up to go out, and his keys were inside, and it had slammed shut. He had just been sorting out some money for the evening, too.
I open the door, and he nips off to get proof he lives there – very through! Then we go through to the living room, and, sure enough, is a big cider flaggon, empty, with about a square metre of coins, stacked up!

“Sorry about this, it’s a bit of a tip. Are you ok with £1 coins?”

A few minutes later, I had £40 in £1’s in a plastic bag from the kitchen, rattling in my pocket. :-) No problem for me, they went in the bank this morning.

Posted in Jobs | No Comments »

Homemade worldwide web security camera

Monday, January 15th, 2007

Here’s a neat idea. If you are going on holiday, but you want to keep an eye on the cat food level or whatever, you can do so easily from anywhere, and do it for nearly free and securely.

If you don’t know what Skype is, it is a web telephone application, which lets you call and chat to others on Skype via an encrypted channel, anywhere in the world for free, even with video. It also has add-ons like a voice stress lie detector, whiteboard and call recorder. You can also buy credit to let you call real phones, and to let real phones call you. And because it uses the web for the majority of the route, your calls work out remarkably cheap compared to normal channels. But enough about that, go to Skype.com to learn more, and to set up two accounts. If you already use Skype, simply set up a second account.

Now log into your account – lets call it SkypeCamPreston – and play with the settings. Add your main account to this account, and set it to ignore people who aren’t in your address book. Now tell it to answer and start video automatically when a call comes in. This means that only you can get in, which is probably important to you! Log out and in as your main account, and add your other account to your address book.
Set up your camera and microphone where you want them, and log in as your camera account, turn off your monitor, and go on holiday. Then simply log in on another PC from, say, Laos, & your other account will happily transmit live video and audio of what’s happening at home to wherever in the ‘verse you are. Mr. Universe would be proud!

Posted in Jobs | No Comments »

Small Claims Court online

Saturday, January 13th, 2007

So, as in the life of most businesses, we come to the crunch point, where a person or company has had work done, but has then decided that, since the emergency they were having is now over, they don’t want to pay. Never mind that most locksmiths won’t do work on account for unknown companies for exactly that reason. I now always run a credit check on any company I get calling me, since I am subscribed to a checking service it takes only a minute before heading off.

Well, back in August last year, I got a call from a solicitor. Urgent, need you tomorrow, please, please. Never even asked the cost. So I go and do the job. The solicitor tells me what he wants on site, I do it. All finished, I invoice, and wait. And wait. Eventually it goes overdue, so a phone call goes out. No response. I leave it another two weeks, and send out the reminder notice with penalties. I now do this as a matter of course, and I include a letter that tells the late payer why. Basically, I offer a low priced, high value service, and if you get 14 or 30 days to pay, you are, in reality, lucky. If you were stood outside your door late at night without any way to pay, in the rain, most locksmiths would kind of insist that you go with them to the cash machine. And I would, too. If you have ever wondered why, this is why. It is less hassle.
So anyway, we hear nothing. More phone calls, more chasing. It all adds up. Lots of promises that he will call back when he is in, that messages will be passed on, that he will call when he is back from court. But, of course, nothing happens. A second invoice with a letter goes out recorded. So he definately got that one. But still nothing. So, today, I went to https://www.moneyclaim.gov.uk/csmco2/index.jsp and signed up.

This handy page is actually the latest court idea for small claims, and it allows you to file a Small Claims action via the internet. It’s a pretty naff interface, but I got through it without too many issues. So papers are filed.

But our man is a solicitor. Aside from knowing he could easily pay if he wanted to, this also means I can find him online at the Law Society. So I did. And I asked them what they thought of a solicitor who refuses to pay his debts. They said call back when I filed papers, please. In the meantime, I found he has also not paid another locksmith I know, for doing the same thing, a repossession lock change, a few months later. So today, I called the Law Society, and let them know about their deadbeat lawyer. I also let the other locksmith know, so he can do the same thing.

It really is sad that some people abuse their position. Some locksmiths do, and some lawyers do, just like everything else. But it is very silly for a lawyer who claims to specialise in bankruptcy law and repossession work to play such silly games. I wonder what the Law Society will say to him? Actually, I wonder more what he will say to them…

Posted in Cheers & Jeers, Jobs, on-line | 1 Comment »

eBay security flaw

Monday, January 8th, 2007

There is a security flaw in eBay. When two people are logged on to the account from different places, logging out doesn’t log the other party out, or even challenge them for the password. This may not sound like an issue, but when things go wrong, it is. Let’s say your account is hijacked. This is actually pretty common these days, even if you don’t click on dodgy links to spoof sites and avoid the emails that start “We include your name to show..” yet don’t. You see that first sale of a £400 laptop appear in your email, and you react fast.

When this happened to one of our accounts, we logged in, and killed the auctions (both of them) and quickly changed the password. Another auction appeared. We logged out, thinking that this would stop them. But more emails came in! Logging back in, we saw there were now 9 auctions, including a re-listing of one that we had cancelled! So we logged out again, thinking that the ebay computers must notice something weird. We logged in again, and there were even more!

At this point we started to mass-kill the auctions that were fake, then everything stopped as ebay woke up and disabled the account until we confirmed from a link sent to the registered email address. It was a frantic half hour, though.

We find it interesting that this account got hijacked, too. It was dormant, nothing having been listed in about 10 months, and like all our accounts, it had a reasonably secure password. We can only guess how it was breached.

One possible way is that a scammer picked a password, and then tested that password once against a million or so ebay account usernames, to avoid the time-out feature. Doesn’t make sense, though, since it was a pretty random word/number combination. However, if you have several million usernames and you pick a (say) 6 character password, you probably have a fiarly good chance of getting a hit. 36^6 or something to 1. 2.1 billion to 1 against. Base it on a dictonary word, and think about how people tend to change them into more secure passwords, and you can see a far, far higher likelyhood of getting a hit. Still, it seems like a heck of a lot of work, even with a botnet of thousands of different IPs.

Any thoughts?

Posted in on-line | No Comments »

The costs of doing (car) business

Friday, January 5th, 2007

I’m constantly torn. On the one hand, I’m good at my job, so I do it as quickly and smoothly as I can, and I hope that the customer sees that and is happy to pay the requested rates. I keep them as low as I can to earn a living, and I see many less skillful locksmiths making a lot more money by being bad, taking a long time, drilling trivial locks open, and so on.

On the other, despite being paid a great hourly rate, I’m not making enough money to buy in the locksmithing gear that I feel I need to provide the great service and range of services that those who call me require.

Take cutting keys. If you do the basic maths, cutting keys is worth a lot of money. You take a blank that costs 50p-£5 and work on it for 3 to 10 minutes and charge £3 to £6 for it. Easy money? Except you have to wait a long time between customers, and have you seen the cost of a key machine? They start at £500, and that is very much the beginners model.

I keep getting calls asking me to cut modern car keys. Alas, at a cost of £150 to £600, losing a key to a modern car can make for a very very bad day. Add to that the cost of actually getting into a car, and you are really sore in the wallet area.

So how can it cost so much for a simple car key? Because it simply isn’t just a key. First we look at the cost of the blank. These range, for just the metal part, between £2 for a plain steel blank, and £6 to £20 for one with a programable chip in it. Then you need to pay out over £1000 for a cutter machine. You need to do a fair few keys to make that worthwhile!

But wait! You can only open the doors with that key! You need to program it! So you ask for that too. Hmm… Well, since the machine costs over £700, that’s going to up the price a bit. But wait! We need the software to program the key to your *model* of car! Yes, that’s another £300 for the codes to write, for example, a Ford key. But you have a Ford? That’s a different key machine required! And it’s the latest model? That means a £300 update to this years codes, rather than using last years some more…
Hopefully, you won’t ever lose your car key, but, if you do, this post might well remind you of why the locksmith isn’t joking around when he tells you it will be expensive.

I’ve skipped other expenses, like teaching your car to forget the old chip and radio codes and take only the new, removing and re-keying all the door, boot, ignition and petrol cap (and even bonnet now!) locks in the case of stolen keys, and the shear time and hassle involved in opening these incredibly secure (to anyone non-destructive) metal boxes with fragile windows (that ensure it is easy to get in destructively!). Oh, and don’t forget that you might need the steering wheel locking bar removed, too!

Posted in Jobs | No Comments »