 The best kind of doors are the doors you have to explain. Welcome to Unhinge. Today, we do have a very special nerd. Gary, hopefully it's okay. I call you a nerd or I guess Gappy. All right, you ready for the next one? I'm ready. This one actually has some commentary. Nathan came to these doors and asked, why do you need card readers on these doors? The customer said, oh, those are file rooms with clients' information. Then Nathan replies, oh, why are the keys left in the handset then? And the customer said, oh, so our staff can get access to it when I'm not here. Nathan was said, oh. Spoiler alert, the light switch switches off the electric strikes. We're gonna ignore the keys. I think we're gonna ignore the keys here because we just went over keys. Yeah, I have a love-hate relationship with these doors. If I see this, I'm super excited because I know I can get in almost instantly. Those strike plates are so wobbly that you can pull those back with like a traveler's hook and the dead latch will slip right inside and then you can just bypass the door every time. I have yet to see one of these work the way that they're supposed to work. Not that they can't, but I have yet to see it in the wild in a door that's used every day. These are the worst things on the planet as far as security. That's number one. You have to have the right faceplate for the strike. The door has to be perfectly installed, which never happens. And even then you can throw a wedge in there to give it enough play to let it fall into the strike. I've never seen those strike plates not have play in them. I mean, they literally have to wiggle like, there's some camera, like that much. And then the dead latch will fall in from latch every time. The RFID readers, you guys know what the vegan protocol is? I'm sure a lot of our viewers don't know. Yeah, so you've got your card reader there, the RFID reader. And what happens is as you take your, man, I even think I've got, look at this. See, I mean, I've got all sorts of cards here, right? That's what the inside of a card looks like. It's an antenna with a little chip in it. And so when you get it close to that reader, it electrifies this and then it reads the card and it tells you the number on the card, right? It's just your secret passcode to get into the door. And so if you have a fancy card and the card is encrypted, that just means that I can't come by with this and everybody can buy these now. These are terrible for the world. Makes my job easier though. So I can come by with this and I can go boop and then I can read your card and now I have access to your entire building just with that, but it prevents that kind of. You can still read it and it's still encrypted and then I can go back and I can crack the encryption because the HID encryption has already been cracked. So I can still read it and it's one of the only cards that people use that are encrypted in the first place, but it doesn't matter because somebody like me gets ahold of it, we decrypt it and then we've got the card anyway so it doesn't really matter. So you get these RFID readers and you go like this and you go boop and then it reads it at the RFID reader, but here's the thing is after it reads it, it's all just ones and zeros. It sends everything on the back in clear text, everything. So it doesn't really matter even if your card wasn't encrypted because after the reader reads it, it sends the protocol sends it in clear text. So those RFID readers usually have a single screw in the bottom, that's it, it's one. And you can say, well, it's a security screw. Okay, well, I just go to Walmart and buy the security screw set back and I can unlock your secure. Like one of the biggest scams in history are security screws, right? We're gonna make security screws to make it where nobody can get into this thing because it's secure. And then we're gonna turn around and we're gonna sell all the bits for it so people can get into it no matter what. So you just take some silly buddy and you stick it up underneath there and you look and you're like, oh, look at that, it's a Phillips because most of them are. And so you take that out and then you've got the wires back behind it and then you just vamp clip this on right here. It's called an ESP key. And so this ESP key just has data in, data out, power and ground. That's it. You can see right there the vamp clips. And so you put that in back behind and you literally just get your punch and you just punch it down. I've seen people install these in 30 seconds and then you put it back in the wall and you put your single screw back in and you walk away and then you come back the next day. And because this also has Wi-Fi on it, right? Oh, has a Wi-Fi chip on it? Yes, there's a Wi-Fi chip on it. So you don't even have to ever go back in and retrieved if you don't want to. But yeah, you just come back and then you can download every card that was used on that reader for that day. Well, you know, Anaziman since it was installed. And not only can you do that but you can turn around and you can open the door with your phone. And so you see, well, what if, right? Let's play the what if game. Let's say this RFID reader had a pin code on it and so it was dual authentication. It doesn't matter. It's all in weekend on the back end anyway. So you just turn around and now on your phone, not only do you have the card but you have the pin code next to the card. So you just say replay and then it swipes the card and then types the pin code in for you and then the door opens. But wait, what if there's a retinal scanner? Yeah, guess what? It doesn't matter if you've got your handprint. It doesn't matter if they're scanning your iris. It's all weekend on the back end. That will work on everything. If you can get to the back and you can get in there and you can get to it somehow then you're just intercepting the data from the reader to the processing board or whatever they happen to have it connected to. And you can get into anything. You can replay it. It's just code 006513. That's the right code. It goes into our machine. Okay, let's open up the door and let you in. Lots of problems with RFID. So that's with the weekend reader. So OSDP. OSDP fixes that. How many times have you seen it? I've seen it zero times in the wild. It exists. I know it's there. And that's what we tell people to do. It's actually used to be really expensive to switch things over to the OSDP. And now they've got something that I think they can just flash stuff now and put the OSDP on it. And it's so much simpler and so much easier. But you know, give it time. We'll hack that too. I'm sure. I think there was even a vulnerability that was discovered not that long ago with OSDP and they're already working on revamping it. Crazy stuff. But you wouldn't even need any of that because you already have access to the door. You have the keys, but it's almost easier to go through the strike. But you also have the timer for the information to get through all the other doors. But if you're here and this is clients files and information, like you can do a lot of damage with that information right there. The fact that they even mentioned client, that means there's some serious information in there. Let's say that the strike plates work and you can't get in that way. And let's say they're using OSDP on their readers. And let's say those keys aren't there. You still have like a gap large enough to drive a truck through underneath and you got ADA compliant handles. So you can just throw your under the door tool in there and open it at about 30 seconds if you're slow. And I can also almost bet that above here is probably drop down ceiling. So you can just move the tile and jump over the door as well. Most likely if it's an office setting. We find the under door tools are harder if there's no return on the lever on the end, like how it comes back towards the door. There's ways around it. It is more difficult. Absolutely. Because it doesn't hook as nicely for there. And we find a door like that. I usually just take some duct tape and put one thing around it and then spend the duct tape around and then make it sticky. And then it sticks to the door. There's also, you remember when you were kids they got that stuff that you throw against the wall like the hand and it would stick to the wall. Oh, they've got this stuff like that that's moving on the inside and sticking on the outside. You can actually take those and put that on your thing and that'll stick to almost anything. So it makes it harder, but it's, you know. My engineer mind is working to create levers. Do you know one of the easy ways to fix that is just put a rolled up towel in the door on the backside and then you can't get on it under the door tool. I've seen that with like hotel blocks and stuff like that. If you work out getting access or you heard about the hotel manager that was like licking people's toes. No, no, I didn't hear that one, but I trust you. Because the hotel staff has access to your room whether you like it or not. And if they give access to someone else, which is very simple to get, there's a lot of concerns, but that's hospitality. That's a whole nother episode there, Gary, I'm sure. Yeah, your hotel room is not safe. Neither is your hotel safe. Even if you're safe. Not once have I ever used a hotel safe. Okay, knocking score. What do you think on this one? I mean, the other one was a catastrophic. This has got to be a catastrophic. The key's in the door. It is an interior door. We'll give it that way. So based on the exterior, this may only be half catastrophic. This might only be critical. Well, no, it's still catastrophic, but I'd say half of the catastrophic, not a full catastrophic. Yeah, I was having that debate myself of like it's an interior door, but there are client files behind here, which makes it- Still catastrophic. Yes, more catastrophic than just a wedding venue key. Yeah, we might need another, something about catastrophic maybe. Another level of rating. This one slammed so hard and knocked it off the hinge. So I guess it's a 10 for security or above that, whatever that rating is. Just the keys make it that, I would say, but yeah, those strike plates are terrible. It's definitely a 10. It's a catastrophic. There's no doubt about it. It's a catastrophic. Even if it's an interior door. Say it was a wealth management firm and you were worth, oh, I don't know, $15 million. Because wealth management firms, I don't know if people are aware of this, but wealth management firms are like your own little private secretary when it comes to your finances. They have the deed to your house. They have the deed to your car. They have the deed to your yacht. They have the deed to everything and they control everything for you because when you're super rich you don't have to worry about stuff. And so I can't tell you how many wealth management firms that I've been into. That's something like this. And behind they're like, oh, those are our clients documents. You mean your clients deed to their $5 million boat? Is that what you mean by client document? They're like, well, yes, but we need to be able to get to that stuff when I'm not there. It's like, dude, what part of $5 million boat did you miss? Like why do you have a key there? And then like, that's just one client and you have a wealth management firm. You've got thousands of clients and you have all of their stuff. If you want to be featured on a future episode of Unhinged or if you have a picture to submit you can email me at me at doorhardwarenerds.com. Thanks for watching.