Best of Email: Automated Insecurity, Outdated Vacancy, and a Burnt Tongue

« Return to Article
  • Frank 2013-02-20 08:05
    Not sure I see the face-palm issue with the motion-detectors. Apparently they want to restrict use of the building by unauthorized people. Is that what you're objecting to? If not, how else do you propose they do this?
  • lizardfoot 2013-02-20 08:07
    Raise your hand if you read Aleksandr's email with a Russian accent.
  • Dave 2013-02-20 08:07
    this comment of 'frist' I personally found outdated.
  • Jeff 2013-02-20 08:09
    C - requires use source, requires follow compile rules
    Yeah, well, so do we here at Employer Inc, so if that's a problem you may want to apply elsewhere.
  • ES 2013-02-20 08:10
    I think it's just because motion detectors are a stupid idea for a door, especially when management stresses how important security is.
  • But it's secure!! 2013-02-20 08:13
    At our university, in rooms for the Computer Science students, they installed motion detectors like this. They had to disable them when students starting slipping paper over the top of the door to get access.
  • justsomedudette 2013-02-20 08:16
    I love the fact that (lack of) age is the first thing a consultant should have, I mean who would even take someone over thirty seriously?
  • Detect this 2013-02-20 08:17
    I worked a place with those magnetic door latches and they were STRONG. You could not force the door open. How do I know? The (central computer controlled) lock system had an outage one day. The doors failed closed, in other words many people were locked inside a room for hours and could not open the door or get out any other way. It is fortunate there was no fire or other emergency. Even so when the door finally opened there was a rush to the bathrooms.

    The company refused to improve the design, assuring that outages would be "rare". I left.

    I have no problem with automated locks as long as there is a manual override from the inside to get out. When automated systems have full control, however, you're just begging for the Terminators to come.
  • Mickey McMickey 2013-02-20 08:19
    Java is to also my choice of the many reasons. And this article of WTF emails I personally found outdated.
  • Jason 2013-02-20 08:20
    Chances are by the time you're 30 you've learned by experience at least one way how to / not to get screwed by an employer. Who would want to hire someone with that knowledge? It is so much harder to take advantage once they're armed with clue.
  • barfoo 2013-02-20 08:20
    What's wrong with invalidemail.com? Invalids need email too, and it might even help their recovery to have communication with the world beyond the sanatorium.
  • me 2013-02-20 08:21
    But it's secure!!:
    At our university, in rooms for the Computer Science students, they installed motion detectors like this. They had to disable them when students starting slipping paper over the top of the door to get access.

    We had this in our old office. Once some of us tried, just for fun, to get in without using our keys. We managed to get through the main door and our office door MacGyver style with the help of a newspaper, some cardboard, and a stapler. Very secure!
  • FragFrog 2013-02-20 08:25
    justsomedudette:
    I love the fact that (lack of) age is the first thing a consultant should have, I mean who would even take someone over thirty seriously?

    I'll up you one: many companies will also not hire people (for low end jobs) that have a bachelors / masters degree.

    The rationale being that those people tend to quit relatively soon because they can get a better job elsewhere. People without education or experience on the other hand will stay put for at least a few years because, well, were are they going to go?
  • Andre 2013-02-20 08:25
    I would defenetly choice to hire Aleksandr, except it is half true.
  • Eddy 2013-02-20 08:26
    I know all about Unit Tasting, can I apply?
  • Nellius 2013-02-20 08:29
    Eddy:
    I know all about Unit Tasting


    That's what she said
  • Phlip 2013-02-20 08:35
    Thinking back on my Bachelor's, there were a few quite good parties, but I can't remember any of the pass-outs being quite "first class"... I guess I wouldn't be qualified for that job. Oh well.
  • shinyemptyhead 2013-02-20 08:36
    Because if anyone walks within three feet of the door, it will automatically unlock. And that's assuming that the motion sensor is calibrated correctly. It's not very secure at all.
  • Mike 2013-02-20 08:39
    me:
    Once some of us tried, just for fun, to get in without using our keys. We managed to get through the main door and our office door MacGyver style with the help of a newspaper, some cardboard, and a stapler. Very secure!
    Easy there cowboy. Sure the penalty for breaking and entering is probably just a few months probation, but if the company had any "intellectual property" in there they could have fucked you up for life. Circumventing a copyright protection system -- even a flimsy one -- is a serious offense.

    Under the - fortunately killed but frequently arising in a fresh corpse - SOPA legislation you could get 5 years for copying a Michael Jackson song... one year more than the doctor who killed him.
  • Warren 2013-02-20 08:40
    The SPAM email was a great double-bluff that the filters obviously fell for. It makes me tempted to put
    ***** RUBBISH COMMENT THAT SHOULDN'T BE FEATURED *****
    just to see if you can't resist.
  • Carl 2013-02-20 08:43
    shinyemptyhead:
    Because if anyone walks within three feet of the door, it will automatically unlock. And that's assuming that the motion sensor is calibrated correctly. It's not very secure at all.
    Presumably the motion sensor only triggers on movement inside the door? Where, we presume, the good people are? Who are exhorted not to let someone in without checking their badge?

    I guess you all want to use your badge and PIN to get out, is that it? And what about when the lock fails closed as described earlier?
  • Nero 2013-02-20 08:46
    Warren:
    The SPAM email was a great double-bluff that the filters obviously fell for. It makes me tempted to put
    ***** RUBBISH COMMENT THAT SHOULDN'T BE FEATURED *****
    just to see if you can't resist.
    The mods here never fall for feature-me whores. As proof, note that my comment is also not featured.
  • dpm 2013-02-20 08:47
    Spam these days is deliberately written as obviously stupid as possible, to limit the number of intelligent people replying. If you're a spammer, you don't want to waste your time corresponding with someone with even half a clue.
  • shinyemptyhead 2013-02-20 08:55
    Carl:
    shinyemptyhead:
    Because if anyone walks within three feet of the door, it will automatically unlock. And that's assuming that the motion sensor is calibrated correctly. It's not very secure at all.
    Presumably the motion sensor only triggers on movement inside the door? Where, we presume, the good people are? Who are exhorted not to let someone in without checking their badge?

    I guess you all want to use your badge and PIN to get out, is that it? And what about when the lock fails closed as described earlier?


    Setting aside the very real possibility of leaving your badge inside and locking yourself out, note that it triggers on any movement, not on some deliberate buzzing motion. So basically if I walk past a door, it will unlock. At that point the entire system becomes dependant on my challenging the person coming in - which, human nature being what it is, nobody will do after the first week. As they actually state in the email, in the name of improving security they have fitted expensive motion sensors that reduce their security, and which are less efficient than the normal "hold down button to unlock door" that everyone else on the planet uses..
  • Steve The Cynic 2013-02-20 09:00
    Frank:
    Not sure I see the face-palm issue with the motion-detectors. Apparently they want to restrict use of the building by unauthorized people. Is that what you're objecting to? If not, how else do you propose they do this?

    Perhaps by having doors that don't unlock when someone walks past the inside? A better way would be to have normal fire-exit crash-bars so that passers-by and loiterers on the inside can't unlock the doors merely by their presence.

    Or like the door downstairs that gives access to the building. On the outside, there's a keypad that serves either to unlock the door or to call the reception area of one or other of the companies in the building. On the inside, there's a small button that can unlock the door.

    For me, though, the other half of the WTF is the unlock timer. From swiping your card and entering your PIN, you have just three seconds to get the door open enough to not be grabbed by the locking electromagnets.
  • Steve The Cynic 2013-02-20 09:04
    Carl:
    I guess you all want to use your badge and PIN to get out, is that it? And what about when the lock fails closed as described earlier?

    If a door has a window, and its lock fails closed, you use a chair, hammer, or other large object (e.g. the GAU-8 you carry in your back pocket for moments like this) to open the window. Of course, the window doesn't close easily after you've opened it with a chair, but if there's a raging fire behind you, do you really care about that?
  • TheLazyHase 2013-02-20 09:14
    Steve The Cynic:
    Carl:
    I guess you all want to use your badge and PIN to get out, is that it? And what about when the lock fails closed as described earlier?

    If a door has a window, and its lock fails closed, you use a chair, hammer, or other large object (e.g. the GAU-8 you carry in your back pocket for moments like this) to open the window. Of course, the window doesn't close easily after you've opened it with a chair, but if there's a raging fire behind you, do you really care about that?


    Have you ever been in a panicked mob ? If yes, you would understand why that kind of door (the one who cannot be opened if there is an outage) are forbidden in Europa - and I belive in America too.

    When you have a fire behind you - and, more importantly, hundred of other people fleeing the same thing - you'd better be able to open the door without hurdle, 'cause you may not be able to backtrack to a windows. In fact, even a door which need to have free space on the inside to open (because of the way the hinge are placed) can cause death in thoses situations.
  • Mark 2013-02-20 09:19
    I would dearly love to see Burnt Tongue unanonymized. Hello age discrimination lawsuit.
  • ¯\(°_o)/¯ I DUNNO LOL 2013-02-20 09:21
    I once had a cubicle in the corner of a large cubicle farm area. The exit door was opposite the cubicle opening. It was already bad enough how cold it would get in the winter when the door was opened, then a couple of months later they added one of those motion sensors to the door. Every time I turned my head or whatever, CLICK. CLICK.

    I got them to re-arrange my cubicle so that the opening was on the other side of the corner.
  • rodent 2013-02-20 09:21
    shinyemptyhead:
    Setting aside the very real possibility of leaving your badge inside and locking yourself out, note that it triggers on any movement, not on some deliberate buzzing motion.

    I hope they don't suffer from rodents , cause their doors will automatically open/close at night. Fun to get the neighbors spooked though. If the sensors are sensitive, even some flies or insects could be triggering it.
    It would be hilarious to see how management fixes thatone.

    email: to all
    subject: security
    To increase security, please kill any and all insects or moving things on sight. To aid in this mission critical endeavor, we have bought top notch, brand new, fly squatters.

    email 2: to all
    subject: security
    There are to many insects left alive, for this we have decided to issue a bonus to those that kill the most insects. Please kill all insects on sight for security!!!

    On the bright side, if they have a fire, and they have sprinklers. All doors will open when the sprinklers activate :)

  • Anon 2013-02-20 09:24
    Other than the horrible English, I don't quite see the problem with the last one. They want somebody with a 1st class degree. That's how degrees are ranked in the UK, 1st class, upper 2nd, lower 2nd, 3rd, or pass. (Mine's a first, thank you very much).
  • Russian 2013-02-20 09:32
    One WTF is lost on non-russian readers: gender of Aleksandr Batukhtina.

    Aleksandr is male name, Batukhtina is surname in female form.

    Also, I find this captcha outdated.
  • Anon 2013-02-20 09:33
    When exiting the facility, you no longer need to push the door handles.


    So...was this really a problem before?
  • BayStater 2013-02-20 09:38
    TheLazyHase:
    Have you ever been in a panicked mob ? If yes, you would understand why that kind of door (the one who cannot be opened if there is an outage) are forbidden in Europa - and I belive in America too.


    Yep, illegal in America thanks in part to the Cocoanut Grove fire in Boston back in 1942. Amazing what a disaster can do to cause change.
  • no laughing matter 2013-02-20 09:42
    I used to be a professional C++ programmer.

    But then i took a pointer to the knee!
  • Peter 2013-02-20 09:46
    Anon:
    Other than the horrible English, I don't quite see the problem with the last one. They want somebody with a 1st class degree.
    The job for which they want the first class degree involves "Tasting" (hence the joke about a burnt tongue). Understand now?
  • Ben Jammin 2013-02-20 09:48
    Anon:
    Other than the horrible English, I don't quite see the problem with the last one. They want somebody with a 1st class degree. That's how degrees are ranked in the UK, 1st class, upper 2nd, lower 2nd, 3rd, or pass. (Mine's a first, thank you very much).

    With a first class degree, one would hope you were above trolling.
  • Ben Jammin 2013-02-20 09:51
    Anon:
    When exiting the facility, you no longer need to push the door handles.


    So...was this really a problem before?

    The thin glass security doors kept breaking when people pushed them too hard. ;P
  • Ironside 2013-02-20 09:59
    But it's secure!!:
    At our university, in rooms for the Computer Science students, they installed motion detectors like this. They had to disable them when students starting slipping paper over the top of the door to get access.


    Yeah this. At my university they took accommodation security very seriously. They installed big metal vault-like doors that were so heavy it was hard to push open. After 6pm they would automatically lock and a pass was needed to unlock the doors for a few seconds to get in. Trying to exit the building however, there was the motion sensor system inside that would automatically unlock them. I guessed this for the case of evacuation/emergency, can't have students burning to death or being ripped open by a madman because the doors wouldn't unlock (aww). Although it does have a bad side effect that you can exit the building at night easily and only find you have forgotten your pass when you can't get back in.

    Anyway despite this heavy security, the door was so big and metal that when they installed it, it didn't fit flush with the ceiling, there was a ~5mm gap. They didn't bother filling that in.

    From being stuck outside without a pass one night I discovered this gap and found out that by tearing out the middle section of an A4 sheet of paper I could produce a C shaped tool that could pass through the gap and hook round onto the front of the sensor. Click.

    The flyers littering the walls served as a renewable source of "keys" for whenever I forgot my pass, which was a lot given I didn't really need it anymore.
  • Anon 2013-02-20 09:59
    I've seen some spam filters that work by tagging messages detected as spam by adding "*****SPAM*****" to the subject line. They expect you to configure your mail client to take whatever action you want on messages that have been tagged.
  • joeb 2013-02-20 10:01
    I hope that when the fire alarm goes off the magnetic trun off.
  • Ironside 2013-02-20 10:03
    TheLazyHase:
    Steve The Cynic:
    Carl:
    I guess you all want to use your badge and PIN to get out, is that it? And what about when the lock fails closed as described earlier?

    If a door has a window, and its lock fails closed, you use a chair, hammer, or other large object (e.g. the GAU-8 you carry in your back pocket for moments like this) to open the window. Of course, the window doesn't close easily after you've opened it with a chair, but if there's a raging fire behind you, do you really care about that?


    Have you ever been in a panicked mob ? If yes, you would understand why that kind of door (the one who cannot be opened if there is an outage) are forbidden in Europa - and I belive in America too.

    When you have a fire behind you - and, more importantly, hundred of other people fleeing the same thing - you'd better be able to open the door without hurdle, 'cause you may not be able to backtrack to a windows. In fact, even a door which need to have free space on the inside to open (because of the way the hinge are placed) can cause death in thoses situations.


    I believe humans are forbidden from building anything on Europa, not just doors.
  • NMe 2013-02-20 10:09
    Anon:
    I've seen some spam filters that work by tagging messages detected as spam by adding "*****SPAM*****" to the subject line. They expect you to configure your mail client to take whatever action you want on messages that have been tagged.

    This is indeed just a spam filter that adds that designation to the subject line. Spam filters work by giving points to an email and if the points go above a certain threshold, they mark it as possible spam in this way but still deliver it. If the points go above an even higher threshold, the mail gets deleted.

    So in short: not a WTF, just a loosely configured spam filter.
  • GoatRider 2013-02-20 10:15
    Detect this:
    I worked a place with those magnetic door latches and they were STRONG. You could not force the door open. How do I know? The (central computer controlled) lock system had an outage one day. The doors failed closed, in other words many people were locked inside a room for hours and could not open the door or get out any other way. It is fortunate there was no fire or other emergency. Even so when the door finally opened there was a rush to the bathrooms.

    The company refused to improve the design, assuring that outages would be "rare". I left.

    I have no problem with automated locks as long as there is a manual override from the inside to get out. When automated systems have full control, however, you're just begging for the Terminators to come.

    Tell the fire marshal this story. That will get it fixed real fast.
  • togakangaroo 2013-02-20 10:23
    Ok, I'll say it

    I don't get the Motion Detector one?

    My experience is that's a fairly common setup. Am I missing something?
  • DCRoss 2013-02-20 10:29
    Russian:
    One WTF is lost on non-russian readers: gender of Aleksandr Batukhtina.

    Aleksandr is male name, Batukhtina is surname in female form.


    That was just a problem with anonymization. His real name is Manuel Garcia O'Kelly-Davis.
  • Dave 2013-02-20 10:46
    Russian:
    Aleksandr is male name, Batukhtina is surname in female form.


    Good spot.

    This reminds me of back when I used to know Alanis Morissette, before the gender reassignment.

    Alan Morris, good bloke.
  • belzebub 2013-02-20 10:53
    I too have strong fillings in strong russian teeth neccessary to crush imperialist swines!
  • operagost 2013-02-20 11:08
    Detect this:
    I worked a place with those magnetic door latches and they were STRONG. You could not force the door open. How do I know? The (central computer controlled) lock system had an outage one day. The doors failed closed, in other words many people were locked inside a room for hours and could not open the door or get out any other way. It is fortunate there was no fire or other emergency. Even so when the door finally opened there was a rush to the bathrooms.

    The company refused to improve the design, assuring that outages would be "rare". I left.

    I would have called the fire chief, myself.
  • David 2013-02-20 11:15
    Didn't see anyone mention that requiring under a certain age, I believe, is illegal in the US for the purposes of employment. Could be wrong, but I think I'm not.
  • Anonymous Coward 2013-02-20 11:28
    David:
    Didn't see anyone mention that requiring under a certain age, I believe, is illegal in the US for the purposes of employment. Could be wrong, but I think I'm not.

    Given that the submitter's name is "Raj," I'm guessing it's not in the US.
  • Some Damn Yank 2013-02-20 11:31
    Frank:
    Not sure I see the face-palm issue with the motion-detectors. Apparently they want to restrict use of the building by unauthorized people. Is that what you're objecting to? If not, how else do you propose they do this?


    This is exactly how our building does it. Otherwise, you'd need a card reader on the inside to get out. Where's the WTF?
  • Swedish tard 2013-02-20 11:43
    Some Damn Yank:
    Frank:
    Not sure I see the face-palm issue with the motion-detectors. Apparently they want to restrict use of the building by unauthorized people. Is that what you're objecting to? If not, how else do you propose they do this?


    This is exactly how our building does it. Otherwise, you'd need a card reader on the inside to get out. Where's the WTF?

    A button will suffice. And it is also cheaper and more secure and more obvious, and more durable than a motion detector.
  • Dave-Sir 2013-02-20 12:00
    Swedish tard:
    Some Damn Yank:
    Frank:
    Not sure I see the face-palm issue with the motion-detectors. Apparently they want to restrict use of the building by unauthorized people. Is that what you're objecting to? If not, how else do you propose they do this?


    This is exactly how our building does it. Otherwise, you'd need a card reader on the inside to get out. Where's the WTF?

    A button will suffice. And it is also cheaper and more secure and more obvious, and more durable than a motion detector.
    Furthermore, they replaced the existing button with a motion sensor.

    A motion sensor is more convenient however.

    FWIW, the company I work for went the other direction. They replaced all the motion sensors used for this purpose with either pushbuttons or pushbars (on doors with a mechanical latch).
  • Andrew Edelstein 2013-02-20 12:08
    ¯\(°_o)/¯ I DUNNO LOL:
    I once had a cubicle in the corner of a large cubicle farm area. The exit door was opposite the cubicle opening. It was already bad enough how cold it would get in the winter when the door was opened, then a couple of months later they added one of those motion sensors to the door. Every time I turned my head or whatever, CLICK. CLICK.

    I got them to re-arrange my cubicle so that the opening was on the other side of the corner.


    I had a desk (no cubicle) right next to an exit door. Due to "fire codes", they weren't allowed to install a motion detector, they had to install a "big red button" to exit (the contractor was an idiot). The building had bad AC balance, so there was always positive pressure inside. Every time someone exited, the door wouldn't close and the air whistled. It was JUST far enough away I couldn't lean over my desk to grab the handle and close it.
  • shadowman 2013-02-20 12:08
    Evidently Java doesn't require one to use source or follow compile rules?
  • scruff 2013-02-20 12:09
    I thought everyone knew about spam being deliberately obvious now, to filter out anyone sentient and maximise return per reply (as mentioned above).

    Regarding "must be under 30", that's a lawsuit, Shirley?
  • mernen 2013-02-20 12:12
    Regarding the last one, it's not just the tasting, or the age discrimination. Why exactly would you require consultants not to have any earlier Visa? They're essentially saying you must not be known by the US government ("yet", anyway). Doesn't that sound suspicious?
  • shadowman 2013-02-20 12:15
    joeb:
    I hope that when the fire alarm goes off the magnetic trun off.


    This is all happening inside your head, I presume?
  • Some Damn Yank 2013-02-20 12:17
    Detect this:
    I worked a place with those magnetic door latches and they were STRONG. You could not force the door open. How do I know? The (central computer controlled) lock system had an outage one day. The doors failed closed, in other words many people were locked inside a room for hours and could not open the door or get out any other way. It is fortunate there was no fire or other emergency. Even so when the door finally opened there was a rush to the bathrooms.

    The company refused to improve the design, assuring that outages would be "rare". I left.

    I have no problem with automated locks as long as there is a manual override from the inside to get out. When automated systems have full control, however, you're just begging for the Terminators to come.

    Actually, you're just begging for the Fire Marshal to come.

    Captcha: suscipit. I suscipit that building does not meet code.
  • Some Damn Yank 2013-02-20 12:27
    no laughing matter:
    I used to be a professional C++ programmer.

    But then i took a pointer to the knee!
    +1
  • mophobiac 2013-02-20 12:42
    Reading about code, on the internnet; I'm wonder if english there second language and if other second language e.g. programming libary are also not so well laernt, always and explicity.
  • airdrik 2013-02-20 12:44
    mernen:
    Regarding the last one, it's not just the tasting, or the age discrimination. Why exactly would you require consultants not to have any earlier Visa? They're essentially saying you must not be known by the US government ("yet", anyway). Doesn't that sound suspicious?

    or that you are a natural US citizen.
    I think they are trying to say (in a WTFy way) that they don't want to have to sponsor someone's (temporary) visa to work in the US
  • nasch 2013-02-20 12:45
    Anonymous Coward:

    Given that the submitter's name is "Raj," I'm guessing it's not in the US.


    It explicitly says "onsite in the US". And you think there aren't people named Raj in the US?
  • OldCoder 2013-02-20 12:55
    Some Damn Yank:
    no laughing matter:
    I used to be a professional C++ programmer.

    But then i took a pointer to the knee!
    ++1

    FTFY.

    Captcha iusto. Iusto be a programmer, now I am a 'developer'.
  • Chelloveck 2013-02-20 12:58
    Dave-Sir:
    A motion sensor is more convenient however.


    Speak for yourself. We have motion detectors and buttons here. The buttons are because the motion detectors only trigger a second or two after you've arrived at the door and tried to open it. It's much, MUCH easier to simply whack the big, friendly, arcade-style button on the way by.
  • Dave-Sir 2013-02-20 13:10
    Chelloveck:
    Dave-Sir:
    A properly functioning motion sensor is more convenient however.


    Speak for yourself. We have motion detectors and buttons here. The buttons are because the motion detectors only trigger a second or two after you've arrived at the door and tried to open it. It's much, MUCH easier to simply whack the big, friendly, arcade-style button on the way by.
    OK, I amended my comment above.

    FWIW, most of the buttons they installed here are recessed, requiring a careful press with a single finger. The one that isn't is cheaply made and flaky, so care has to be taken to press it in the center (or at least evenly on all four corners) so it doesn't bind. "Simply whacking" any of the buttons is out of the question.
  • mernen 2013-02-20 13:36
    airdrik:
    mernen:
    Regarding the last one, it's not just the tasting, or the age discrimination. Why exactly would you require consultants not to have any earlier Visa? They're essentially saying you must not be known by the US government ("yet", anyway). Doesn't that sound suspicious?

    or that you are a natural US citizen.
    I think they are trying to say (in a WTFy way) that they don't want to have to sponsor someone's (temporary) visa to work in the US


    Indeed. I somehow assumed that they were requiring the applicant to be a foreigner. I hope your hypothesis is correct, as my scenario about foreign applicants is a real WTF.
  • Some Damn Yank 2013-02-20 13:54
    Swedish tard:
    Some Damn Yank:
    Frank:
    Not sure I see the face-palm issue with the motion-detectors. Apparently they want to restrict use of the building by unauthorized people. Is that what you're objecting to? If not, how else do you propose they do this?


    This is exactly how our building does it. Otherwise, you'd need a card reader on the inside to get out. Where's the WTF?

    A button will suffice. And it is also cheaper and more secure and more obvious, and more durable than a motion detector.
    I don't see how a button, with moving parts, is more durable than a motion detector, with no moving parts.
    Also, our doors have crash bars in case of fire, so it's just a convenience. We're not the only tenants, all the doors in this building are like this. So far security hasn't been an issue - if anyone really wants in they can always break a window.
  • BlueBearr 2013-02-20 14:03
    Motion sensors on the inside of the doors is not a WTF nor the result of poor planning or cluelessness on the part of management. Rather, they are a requirement of the National Fire Protection Association Life Safety Code (NFPA 101) for any doors with magnetic locks. The Code also requires that there be a manual door override as well.

    Thanks for helping me study for my CISSP exam.
  • FasterThanILook 2013-02-20 14:08
    In Soviet Russia, applicant expires job posting.
  • chubertdev 2013-02-20 14:16
    BlueBearr:
    Motion sensors on the inside of the doors is not a WTF nor the result of poor planning or cluelessness on the part of management. Rather, they are a requirement of the National Fire Protection Association Life Safety Code (NFPA 101) for any doors with magnetic locks. The Code also requires that there be a manual door override as well.

    Thanks for helping me study for my CISSP exam.


    TRWTF, then. Card reader on the outside, push bar on the inside. What more do you need?
  • Ken B 2013-02-20 14:53
    rodent:
    On the bright side, if they have a fire, and they have sprinklers. All doors will open when the sprinklers activate :)
    Unless the fire takes out the power first.
  • Ken B 2013-02-20 14:54
    Anon:
    When exiting the facility, you no longer need to push the door handles.
    So...was this really a problem before?
    Yes, as both hands were full with the office equipment being "borrowed".
  • Ken B 2013-02-20 14:59
    nasch:
    Anonymous Coward:

    Given that the submitter's name is "Raj," I'm guessing it's not in the US.
    It explicitly says "onsite in the US". And you think there aren't people named Raj in the US?
    It's possible that it's in India, and they're looking for people who will be sent to the US to work onsite.
  • Ken B 2013-02-20 15:04
    And the "*SPAM*" one is not a WTF. As others noted, many spam filters will label suspected spam with such things, and pass it along. (Just in case it's a false positive.) Then the recipient can decide what to do with it. (For example, delete anything labeled as such.)

    Now, for "lazy spammer", I've seen plenty of spam with things such as:

    <a href=%spam_url%>Click here</a>

    (Yes, it would still have replacement variables, which weren't replaced.)
  • Valued Service 2013-02-20 15:11
    ES:
    I think it's just because motion detectors are a stupid idea for a door, especially when management stresses how important security is.


    Likely a fire marshal issue.
    You can't have a door be permanently shut in a work/public environment.

    So they had to install the motion detector. As a fail-safe, if the power fails it defaults to unlocked. So if you want to break in, cut the power supply. However a lot of these have backup power.

    This is of course the cheap way of doing security.

    The ideal way is to have the doors open, and use a pass-gate monitored by security-detail. If someone jumps the gate you know something's wrong.

    If someone slips in because of a motion-detector fault, you have no idea.

    My company has the same magnet+motion-detector, and I don't get why it's considered valid security. Most people let other people in all the time, because we all know each-other, and if you're at the backdoor you're likely a co-worker. Worse yet, the front door is not secure. There is a clerk at the front door, but if you just walk in like you belong, no one will stop you, because the Employee IDs we have are a big pain, and no one wears them anymore.
  • cellocgw 2013-02-20 15:24
    ¯\(°_o)/¯ I DUNNO LOL:
    I once had a cubicle in the corner of a large cubicle farm area. The exit door was opposite the cubicle opening. It was already bad enough how cold it would get in the winter when the door was opened, then a couple of months later they added one of those motion sensors to the door. Every time I turned my head or whatever, CLICK. CLICK.

    I got them to re-arrange my cubicle so that the opening was on the other side of the corner.

    Me, I would have covered the motion sensor with duct tape.
  • cellocgw 2013-02-20 15:27
    Anonymous Coward:
    David:
    Didn't see anyone mention that requiring under a certain age, I believe, is illegal in the US for the purposes of employment. Could be wrong, but I think I'm not.

    Given that the submitter's name is "Raj," I'm guessing it's not in the US.

    Checking my neighborhood: *only* 20% Indian. I think your guess is not good.
  • Not of Waterloo 2013-02-20 15:28
    That's how my University's email server handles detected spam too; it appends ***SPAM*** to the subject but otherwise leaves it untouched. I assume Waterloo is doing the same. Is the wtf that the submitter's client didn't then catch it, or is the submitter unaware of the feature because they rarely get (detected) spam from that account?
  • jay 2013-02-20 16:34
    BlueBearr:
    Motion sensors on the inside of the doors is not a WTF nor the result of poor planning or cluelessness on the part of management. Rather, they are a requirement of the National Fire Protection Association Life Safety Code (NFPA 101) for any doors with magnetic locks. The Code also requires that there be a manual door override as well.

    Thanks for helping me study for my CISSP exam.


    Well, I couldn't find a copy of the document with 30 seconds of searching, but:

    You are telling us that it is a REQUIREMENT that every door with a magnetic lock must have motion sensors so that it automatically opens any time someone comes within 3 feet? That it is against the rules to simply have a button or a crash bar to open the door? If true:

    (a) That's insane. It creates a huge security risk. As an earlier poster said, it means that all a criminal has to do is wait outside the door until someone walks by and it opens. Then he casually enters the building. As long as he doesn't act obviously suspicious, I strongly suspect that 90% of the time no one would challenge him. After all, 90% of the time it's going to be someone who has a valid key card and just happenned to be coming in as you walked past the door.

    (b) There are many, many violators in the U.S. I've been in many buildings that have magnetic locks on the door, and very few automatically opened as you approached.

    Not to say that there aren't stupid regulations. It's possible.
  • ¯\(°_o)/¯ I DUNNO LOL 2013-02-20 16:39
    cellocgw:
    Me, I would have covered the motion sensor with duct tape.
    Did you miss the part where you would have needed a heavier coat and thermal underwear too? And then there's the likelihood of getting fired for fucking with what could be considered "safety equipment".
  • jay 2013-02-20 16:47
    I used to work at a government office that had electronic locks on all the doors. One day the security folks decided that only a few select employees should be authorized to enter the non-public areas of the building outside of normal working hours. I guess the idea was that they were afraid that employees might sneak in at night or over the weekend and rob the place or something.

    Okay, they weren't quite so stupid as to stop people from opening the doors from the inside, so you could get out.

    Except ... except that the bathrooms were considered public areas, but the bathrooms near my area were on a hallway that connected two non-public areas. So if you were on that hallway after 5:00, you couldn't get out at either end, because that would have you going from a public area to a non-public area.

    Of course they implemented this new rule on a Friday. And of course they didn't bother to tell anyone. So one of my co-workers went to the ladies room a few minutes before 5:00 on Friday afternoon, came out perhaps 10 minutes after 5, and ... her key card wouldn't open the door. She was locked in. For the weekend.

    Fortunately I hadn't left yet and I heard her banging on the door.
  • A Nerd With a View 2013-02-20 16:47
    I'm not sure what the problem is with the motion detectors. I know the system in question.

    This is common in systems where the door is at the end of a hallway and the door is magnetically locked (as opposed to an electromechanical lock.)

    When the doors are in an open area, then they will be outfitted with capacitive sensors on the door handle; you just touch it with an ungloved hand or body part, and the magnetic lock releases. It's interesting watching when people try to push the door open while carrying things; they try the usual "bump the open bar with the butt" and nothing happens. I reach over from my desk and lightly touch the bar, and the door releases for them.

  • Paul 2013-02-20 16:47
    jay:
    Not to say that there aren't stupid regulations. It's possible.
    More like it's guaranteed.

    Politicians love regulations because it expands their power base, lets them "create jobs"* and best of all provides a mechanism whereby the peasants and corporate lords alike can come crawling forward, cash in hand, begging for an indulgence whereby they won't have to comply. Nowhere in this infrastructure is there an incentive for the regulations to be smart. In fact the dumber they are the more exceptions people will be forced to request.

    * The media repeaters never seem to question this "creating jobs" claim. Like, the money you forced people to spend on compliance would have done something else otherwise. It would have been spent elsewhere, maybe on factory expansion, or maybe on research -- wherever it was spent it would create jobs anyway. Or it would have been invested, where whoever borrows it in turn uses it and creates jobs. It's not as though money not spent by government demand gets sent to the landfill instead.

    Consider: there were lots of regulators monitoring the banks. But instead of making rules that said "you have to be careful with people's money" they said "you must issue X% of your loans to low income people who will never be able to pay them back." All because politicians wanted to look like they were "doing something" about the "home ownership problem".
  • A Nerd With a View 2013-02-20 16:57
    Jay, the doors don't open by themselves; they just unlock. Yes, you could peer through the window and wait for someone to walk by, but the sensors are supposed to be placed so that this won't happen; if the door is in a frequently trafficked area, there are other ways to unlock it (such as a touch-bar.)

    And yes, this IS a security hole; you can easily follow someone in the door at facilities that use this kind of entry system, so employees are trained to not allow entry to anyone not wearing a badge.

    This system is also really designed to prevent unauthorized after-hours access; if daytime security is a huge concern, the organization will use solenoid locks, which can be opened from the inside with regular door handles.
  • jay 2013-02-20 16:58
    RE burnt tongue:

    Requiring a new hire to be under 30 is illegal in the U.S. But the talk of of Visa's and wanting someone to work "onsite in US" may mean that this ad is addressed to people in some other country. (Perhaps India from the name Raj, though there are people of Indian ancestry all over the world.) I'm no lawyer, but I would think that if you hire someone in another country and then send him to the U.S., U.S. law would not apply to how he was hired, because you didn't hire him in the U.S. As presumably different countries have laws that differ in many ways, it would be wildly impractical for the U.S. to say that no one can enter the country on a business visa if his hiring was not conducted in conformance with all US laws. It's likely that we wouldn't admit anyone under such a rule.
  • A Nerd With a View 2013-02-20 17:00
    Ken B:
    rodent:
    On the bright side, if they have a fire, and they have sprinklers. All doors will open when the sprinklers activate :)
    Unless the fire takes out the power first.


    These systems are fail-open. Power loss releases the locks, since there's no power holding them closed.
  • jay 2013-02-20 17:10
    A Nerd With a View:
    Jay, the doors don't open by themselves; they just unlock. Yes, you could peer through the window and wait for someone to walk by, but the sensors are supposed to be placed so that this won't happen; if the door is in a frequently trafficked area, there are other ways to unlock it (such as a touch-bar.)

    And yes, this IS a security hole; you can easily follow someone in the door at facilities that use this kind of entry system, so employees are trained to not allow entry to anyone not wearing a badge.

    This system is also really designed to prevent unauthorized after-hours access; if daytime security is a huge concern, the organization will use solenoid locks, which can be opened from the inside with regular door handles.


    Whether they open or just unlock, the security hole is the same. Someone could wait outside the door and listen for the click of the unlock, then casually open the door and step in. Magnetic doors that I've used make a click or thunking noise when they are unlocked that is easily heard from either side of the door. Of course if there's a window in the door, it makes it all that much easier.

    I suppose if a door was at the end of a hall so that no one would have any reason to walk that way unless they were headed out, this would create no security issues that wouldn't exist no matter how the door was unlocked. But if it's a door that people walk past routinely when they are NOT planning to leave the building, it creates this security hole.

    To say that employees are "trained to not allow entry to anyone not wearing a badge" ... yeah, I'm sure they are. I've worked in plenty of such buildings. And few employees really follow such rules. I've seen plenty of times where someone arrives at work in the morning, uses his key card to open the door, and then several people follow him in. Very, very rarely does anyone check that all these people have badges, much less that their badges give them access to this particular building or part of the building.

    So here's the scenario we're talking about: Someone is walking down the hall past an outside door. He comes within range of the sensor, and so the door unlocks. An unauthorized person waiting outside for exactly this event opens the door and enters. Is the person who was walking down the hall really going to, (a) notice that someone just entered the building behind him, and (b) stop, turn around, and challenge that person to present an ID? I really, really doubt it.
  • Matt Westwood 2013-02-20 17:43
    Some Damn Yank:
    Swedish tard:
    Some Damn Yank:
    Frank:
    Not sure I see the face-palm issue with the motion-detectors. Apparently they want to restrict use of the building by unauthorized people. Is that what you're objecting to? If not, how else do you propose they do this?


    This is exactly how our building does it. Otherwise, you'd need a card reader on the inside to get out. Where's the WTF?

    A button will suffice. And it is also cheaper and more secure and more obvious, and more durable than a motion detector.
    I don't see how a button, with moving parts, is more durable than a motion detector, with no moving parts.
    Also, our doors have crash bars in case of fire, so it's just a convenience. We're not the only tenants, all the doors in this building are like this. So far security hasn't been an issue - if anyone really wants in they can always break a window.


    Last place I worked the automatic motion-sensor-operated doors to get into the building conked out one time. Took them fucking donkeys'-years to get someone to come and mend the fuckers. Then when they eventually did get someone, it took him three days of buggering about with them and in the end he never did fix them. During the course of this I had cause to walk past where his van was parked. The fucking tax disc was out of date.

    Just another example of: you take the cheapskate route, you get shit. Pay top dollar, get good service, potential customers see how slick your operation is, in comes the money. Works every time, motherfuckers.
  • Matt Westwood 2013-02-20 17:48
    jay:
    I used to work at a government office that had electronic locks on all the doors. One day the security folks decided that only a few select employees should be authorized to enter the non-public areas of the building outside of normal working hours. I guess the idea was that they were afraid that employees might sneak in at night or over the weekend and rob the place or something.

    Okay, they weren't quite so stupid as to stop people from opening the doors from the inside, so you could get out.

    Except ... except that the bathrooms were considered public areas, but the bathrooms near my area were on a hallway that connected two non-public areas. So if you were on that hallway after 5:00, you couldn't get out at either end, because that would have you going from a public area to a non-public area.

    Of course they implemented this new rule on a Friday. And of course they didn't bother to tell anyone. So one of my co-workers went to the ladies room a few minutes before 5:00 on Friday afternoon, came out perhaps 10 minutes after 5, and ... her key card wouldn't open the door. She was locked in. For the weekend.

    Fortunately I hadn't left yet and I heard her banging on the door.


    The real WTF here is women, spending half their fucking life in the fucking bathroom.
  • P 2013-02-20 17:57
    Nero:
    Warren:
    The SPAM email was a great double-bluff that the filters obviously fell for. It makes me tempted to put
    ***** RUBBISH COMMENT THAT SHOULDN'T BE FEATURED *****
    just to see if you can't resist.
    The mods here never fall for feature-me whores. As proof, note that my comment is also not featured.


    What - it's the mods that choose the featured comments? I always thought it was a completely randomised selection process..
  • Kef Schecter 2013-02-20 18:02
    NMe:
    So in short: not a WTF, just a loosely configured spam filter.

    Except that is a WTF, because if a spam filter is confident enough that something is spam to label it "*****SPAM*****" (as opposed to, say, "[SPAM?]"), it should just delete it (or maybe bounce it). So either the claim that it's spam is overstated or they're underreacting to it.
  • bgodot 2013-02-20 19:21
    dpm:
    Spam these days is deliberately written as obviously stupid as possible, to limit the number of intelligent people replying. If you're a spammer, you don't want to waste your time corresponding with someone with even half a clue.


    I think that's true of all advertizing.
  • eric76 2013-02-20 20:52
    But it's secure!!:
    At our university, in rooms for the Computer Science students, they installed motion detectors like this. They had to disable them when students starting slipping paper over the top of the door to get access.


    Wait until they find out that if they hit the fire alarm, the doors will automatically open.
  • Friedrice the Great 2013-02-20 21:48
    Eddy:
    I know all about Unit Tasting, can I apply?


    First glance, I read that as "Unit Tasing" ....
  • Bluebearr 2013-02-20 22:21
    jay:
    BlueBearr:
    Motion sensors[...] are a requirement of the National Fire Protection Association Life Safety Code (NFPA 101) for any doors with magnetic locks. The Code also requires that there be a manual door override as well.


    Well, I couldn't find a copy of the document with 30 seconds of searching, but:

    [...]
    That's insane.


    You can't actually read NFPA 101 online unless you register on the NFPA website (a pain). I found a summary here: http://www.lilocksmith.com/laws_codes/nfpa101.htm

    Access-Controlled Egress Doors (5-2.1.6.2)

    Where permitted in chapters 8-32, doors in the means of egress shall be permitted to have an approved entrance and egress access control system, provided that

    -a sensor on the egress side unlocks the door upon detection of an occupant approaching the door
    -loss of power to the sensor unlocks the door
    -loss of power to the lock unlocks the door
    -manual release device adjacent to the door unlocks the door
    -manual release device must have signage "PUSH TO EXIT"
    -manual release device results in direct interruption of power to the lock, and door remains unlocked for at least 30 seconds
    -fire protection system automatically unlocks the door, and the door remains unlocked until the fire protection system is manually reset.
  • foo 2013-02-20 22:50
    Kef Schecter:
    NMe:
    So in short: not a WTF, just a loosely configured spam filter.

    Except that is a WTF, because if a spam filter is confident enough that something is spam to label it "*****SPAM*****" (as opposed to, say, "[SPAM?]"), it should just delete it (or maybe bounce it).
    NO! NO, NO, NO! NEVER bounce SPAM!!!

    All spammers fake sender addresses, so when you bounce spam, you're actually spamming someone else. In fact, spam bounces make up a significant fraction of all spam I see (because my filters work much better on real spam than on bounces).

    So either reject incoming spam straight away (which requires your filters to be tied into your MTA) or delete it or deliver it. But DO NOT BOUNCE SPAM!
  • foo 2013-02-20 22:51
    jay:
    So here's the scenario we're talking about: Someone is walking down the hall past an outside door. He comes within range of the sensor, and so the door unlocks. An unauthorized person waiting outside for exactly this event opens the door and enters. Is the person who was walking down the hall really going to, (a) notice that someone just entered the building behind him, and (b) stop, turn around, and challenge that person to present an ID?
    (c) be competent to recognize a cheap fake ID?
  • Dirk 2013-02-20 23:13
    Warning to all Java developers:

    I had strong fillings about all Java programmers


    Don't drop the soap in front of this guy (unless of course you're into that sort of thing).
  • da Doctah 2013-02-20 23:24
    Not of Waterloo:
    That's how my University's email server handles detected spam too; it appends ***SPAM*** to the subject but otherwise leaves it untouched. I assume Waterloo is doing the same. Is the wtf that the submitter's client didn't then catch it, or is the submitter unaware of the feature because they rarely get (detected) spam from that account?
    Every once in a while, I have to feel sorry for the people at Hormel. I'll bet a good ninety percent of their legitimate marketing mail gets dropped right in the trash.
  • AN AMAZING CODER 2013-02-21 02:02
    I think all of you are taking this "Security Hole" way too seriously. At the very least, you're making some pretty big assumptions about the environment these motion sensor doors are in.

    I've worked in a building that had a similar setup. It wasn't a government secret lab, or a bank. We mainly had the mag lock doors because:

    a.) We were located in an area of town with a lot of foot traffic, including some riff raff. We didn't want random people just walking into our office. (This happened more often than you would think through the front door.)

    b.) We were required to for PCI compliance.

    We weren't concerned about a boogeyman waiting outside of the door to slip in and steal our secret data.

    Of course the security genius explicitly mentioned concern for letting the boogeyman in though, so nevermind :-/
  • xx 2013-02-21 03:07
    NMe:
    Anon:
    I've seen some spam filters that work by tagging messages detected as spam by adding "*****SPAM*****" to the subject line. They expect you to configure your mail client to take whatever action you want on messages that have been tagged.

    This is indeed just a spam filter that adds that designation to the subject line. Spam filters work by giving points to an email and if the points go above a certain threshold, they mark it as possible spam in this way but still deliver it. If the points go above an even higher threshold, the mail gets deleted.

    So in short: not a WTF, just a loosely configured spam filter.


    Not a WTF, just a lousy configured mail user agent. In some countries you are not allowed to decide how to deal with an email that you think is spam if you are not the addressee. This is why filters do spam tagging for users to act upon. OTOH greylisting does not fall in this trap.

    Now if the submitter thinks that this is a WTF s/he has not received a lot of spam in his/her life. Which brings me to a whole new category of WTF: Beginners that think they know how the world works...
  • Swedish tard 2013-02-21 03:33
    Some Damn Yank:
    Swedish tard:
    Some Damn Yank:
    Frank:
    Not sure I see the face-palm issue with the motion-detectors. Apparently they want to restrict use of the building by unauthorized people. Is that what you're objecting to? If not, how else do you propose they do this?


    This is exactly how our building does it. Otherwise, you'd need a card reader on the inside to get out. Where's the WTF?

    A button will suffice. And it is also cheaper and more secure and more obvious, and more durable than a motion detector.
    I don't see how a button, with moving parts, is more durable than a motion detector, with no moving parts.
    Also, our doors have crash bars in case of fire, so it's just a convenience. We're not the only tenants, all the doors in this building are like this. So far security hasn't been an issue - if anyone really wants in they can always break a window.

    And yet, at my previous job, the motion scanners stopped working several times in various places, whereas the buttons did not. Sometimes dust covered the sensor, sometimes the sensors broke and sometimes they just plain stopped working and needed a power cycle.
  • Jibble 2013-02-21 04:55
    Anon:
    When exiting the facility, you no longer need to push the door handles.


    So...was this really a problem before?


    Of course it was!

    (For the consulting company's motion sensor business...)
  • chris 2013-02-21 05:50
    Dave:
    this comment of 'frist' I personally found outdated.

    That is defenetly true, I agree. Except it is half true.
  • Nick 2013-02-21 06:38
    Age below 30? Is that actually legal in the US?
    Age discrimination!
  • Sam 2013-02-21 06:49
    da Doctah:
    Every once in a while, I have to feel sorry for the people at Hormel. I'll bet a good ninety percent of their legitimate marketing mail gets dropped right in the trash.
    There is no such thing as "legitimate marketing mail".

    There can be "legitimate marketing" but it isn't mail. It is called a web site. If I want to know about your crap, I will come to you.
  • chris 2013-02-21 07:27
    shadowman:
    Evidently Java doesn't require one to use source or follow compile rules?

    In Java you can use frameworks like Spring, so bad references don't give you any problems before run-time.
  • RobFreundlich 2013-02-21 08:05
    me:
    But it's secure!!:
    At our university, in rooms for the Computer Science students, they installed motion detectors like this. They had to disable them when students starting slipping paper over the top of the door to get access.

    We had this in our old office. Once some of us tried, just for fun, to get in without using our keys. We managed to get through the main door and our office door MacGyver style with the help of a newspaper, some cardboard, and a stapler. Very secure!

    Ditto for my old office. Of course, they made it very easy for us by making sure there was a 1-inch gap between the doors AND between the doors and the floor.
  • ZoomST 2013-02-21 08:15
    Ironside:
    TheLazyHase:
    Steve The Cynic:
    Carl:
    I guess you all want to use your badge and PIN to get out, is that it? And what about when the lock fails closed as described earlier?

    If a door has a window, and its lock fails closed, you use a chair, hammer, or other large object (e.g. the GAU-8 you carry in your back pocket for moments like this) to open the window. Of course, the window doesn't close easily after you've opened it with a chair, but if there's a raging fire behind you, do you really care about that?


    Have you ever been in a panicked mob ? If yes, you would understand why that kind of door (the one who cannot be opened if there is an outage) are forbidden in Europa - and I belive in America too.

    When you have a fire behind you - and, more importantly, hundred of other people fleeing the same thing - you'd better be able to open the door without hurdle, 'cause you may not be able to backtrack to a windows. In fact, even a door which need to have free space on the inside to open (because of the way the hinge are placed) can cause death in thoses situations.


    I believe humans are forbidden from building anything on Europa, not just doors.


    No, it is in Japan. They are compelled to build anything using robots only.
  • RobFreundlich 2013-02-21 08:15
    shinyemptyhead:
    Setting aside the very real possibility of leaving your badge inside and locking yourself out, note that it triggers on any movement, not on some deliberate buzzing motion. So basically if I walk past a door, it will unlock. At that point the entire system becomes dependant on my challenging the person coming in - which, human nature being what it is, nobody will do after the first week.


    When my startup was eaten by a large company that specializes in anti-virus software, we were shown a video about "physical access security" that included an exhortation about not letting anyone in AT ALL, as well as every single person having to swipe their ID badge to come in.

    It had a very earnestly presented bit about John Q Evildoer who had just been fired that day and wanted to get back into the building to wreak havoc in revenge for his firing. Bill Friendly recognized John but didn't know he'd been fired, Falling for the old "I forgot my badge" trick, he let John in, leading to unimaginable horrors and damage.

    When the video ended, we all solemnly promised to never let anyone into the building and to never piggyback on someone else's card swipe. And then promptly proceeded to let our friends into the building when they forgot their cards and to piggyback on each others card swipes when coming in as a group.
  • powerlord 2013-02-21 10:13
    *****SPAM***** takes me back... it's one of the ways Apache SpamAssassin marks emails that it thinks are spam if you don't have it configured to delete emails.
  • joeb 2013-02-21 10:24
    RobFreundlich:
    shinyemptyhead:
    Setting aside the very real possibility of leaving your badge inside and locking yourself out, note that it triggers on any movement, not on some deliberate buzzing motion. So basically if I walk past a door, it will unlock. At that point the entire system becomes dependant on my challenging the person coming in - which, human nature being what it is, nobody will do after the first week.


    When my startup was eaten by a large company that specializes in anti-virus software, we were shown a video about "physical access security" that included an exhortation about not letting anyone in AT ALL, as well as every single person having to swipe their ID badge to come in.

    It had a very earnestly presented bit about John Q Evildoer who had just been fired that day and wanted to get back into the building to wreak havoc in revenge for his firing. Bill Friendly recognized John but didn't know he'd been fired, Falling for the old "I forgot my badge" trick, he let John in, leading to unimaginable horrors and damage.

    When the video ended, we all solemnly promised to never let anyone into the building and to never piggyback on someone else's card swipe. And then promptly proceeded to let our friends into the building when they forgot their cards and to piggyback on each others card swipes when coming in as a group.


    but then the UPS or FEDEX guy just get's buzzed in with no check at all.
  • Big-D 2013-02-21 14:43
    I once worked at a manufacturing plant that required you to swipe your card to get in and to get out. There was a crash bar on the door and nothing to stop you from pushing it to get out, however your ID card would still believe you were in the building(because you didn't swipe out) and not let you swipe back in. Employees were trained very well to not let people piggyback on their ID to get in, (ie. you were fired if caught)

    The best part for me was my shift started at 4:30am and the main entrance which would be manned by a receptionist who could call security to explain your mistake did not open until 7:00am. After not being paid a couple hours work and getting a stern lecture from my supervisor, I learned to always swipe my ID whenever I walked through a door.

    I'm not sure why they had this level of security. I worked on circuits for touch screen controllers. I think some contracts in another part of the building had a requirement for auditing who was working on the project.
  • jay 2013-02-21 15:45
    Paul:
    jay:
    Not to say that there aren't stupid regulations. It's possible.
    More like it's guaranteed.

    Politicians love regulations because it expands their power base ...

    Consider: there were lots of regulators monitoring the banks. But instead of making rules that said "you have to be careful with people's money" they said "you must issue X% of your loans to low income people who will never be able to pay them back." All because politicians wanted to look like they were "doing something" about the "home ownership problem".


    Sure. To get off on one of our economic/political tangents ...

    I don't know how many times I've heard media people talk about how the problem was "predatory lending". By that term they mean, Banks lending money to people that they knew would never be able to pay it back. Now let's think about this carefully: Why would a bank lend money to someone that they knew couldn't pay it back? And how is this taking advantage of the borrower? Of course they did it because the government forced them too. And it wasn't the bank taking advantage of the borrower; it was politicians taking advantage of the bank. When the whole thing collapsed, then the politicians decided that they had to bail out the banks, and so it became the politicians and the banks conspiring together to take advantage of the taxpayers.

    But the whole idea that our banking problems were caused by greedy banks who were insufficiently regulated is absurd. The problem was grandstanding politicians over-regulating the banks.
  • David F. Skoll 2013-02-21 16:15
    The **SPAM** tag was probably added by spam-filtering software, not by the original spammer.

    The "Maximum 30 years old" spec in a job ad is probably illegal where I live (Ontario, Canada.) I do not believe you're allowed to discriminate on the basis of age.
  • jay 2013-02-21 16:38
    Sam:
    da Doctah:
    Every once in a while, I have to feel sorry for the people at Hormel. I'll bet a good ninety percent of their legitimate marketing mail gets dropped right in the trash.
    There is no such thing as "legitimate marketing mail".

    There can be "legitimate marketing" but it isn't mail. It is called a web site. If I want to know about your crap, I will come to you.


    Like so many things in life, the idiots and the crooks ruin it for everybody.

    Imagine a world where companies sent email advertisements for their products to people whom they had some reasonable cause to believe might actually be interested. Like, they had previously bought something from this company, or from a competitor. Imagine that they sent these emails at reasonable frequencies, like perhaps once every couple of months. So the average person got two or three emails a day containing advertising for products that he might actually be interested in buying.

    The people receiving the email might actually find it useful. If not, it would be easy to identify and trash two or three emails a day, and while people might complain about it, it really would be no big deal.

    But then the idiots and crooks got involved. So to take myself as an example, I get dozens of emails every day for products that I have absolutely no interest in. Often I get several emails per day for the same product. I get several emails per day for viagra, despite the fact that I am not married, dating, or otherwise involved or looking to be involved with a woman, nor have I ever had the sort of problem that viagra is supposed to treat. I get ads for women's clothes, despite the fact that I am not married, etc, nor am I a transvestite. I get ads trying to sell me airplanes, despite the fact that I do not have a pilot's license nor am I remotely rich enough to buy an airplane. And of course, I get many emails from Nigerians who apparenlty found my email address at random and are now eager to give me millions of dollars for no apparent reason.

    I'll have to count, but I'd guess that 90% of the email I receive is spam.
  • Snuffy 2013-02-21 20:07
    jay:


    I don't know how many times I've heard media people talk about how the problem was "predatory lending". By that term they mean, Banks lending money to people that they knew would never be able to pay it back. Now let's think about this carefully: Why would a bank lend money to someone that they knew couldn't pay it back? And how is this taking advantage of the borrower? Of course they did it because the government forced them too. And it wasn't the bank taking advantage of the borrower; it was politicians taking advantage of the bank. When the whole thing collapsed, then the politicians decided that they had to bail out the banks, and so it became the politicians and the banks conspiring together to take advantage of the taxpayers.

    But the whole idea that our banking problems were caused by greedy banks who were insufficiently regulated is absurd. The problem was grandstanding politicians over-regulating the banks.


    Lending money to people who can't pay it back results in a net profit, as long as the value of the collateral is as much or more then the loan and the person makes at least one payment. In the case of home loans the collateral is the house which is worth as much as the loan + the down payment, meaning the house is already worth more than the total sum loaned. This means that unless the house market crashes the bank can then sell on the house at the same price and keep the down payment and any payments made on the loan.

    Also in the case of the GFC small banks would also package up a whole bunch of bad loans and sell them on to larger financial holding companies, making it no longer the banks problem whether people could pay or not as they already made their money. This encouraged them to get more clients regardless of whether of whether the loan would even theoretically make a profit.

    However because poor people were buying big houses the housing market went nuts, building more and more houses as the prices climbed until people started to default on loans, then the banks tried to sell on the houses that were defaulted, this combined with the fact that there were now tons of new houses being finished meant that the price of houses plummeted, meaning the collateral of home loans was suddenly worth less than the loan itself was. Of course the first thing that happened is the big boys stopped buying sub prime mortgage packages, leaving the smaller banks with worthless home loans and the big firms with many AAA investment packages that infact, were worthless.

    This lead to mass defaults when people realized that the homes they had bought would now cost them many times more than they were worth and that many would loose their jobs.

    If it had been illegal to engage in predatory lending techniques then this wouldn't have happened, if it was illegal to package up lots of worthless loans into apparently AAA investments this wouldn't have happened so clearly more regulations would have prevented this, and as there was a clear profit motive for all players up until the crash less regulation could have changed nothing. I think what we can best say is that there is a need for better regulations, more intelligently applied.

    Also, do you really believe that any large business with a profit motive to act in an unethical way will not do so, greed never factors into the decision as the need for more money is the single driving force behind all business.
  • Anonymous Coward 2013-02-22 09:00
    Snuffy:
    Also, do you really believe that any large business with a profit motive to act in an unethical way will not do so, greed never factors into the decision as the need for more money is the single driving force behind all business.

    The vast majority of commenters here (as well as the vast majority of programmers/IT people I've met in real life) are libertarians. Take from that what you will.
  • urza9814 2013-02-22 13:27
    jay:
    Paul:
    jay:
    Not to say that there aren't stupid regulations. It's possible.
    More like it's guaranteed.

    Politicians love regulations because it expands their power base ...

    Consider: there were lots of regulators monitoring the banks. But instead of making rules that said "you have to be careful with people's money" they said "you must issue X% of your loans to low income people who will never be able to pay them back." All because politicians wanted to look like they were "doing something" about the "home ownership problem".


    Sure. To get off on one of our economic/political tangents ...

    I don't know how many times I've heard media people talk about how the problem was "predatory lending". By that term they mean, Banks lending money to people that they knew would never be able to pay it back. Now let's think about this carefully: Why would a bank lend money to someone that they knew couldn't pay it back? And how is this taking advantage of the borrower? Of course they did it because the government forced them too. And it wasn't the bank taking advantage of the borrower; it was politicians taking advantage of the bank. When the whole thing collapsed, then the politicians decided that they had to bail out the banks, and so it became the politicians and the banks conspiring together to take advantage of the taxpayers.

    But the whole idea that our banking problems were caused by greedy banks who were insufficiently regulated is absurd. The problem was grandstanding politicians over-regulating the banks.


    You clearly do not understand how the system was set up. The banks were just making as many loans as they possibly could, because they then packaged those loans into opaque bundles which they sold to other banks. So if the loans failed, it wasn't their problem. I believe there were commonly several stages of this bundling, and in some cases banks would actually then short on the bundled loans that they themselves had sold -- essentially, BETTING THE HOMEOWNER WOULD DEFAULT. So they made a BIGGER profit if they gave a loan to someone who couldn't pay it back! Which was all made possible by the rating agencies giving great ratings to these bundles without even knowing what was inside them...generally because they were being directly paid to give them a good rating.

    It was a giant casino, where they gambled with other peoples' money.
  • urza9814 2013-02-22 13:36
    jay:
    But then the idiots and crooks got involved. So to take myself as an example, I get dozens of emails every day for products that I have absolutely no interest in. Often I get several emails per day for the same product. I get several emails per day for viagra, despite the fact that I am not married, dating, or otherwise involved or looking to be involved with a woman, nor have I ever had the sort of problem that viagra is supposed to treat. I get ads for women's clothes, despite the fact that I am not married, etc, nor am I a transvestite. I get ads trying to sell me airplanes, despite the fact that I do not have a pilot's license nor am I remotely rich enough to buy an airplane. And of course, I get many emails from Nigerians who apparenlty found my email address at random and are now eager to give me millions of dollars for no apparent reason.


    I get three or four snail-mail offers _per week_ from Discover card. This has been going on for months. You'd think they would have figured out by now that I'm not interested. There's no way to opt-out (without opting out of _all_ card offers, which I don't really want to do, because Discover is the only one that's an ass)...so instead, I'm saving them. Every one. And in another couple months, I'm gonna have hundreds of those fuckers. And I will take every last prepaid reply envelope, and I will stuff them with cardboard, wood scraps, scrap metal, anything I can find that's heavy, along with some notes explaining why, and go fill the mailboxes. It's not much, I know, but at least it's something...if enough people do it then they'll have to stop sending that crap so capriciously.
  • Coyote 2013-02-22 14:24
    The building I formerly worked in had automatic doors. Access from outside was swipe card and PIN. From inside there was a motion sensor mounted on the top of the door frame.

    There was a large awning attached to the outside of the door frame and held up at the far end by two support poles. We discovered if you kicked the pole just right, it would vibrate the awning, door frame, and sensor enough to open the door. From the outside.

    CAPTCHA: Vulputate. What happens when a fox gets caught in aforementioned automatic doors.
  • JJ 2013-02-22 16:14
    Mike:
    me:
    Once some of us tried, just for fun, to get in without using our keys. We managed to get through the main door and our office door MacGyver style with the help of a newspaper, some cardboard, and a stapler. Very secure!
    Easy there cowboy. Sure the penalty for breaking and entering is probably just a few months probation, but if the company had any "intellectual property" in there they could have fucked you up for life. Circumventing a copyright protection system -- even a flimsy one -- is a serious offense.

    Under the - fortunately killed but frequently arising in a fresh corpse - SOPA legislation you could get 5 years for copying a Michael Jackson song... one year more than the doctor who killed him.
    First off, notsureifserious.jpg.

    Next, what does copyright protection have to do with anything? When was this mentioned?

    Finally, this was not breaking and entering. The OP was authorized to enter this building. He just tried to do so in a non-conventional way.
  • emaN ruoY 2013-02-22 16:43

    Did you miss the part where you would have needed a heavier coat and thermal underwear too? And then there's the likelihood of getting fired for fucking with what could be considered "safety equipment".

    You must have missed the part where it said motion sensor. These buggers don't detect proximity but motion instead, hence the name. So a piece of duct tape stuck to the sensor will trigger it only once. Then the door will close and the sensor will no longer cause the door to open.
  • chairman tain 2013-02-22 17:25
    Snuffy:
    This means that unless the house market crashes the bank can then sell on the house at the same price and keep the down payment and any payments made on the loan.


    Not true at all. A bank is not going to hold on to a house where the borrower has defaulted, for 30+ days (the usual minimum time it takes to sell a house). They're going to try to sell it as quickly as possible, which means it's going to be steeply discounted.

    This is why credit rating and income are less important as the down payment amount increases. At a 30% discount, a house is going to sell pretty quickly, so the risk of being stuck with a property instead of cash is minimal.
  • tin 2013-02-22 22:13
    powerlord:
    *****SPAM***** takes me back... it's one of the ways Apache SpamAssassin marks emails that it thinks are spam if you don't have it configured to delete emails.


    Yep. Surprised that it took until page 3 for someone to recognize this as the default Spam Assassin action.

    Personally I prefer adding some question marks to such tags. It wasn't sure enough to just drop the message, so it shouldn't imply to the user that it knew what it was doing.
  • tech guy 2013-02-23 11:50
    for the ***SPAM*** email.
    That was probably not put on by the writer of the email. A lot of times spam solution like postini or barracuda will teg a message that it believes is SPAM by adding it in the subject of the email. It does this when it is not 100% sure about the email and allows you to set your mail client rules accordingly
  • Jim 2013-02-24 18:19
    invalidemail.com is currently owned by Oracle, and I have seen email from this domain used in production by one of their hosted solutions.

    Go figure. Perhaps the spammer wasn't being as lazy as you thought :-)
  • rioki 2013-02-25 07:24
    What has a moon of Jupiter to do with japan?
  • Kuba 2013-02-25 09:45
    But it's secure!!:
    At our university, in rooms for the Computer Science students, they installed motion detectors like this. They had to disable them when students starting slipping paper over the top of the door to get access.
    This maybe works for microwave motion sensors. It absolutely doesn't work for passive infrared sensors, unless there's lot of hot light sources pointing to where your piece of paper would go...
  • Kuba 2013-02-25 09:49
    David:
    Didn't see anyone mention that requiring under a certain age, I believe, is illegal in the US for the purposes of employment. Could be wrong, but I think I'm not.
    Never mind that you can't require someone never to have applied for a visa either. I'd even call it borderline to require no prior visa denials. Not all visa denials are the same. You can be denied for insufficient documentation -- that's quite different from being denied due to overstaying or due to fraud.
  • Kuba 2013-02-25 09:53
    chairman tain:
    Snuffy:
    This means that unless the house market crashes the bank can then sell on the house at the same price and keep the down payment and any payments made on the loan.


    Not true at all. A bank is not going to hold on to a house where the borrower has defaulted, for 30+ days (the usual minimum time it takes to sell a house). They're going to try to sell it as quickly as possible, which means it's going to be steeply discounted.

    This is why credit rating and income are less important as the down payment amount increases. At a 30% discount, a house is going to sell pretty quickly, so the risk of being stuck with a property instead of cash is minimal.
    I don't know where you live, but in the U.S. the banks are anything but quick in selling the foreclosed properties. They know full well that had they actually tried hard to sell those properties at a discount, there's so many of them, the market would crash again. I know plenty of decent foreclosed homes in the area where I live. Most of them have been on the market for over a year. About a third are on the market for well over 2+ years. Never mind the number of arbitrary hoops you have to jump through to even know those homes exist. For one, most realtors for some reason do not want to list the properties on the usual realtor websites. They simply don't show up in the search results. It's fucked up. And the banks whine about their losses on foreclosures -- they do nothing at all to sell them, duh!
  • bl 2013-02-26 07:44
    Regarding "I Find This Vacancy Outdated". I'm wondering whether the email was originally in English or it was translated for posting here? That English is a WTF
  • Herpaderp 2013-02-26 17:32
    The *****SPAM***** tagging is to allow you to set up a mail rule to junk it yourself if you so choose. Quite a few major ISPs do this, since it kinda gets them off the hook for false positives.
  • Mark 2013-03-12 15:01
    We have those proximity card and motion sensors with magnetic locks on our exterior doors too. Although our front door is mostly glass, so you can flex the glass by pulling hard on the handle which lifts the metal strip across the top of the door away from the bottom up, then walk right in.
  • outis 2013-10-20 23:28
    chairman tain:
    Snuffy:
    This means that unless the house market crashes the bank can then sell on the house at the same price and keep the down payment and any payments made on the loan.


    Not true at all. A bank is not going to hold on to a house where the borrower has defaulted, for 30+ days (the usual minimum time it takes to sell a house). They're going to try to sell it as quickly as possible, which means it's going to be steeply discounted.


    Starting in 2009, things reversed, with homeowners wanting the banks to foreclose but the banks putting it off. Many people wanted to strategically default on their home loans–they had the income to pay their mortgage, but the value of the house had dropped, so the investment wasn't worth it. (It's a purely business decision, and businesses do it without compunction.) Mortgage holders dragged their heels in foreclosing because the market was glutted, and they don't want to be liable for taxes while holding the property any more than the homeowners do. Planet Money had an interesting episode about the phenomenon back in Jan, 2010.