Search this site:


November 11, 2004 12:01 AM

Broken: Scramble pads

ScrambleScott Packard writes:

Our company used these things for the last few years I worked there. By swiping your card near them, they randomize the digits on the keypad. This means you can't remember a nifty "memory shortcut" for your 5-digit entry code. You must look at the numbers every time.

They also collect grit from fingers, so everybody gets the same cold that is going around, guaranteed!

And the design of the pads didn't account for the fact that the company would mount them low on the wall for wheelchair access... preventing you from reading it unless you bend over. The ever-graceful "butt protuding into the hallway while you're bent over" position says "kick me, boys!"


_@_v - obviously the number scrambler is meant so that 'shoulder surfers' can watch how people enter the numbers. it's a useful idea but really only for really high security needs.

_@_v - getting into some cubicle farm on the stripmall road is probably not what this was meant for...

Posted by: she-snailie_@_v at November 11, 2004 06:01 AM

All you need to do is pick a code with only 4s, 5, & 6s

Posted by: Patrick at November 11, 2004 09:10 AM

Patrick: I believe that you've missed the point fo the scramler. The keypad does not have a fixed position for the digits. Each use causes the digits to be moved to another spot. The 4, 5, and 6 keys could appear anywhere, and not in a nice neat row. Your trick is exactly what this scrambling keypad is designed to defeat.

Forcing you out of a pattern is exactly what the product is designed to do. So it isn't broken. It's working as designed. Whether this level of security is required for your work area is a different question.

Posted by: Carlos Gomez at November 11, 2004 09:58 AM

Ever see that episode of MacGyver where he uses charcoal filings to get the combination of the digital lock? Blow on the buttons and you see the most frequently used ones. After that he just tries all the combination of just those buttons. Heh.

Posted by: piyo at November 11, 2004 10:54 AM

piyo: That's exactly why the keypad scrambles the numbers, so its impossible to do that.

Is a user-friendly design? No. And that is the intent.

Not broken.

Posted by: Stealthman at November 11, 2004 11:35 PM

But everyone would have different numbers on their keypads, so all digits would get more or less the same amount of use, wouldn't they? I don't see what additional security you get out of it - if you can see someone's shoulders to that degree of accuracy, you can see their fingers as well. It's just inconvenience masquerading as security.

Posted by: Paul Hill at November 12, 2004 07:54 AM

paul hill, security is not some absolute it is making the means to get in more inconvienent then to not do so. take RSA or some encryption..sure you can break it if you had the time/power/energy, but it would be inconvienent to wait 67M computer hours for a single word. its not absolute "protected" or not, the whole point is inconvienent. so when you say "inconvenience masquerading as security", that is in fact, the only thing that could be security. even with walls, safes, etc.... its no absolute..just raising the stakes needed to obtain what is inside.

Posted by: bob at November 12, 2004 01:18 PM

That's weird.

Posted by: Taco boy at November 12, 2004 09:58 PM

The trick is to inconvenience the bad guys more than the good guys. I don't think this would do that.

Posted by: josh at November 13, 2004 03:38 AM

Can you pick an entry code consisting of 5 identical digits? 11111, 22222, etc.

Posted by: Brett at November 14, 2004 09:14 PM

Carlos: I believe that you've missed the point of Patrick's joke. Look at the image again.

Posted by: at November 15, 2004 01:43 PM

anyone wanna buy some used scramblepads? ive got 20 or 30 i would like to sell. there used but they work. email me for questions. make an offer for them. under 100 bucks. i might even go 20 or 30 dolars each. i dont know. email me

Posted by: isaac at February 17, 2005 09:09 AM

Comments on this entry are closed

Previous Posts: