I still haven’t written about the theft of my bike and my glorious replacement. At the rate I write updates it is likely that the bike itself will transform – Optimus Bicyclus – and apply itself to the computer. In fact, I claim that this is the reason for my slow posting schedule; for the majority of the day I hide behind the couch, watching, waiting, for gears to turn, cranks to… crank, and the frame itself to bend into an unspeakable killing machine.

We will see.

I researched locking strategies. Apparently a combination lock can hold a thief back for somewhere between 30 seconds and 5 minutes, depending on whose advice you are taking. The fact that my lock used the combination “1234” and was typically scrambled to “1235” (or, if I was feeling particularly clever, “0234”) probably didn’t help security.

My research indicates that the best strategy involves more than one type of lock, with each wheel locked to the frame and to the rack or permanent structure. I decided on two key locks: one U-lock and one chain-lock. The U-lock locks the rear (more expensive) wheel to the frame and together, to the rack. The chain locks the front wheel to the frame and to the rack.

It is wise to use multiple lock types as the tools needed to break each are different (and bulky).

I leave the U-lock on campus at my typical lockup-location. I make sure to park the bike next to examples of a variety of other locking strategies: a bike locked only to itself with a chain lock, a bike locked via a U-lock on the front wheel only (quick-release, anyone?) and a mountain bike that hasn’t moved in 12 days. I figure any thief could have their pick of more attractive, easier-to-steal bikes, so mine should be fine.

When I’m away from campus I carry only the chain-lock. It is lighter and easier to lock to strangely shaped structures and I don’t leave the bike unnattended for very long.

When I’m at home, I keep the bike indoors. This is good for three reasons: one, it avoids elemental damage (have to watch out for those black puddings); two, it removes the threat of theft; three, it looks cool in my living room.

I read an article on Slashdot today on the subject of passwords. Apparently a secure password is not that important. Wait, I take that back, that was the article from several days ago. Today’s article was that securing your password is very important. Regardless, there were associated comments suggesting alternate approaches: passphrases, biometrics, etc. each with their own disadvantage.

This made me think: shouldn’t a secure authentication system use complementary systems? Like the bike, each is defeated via specific methods which are not applicable to the other. A password can be found in a post-it, guessed, or cracked, but a finger-print requires physical presence or spy-like tactics. A fingerprint can’t be changed to adjust for security lapses, but a password can.

Why not a key and a password? A computer cracker is unlikely to also be an expert in duplicating (or stealing) keys.

How about a passphrase, a combination lock, and a fingerprint? Unless you expect to be attacked by a multi-skilled computer hacker / safe cracker / private detective, you are in good shape. Two of those three can be changed at will (with varying difficulties) and one is person-specific.

Personally, I can’t log into my laptop before entering a short essay on the concepts of “self” and “identity”, freestyle-rapping for between 28 and 33 seconds, submitting to a pelvic CT scan (with contrast), and passing my thumb over a fingerprint scanner… located at the bottom of a 50 foot shark pool.