Threat modelling case study: bicycles

Just on bikes in particular, I also can't say enough good stuff about folding bikes, especially if you have a private office. My commuter bike is a Brompton: it's stupid expensive (around $1,500), but I literally can just fold it up, carry it up a flight of stairs, and stick it next to my desk in my office, and it's basically thief-proof. At home, it lives in a closet.

You need active deterrence. I&#x27;m really looking forward to getting a Skunk Lock.<p><a href="https:&#x2F;&#x2F;www.skunklock.com&#x2F;shop&#x2F;skunklock" rel="nofollow">https:&#x2F;&#x2F;www.skunklock.com&#x2F;shop&#x2F;skunklock</a>

&gt;In fact [both the U-lock and the cable lock] can by cut by an angle grinder, which can be carried in a rucksack.<p>The recommendation by LockPickingLawyer[1] is to use a chain lock, because the thick, hardened chains are non-trivial to cut with a bolt cutter, and it&#x27;s hard for an angle grinder to &quot;bite&quot; into the freely moving links.<p>[1] <a href="https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=SpVOTEOMRuE" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=SpVOTEOMRuE</a>

Good stuff.<p>Needs to add another persona though: Smashing Sam who will knock you off your expensive bike in order to steal it: <a href="https:&#x2F;&#x2F;road.cc&#x2F;content&#x2F;news&#x2F;e-bike-stolen-after-rider-rammed-van-driver-reading-276885" rel="nofollow">https:&#x2F;&#x2F;road.cc&#x2F;content&#x2F;news&#x2F;e-bike-stolen-after-rider-ramme...</a><p>Having had to cut through my own U lock with a portable angle grinder I can verify that it is not too difficult. The cables are only for the snatch-and-grab prevention.<p>Only minor nitpick is that Campagnolo make wheels and groupsets, not bicycles themselves.

There&#x27;s a dig at Sheldon Brown&#x27;s bike lock strategy, that I think shows technology creep. At the time SB (who passed away quite a while ago) developed his strategy, small, battery powered angle grinders weren&#x27;t a thing. Now they are so the threat model has evolved. Luckily I live in a relatively low-crime area and ride relatively worthless bikes. Of course the one bike I ever had that was worth something was... stolen.

I&#x27;m fully expecting e-bikes to get the radio code treatment, 2020 style. Central motor an integral, welded part of the frame, mutual authentication between battery, motor and headunit before a single joule of power is going into the chain. Chip on board for the integral trust components, then slathering on a few layers of coating on top. Rekey it all with the smartphone of the owner every so often.

I always figured it was a matter of relative security rather than absolute security: having a good enough lock that it was easier to take the other guy&#x27;s bike. Sorry, guy with cheap lock.