No, not FOIA – “fire”, with a thick East Coast accent. If you haven’t played Team Fortress 2, the joke may be lost on you. At any rate…
These are fire service elevator keys.
Let me first say, don’t do anything illegal or unethical with these. I am (technically) a professional who has been trained in their use, and I am wary of using them myself. If you’re not wary of using them, you should stay away. Elevators can and will kill you if used improperly.
Alright, disclaimer aside, these things are really interesting, and have some fascinating security implications.
Go forth, and watch this two hour video if you have the time. It’s quite interesting.
Alright, those of you who are still here (or who have returned a couple hours later) – basically, the gist is that fire service mode necessarily bypasses many of the security features that are installed in elevator banks like key card readers or manual key requirements for specific levels.
This has some serious implications, because many many fire departments standardize their keys, so with a short list of possible keys, it becomes extremely easy for a bad actor or penetration tester to exploit fire service mode.
Now, fire service mode is important, but it’s equally important for security professionals to be aware of the fact that holes like this exist so they don’t depend exclusively on things like elevator floor lockouts for security.
I have these mostly as a conversation starter, and to demonstrate on request when discussing security concerns, or for weird situations where they may be necessary – sort of like my pick set.
-T