Profile of the lock-hacker who bumped the "unbumpable" Medeco lock

Wired's Charles Graeber has an astounding piece up about master lockpicker Marc Weber Tobias, who challenged Medeco's claim that its locks are "bump-proof" (that is, that they can't be simply broken by filing down a key, inserting it, and tapping it, sending a shock down the metal that makes the pins jump). Medeco launched an aggressive campaign to market its products to people who were worried about bump keys, but Tobias shows that their locks aren't substantially harder to bump than cheaper models from competitors. Medeco sent Wired a note that said Tobias's claims weren't true and implied that Wired might be sued for publishing them, so Wired set up a test, and then Medeco raised a flurry of vague, lame objections to the test. But the test speaks for itself -- the Medecos fly open at Tobias's caress.

More interesting is Graeber's look at the motives, personality and technology of lockpickers -- a fine trick of the tech journalist, blending culture and gadgets into a seamless whole.

The problem, if you're a safe company or a lock maker, is that Tobias makes it all public through hacker confabs, posts on his Security.org site, and tech blogs like Engadget. He views this glasnost as a public service. Others see a hacker how-to that makes The Anarchist Cookbook read like Betty Crocker. And where Tobias sees a splendid expression of First Amendment rights, locksmiths and security companies see a criminal finishing school. Tobias isn't just exposing problems, they say. He is the problem.

But forget bike locks and hotel room safes: These days, Tobias is attacking the lock famous for protecting places like military installations and the homes of American presidents and British royals.

Between stabs at his salad, Tobias hands me his latest idea of fun: nearly 300 pages of self-published hacker-porn detailing his attack on the allegedly uncrackable Medeco high-security lock. "Trust me, this will cause a goddamned riot!" he says, dabbing at tears of joy with a paper napkin. "Oh yeah, this is way, way bigger than the liquid explosives thing!" And he's right, it is bigger--and with way, way bigger consequences.

The Ultimate Lock Picker Hacks Pentagon, Beats Corporate Security for Fun and Profit
Loading...