High-end locks rely on their unique key-shapes to prevent "bumping" (opening a lock by inserting a key-blank and hitting it with a hammer, causing the pins to fly up), but you can make a template for a bump key by photographing the keyhole and modelling it in software.
Jos Weyers and Christian Holler presented their work on 3D printed bump keys at NYC's Hackers on Planet Earth last month, as an existence proof of the insufficiency of relying on proprietary shapes to defend a lock. The locks they attacked were successfully opened with keys printed in nylon, of the sort you can order from service bureaux like I.Materialize and Shapeways. Weyers and Holler have produced an app called "Photobump" that turns images of keyholes into print-ready 3D bump-key shapefiles.
A photo of a keyhole alone isn’t quite enough to print one of Weyers’ or Holler’s bump keys. They also need information about the position of each pin in a target lock. But Holler says that information easily is found in widely available key-cutting software. Weyers says he can derive it even more easily by sticking any thin tool into the keyhole, feeling for the pins, and marking their depth to measure how deep in the lock’s cylinder the pins are located...
Weyers and Holler aren’t trying to teach thieves and spies a new trick for breaking into high-security facilities; instead, they want to warn lockmakers about the possibility of 3-D printable bump keys so they might defend against it. Although Holler will discuss the technique at the Lockcon lockpicking conference in Sneek, the Netherlands, next month, he doesn’t plan to release the Photobump software publicly. He’s also working with police in his native Germany to analyze whether printed bump keys leave any forensic evidence behind.
These 3-D Printed Skeleton Keys Can Pick High-Security Locks in Seconds [Andy Greenberg/Wired]
In 2012, Google rolled out Certificate Transparency, a clever system to spot corrupt “Certificate Authorities,” the entities who hand out the cryptographic certificates that secure the web. If Certificate Authorities fail to do their jobs, they put the entire electronic realm in danger — bad certificates could allow anything from eavesdropping on financial transactions to […]
With the shambolic FARC peace deal finally in place, the Colombian government is hoping to shift the country’s farmers from Colombia’s major cash crop: the coca leaves that are refined into the world’s cocaine supply. Perhaps with the guerrillas no longer defending the crops they relied on for operating capital, Colombia can put coca behind […]
Despite Trump’s denial of climate change the the ghastly attacks on climate science and mitigation in the new proposed budget, the Carbon Bubble — which overprices hydrocarbons and the industries that rely on them, as though we’ll be burning all of them with impunity — is about to pop.
You know the drill. You go to the dentist and they ask you how often you floss. You lie through your teeth and say, “every day!” (Bonus points if you have some cilantro or chives stuck in your gums from lunch). You don’t want to keep up the charade any longer, but rubbing that tiny strand […]
The Raspberry Pi Foundation has done outstanding work packing a fully capable desktop computer into a package the size of a deck cards—especially one that only costs $35. But if you already have a working laptop, why should you care? Oh, how much you have to learn. Besides operating well as a compact digital media hub, […]
Custom coffee vessels are the perfect piece of office flair, but it’s just a matter of time before your VOTE FOR PEDRO mug will start to lose its relevant wit. Why not have a new one every day, with whatever silly nonsense you want sticking off the sides? You can save big on your novelty […]