Jim Stickley of Stickley Online Security uses his handy $8 Utili-Key to open a locked hotel safe at the Horseshoe Hotel in Bossier City, LA. He unscrews the nameplate on the safe, which reveals a physical lock. He then unbends a paper clip, wiggles it around for a while, and viola! the safe is open. He says a thief could use this method to take something from the safe without any sign that the safe had been opened.
Read the rest
Manipulating safe locks can be fun
and profitable! It also takes practice. I recently bought a used safe combination dial lock and mounted it to a piece of reclaimed wood. Mounting a dial lock involves threading the dial spline bolt through the combination wheels, and then hammering a soft, brass "spline key" into the spline's notch so that the dial will turn the wheels.
My lock came without a spline key, so I searched around the house for some brass to use. I found a spent bullet cartridge casing, and attacked it with a rotary tool cutoff wheel to get a sliver of brass.
After sanding off the rough edges, I folded it over to the proper thickness to fit snugly in the threaded spline.
One solid blow with a deadblow hammer, and the soft brass wedged in place. The dial now turns beautifully.
I'll be bringing this and some other cutaway locks to Boing Boing's Weekend of Wonder, where I'll be teaching lock picking workshops, so if you're attending, please come check it out. Read the rest
I've taken a couple of lockpicking workshops. It was supremely rewarding when I successfully opened a lock using lockpicking tools. Here's a transparent padlock that shows you how the internal components work, making it easier to learn how to pick locks. It comes with 2 keys, but you need to buy the lockpicking tools separately. It's $14 on Amazon.
By the way, my friend John Park is going to be giving the mother of all lockpicking workshops at our upcoming Weekend of Wonder extravaganza on September 18-20 in Riverside, CA! Register here to join us.
Read the rest
Kwikset makes an incredibly popular line of reprogrammable locks that can be easily re-keyed, meaning that landlords don't have to physically change the locks when their tenants move out. Kwikset boasts that their locks are extremely secure, but Marc Weber Tobias and Toby Bluzmanis will present six Kwikset vulnerabilities at DEFCON; their demo includes an attack that opens the lock "in 15 seconds with a screwdriver and a paper clip." Tobias and Bluzmanis have spoken to Kwikset technicians about this, and in recorded conversations, the Kwikset employees insisted that the product was secure, something that can't be taken seriously if you've seen Bluzmanis and Tobias work on them.
Read the rest
Students at Olin College have made a robot that can crack a MasterLock brand padlock's combination; it can work faster depending on whether it knows some, none or all of the combination. The documentation for the project is quite good.
Our final design was able to dramatically reduce the amount of material needed by turning the entire assembly on its side. In this way, the motor mount and spindle, the lock holder and the solenoid could all be considered distinct entities attached to a single base plate. Since torque on the base was not an issue like it was with the first two "tower" designs, we could make the base much thinner. This allowed us to make our slots longer without increasing the total cost much. Thus, we were able to make every component adjustable relative to the fixed lock base which allowed for quick insertion and removal of the lock, as well as easy tuning of the solenoid distance that allowed it to consistently pull the lock latch all the way open. This was critical because one of the main problems we dealt with was assuring the location of the solenoid relative to the lock. The solenoid had a very thin range of positions that it would work from; too far from the lock it did have enough energy to pull the latch, too close to the lock and it didn't have the travel to pull the latch completely open.
Safe-cracking robot autodials combinations to brute-force a high ... Read the rest