Archive for the ‘Dutch’ Category

« Older Entries

Picking 17th century cultural heritage locks

Saturday, June 30th, 2012

If the key to something you do not use every day is lost, it can take a little while before a locksmith is called. In this case it took them a couple of hundred years to find us!

But that is ok. I like mysteries, especially if I can help solving them. Last week was good for mystery solving and there still are some to be solved (edited 8-july: solved!) .

We were invited into some sort of museum where they had four 17th century treasure-boxes without key. They did send some images that allowed me to do some Research (via barrywels on twitter).

When we arrived we inspected the boxes and padlocks with endocsopes and decided they could probably be picked with simple steel wire bent in an L shape. Click on the image below to see how a similar mechanism is opened using two hooks. One hook lifts the hammer while the other moves the bolt.

lever picking

In a little while we did mange to open a number of padlocks and one of the boxes.

Currently three 17th century treasure boxes are waiting to be opened and at least one of them contains a number of ‘heavy objects’. This is interesting, especially if you consider the boxes were used to transport valuables in ships.

Jord was asked to make a key for the lock(s) and that is quite a task with the special warding. Hopefully I can make a blackbag posting out of that too as it is an interesting process to create such a key. (more nice keys on http://www.duke.edu/web/isis/gessler/collections/locks-keys.htm)

The exact location of the remaining boxes has to be kept secret for now not to give anyone any ideas. There will be a follow up soon (after LockCon.US) and hopefully we can solve some more mysteries then.

Tags: , , , , , , , , , , , , , ,
Posted in Dutch, English, news | 5 Comments »

What is up with Barry?

Sunday, May 15th, 2011

Toool meeting Amsterdam

As you can see on the image above I am doing fine. The image is a picture made by Dutch Panorama Magazine a couple of weeks ago at the Amsterdam Toool meeting. Panorama interviewed me and wrote a pretty nice article about me.

One of the topics covered in the article is the flood of professional lock-related work I do at the moment. It is one of the reasons blackbag has not been updated for some time. Just too busy traveling, preparing courses, trainings, paid R&D and even work in the field of lock-forensics. When I say forensics it is not always answering the question if a particular technique was used to open a specific lock, it can also be in a role of expert witness to explain (or show) a particular lock can be opened quickly in court. I hope to follow up on the specific incident mentioned in Panorama when the case is final.

Next week we will be at ‘Hack In The Box’ in Amsterdam (may 19 and 20). We will have the Amsterdam Toool meeting on Wednesday (May 18) in our traditional hangout (the Kamers cafe/restaurant), and might later in the evening move to the prestigious Krasnapolsky Hotel at Dam square in Amsterdam to set up the booth. Thursday and Friday we will be at the Hotel for sure. If you want to learn about IT security and hobby-lockpicking, “Hack in the Box” is the place to be. I can offer a special discount if you want to attend “Hack in the Box”, so mail me for details.

One of the other courses we are preparing is for the blackhat sessions at DefCon (July 30-31). A two day hands on impressioning and safe-combo-manipulation course. Gonna be quite nice.

Still have a lot of work to do before I can announce LockCon 2011 …

Posted in Dutch, news | 2 Comments »

Lockpicking thieves are coming

Wednesday, December 1st, 2010

Han and I get more and more work as expert witnesses in court cases and in lock-forensics these days. It is one of the reasons we invest a lot in Macro Photography.

can you see what happened here?

It seems more criminals are using clever opening techniques to break into places, and in the Netherlands not many people have the expertise to be able to show what happened. News about this kind of ‘burglaries without a trace’ cases even make it to the front page of Dutch newspapers.

inbraak zonder schade via lockpicking

The article was about the ‘Twente case’. Dutch Police in Twente (.NL) arrested a twenty-five year old male on November 4th. A witness gave the police a description of a person who most likely broke a window at a shop at the Heutinkstraat in Enschede. Police noticed a person on a bicycle who matched the description, but the man tried to escape when they approached him. After a short chase the man was arrested, and the first official report (mirror) about this incident mentioned the man possessed ‘burglary tools’.

A later report (mirror) stated the man was taken into custody and his house was searched. At his house a lot of stolen goods were discovered, as well as a ‘large amount of cash’. Police soon discovered the man used manual lockpicking to break into houses. His territory was a range of houses of elderly people at the Marthastraat and C.F. Klaarstraat in Enschede. So far he confessed thirteen burglaries committed over an 18 months period. He mostly went out at night and used a lockpick set to gain entry. As police stated, the man ‘worked very clean’, and in some of the cases the owners of the house never even realized they had been burglarized! He managed to take away expensive goods, silver and cash without leaving a trace. To make things worse, he even used the burglarized houses for mail order fraud. He successfully mail ordered gold and expensive goods without the owners of the houses knowing.

According to police spokeswoman Chantal Westerhoff, the burglar had ‘very sensitive fingers’. She said “Lockpicking is a special trade, and not a lot of people can do what this guy did”.

After his confession, and showing lots of remorse, the man was released from custody. He will soon have to account for his behavior in court. I hope I can find out what day the court case is, and I will try to follow up on the story. Any information on the case is welcome, so feel free to mail me if you know more about it.

* Note December 2: I received additional information about the case. The trial will be held in February 2011 (no date set yet). And it is going to generate a lot of media attention as there are some very interesting angles to the story.

Tags: , , , , , , , , , , , , , , ,
Posted in Dutch, news | 12 Comments »

Assasination and hotel door security

Monday, February 22nd, 2010

I am reading up on the assassination of Hamas leader Mahmoud al-Mabhouh with red cones. Never ever have so many operational details come out about missions like this. Twenty years ago this would have gone on file as a ‘highly suspicious death’, but in this day and age of CCTV camera’s it did not go unnoticed. What is special this time is that a (must see) video just was released by Dubai police, and it looks like a hollywood production. The link to this blog? … since the murder took place in a hotel, I was immediately interested to read details on how they gained entry. And there still are some things unclear about it, even though this article speaks about “They entered the room using copies of keys they had somehow acquired.”

electronic hotel locks with a mechanical override

This could point to the fact a lot of electronic hotel door locks have a mechanical override. Most of the time there is a mechanical lock mounted under the handle of the door that can be opened with a master key. In some cases the lock is even hidden under a sticker or label, but in most hotels I visited there is a lock present in case the electronic lock fails (in some countries it is not legal to rely only on the electronics). I know that in some hotel locks a mechanical opening is still recorded by the electronics in the lock and will end up in the log files. To get hold of the masterkey, one could rent a room in the same hotel and simply (for an intelligence agency that is) take the mechanical lock out the door, take it apart and make the master key based on the now known pin lenght. (Or if you believe the myth, ‘they’ already have done all the fieldwork and collected the mechanical master keys to all important hotels in advance anyway …)

Another way to open some hotel doors would be to simply go under the door and grab the handle from the inside using a special tool. As you can see in this video, it is not so difficult. And the tool used to go under the door is even available in a ‘government only’ version. This version can easily been taken apart into small segments but is only sold to government agents.

And I suggest a slightly modified tool like the one on the video was used for the finishing touch of the murder. To make it look like a natural death, they locked the chain on the inside of the door …

It is all a funny coincidence as the video of the tool was just shot a couple of weeks ago when Han Fey and I did a presentation at the famous IT-Defense security congress Germany. It is a congress where we always meet lots of interesting people and always get a lot of invitations to give more presentations and/or workshops. We were originally invited to just do some hands on workshops and teach people the basic locksport/lockpicking skills, as well as a few simple opening techniques like shimming doors etc. But when some of the conference speakers missed their plane, we were asked to give an ‘emergency presentation’ to fill the gap. And as we do not like to give the same presentation twice, we shot some video (using a mobile phone) on the spot late at night about the door opening tool (and how to protect yourself against it) and inserted it into a compilation of existing presentations. Originally I did not intend to release the video as it shows me opening a door, but in this case I make an exception …

And for those of you who want to know more on the inner working of hotel locks, I have blogged about it before (including a video of ‘how it is made’)….

Tags: ,
Posted in Dutch, English, Uncategorized, bumping, news, picktools | 28 Comments »

Lockcon Turkey canceled ….

Monday, February 8th, 2010

no lockcon in Turkey ...

We feared for it some time, but just received a mail that confirmed it. Officially the reason is ‘the crisis’ and that there is not enough budget …

Will report soon about the implications if I have more information …

* update: We are making an inventory of people who already booked an airplane ticket to Turkey. Please send me a mail and let me know (and how much you paid for the ticket).

* update 09/02: We are looking into some options. Latest May 1st we will come out with a statement/program about lockcon and the championships …

Posted in Dutch, news | 20 Comments »

Printing police handcuff keys …

Monday, September 14th, 2009

German SSDeV member Ray is known all around the world for his impressive collection of handcuffs and his fun ways of opening most of them. On top of that he gives great presentations and always manages to add a lot of humor into them!

a plastic 3D printed key that will open the handcuffs of the Dutch police

At HAR he pulled another stunt: He used a 3D printer to print handcuff keys. And not just any ordinary handcuff key … no, it’s the official handcuff key from the Dutch police! At first the police officers at HAR were a little reluctant to event try out the plastic key he printed. But he found another way to verify the key he printed was the correct one. I guess these officers never thought about wearing keys concealed, especially when talking with Mr. Handcuff himself. Given the megapixel camera’s on the market today it was not so difficult to verify the key he printed was the correct one.

Someone is looking at your butt ...

At the end of the day he talked the officers into trying the key on their handcuffs and … it did work! At least the Dutch Police now knows there is a plastic key on the market that will open their handcuffs. A plastic key undetectable by metal detectors….

And Ray made it easy for you. For those of you wanting to print your own Dutch police handcuff key … the STL file is available online at http://ke.y.nu/

The New York Times just came out with an article on European lockpickers, quoting a Dutch Police officer who was not too negative about the lockpick scene. Lets hope they still feel this way after this post …

*Warning* Before you print out your keys please check your local law! Reading the article below (pdf mirror) should be a fair warning! In some places it is not quite healthy to run around wearing police handcuffs ….


Homeless man could get 5 years for wearing handcuff keys

Wed, Sep. 09, 2009
BY DAVID OVALLE

For wearing handcuff keys on a necklace draped around his neck, a homeless Miami Beach man could face years in prison.

Prosecutors on Tuesday formally charged Michael Gonzalez, 22, with disorderly intoxication, marijuana possession and two counts of possession of a concealed handcuff key — a third-degree felony punishable by up to five years in prison.

“It’s an actual felony,” prosecutor Barbara Teresa Govea explained to Miami-Dade Circuit Judge John Thornton, who questioned the charge.

“There’s got to be some kind of constitutional violation in there somewhere,” Assistant Public Defender Michelle Prescott grumbled to the court.

Actually, the Florida Legislature passed the law after the 1998 murders of two Tampa deputies and a state trooper. Hank Earl Carr shot and killed them after he escaped his cuffs using a universal handcuff key hidden on a necklace.

Gonzalez was arrested Aug. 16 after Miami Beach police said he was harassing women on the South Beach sand. In a report, Officer Errol Vidal wrote that he found a small amount of marijuana in the man’s pocket and “two handcuff keys concealed under his shirt on a necklace.”

Also under Gonzalez’s shirt: a tattoo on his right shoulder, with the word “anarchy” and shooting flames.

Tags: , , , , , , , , , , , ,
Posted in Dutch, news | 24 Comments »

Dutch podcast: Win a credit card lockpick set

Wednesday, June 24th, 2009

Han and I were guests in the Dutch podcast of ‘de beveiligingsupdate‘ (the security update). To sponsor this podcast a little we are giving away five credit card lockpick sets. Five winners will be selected from people who mail them, so even if you do not speak dutch just mail redactie@debeveiligingsupdate.nl and who knows … you might win one of these cool gadgets …

http://security.nl/artikel/29925/1/Win_een_creditcard_sloten-pick_set_%28Podcast%29.html

*Update: no more chance to win … the lottery is closed.

Posted in Dutch, news | No Comments »

Viola … sweet activist!

Monday, May 11th, 2009

All over Amsterdam billboards are popping up saying: “from now on, all that deserve PUNISHMENT will get PUNISHED”. It is a ridiculous poster by the Dutch VVD political party. And good old Viola did not like to see the threatening words ‘punishment’ and ‘punished’ all over the place and decided to fix the problem. She made prints with the words ‘something sweet’ and put them over the billboards. So now it says: “From now on, all that deserve SOMETHING SWEET will get SOMETHING SWEET”.

Isn’t she sweet?

(Dutch video about Viola below, and she also made the Dutch newspapers)

Posted in Dutch, Uncategorized, news | 5 Comments »

Video and report on mifare attack

Thursday, March 13th, 2008

As promised, Radboud university came out with a video and a report (ENG PDF) on the Mifare hack.

I wonder how long it will take before the software is out on the market .. I know I want a copy ;)

Click the image to see how one billion (!) cards can be hacked/cloned.

RIP mifare classic

Tags:
Posted in Dutch, English, Uncategorized, news | 6 Comments »

Mifare now fully broken

Wednesday, March 12th, 2008

Breaking news from the Dutch Ministry of internal affairs website:

red alert ...

Radboud university fully broke myfair classic.

“With little effort abuse is possible and cards can be cracked and copied easily.”

Below is my rough translation of their letter to inform our parliament.

Between the lines I read panic ….

March 12

Radboud University in Nijmegen (the Netherlands) had recently notified me their research group ‘Digital Security’ developed a method to easily crack and duplicate a large number of chipcards.

This concerns all (access control)cards containing the so called ‘mifare classic-chip’, used in applications that do not rely on additional security measures (like our nation wide transport card).

We guess around two million access control cards are in use in the Netherlands, worldwide we assume one billion.

In various Governmental and private sector this chiptechnoligy is in use.

Our national intelligence agency (AIVD) has, on my request, checked the method at the Radboud University, and confirmed their claim is correct and works.

I have ordered AIVD to follow up and conduct more research.

It must be taken into account as soon as details of the university research become public, the possibilities of abuse are going to be so easy that additional measures are necessary to maintain ‘the level of security’.

The new ‘governmental ID card’ (using a different technology) was supposed to be rolled out the fourth quarter of 2008. I am looking into if this can be speeded up.
I have requested AIVD to advise on security measures of the gevernmental ID card.

In the meantime government wide additional security measures will be taken.

I have requested my colleague ministers to inform the (public) sectors they are responsible for, so additional measures can be taken.

The Minister of internal affairs.

At 16:00 Radboud Univeristy will issue a press conference. By that time a report and video will be available on http://www.www.ru.nl/veiligheid-toegangspassen

Tags: , , ,
Posted in Dutch, English, Uncategorized, news | 2 Comments »

‘Ik op TV’

Wednesday, February 20th, 2008

Laura Balver of the Dutch program ‘Ik op TV’ visited Toool Amsterdam. Click to see Dutch clip….

Posted in Dutch, Uncategorized, news | 5 Comments »

how it’s made: cutting the profile in the lock core

Monday, February 4th, 2008

I must admit I have been so busy last week that making the sunday evening deadline was not easy.
But hey, a promise is a promise … so here goes another posting …

I was planning on writing something about Marc Tobias his hack on alarm systems. The weak spot are the wireless sensors (operating on 433.92 Mhz). Maybe I will get back to that later.

Today I want to talk about some of the fun things at Toool: factory visits!

step by step cuttig of the profile

Dutch lock company Anker invited us last year for a factory visit. Even while most of the well respected brands on the market have lots of their parts made in China, Dutch lock company Anker is an exception. They still do most of the work in their own factory, and are very proud of that. At least in the Netherlands they are unique in that respect.

The following video will show you how the key profile is cut into a lock core. Anker is known by us lockpickers by their nasty to pick profiles: very narrow, lot of zig-zag’s and six pins. Not completely impossible, but by no means easy.

In this video you will learn how the profile is cut in the lock core (quicktime or youtube).

Posted in Dutch, English, Uncategorized, news | 2 Comments »

Toool’s field test on AXA locks

Monday, December 17th, 2007

An image can say more then a thousand words ….

Toool.nl

I guess by now quite some people are comparing their key to the above image, hoping their key has the same profile as the AX1RP blank (on the right)…..

Why?!?

In cooperation with Kassa TV and one other organisation we performed a little test. In and around Amsterdam we tried to open over 150 bicycles. We got help from random bicyclists, bike shops, and even received assistance from local law-enforcement. Result: we managed to open around 50% of them….

By far the most interesting and intriguing thing we found is that almost all locks we could open used the so called ‘standard key profile’ (blank AX1P). Locks using the ‘mirror image profile’ (AX1RP) seemed almost impossible to open. And we are still investigating why. And we do warn people the flaw might be exploitable in the mirror image profile someday soon … many people are now looking into it, and it could be a matter of time. But for now it seems ok …

One other interesting fact: we managed to open almost all 583 models (over 90%), as well as a high percentage of SL7 and SL9 locks…. if they used a ‘standard key profile’ that is. And a lot of SL9 locks were equipped with a mirror image profile.

Axa by now admits more locks are vulnerable as they expected before, and they will come out with a report themselves any day now. Curious if they found the same things we did (in our relatively small test).

More about this test and the findings (in Dutch) on Kassa TV or http://www.toool.nl

Posted in Dutch, English, news | 6 Comments »

Abus did the right thing … but did AXA do the wrong thing?!?

Saturday, December 15th, 2007

Today ABUS announced (trough an ad in the newspapers) they will send a free lock to everybody that has a lock vulnerable to the ‘blank key’ method. It concerns some of the 48 and 4800 series ABUS bicycle ring-locks.
Rumor has we are talking over 100.000 pieces. And they will all be replaced by ABUS … for free.

I read a lot of comments on various Dutch webpages AXA should follow ABUS and do the same. People say it is not fair they ‘only’ receive 50% discount on an additional extra lock.

Now, I disagree with that, not completely, but still … I disagree.

People do not seem to realize all ABUS locks were manufactured after 2005, while AXA produced defective locks between 1998 and 2005. So while a defective ABUS lock is at most two years old (or should I say young?), an AXA lock on average is five years old, and in some cases even nine years! As far as I am concerned this is old enough not to be entitled for a full refund. I think it is fair to give people a full refund if the lock is under four years old, but after that … you should be happy with your discount.

Over the last few days I visited many bicycle shops. A lot of them had stories of customers who did the right thing: they upgraded to an AXA Defender lock and simply paid twenty euro. These people took the warnings in the media serious and did not want to wait to have their bike stolen. Most of them did not even blame AXA. After all, it is a freak accident. A rare mechanical defect discovered by the wrong people, probably by accident. And years after a serious test institute certified the locks. AXA did what it could when these locks were made.

Now, I realize not everybody can easily pay twenty euro for a new lock. And not all bicycle shops will change the lock for free, although most feel it is a service to their customers to do so in this specific case. But still, if you have the money, just find a shop that will replace the lock for twenty euro and get it over with.

Having said that, it would be a good thing if AXA gave a 50% discount on the Defender (or Solid) ringlock, as that is what would make most of their customers happy…. and brush off the negative image they are creating by not making this offer …

Posted in Dutch, English, news | 6 Comments »

Axa bike locks in the media

Tuesday, December 11th, 2007

Some Dutch media picked up on my last posting on AXA bike locks, including one of the most popular consumer television programs ‘Kassa’. Saturday prime-time, 1.4 million people watched Dirk Bolderman, head of AXA bicycle locks, answer the question how many locks might have this flaw. His answer: “Between 1998 and 2005 we produced four million locks. We assume 100.000 to 200.000 might have this vulnerability. And the locks can not be identified by their serial number”….
(video available as 33 MB quicktime or on YouTube)

Some people have serious doubts about Mr. Boldermans claims ….

The good thing is he did promise AXA will offer 50% discount on new additional bike locks soon.

www.fietsersbond.nl

I received mostly positive feedback for pointing out the ‘interesting’ AXA/Abus advertisement campaign. One exception is the Dutch association of bicycle enthusiasts (fietserbond). Normally I sympathize with them, as they are really doing good work for us bicyclists (yes, I ride a bike too). But they are now asking Dutch justice department to take ‘legal action’ against ‘these instructional video’s on internet’. They claim these video’s are criminal because they encourage criminal behavior. Sigh….

Now, there are lots of ways I can defend myself against these ridiculous claims. And I have no concerns on the legal part of it. We have a long list of lawyers that owe us a favor, mainly because of our technical assistance in difficult court-cases (mostly fraud cases were insurance companies don’t want to pay). And legally they do not have a point. Maybe morally, but I think the awareness created by the clip had much more impact then the silly AXA advertisement in the papers.

And I decided to look at their website, trying to learn some more about them. Interestingly their site is filled with information that can help thieves. Take for instance their excellent study (PDF) on bike lock security. Assisted by the Technical University in Delft, they studied a more destructive way of opening locks: using special pliers used to cut concrete reinforcement elements (dutch: betonschaar). Potential thieves are advised what locks to avoid (including images of locks), and how to use the cutting tool properly (Use 65 Rockwell blades and let one of the cutters arms rest on the ground to increase impact). Maybe it is time to arrest the people from technical university Delft now …

Anyway, good luck to them trying to sue Kassa for warning the public on prime time television ….

Update: Volkskrant reporter Michiel Haighton went to Amsterdam Central station to try his luck (video) …. and guess who he met there ?!?

To be continued for sure …

Posted in Dutch, English, news, picktools | 4 Comments »

« Older Entries