Posts Tagged ‘lockpick’

Toool’s new lockpick competition …

Monday, November 17th, 2008

I really love the fact that more and more members of toool get involved to the point they single handedly can perform crucial tasks. In this case Jos Weyers took care of this year’s lockpick competition. And one of the things he did was photograph all locks in high detail (images at the bottom of this post) ….

2009 toool lockpick competition

For those unfamiliar with the Toool competition, here is a small explanation: the competition starts and ends at every LockCon/Dutch Open event. So in this case we just started a new competition. We start with inviting people to donate special and exotic locks, and make a selection of 26 of the most interesting ones. As soon as this selection is done, all locks will be photographed and a competition webpage is set up (link to 2008, work in progress). Now the fun starts: At every Toool meeting (in Amsterdam and Eindhoven), members can try to open these locks, and keep track of their own time! After each club evening the scores are collected and the webpage with the scores is updated. You will receive ten points for being the fastest to open a lock, the second best will get nine points etcetera etcetera till number ten who will receive one point. Number eleven to open the lock will not get any points… Now all points for all locks will be added up and the person with most point wins. I have won this competition multiple times, but since I was too busy learning other lock opening skills I neglected picking a bit and last year did not even made it into the top three.

I am not sure if I will join full force this year, or if my new lock opening passion will take all of my time.

What I do know is that there is a lot of manufacturers out there that keep an eye on this blog to see if their lock is mentioned. Here is the list of locks in this years competition (click on the name of the lock for a close up): chinese lock with pins from three sides, Mul-T-Lock MT5+, no name, Tesa 5-pin, Fixit, Iseo 5-pin, 2001 (Buva?), Iseo 6-pin dimple, Abus, Lips, Corbin, Nemef, Giha 2000, Medeco Bi-Axial 6 pin (with correct side-bar ’set key’), Nemef, Oxlock, Ikon sperr rippen, Unknown (from SSDeV), GTV, Winkhaus, Yale, AGB, BKS, UCEM (Spain), BKS and … a Gemini shield!

If the new site is up where we keep track of times I will post the address here so you can keep track of our progress ….

Tags: , , , , , ,
Posted in English, news | 5 Comments »

Tool without locks … the Chinese tool

Monday, November 3rd, 2008

A little while ago I received some fancy looking opening tools. And normally when someone presents me an opening tool, I just grab one locks from my personal collection to try it out. But in this case I am sure I don’t have the right locks for the tool. And to make things worse, Han Fey also does not have an idea what kind of locks these are used for…

complete chinese lock pick kit

I must admit the tools look nice, and it is a real pity I do not have the locks that come with it to try them out. Too bad the manual does not mean much to me as my Chinese is still a little rusty …. So I can only guess how they work.

tools for chinese locks

Personally I think it is some sort of ‘decoder pick’. Turning the knob at the end of the tool moves a finger/lifter at the tip of the tool, and with it you can set (or feel) individual pins. The neat thing about this tool is that it’s also a ‘set up key’. Inserting small ‘break away key parts’ on the side of the blade will lift the pin to a specific position and keep it there. And by changing the inserts you can change the depth of this (set up) key. Most likely the idea is to use the included magnetic contact microphone to hear if a pin is under pressure or can move freely. After some fiddling around you will end up with a working key.

set up key filled on two positions

All in all an intriguing tool, and I can’t wait to get my hands on one of those locks. If I ever do, I promise to shoot some video and share that here …

* Update 7-11: I send the tool to one of my loyal readers who has a couple of these locks. After playing around with the tool he will send it back including a lock. So I guess a video will show up here some day …

Tags: , , , , , , , ,
Posted in English, news, picktools | 24 Comments »

Impressive presentations at the ‘Last Hope’ conference

Friday, June 20th, 2008

Finally the list of scheduled talks for the ‘Last Hope’ conference is out.

Besides the bigger and better lockpick village that is going to arise at the conference, there sure are a lot of lock-related talks!

I am curious how many locksmiths and people from the lock industry are going to attend this conference. If they are even halfway clever they show up and pay attention….

the 'Last Hope' conference

The one presentation I am looking most forward to is “Maintaining a Locksporting Organization and Breakthroughs in the Community”, By Doug Farre and Jon King

“This presentation will go into detail about how to start and maintain a locksport organization and how groups like these can lead to influential research. You’ll learn how to keep everyone excited about lock picking and how to turn your club into a well oiled machine for years to come. In addition, you’ll find out what it takes to produce a good lock picker and see how anyone can influence the lock industry even after only a few months of being on the scene. Jon King’s research on high security Medeco locks will be revealed in detail. There will also be a demonstration on how to build a tool to pick high security cylinders, and how the responsible disclosure of exploits in the hardware world can make a positive impact for all involved.”

Second is a presentation that is not lock-related, yet given by a legend in his own field: “Technical Surveillance Countermeasures – A Brief Primer on the Arcane Art and Science of Electronics Surveillance and “Bug” Detection from a True Insider” by Marty Kaiser

“The spooky world of covert electronic surveillance and countersurveillance by governments, corporations, and individuals is veiled in secrecy, intrigue, and myth. Few people are well qualified to speak authoritatively about it, and fewer still are willing to. Hear firsthand from one of the most legendary and respected wiretap and bugging experts in the United States about some of the methods and technologies used, some case studies, and the future of privacy and surveillance from an insider’s viewpoint.”

Other interesting presentations that I will visit for sure are:

Escaping High Security Handcuffs By Ray

“Everybody knows normal police handcuffs are no real challenge for lockpickers, even though it helps to know the inner workings and tiny differences of the various models in use today. Less publicly known is that there’s also a variety of “high security” handcuffs on the market, used mainly for high risk prisoners and during transfers. But those also have their weaknesses… This talk will give an overview of the products in use today and their different attack vectors – not only focusing on picking but also bypassing some of the most advanced locking mechanisms used in this field.”

Safecracking by Eric Schmiedl

“Despite many appearances in film and television, fairly little is widely known about how safes can be opened without the proper combination or key. This talk will attempt to address some of the questions commonly asked about the craft, such as is it really possible to have a safe open in a minute or two using just a stethoscope and some clever fingerwork? (Yes, but it will take a bit more time than a few minutes.) Are the gadgets used by secret agents in the movies ever based on reality? (Some of them.) The talk will cover several different ways that safes are opened without damage, as well as the design of one lock that is considered completely secure.”

Strengths and Weaknesses of (Physical) Access Control Systems By Eric Schmiedl and Mike Spindel

“Access control systems are widely used in security, from restricting entry to a single room to locking down an entire enterprise. The many different systems available – card readers, biometrics, or even posting a guard to check IDs – each have their own strengths and weaknesses that are often not apparent from the materials each vendor supplies. This talk provides a comprehensive overview of 20 different access control technologies that focuse on weaknesses (particularly little known or not-yet public attacks) and other points that a buyer would not likely get from a vendor. Also presented will be a model for thinking about access control systems in general that will provide a useful framework for evaluating new or obscure technologies.”

Undoing Complexity – From Paper Clips to Ball Point Pens by Matt Fiddler and Marc Tobias

“This talk will be a systematic approach to dissecting and disabling multiple layers of physical security in locks. In this presentation, the focus will be on embedded design defects in high security locks, and how their discovery translates into security vulnerabilities and the disclosure of such flaws. The attack methodology for high security locks will be reviewed. Demonstrations will include case examples, examining tolerance exploitation, code design analysis, and leveraging the interaction of internal components within a locking system to achieve different types of bypass. The application of this program in the development of covert, surreptitious, and forced methods of entry will be examined. Also discussed will be the concept of responsible disclosure upon the discovery of security vulnerabilities, and how this concept applies to both those who discover flaws and to the manufacturer that produces them, and why the same concept becomes a technical, logistical, legal, and financial minefield for manufacturers. ”

And of course Han Fey and I will do: Methods of Copying High Security Keys

“In this two hour workshop you will learn some new and advanced opening techniques for high security locks from two key members of the locksport group Tool in the Netherlands. Special attention will be given to duplicating high security keys and detailed analysis of modern locking systems. After the presentation, some of the tools and techniques can be seen up close at the Lockpicking Village. You are invited to bring your complex locks or “impossible to copy” keys…. ”

The full list of (almost 100) presentations can be found here. Hope you can make it to the conference and see you there!

Tags: , , ,
Posted in English, Uncategorized, news | 12 Comments »

Golden (bump proof) pins

Monday, May 12th, 2008

bump proof?

For a long time Han and I are doing tests for various lock manufacturers. At the beginning, most of the requests were concerns if the ‘bump proof’ pins they came up with were really bump proof. And most of the time they were not.

On average it took three rounds of testing (and back to the drawing board) before we could not bump open the lock anymore. In some instances we supported the manufacturer with some technical advice to really make the lock bump proof (or highly bump-resistant).

And of course we have been thinking about designing our own bump-proof pin. We labeled it ‘the search for the golden pin’.

In our view, the golden pin has to have (at least) the following properties:

1) Prevent bumping one hundred percent (bump-proof, must withstand ‘advanced bumping’)
2) If possible, make other kind of attacks more difficult (like picking, impressioning and decoding)
3) The solution must contain not too many parts and must be easy to manufacture
4) Easy to Add to a classic 5 pin tumbler lock without modifying the core or house (too much)
5) If possible the ‘golden pin’ must be implementable in dimple and or other pin-tumbler style locks
6) Free of patents

Han and I have been partly successful in this search. And still we are having new ideas and brainstorm/try out sessions on a regular basis.

But ever since our trip to Vienna, our way of looking at the problem has changed.

We learned that if you ever want to have your invention implemented by a lock manufacturer, stop searching for a ‘golden pin’, and start searching for a ‘golden key’!

That is right, lock manufacturers are under constant pressure to come up with new patents on keys. A ‘patented key’ is required in all serious projects, and when a patent is ‘end of life’, so is the commercial success of the lock. Or actually a couple of years before the expiration of the patent (after all, who wants to buy something that will lose it’s ‘copy protection’ in three of four years?).

In a way it is a very healthy system. It keeps lock companies innovative. They can not just design a lock once and live of that design for ever. It forces them to keep investing in engineering.

The flip side it that great locking systems all of a sudden become ‘worthless’ because of the patent expiration. And in some instances that is not fair if you look at the level of security the lock and keys are still providing.

Looking at our mailbox, we are not the only ones looking for the golden pin….

A couple of times per month we receive mail from people who came up with pins or solutions against bumping. In almost all cases the six above properties are not met.

One of the last mails I recently received was from a gentleman called Ian Cecil from Australia. His invention is somewhat smart and makes use of the ‘floating pin’ principle. With that I mean that one of the pins is not reaching the ’9′ position. We have first seen this solution in CES locks where they simply did not drill the hole in the plug all the way. And other floating pins can be found in systems like GeGe Pextra, Nemef and Master padlocks.

But before I take you to all the solutions we found in various locks, back to Ian:

Ian cam up with the following idea: Use a short spring that is connected to the ‘stopper plug’ and the ‘bottom pin’. And the bottom pin is by magnetic force attracting the top pin. If you keep the top pin small (0-3), the bump key can not make contact and obviously does not work. As I said, a nice invention but far from ‘bump proof’. The lock can still be opened by ‘advanced bumping’.

How does advanced bumping works? If I know there is a floating pin inside a lock, all that is required is a set of probe keys to determine the position and minimum depth of the floating pin. And once that info is decoded all I need to do is cut a 99949 key and open the lock.

Still, Ian makes a lot of sense on his website and shows he does know what he is talking about. Who knows, maybe he will come up with a ‘golden key’ one day ….

Tags: , , , , , , , ,
Posted in English, against e-voting, bumping | 54 Comments »