News:

Goddammit.  Another truckload of bees.

Main Menu

YOUR LOCKS ARE NO LONGER SAFE

Started by the last yatto, July 08, 2009, 09:39:14 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions

Richter

#15
July 09, 2009, 05:28:03 PM
Most of the break ins I've heard of lately have been hit and run for high priced, obvious items.  Bump keys seem sophisticated compared to the local gang smashing a window and running off with your Xbox.  
LMNO had the right idea.  Shim the sucker.  In the words of my father, locks only keep honest people out.  
Quote from: Eater of Clowns on May 22, 2015, 03:00:53 AM
Anyone ever think about how Richter inhabits the same reality as you and just scream and scream and scream, but in a good way?   :lulz:

Friendly Neighborhood Mentat

LMNO

#16
July 09, 2009, 05:29:40 PM
Quote from: Richter on July 09, 2009, 05:28:03 PM
locks only keep honest people out.  

Memebomb.

Elder Iptuous

#17
July 09, 2009, 07:26:48 PM
Quote from: Triple Zero on July 09, 2009, 05:26:49 PM
Quote from: Iptuous on July 09, 2009, 05:19:27 PMLock bumping has been around for decades....

Nearly a decade. And only got widespread attention since 4 or 5 years.

(unless you count the Danish locksmiths in the 70s that, according to wikipedia, used a similar trick for disassembling locks, not opening/"breaking" them as a security issue)

1928:
http://www.google.com/patents?id=Mhx5AAAAEBAJ&printsec=abstract&zoom=4

LMNO

#18
July 09, 2009, 07:28:43 PM
Fuck that, 333 BC, bitches.

Rev. Stanley Baldwin

#19
July 09, 2009, 07:39:35 PM
okay, so we have our ID's or IDEAS that can be stolen...
Or, we can go fully open source...

there must be a middle ground?
G=T

The Good Reverend Roger

#20
July 09, 2009, 08:15:20 PM
Quote from: Rev. Stanley Baldwin on July 09, 2009, 07:39:35 PM
okay, so we have our ID's or IDEAS that can be stolen...
Or, we can go fully open source...

there must be a middle ground?

What the FUCK are you jabbering about?
" It's just that Depeche Mode were a bunch of optimistic loveburgers."
- TGRR, shaming himself forever, 7/8/2017

"Billy, when I say that ethics is our number one priority and safety is also our number one priority, you should take that to mean exactly what I said. Also quality. That's our number one priority as well. Don't look at me that way, you're in the corporate world now and this is how it works."
- TGRR, raising the bar at work.

fomenter

#21
July 09, 2009, 08:22:38 PM
i concur with your earlier diagnosis of hebephrenia,  that guy just ain't right in the head.
"So she says to me, do you wanna be a BAD boy? And I say YEAH baby YEAH! Surf's up space ponies! I'm makin' gravy... Without the lumps. HAAA-ha-ha-ha!"


hmroogp

Rev. Stanley Baldwin

#22
July 09, 2009, 08:23:34 PM
grow-up
G=T

The Good Reverend Roger

#23
July 09, 2009, 08:40:58 PM
" It's just that Depeche Mode were a bunch of optimistic loveburgers."
- TGRR, shaming himself forever, 7/8/2017

"Billy, when I say that ethics is our number one priority and safety is also our number one priority, you should take that to mean exactly what I said. Also quality. That's our number one priority as well. Don't look at me that way, you're in the corporate world now and this is how it works."
- TGRR, raising the bar at work.

Golden Applesauce

#24
July 09, 2009, 08:52:25 PM
Here's a good security analysis (I think, I don't do security analysis so I'm not really suited to judge it):
http://stadium.weblogsinc.com/engadget/videos/lockdown/bumping_040206.pdf

Quote from: The above article, p. 19
Hand-cut keys
Each cut must be individually filed to its deepest value. In some locks, the cuts
may in fact be made slightly greater than the deepest code value, but depending
upon the keyway and specific lock design, this may not be true.

Although this procedure appears deceptively simple, that is not exactly true. A
certain amount of knowledge of the specific lock may be required in order to
know the depth of the deepest cut. Different manufacturers have different depth
and spacing specifications and they are by no means uniform. Thus, the
operative must know how far to file the key for each bitting position. It may not be
possible to ascertain this information from just a visual inspection of the key that
is being modified and certainly the information is not evident from a blank key.

Cuts must be correctly formed and properly centered for each chamber. The
ramps of each tumbler position must be uniform and parallel to each other,
although a slight variance may be self-compensating as the key may actually
deform the bitting surface as it slams against the pins. The peaks for each cut
must be sufficient to properly make contact with the base of each pin and provide
enough material to "bounce" it. If the cuts are too low and the peaks not formed
properly, then the key will not properly interact with the tumblers and the lock will
not open. If dimple keys or keys requiring special milling are utilized, then they
may be difficult or impossible to cut by hand.

Note also that you have to have the same kind of key that the target lock takes - you can't just make one bump key and be able to open every tumbler lock ever.  But since things like apartment complexes, group mailboxes, single-construction company neighborhoods, etc, typically use only one model of lock...

Quote from: Triple Zero on July 09, 2009, 05:26:49 PM
oh, and what Nigel said. doors with locks are not entirely a social fiction, they do have a good use and that is, delaying intruders and/or causing them to have to create enough noise to get in. also, of course, they stop opportunity criminals. if you leave your door open with your laptop in plain sight, some asshole with sticky fingers will happen to come along and steal it. if the door's locked, your average asshole doesn't carry the tools to break in all the time, neither do they go around opening random doors to see if there's laptops behind them.
I am entirely aware that someone who really wants to get in, can get in, but that doesnt make doorlocks useless for safety.

In general, it's much easier and quieter to just look for a door that someone left ajar than to break through a lock.  Being impenetrable is very hard and expensive, but being merely more secure than your neighbors is almost as effective.
Q: How regularly do you hire 8th graders?
A: We have hired a number of FORMER 8th graders.

Mesozoic Mister Nigel

#25
July 10, 2009, 09:11:02 AM
Quote from: Iptuous on July 09, 2009, 05:19:27 PM
Lock bumping has been around for decades....
Nigel, schlage locks are not 'bump-proof' they are simply 'bump-resistant' and ward off less skilled thieves (who will probably be entering from a window anyways, right?)
Hell, even the Medeco locks that protect our govt. secrets and cost a fortune have now been proven to be 'bumpable'
http://www.podtech.net/home/3773/defcon-2007-bumping-the-medico-lock


Bump-proof is technically impossible in a cylinder lock, but bump-proof in practical application? Yes, they are. They can technically be bumped, but in a domestic application it is so profoundly unlikely that someone would have the motivation, the skill and the bump key to do it that it's pretty much flat retarded to contemplate it.
"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."

Reginald Ret

#26
July 11, 2009, 11:58:43 PM
Lord Byron: "Those who will not reason, are bigots, those who cannot, are fools, and those who dare not, are slaves."

Nigel saying the wisest words ever uttered: "It's just a suffix."

"The worst forum ever" "The most mediocre forum on the internet" "The dumbest forum on the internet" "The most retarded forum on the internet" "The lamest forum on the internet" "The coolest forum on the internet"

Mesozoic Mister Nigel

#27
July 12, 2009, 06:21:53 PM
Padlocks and door locks are different.
"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."

Print
Go Up Pages 1 2
User actions