Yenya's World

Wed, 10 May 2006

Lock bumping

I always enjoyed reading Surely You're Joking, Mr. Feynman!, including the part about Feynman's hobby of lock-picking. As with computer security, I believe that for any massively deployed security technology (including the locks), security-through-obscurity is not a way to go, because the black hats have a big headstart there. Today a friend of mine sent me an interesting set of links about a new (or maybe not so new?) lock-picking technique, called lock bumping.

Firstly, here is a video from some Dutch TV, describing the lock bumping, and then there is a paper on lock bumping (PDF), written by people from Toool - The Open Organization Of Lock Pickers. The method itself is pretty interesting - it needs just a regular key with the deepest possible set of cuts.

I wonder whether the lock in my house is vulnerable to this attack - it is not listed by Toool as vulnerable, but who knows? I want to try this myself, but I am short of time these days ...

Anyway, this paper reminds me of the "Master Keyed Lock Vulnerability" paper, and I think the full disclosure is slowly taking off even in this area, which is a good news.

Section: /world (RSS feed) | Permanent link | 1 writebacks

1 replies for this story:

Vasek Stodlka wrote: My Mul-T-Lock is vulnerable too

The question is - is it good or bad? I had allways been scared what happen, if i loose a key. Now i know that i can help myslef, but my perfectly safe armored door is not so safe for me now. :/

Reply to this story:

URL/Email: [http://... or mailto:you@wherever] (optional)
Title: (optional)
Key image: key image (valid for an hour only)
Key value: (to verify you are not a bot)


Yenya's World: Linux and beyond - Yenya's blog.


RSS feed

Jan "Yenya" Kasprzak

The main page of this blog



Blog roll:

alphabetically :-)