iButton is opening doors at the TkkrLab

Finding alternative ways to unlock doors is a favorite hacker pastime. TkkrLab recently took on the challenge themselves. The hackerspace, which is located in the Netherlands, faced a problem common to communal workshops; how could they manage keyed access for a large number of members? The metal keys for the door are special, and cannot be cheaply duplicated. To further compound the issue, they are not the only tenants in the building so they can’t replace the lock with one that uses less-expensive keys. So they decided to add an electronic solution.

They first looked at a method for electronically opening the door. Often, this comes in the form of an electronic strike, but rather than alter the door jamb, they replaces the latching mechanism. The electronic latch was compatible with the original cylinder, which means the old keys still work in it. You can see the new assembly above. Just to the left of the lock is an iButton reader. We’ve seen this hardware in projects many times before. It’s cheap, and easy to work with. Now TkkrLab issues an iButton to each member, and can keep track of who is coming in door.

Comments

  1. FredP says:

    “…they replaces the latching mechanism.”

    should be…

    “…they replaced the latching mechanism.”

  2. Jwatcher says:

    Never mind that you can EASILY emulate the I-button with a nice little bus pirate.

  3. David M. says:

    I’m confused. What’s to stop someone with a phillips head screwdriver from letting themselves in?

  4. TheInternet says:

    I too am confused at why there are what appears to be screws accessible to what appears to be the outside of the building.

    I would like to see a fingerprint build for something like this.

  5. There is nothing to so behind the metal plate.
    Only the wooden door just like on this picture from the inside.

    The only thing you can do by removing the metal plate is access the back of the I-button reader.
    The wires that run behind the reader are the same wires that lead to the front of the reader itself.

  6. RicoElectrico says:

    I wonder what could happen if I used piezo igniter from a lighter on this iButton socket ;>

  7. nimitzbrood says:

    A friend of mine did this for years at his last house.

    He put the iButton reader next to the door frame under the doorbell then used a solenoid latch in the doorframe so he didn’t have to modify the door at all.

    It worked fantastically! :-)

  8. Swist says:

    Two Words:

    Bus Pirate

  9. nimitzbrood says:

    @RicoElectrico – likely nothing. The system requires a microcontroller or computer to read the code on the button and validate it before popping the latch.

    And yes they should have used security screws at least just to prevent casual tampering.

  10. fartface says:

    Been doing this for a DECADE with ibutton

  11. Drbytes says:

    @RicoElectrico

    Hopefully the added esd protection with 2 schottkey’s will prevent frying the microcontroller ;)

  12. Dennis says:

    Locks only keep honest people out…

  13. mjrippe says:

    @ Dennis – Agreed! But honest or not, anyone who is a member of a hackerspace should be able to defeat this lock. Maybe make that a prerequisite for membership?

  14. NoX says:

    If you see the images carefully, removing the front panel won’t allow to open the door, it only would be possible to remove the ibutton reader.

    They use a panel to be able to mount the reader in it.

  15. @nimitzbrood

    This door is opening to the outside, that would mean we had to install the solenoid latch at the outside of the doorframe.

    @mjrippe

    The only fast way is brute force but then it will be easy-er to break A window.

  16. Drbytes says:

    The panel is indeed only for mounting the reader, removing it will not help to open the door or lock.

    Also using a bus pirate or any other device to emulate the iButton will not get you far, if any invalid code is read there is a time out of 15 seconds so you could try 240 codes an hour or 5760 a day. this is not very helpful with a code consisting of 64 bits…

  17. Ian says:

    I’m betting this would work with the Java ring as well…

  18. fhunter says:

    it is 56 bits, last byte is CRC. But the point still stands

  19. bzroom says:

    butt-pirate

  20. adam outler says:

    Exposed screws fail.

  21. YaBa says:

    1 – People. you often forget that this is a quick hack, they were not designing some super-secure lock that will be used on fort knox :P
    2 – I would have go with RFID… easier to hide :D

  22. Andrew says:

    You could also have a webcam hooked up which takes a snapshot whenever there is any activity on the reader (legitimate iButton, banned/unrecognised iButton, BusPirate or piezo lighter).

  23. Anonymous Coward says:

    @andrew, sure but you could put your finger on the web cam lens or a piece of masking tape, or chewing gum, or.. you get the point. As YaBa said, this is a quick hack, not the entrance to fort knox. If the point was to hack this I would surreptitiously* read someone’s iButton with a bus pirate then Bob’s your uncle.

    *if that seems too far fetched, then the thinks about the exposed screws, makes mounting a stealth monitor in parallel with the iButton receptacle behind the metal plate to capture all button scans.

  24. Zander says:

    Good work!
    We are using a similar iButton setup at our hackerspace.

    No it is not completely secure. But they again neither is an actual key.
    But when it comes right down to it no door will keep someone out who wants to get in.
    So this is not a security system, it is an access system.
    Anyone who has managed a door with dozens of people using keys knows that when someone loses their key it can be a big pain and cost.
    Someone lose their iButton; who cares just take them out of the system.
    Don’t even talk to me about RFID! I have not seen a more useless technology for door access.
    10 times more expensive than iButton. Plus you can easily hack in to RFID by just listening…

  25. Whatnot says:

    Just use normal screws like they did and put a LDR behind the plate that sets off an alarm, you’d nicely trap would-be dumb burglars.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 94,655 other followers