This Space Saver Puts The Squeeze On Your Keys


Keys? Who needs them? Well, pretty much everyone. You can’t deny that there are some ridiculously crowded key chains out there. It’s clear that [Robb] wanted to hit the other side of that spectrum when he started working on his latest multi-key project.

The term “multi-key” may be a little misleading as there are more than just keys on this tool. In addition to the bike lock, locker, work and house keys, there is a USB drive, bottle opener, screw driver and a couple of Allen wrenches. The side frames started out as part of an Allen key combo set; one not of the highest quality.  The Allen keys started snapping off during use which left [Robb] with a set of otherwise useless side frames. These became the platform of which [Robb's] project is based. Adding a couple new bolts, nuts and a few modified keys got him the rest of the way there. A lot of thought went into which items to put into this tool and [Robb] explains his thought process in his step-by-step instructions.

The simple nature and potential for customizing makes this a great utilitarian DIY project. Although this may not be Janitor worthy, it will certainly consolidate some of the bulk in our pockets.

Key Cutting with a CNC Mill


Keys cost like what, $2 to copy at a locksmith? But where’s the fun in that? Here’s an easy way to cut your own keys using a CNC mill!

[Bolsterman] now “works” for a real estate company that rents out various properties. Whenever someone moves out, the locks need to be changed ASAP. They use Schlage locks, which can be re-keyed to any pin combination. New keys are typically cut with a punch or a key cutting machine — he actually had one years ago, but got rid of it. Not wanting to buy a new one for his new job at the real estate company, he decided to see how hard it would be to turn his small desktop CNC into his own personal key cutting machine.

All it took for [Bolsterman] to turn his mill into a key cutting machine was a 3/8th 90° countersink bit with the end ground to a flat approximately 0.055″ across (0.035″ is the width of a factory key, but a bit of leeway makes it easier to make the key). Then you simply zero the mill off of the shoulder of the key, and using the handy Schlage pin chart (included in the original link), cut the grooves!

To automate all of this, [Torrie Fischer] created a python script for generating the GCode  for keys based on [Bolsterman's] technique — it’s hosted over at Noisebridge’s Wiki – check it out!

But if all that seems like too much effort, you could just print a new key instead…

Ambient Computer Noise Leaks Your Encryption Keys

RSA Key extraction

[Daniel, Adi, and Eran], students researchers at Tel Aviv University and the Weizmann Institute of Science have successfully extracted 4096-bit RSA encryption keys using only the sound produced by the target computer. It may sound a bit like magic, but this is a real attack – although it’s practicality may be questionable. The group first described this attack vector at Eurocrypt 2004. The sound used to decode the encryption keys is produced not by the processor itself, but by the processor’s power supply, mainly the capacitors and coils. The target machine in this case runs a copy of GNU Privacy Guard (GnuPG).

During most of their testing, the team used some very high-end audio equipment, including Brüel & Kjær laboratory grade microphones and a parabolic reflector. By directing the microphone at the processor air vents, they were able to extract enough sound to proceed with their attack. [Daniel, Adi, and Eran] started from the source of GnuPG. They worked from there all the way down to the individual opcodes running on the x86 processor in the target PC. As each opcode is run, a sound signature is produced. The signature changes slightly depending on the data the processor is operating on. By using this information, and some very detailed spectral analysis, the team was able to extract encryption keys. The complete technical details of the attack vector are available in their final paper (pdf link).

Once  they had the basic methods down, [Daniel, Adi, and Eran] explored other attack vectors. They were able to extract data using ground fluctuations on the computers chassis. They even were able to use a cell phone to perform the audio attack. Due to the cell phone’s lower quality microphone, a much longer (on the order of several hours) time is needed to extract the necessary data.

Thankfully [Daniel, Adi, and Eran] are white hat hackers, and sent their data to the GnuPG team. Several countermeasures to this attack are already included in the current version of GnuPG.

Using a screwdriver to start your car


[Hahabird] uses this screwdriver to start his car. Despite what it may look like, only this particular screwdriver will start the ignition because it still uses the key lock. What he’s done is alter the screwdriver to act as an extension for the key. It’s purely aesthetic, but you have to admit it looks pretty gnarly hanging off of the steering column.

The hack merely involved cutting off the unneeded parts of the key and screwdriver. With the shaft of the tool cut down to size he clamped it in a vice and cut a slot into it using a hack saw. From there he headed over to the grinding wheel and smoothed out the sharp edges.

The key itself had the handle portion cut off and was thinned on the grinding wheel to fit snugly in the screwdriver slot. To permanently mate the two pieces he used a torch and some silver solder.

[via Reddit]

Freezing Android to crack the encryption


Build a better lock and someone will make a tool to open it without the key. Or in this case they’ve made a tool to discover the key using a trip to through the deep freeze. The Forensic Recovery of Scrambled Telephones — or FROST — uses cold temperatures and a custom recovery image to crack Android encryption keys.

Cold boot hacks go way back. They leverage use of low temperatures to slow down the RAM in a device. In this case, the target phone must already be powered on. Booting a phone that uses the encryption offered by Android 4.0 and newer requires the owner’s pass code to decrypt the user partition. But it then remains usable until the next power cycle. By freezing the phone, then very quickly disconnecting and reconnecting the battery, researchers were able to flash their own recovery image without having the encryption key cleared from RAM. As you can see above, that recovery package can snoop for the key in several different ways.

[Thanks Rob]

LV0 encryption key cracks current and future PlayStation 3 firmware

It looks like the security of the PlayStation 3 has been cracked wide open. But then again we’ve thought the same thing in the past and Sony managed to patch those exploits. The latest in the cat and mouse game is the release of the LV0 encryption codes for the PS3 console. The guys who discovered the magic strings of characters supposedly intended to keep them a secret, but have gone public after there was a leak and some black-hats now intend to use them for profit.

The keys are the bottom layer of security when pushing firmware updates to the PS3. With keys in hand, current and future upgrades can be unencrypted, altered, and repackaged without the gaming rig putting up a fuss. Our only real beef with the tight security came when Sony removed the ability to install Linux on systems marketed with this option. The availability of these keys should let you install just about whatever you want on your hardware.

[Thanks Kris via Phys]

iButton is opening doors at the TkkrLab

Finding alternative ways to unlock doors is a favorite hacker pastime. TkkrLab recently took on the challenge themselves. The hackerspace, which is located in the Netherlands, faced a problem common to communal workshops; how could they manage keyed access for a large number of members? The metal keys for the door are special, and cannot be cheaply duplicated. To further compound the issue, they are not the only tenants in the building so they can’t replace the lock with one that uses less-expensive keys. So they decided to add an electronic solution.

They first looked at a method for electronically opening the door. Often, this comes in the form of an electronic strike, but rather than alter the door jamb, they replaces the latching mechanism. The electronic latch was compatible with the original cylinder, which means the old keys still work in it. You can see the new assembly above. Just to the left of the lock is an iButton reader. We’ve seen this hardware in projects many times before. It’s cheap, and easy to work with. Now TkkrLab issues an iButton to each member, and can keep track of who is coming in door.