Finding alternative ways to unlock doors is a favorite hacker pastime. TkkrLab recently took on the challenge themselves. The hackerspace, which is located in the Netherlands, faced a problem common to communal workshops; how could they manage keyed access for a large number of members? The metal keys for the door are special, and cannot be cheaply duplicated. To further compound the issue, they are not the only tenants in the building so they can’t replace the lock with one that uses less-expensive keys. So they decided to add an electronic solution.

They first looked at a method for electronically opening the door. Often, this comes in the form of an electronic strike, but rather than alter the door jamb, they replaces the latching mechanism. The electronic latch was compatible with the original cylinder, which means the old keys still work in it. You can see the new assembly above. Just to the left of the lock is an iButton reader. We’ve seen this hardware in projects many times before. It’s cheap, and easy to work with. Now TkkrLab issues an iButton to each member, and can keep track of who is coming in door.

Well it looks like the Play Station 3 is finally and definitively cracked. FailOverflow’s Chaos Communications Congress talk on console security revealed that, thanks to a flaw on Sony’s part, they were able to acquire the private keys for the PS3. These keys can be used to sign your own code, making it every bit as valid (to the machine anyway) as a disk licensed by the media giant. We’ve embedded the three-part video of the talk, which we watched in its entirety with delight. We especially enjoy their reasoning that Sony brought this upon themselves by pulling OtherOS support.

We remember seeing a talk years back about how the original Xbox security was hacked. We looked and looked but couldn’t dig up the link. If you know what we’re talking about, leave the goods with your comment.

[Thanks BoBeR182 via The Register]

Add a bit of interest to your radio equipment with one of these unorthodox CW keys. [OH6DC] has been hard at work posting almost sixty of these hacks. Above you can see an alarm clock whose snooze button acts as the key, and a nail clipper used as a key. There’s a banana , a cross-country ski shoe , and a toaster key. The rest you’ll have to see for yourself. Any of these would work perfectly with that Morse code keyboard you’ve been wanting to build.

[Fileark] has instructions for reprogramming keyless entry devices for your car. His demonstration video, which you can see after the break, shows how to make one key fob work for two different vehicles. In this case he’s working on a couple of Chevrolet trucks but there are instructions for GM, Ford, Dodge, Toyota, and Nissan. If you need to reprogram one of these you may find this useful, but we’re wondering how it can be incorporated into a project. If you can sniff out the communications that are going on during the programming you should be able to build and pair your own devices with a vehicle. Wouldn’t it be nice to incorporate your keyless entry into your wristwatch?

Hackaday alum [Will O'Brien] cleaned up his messy breadboard with an RGB keylock Arduino shield. You may remember this two-part project from last year. It uses buttons backlit by an RGB LED to operate a door lock.

[Will] is still mulling over what type of kit options he will offer. We’re happy to see if the most important part, a laser-cut key bezel, will be available. This makes for a professional looking finish that made the original project difficult to replicate.

We ran into a friend a while back who was logging into her employer’s Virtual Private Network on the weekend. She caught our attention by whipping out her keys and typing in some information from a key-fob. It turns out that her work uses an additional layer of protection for logging into the network. They have implemented a username, pin number, as well as a hardware token system called SecurID.

The hardware consists of a key-fob with an LCD screen on it.  A code is displayed on the screen and changes frequently, usually every 60 seconds. The device is generating keys based on a 128-bit encryption seed. When this number is fed to a server that has a copy of that seed, it is used as an additional verification to the other login data.

This seems like a tech trickle-down of the code generating device from GoldenEye. It does get us thinking: with the problems free email services have been having with account theft, why aren’t they offering a fee-based service that includes a security fob? With the right pricing structure this could be a nice stream of income for the provider. We’re also wondering if this can be implemented with a microcontroller and used in our home network. As always, leave comments below and let us know if you’ve already built your own system using these principles.

Update: Thanks to Andre for his comment that tells us this type of security is available for Apache servers. The distribution includes a server side authentication system and a Java based token generator that can run on any handheld that supports Java.

[Ben] and his associates over at the University of California at San Diego came up with a way to duplicate keys using a picture of them. They developed an algorithm that uses measurements from known key blanks to extrapolate the bitting code. Because the software is measuring multiple points it can correct the perspective of the photo when the key is not photographed on a flat surface, but from an angle.

They went so far as to test with cell phone cameras and using a telephoto lens from 195 feet away. In most cases, correct keys were produced within four guesses. Don’t miss their wonderful writeup (PDF) detailing how key bitting works, traditional covert duplication methods, and all the details of their process. The lack of available code prevents us all from playing secret agent (or felon) with this idea but [Ben] did mention that if there is sufficient interest he might release it.

Lock bumping showed us how weak our security is, but this is a bit scary.

[Thanks Mike]

[Steffen Wernéry] has published a video of the impressioning contest at LockCon. We learned about key impressioning at this year’s HOPE conference. You start the process by inserting a key blank into the lock. By turning the lock until it stops and then moving the key up and down you create marks on the blank’s face. Take a file to those marks to remove the extra material and then repeat the process. Once the pins are set properly, they’ll stop leaving marks on the blank. It takes a lot of skill to do this right, but you end up with a perfectly functional key. [Barry Wels] managed to win the competition in 5:30 with second place coming in at 6 minutes.

The Open Organisation Of Lockpickers (TOOOL) is planning a new annual gathering for lockpickers. October 9-12th they will hold the first ever LockCon in Sneek, Netherlands. The event was spawned from the Dutch Open lockpicking championships, but they’ve decided to expand beyond just competition into a full conference. This year the conference is limited to just 100 lockpickers, technicians, manufacturers, hackers, and law enforcement members. They’ll compete in picking competitions, safe manipulation, and key impressioning.

On a related note: Organizer [Barry Wels] just became the first non-German to win an SSDeV competition with his key impressioning skills. We covered key impressioning when we saw his talk about high security keys at The Last Hope. He says it’s only been about two years worth of study and 500 keys to become a master. He managed to open the lock in 5:13 filing two whole keys during that time.

[photo: Rija 2.0]

[via Zero Day]

[photo: afsilva]

Traditional lock picking has employed the use of picksets, like the credit card sized set given out sold at The Last HOPE, but more recent methods of lock hacking have used bump keys or even magnets. However, as manufacturers make their locks less susceptible to picking and bumping, not even high-security locks will ward off someone determined enough to create a copy of the key, either by observing the original or using impressioning, as [Barry Wels] covered in a recent talk at HOPE 2008.

[Barry] showed two different kits for casting keys. The first used soft clay in a clam shell to make an imprint of the original key. The form is then filled with a low melting point alloy (probably Wood’s metal) to create the new key. A second style uses a metal form and two part silicone to create the mold. This method works for most high security keys, but will not work on keys with active elements like sliders or magnets.

Finally, [Barry] talked about his favorite method: impressioning. Unlike picking a lock, when you’re done impressioning you have a funtional key. You start with key blank and file off the top layer. Place the blank in the lock and turn it till it jams. Then, you rock the key up and down. Observing the key under light you’ll see a small mark where each pin is. File a bit where the marks appear and repeat the process. You can’t use too much force or you might break the blank. This also works on dimple keys and as this video shows, laser cut keys. [Barry] highly recommends the impressioning book by [Oliver Diederichsen].

[photo: Rija 2.0]

[via Toool]