[Chris] wrote in to tell us about this project he did while living in the dorms. He built a system to automate his dorm room door. It handles unlocking and opening/closing the door via iPhone, secret knock, and even the key. The lock/knob portion is handled by a servo while the opening/closing action is hydraulic. After living with it for a year, he says that it never gets old, but there were a few bugs. Apparently it would randomly open in the middle of the night sometimes. If you’re interested in doing something like this, but not damaging the door, maybe you should check out the RFID dorm door lock project.
This month’s Wired magazine has an extensive profile of [Marc Weber Tobias]. He’s a professional lock picker that delights in coming up with new techniques for taking on high security locks. In recent years, he’s run afoul of the US’s premier high security lock manufacturer, Medeco, by publishing Open in Thirty Seconds with [Tobias Bluzmanis]. Medeco still denies that this is even possible. Wired decided to to test the team by purchasing six new cylinders and timing them. Each one was open in under nine minutes. You can see a video of this on Wired’s site.
SparkFun has been selling button pad parts for some time and we used them in our RGB door lock project. A excellent part, but you needed to implement your own interface to use the boards. SparkFun has just released two additional versions to make it easier on builders. The first is their Button Pad Controller USB. It has a 4×4 grid of buttons lit by RGB LEDs and a USB interface. This board can be expanded using the Button Pad Controller SPI. The SPI bus means it should be easy to add the button pad to embedded projects. This newest release puts you much closer to building your own RGB monome clone or other custom controller than ever before. The unit pictured above is their own project and they have no plans on selling anything like it.
[Max] sent us his dorm room RFID controlled lock. While RFID door locks are nothing new, his implementation is very slick. The entire unit is attached with suction cups to a mirror on the inside of the door. It looks like it could be removed and put elsewhere in a matter of seconds. That’s pretty slick. Much cleaner than the touch sensitive dorm lock we saw last year.
Sometimes describing how a lock actually works can be the hardest part of teaching someone about lockpicking. [Mike Gee] has designed an acrylic lock that may just be the ticket for these situations. All of the pieces are cut from clear acrylic. As you insert the key, you can see it raise the four pins up to the shear line. He says that it will definitely take some tweaking as you assemble it to get it to function smoothly. Embedded below is a video of the lock in use. You can find plans on Thingiverse.
The Nintendo keyless entry system will vigilantly guard your door from intruders. Enter the right code and you get access, enter the wrong code and it will deny you and take your picture. [action_owl] did a fantastic job on this lock, using mainly recycled parts like an old CDRom and an Arduino. It works both with or without the computer. If you choose not to use the computer, you don’t get pictures of the people who entered the code wrong.
[OldGrover] bought a Weiser electronic lock. Only 6 months after installing it, the keypad stopped working. Instead of just accepting this, [OldGrover] built a better button pad for his lock. He decided to go with big push buttons instead of a similar to stock membrane system. After tracing out where the original buttons connected, he attached his new buttons and enclosure. Pretty simple really but it fixed the problem and kept the lock out of the landfill. Now, he has a unique looking keypad on his front door.
[Steffen Wernéry] has published a video of the impressioning contest at LockCon. We learned about key impressioning at this year’s HOPE conference. You start the process by inserting a key blank into the lock. By turning the lock until it stops and then moving the key up and down you create marks on the blank’s face. Take a file to those marks to remove the extra material and then repeat the process. Once the pins are set properly, they’ll stop leaving marks on the blank. It takes a lot of skill to do this right, but you end up with a perfectly functional key. [Barry Wels] managed to win the competition in 5:30 with second place coming in at 6 minutes.
The Makers local 256 sent us this USB authenticated deadbolt prject. For roughly $60 these guys built an authentication system that reads the serial number off of the chip in a USB storage device. The actual content on the memory in the USB device is not used at all. They are using a Freeduino board to control its behavior. It has a magnetic sensor that keeps it from initiating the lock when the door is open. They mention that they are using Transparent Aluminum as an enclosure, we assume they mean the Star Trek variety, not Aluminium oxynitride. Be sure to check out the video after the break.
[Alex] sent us this slick little keyless entry system. He wanted a discreet way to trigger the door to unlock. Knocking was too loud, and would give away his secret access code. He decided that touch sensors would be the best. Initially he planned on using the doorknob itself, which would have been awesome, but it was just too much surface area for his touch sensor. Ultimately, he settled for a wire he could touch. An Arduino detects whether or not the correct code has been put in and initializes a high torque servo which turns the doorknob from the inside. In the video, after the break, you can see that it works fairly well.
The Open Organisation Of Lockpickers (TOOOL) is planning a new annual gathering for lockpickers. October 9-12th they will hold the first ever LockCon in Sneek, Netherlands. The event was spawned from the Dutch Open lockpicking championships, but they’ve decided to expand beyond just competition into a full conference. This year the conference is limited to just 100 lockpickers, technicians, manufacturers, hackers, and law enforcement members. They’ll compete in picking competitions, safe manipulation, and key impressioning.
On a related note: Organizer [Barry Wels] just became the first non-German to win an SSDeV competition with his key impressioning skills. We covered key impressioning when we saw his talk about high security keys at The Last Hope. He says it’s only been about two years worth of study and 500 keys to become a master. He managed to open the lock in 5:13 filing two whole keys during that time.
In the same vein as our recent Defcon article on biometric cloning, White Wolf Security has released this article about turning a biometric door lock into a trojan. They note that there are many common ways to break into one, from harvesting fingerprints to using gummy bears to fake a finger. This hack involves having full access to the unit so you can disassemble it.
The unit has a system built-in where you can touch a 9-volt battery to some connectors on the bottom to power it in case of a building power failure. The researchers simply routed some wires from the motorized lock to the plates used for the 9-volt and then reassembled the lock. The door can then be opened at any time without verification, even if the software on the unit is reset.
Despite, Hack a Day seeming to be fairly lock heavy lately, we’ve yet to cover a major story from The Last HOPE. At the conference, [Jon King] talked about vulnerabilities in Medeco locks and presented his Medecoder tool. Medeco is really what makes this story interesting; unlike the EU, the US has very few high security lock manufacturers. You pretty much have to use Medeco and it’s found in many government agencies.
The Medeco locks have a vertical row of six pins arranged like most pin tumbler locks. Unlike your average lock, the rotation of the pins is important. When the key is placed in the lock, it not only moves the pins to the correct height, it also rotates them to the correct orientation. A sidebar blocks the cylinder unless the pins are rotated properly. Each pin has three possible orientations. They’re biaxial as well, which means the pin’s offset point allows for three more possible positions.
Slate is running an interesting article about taking new security approaches to lock vulnerabilities. In the past, lock makers such as Medeco have been able to quietly update their product lines to strengthen their security, but as movements such as Locksport International gain popularity and lock picking videos on YouTube become dime a dozen, lock makers can no longer rely on security through obscurity. It’s no question that an increased interest in this field helps lock manufacturers to create more secure products, but because patching these flaws often means changing critical features of the lock, it becomes a very expensive game of cat-and-mouse.
Traditional lock picking has employed the use of picksets, like the credit card sized setgiven out sold at The Last HOPE, but more recent methods of lock hacking have used bump keys or even magnets. However, as manufacturers make their locks less susceptible to picking and bumping, not even high-security locks will ward off someone determined enough to create a copy of the key, either by observing the original or using impressioning, as [Barry Wels] covered in a recent talk at HOPE 2008.
