The guys from Bloomington’s Fraternal Order of Lock Sport (FOOLS) sure know how to throw a party! At this year’s DerbyCon event down in Louisville, the group put on an awesome event that combined lockpicking and drinking – what could be better?

The Rumble Challenge is lock picking game where six people compete head to head for the best time. Whenever a competitor masters his lock, the competition is paused so that each player has a chance to take a shot from their air-powered shot dispensing machine. Once everyone has imbibed, the next round starts with the competitors picking up where they left off, in an effort to be the next to successfully open his lock.

The game is controlled by an Arduino, which both times the competition and senses when the locks have been opened. The Arduino relays this data to a computer, which uses a projector to display the contestant’s scores on a big screen. As an added bonus, FOOLS member [dosman] added loud rumble motors to the locking mechanisms in order to throw competitors off their game.

The contest sounds like a ton of fun – we’re bummed that we missed it. If you want to see how the game was put together, check out [dosman’s] build log over at the Bloominglabs wiki.

Hackers at the “RaumZeitLabor” hackerspace in Mannheim Germany have noticed that the locking mechanism on the thinkpad mini dock is extremely easy to circumvent. Sold as an additional layer of security, the mechanism itself is not really secured in any way. The button that actuates it is locked by a key, but the latch isn’t secured and can be accessed via a vent on the side. They are using a lockpicking tool in the video, but they say that even a long paperclip would suffice.

We know that no security device is perfect, and if someone really really wants it, they’ll take it, but this seems a bit too easy. Maybe the next version will have a little plastic wall protecting the latch from being actuated manually.  Hopefully if security is your main concern you are using something a little more robust that a dock-lock.

[via the RaumZeitLabor hackerspace (google translated)]

This month’s Wired magazine has an extensive profile of [Marc Weber Tobias]. He’s a professional lock picker that delights in coming up with new techniques for taking on high security locks. In recent years, he’s run afoul of the US’s premier high security lock manufacturer, Medeco, by publishing Open in Thirty Seconds with [Tobias Bluzmanis]. Medeco still denies that this is even possible. Wired decided to to test the team by purchasing six new cylinders and timing them. Each one was open in under nine minutes. You can see a video of this on Wired’s site.

Last fall we covered a decoding attack against Medeco locks by [Jon King].

[via blackbag]

Sometimes describing how a lock actually works can be the hardest part of teaching someone about lockpicking. [Mike Gee] has designed an acrylic lock that may just be the ticket for these situations. All of the pieces are cut from clear acrylic. As you insert the key, you can see it raise the four pins up to the shear line. He says that it will definitely take some tweaking as you assemble it to get it to function smoothly. Embedded below is a video of the lock in use. You can find plans on Thingiverse.

[Thanks, cnelson]

[Steffen Wernéry] has published a video of the impressioning contest at LockCon. We learned about key impressioning at this year’s HOPE conference. You start the process by inserting a key blank into the lock. By turning the lock until it stops and then moving the key up and down you create marks on the blank’s face. Take a file to those marks to remove the extra material and then repeat the process. Once the pins are set properly, they’ll stop leaving marks on the blank. It takes a lot of skill to do this right, but you end up with a perfectly functional key. [Barry Wels] managed to win the competition in 5:30 with second place coming in at 6 minutes.

The Open Organisation Of Lockpickers (TOOOL) is planning a new annual gathering for lockpickers. October 9-12th they will hold the first ever LockCon in Sneek, Netherlands. The event was spawned from the Dutch Open lockpicking championships, but they’ve decided to expand beyond just competition into a full conference. This year the conference is limited to just 100 lockpickers, technicians, manufacturers, hackers, and law enforcement members. They’ll compete in picking competitions, safe manipulation, and key impressioning.

On a related note: Organizer [Barry Wels] just became the first non-German to win an SSDeV competition with his key impressioning skills. We covered key impressioning when we saw his talk about high security keys at The Last Hope. He says it’s only been about two years worth of study and 500 keys to become a master. He managed to open the lock in 5:13 filing two whole keys during that time.

[photo: Rija 2.0]

The unit has a system built-in where you can touch a 9-volt battery to some connectors on the bottom to power it in case of a building power failure. The researchers simply routed some wires from the motorized lock to the plates used for the 9-volt and then reassembled the lock. The door can then be opened at any time without verification, even if the software on the unit is reset.

[Thanks, dwight]

The Medeco locks have a vertical row of six pins arranged like most pin tumbler locks. Unlike your average lock, the rotation of the pins is important. When the key is placed in the lock, it not only moves the pins to the correct height, it also rotates them to the correct orientation. A sidebar blocks the cylinder unless the pins are rotated properly. Each pin has three possible orientations. They’re biaxial as well, which means the pin’s offset point allows for three more possible positions.

[Jon King]‘s Medecoder tool helps deal with the sidebar issue. Each pin in the lock has a groove running up the side. When the pins are in the correct orientation, these grooves are all perpendicular to the lock body and the sidebar can slide into place. [Jon]‘s Medecoder tool is a thin piece of wire with a sliding scale to help you position these grooves correctly.

To pick the lock, you first set all the pins to the correct height. Then, using the Medecoder you find each pin’s individual groove. All Medeco locks have the pins at the same distance from the lock face. The scale on Medecoder indicates where the pin currently is and where the pin should be. You can see [Jon] using this technique to open a lock onstage at The Last HOPE in under three minutes.

This pin vulnerability has been known in Medeco locks since 1974. With the recent release of the Medecoder, Medeco has started manufacturing ARX pins again. ARX pins don’t have the groove cut all the way to the keyway, so they can’t be manipulated by the tool. As we mentioned earlier, unlike software companies, physical security companies have no perceived obligation to patch their install base… even if they’ve known it was broken in some form for 30 years.

The latest issue of NDE has just been released and features a full write up on the Medecoder. It also details the different kinds of ARX pins that have been developed.

[photo: blackbag]

Traditional lock picking has employed the use of picksets, like the credit card sized set given out sold at The Last HOPE, but more recent methods of lock hacking have used bump keys or even magnets. However, as manufacturers make their locks less susceptible to picking and bumping, not even high-security locks will ward off someone determined enough to create a copy of the key, either by observing the original or using impressioning, as [Barry Wels] covered in a recent talk at HOPE 2008.

[Barry] showed two different kits for casting keys. The first used soft clay in a clam shell to make an imprint of the original key. The form is then filled with a low melting point alloy (probably Wood’s metal) to create the new key. A second style uses a metal form and two part silicone to create the mold. This method works for most high security keys, but will not work on keys with active elements like sliders or magnets.

Finally, [Barry] talked about his favorite method: impressioning. Unlike picking a lock, when you’re done impressioning you have a funtional key. You start with key blank and file off the top layer. Place the blank in the lock and turn it till it jams. Then, you rock the key up and down. Observing the key under light you’ll see a small mark where each pin is. File a bit where the marks appear and repeat the process. You can’t use too much force or you might break the blank. This also works on dimple keys and as this video shows, laser cut keys. [Barry] highly recommends the impressioning book by [Oliver Diederichsen].

[photo: Rija 2.0]

Speaking of laser engraving, the blackbag blog announced that Toool has designed 2 unique picksets for The Last HOPE this year. First is the credit card sized snap-off set seen above. They have named this one The Last HOPE emergency pickset. The other pickset is a new version of the ‘double sided pick’ series. This set consists of picks with the same tool on either end, but they are sized differently. This set will contain 8 picks with promised improvements. If you are interested in more complex picks, check out the centipede.