Hacked Electric Toothbrush Defeats Locks With Ease

The movie version of lockpicking tends to emphasize the meticulous, delicate image of the craft. The hero or villain takes out a slim wallet of fine tools, applies them with skill and precision, and quickly defeats the lock. They make it look easy, and while the image isn’t far from reality, there are other ways to pick a lock.

This expedient electric toothbrush lockpick is a surprisingly effective example of the more brute force approach to lockpicking. As [Jolly Peanut] explains, pin tumbler locks work by lining up each pin with the shear line of the cylinder, which allows the lock to turn. This can be accomplished a pin at a time with picks, or en masse by vibrating the pins until they randomly line up with the shear line just long enough for the lock to turn. A locksmith might use a purpose-built tool for the job, but a simple battery-powered electric toothbrush works in a pinch too. [Jolly Peanut] removed the usual business end of the brush to reveal a metal drive rod that vibrates at a high frequency. The rod was slimmed down by a little grinding to fit into the keyway of a lock, and with the application of a little torque, the vibration is enough to pop the pins into the right position. He tries it out on several locks in the video below, and it only takes a few seconds each time.

Such brute force methods have their drawbacks, of course. They’re not exactly subtle, and the noise they create may attract unwanted attention. In that case, hone your manual lockpicking skills with a giant 3D-printed see-through lock.

Continue reading “Hacked Electric Toothbrush Defeats Locks With Ease”

Giant 3D Printed Lock Helps Teach Picking

Despite what the media might tell you, picking locks isn’t just for spies and guys wearing balaclavas. Those who pick as a hobby, or even competitively, think of locks as logic puzzles. Each lock is a unique challenge, and defeating it requires patience, dexterity, and perhaps most importantly the experience that comes from regular practice. But where does one start if they want to get into the world of recreational lock picking, also known as locksport?

Many people begin their journey on a practice lock, usually made of clear plastic so you can see its inner-workings. That’s fine for the individual, but what if you’re trying to demonstrate lock picking to a group? [John Biggs] may have the solution for you, assuming you’ve got the time and material. His huge 3D printed cutaway lock, and appropriately sized tools, allow even the folks in the back of the room to see how basic picking techniques work.

A print of this size is nothing to sneeze at; a quick peek on the reference printer here at the Hackaday Chamber of Secrets indicates you’re probably looking at the better part of 20 hours to print everything out. Once printed you’ll likely need to take a file and some sandpaper to all the surfaces to make sure things operate smoothly. It doesn’t appear to be a terribly challenging print all things considered, but we wouldn’t call it a beginner’s project either.

The only non-printed part in this design is the springs, which [John] mentions he hasn’t quite found the solution for yet. They need to be fairly weak or else the lock is too hard to pick, but springs large enough to work with the pins are usually pretty strong. This might be a perfect application for some custom wound springs.

After you’ve mastered the PLA lock, it might be time to make your own picks and see if anyone is giving free lock picking workshops in your area.

[Thanks to DarkSim905 for the tip.]

Opening A Ford With A Robot and the De Bruijn Sequence

The Ford Securicode, or the keyless-entry keypad available on all models of Ford cars and trucks, first appeared on the 1980 Thunderbird. Even though it’s most commonly seen on the higher-end models, it is available as an option on the Fiesta S — the cheapest car Ford sells in the US — for $95. Doug DeMuro loves it. It’s also a lock, and that means it’s ready to be exploited. Surely, someone can build a robot to crack this lock. Turns out, it’s pretty easy.

The electronics and mechanical part of this build are pretty simple. An acrylic frame holds five solenoids over the keypad, and this acrylic frame attaches to the car with magnets. There’s a second large protoboard attached to this acrylic frame loaded up with an Arduino, character display, and a ULN2003 to drive the resistors. So far, everything you would expect for a ‘robot’ that will unlock a car via its keypad.

The real trick for this build is making this electronic lockpick fast and easy to use. This project was inspired by [Samy Kamkar]’s OpenSesame attack for garage door openers. In this project, [Samy] didn’t brute force a code the hard way by sending one code after another; (crappy) garage door openers only look at the last n digits sent from the remote, and there’s no penalty for sending the wrong code. In this case, it’s possible to use a De Bruijn sequence to vastly reduce the time it takes to brute force every code. Instead of testing tens of thousands of different codes sequentially, this robot only needs to test 3125, something that should only take a few minutes.

Right now the creator of this project is putting the finishing touches on this Ford-cracking robot. There was a slight bug in the code that was solved by treating the De Bruijn sequence as circular, but now it’s only a matter of time before a 1993 Ford Taurus wagon becomes even more worthless.

Hacking When it Counts: Prison Locksmithing

In 1978, Tim Jenkin was a man living on borrowed time, and he knew it. A white South African in his late 20s, he had been born into the apartheid system of brutally enforced racial segregation. By his own admission, he didn’t even realize in his youth that apartheid existed — it was just a part of his world. But while traveling abroad in the early 1970s he began to see the injustice of the South African political system, and spurred on by what he learned, he became an activist in the anti-apartheid underground.

Intent on righting the wrongs he saw in his homeland, he embarked on a year of training in London. He returned to South Africa as a propaganda agent with the mission to spread anti-apartheid news and information to black South Africans. His group’s distribution method of choice was a leaflet bomb, which used a small explosive charge to disperse African National Congress propaganda in public places. Given that the ANC was a banned organization, and that they were setting off explosives in a public place, even though they only had a few grams of gunpowder, it was inevitable that Jenkin would be caught. He and cohort Steven Lee were arrested, tried and convicted;  Jenkin was sentenced to 12 years in prison, while Lee got eight.

Continue reading “Hacking When it Counts: Prison Locksmithing”

3D-Printed Kwikset Keys Parametrically

Good ol’ Kwikset-standard locks were introduced in 1946 and enjoyed a decades-long security by obscurity. The technology still stands today as a ubiquitous and fairly minimal level of security. It’s the simplest of the various standards (e.g., Master, Schlage, etc.) with a mere five pins with values ranging from 1 (not cut down hardly at all) to 7 (cut deeply). This relative simplicity made the Kwikset the ideal platform for [Dave Pedu] to test his 3D-printed keys.

Rather than simply duplicating an existing key, [Dave] created a parametric key blank in OpenSCAD; he just enters his pin settings and the model generator creates the print file. He printed ABS on a glass plate with a schmeer of acetone on it, and .15mm layer heights. Another reason [Dave] chose Kwikset is that the one he had was super old and super loose — he theorizes that a newer, tighter lock might simply break the key.

So, a reminder: Don’t post a picture of your keys on the socials since at this point it’s certainly possible to script the entire process from selecting a picture to pulling the key off the print bed. Looking to technology won’t save you either; Bluetooth locks aren’t much better.

Safe Cracking is [Nate’s] Latest R&D Project

We love taking on new and awesome builds, but finding that second part (the “awesome”) of each project is usually the challenge. Looks like [Nathan Seidle] is making awesome the focus of the R&D push he’s driving at Sparkfun. They just put up this safe cracking project which includes a little gamification.

The origin story of the safe itself is excellent. [Nate’s] wife picked it up on Craig’s List cheap since the previous owner had forgotten the combination. We’ve seen enough reddit/imgur threads to not care at all what’s inside of it, but we’re all about cracking the code.

The SparkX (the new rapid prototyping endeavor at Sparkfun) approach was to design an Arduino safe cracking shield. It has a motor driver for spinning the dial and can drive a servo that pulls the lever to open the door. There is a piezo buzzer to indicate success, and the board as a display header labeled but not in use, presumably to show the combination currently under test. We say “presumably” because they’re not publishing all the details until after it’s cracked, a process that will be live streamed starting Wednesday. This will keep us guessing on the use of that INA169 current sensor that plugs into the safecracking shield. There is what appears to be a reflectance sensor above the dial to keep precise track of the spinning dial.

Electrically this is what we’d expect, but mechanically we’re in love with the build. The dial and lever both have 3D printed adapters to interface with the rest of the system. The overall framework is built out of aluminum channel which is affixed to the safe with rare earth magnets — a very slick application of this gear.

The gamification of the project has to do with a pair of $100 giveaways they’re doing for the closest guess on how long it’ll take to crack (we hope it’s a fairly fast cracker) and what the actual combination may be. For now, we want to hear from you on two things. First, what is the role of that current sensor in the circuit? Second, is there a good trick for optimizing a brute force approach like this? We’ve seen mechanical peculiarities of Master locks exploited for fast cracking. But for this, we’re more interested in hearing any mathematical tricks to test likely combinations first. Sound off in the comments below

Modify Locks to Baffle Burglars

While it’s often thought of as a criminal activity, there’s actually a vibrant hobby community surrounding the art of lock picking. In the same way that white hat hackers try to break into information systems to learn the ways that they can be made stronger, so do those in the locksport arena try to assess the weaknesses of various locks. For the amateur, it can be exciting (and a little unnerving) to experience the ease at which a deadbolt can be picked, and if your concern is great enough, you can go a little farther and modify your locks to make them harder to defeat.

The lock in question was sent to [bosnianbill] by [Rallock67] with a device that [Rallock67] had installed using common tools. Known as a Murphy Ball, a larger-than-normal spring was inserted into one of the pins and held in place by a ball bearing. This makes the lock almost completely immune to bumping, and also made it much more difficult for [bosnianbill], an accomplished and skilled locksmith, to pick the lock due to the amount of force the spring exerted on the cylinder. The surprising thing here was that this modification seems to be relatively easy to do by tapping out some threads and inserting a set screw to hold in the spring.

Locksport and lockpicking are a great hobby to get into. Most people start out picking small padlocks due to their simplicity and ease. It’s even possible to pick some locks with a set of bobby pins. And, if you really want to see how easy it is to defeat some locks and/or how much good the TSA does for your overall security, you’ll want to take a look at this, too.

Thanks to [TheFinn] for the tip!

Continue reading “Modify Locks to Baffle Burglars”