lockpicking hacks

52 Articles

Universal Credit Card In The Palm Of Your Hand

September 23, 2009 by 38 Comments

universal_credit_card

Do you remember the magnetic card spoofer in Terminator 2? It was a bit farfetched because apparently the device could be swiped through a reader and magically come up with working account numbers and pin numbers. We’re getting close to that kind of magic with [Jaroslaw’s] card spoofer that is button-programmable.

Building off of a project that allows spoofing via an iPod and electromagnet, [Jaroslaw] wanted something that doesn’t require a computer to put together the card code. He accomplished this by interfacing a 16-button keyboard and a character LCD with an AVR ATmega168 microcontroller. Card codes can be entered with the buttons and verified on the LCD. Of course this is still dependent on you knowing the code in the first place.

As you know, credit cards use this technology. We don’t think Walmart is going to be OK with you pulling this out in the checkout line, not to mention local five-oh. This technology is also used for building access in Universities, businesses, and hotels. If used in conjunction with some other spy technology you’ll be on your way to becoming a secret-agent-man.

Photographic Key Duplication

September 22, 2009 by 49 Comments

[Ben] and his associates over at the University of California at San Diego came up with a way to duplicate keys using a picture of them. They developed an algorithm that uses measurements from known key blanks to extrapolate the bitting code. Because the software is measuring multiple points it can correct the perspective of the photo when the key is not photographed on a flat surface, but from an angle.

They went so far as to test with cell phone cameras and using a telephoto lens from 195 feet away. In most cases, correct keys were produced within four guesses. Don’t miss their wonderful writeup (PDF) detailing how key bitting works, traditional covert duplication methods, and all the details of their process. The lack of available code prevents us all from playing secret agent (or felon) with this idea but [Ben] did mention that if there is sufficient interest he might release it.

Lock bumping showed us how weak our security is, but this is a bit scary.

[Thanks Mike]

Marc Weber Tobias Vs Medeco

May 22, 2009 by 20 Comments

tobias

This month’s Wired magazine has an extensive profile of [Marc Weber Tobias]. He’s a professional lock picker that delights in coming up with new techniques for taking on high security locks. In recent years, he’s run afoul of the US’s premier high security lock manufacturer, Medeco, by publishing Open in Thirty Seconds with [Tobias Bluzmanis]. Medeco still denies that this is even possible. Wired decided to to test the team by purchasing six new cylinders and timing them. Each one was open in under nine minutes. You can see a video of this on Wired’s site.

Last fall we covered a decoding attack against Medeco locks by [Jon King].

[via blackbag]