Nitric Acid Is The Hot New Way To Pick Locks

Lockpicking is a grand skill to have, and one that’s often presumed to be one of the dark arts of the burglar. However, a new technique has come to the fore in some European contexts. It appears nitric acid is being used to damage locks to allow criminals to gain entry into residential premises.

Germany’s Bild has covered this matter, as has Feuerwehr Magazine. The technique has apparently come to prominence in the last couple of years. Attackers pour the corrosive liquid into the keyway of a typical door lock. This damages the cylinder, and perhaps the pins inside as well. Once the metal has been eaten away and the structure of the lock is sufficiently degraded, it can presumably be forced open quite easily with hand tools. The technique is apparently especially effective in Germany, where locks are typically installed with the pins facing down. This makes it easy for any liquid trickled into the lock to eat away at the pins in the bottom.

German authorities advised people to be on the look out for discoloration around door locks. If seen, it’s important to avoid contact with any corrosive liquid that may have been used on the lock.

It’s a nasty technique that doesn’t just damage locks, but doors as well! Meanwhile, if you’re learning the art of lockpicking, just remember not to practice on any important locks you might actually need. More pictures after the break.

Continue reading “Nitric Acid Is The Hot New Way To Pick Locks”

Hackaday Podcast 082: DJ CNC, NFC Black Box, Sound Of Keys, And Payin’ For 3D Prints

Hackaday editors Elliot Williams and Mike Szczys check in on the best hacks from the past week. All the buzz is the algorithm that can reverse engineer your house keys from the way they sound going into the lock. Cardboard construction goes extreme with an RC car build that’s beyond wizard-level. Speaking of junk builds, there’s a CNC mill tipped on its side grinding out results worlds better than you expect from something made with salvaged CD-ROM drives. And a starburst character display is a clever combination of laser cutting and alternative using UV-cured resin as a diffuser.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 082: DJ CNC, NFC Black Box, Sound Of Keys, And Payin’ For 3D Prints”

Physical Security Hack Chat With Deviant Ollam

Join us on Wednesday, June 3 at noon Pacific for the Physical Security Hack Chat with Deviant Ollam!

You can throw as many resources as possible into securing your systems — patch every vulnerability religiously, train all your users, monitor their traffic, eliminate every conceivable side-channel attack, or even totally air-gap your system — but it all amounts to exactly zero if somebody leaves a door propped open. Or if you’ve put a $5 padlock on a critical gate. Or if your RFID access control system is easily hacked. Ignore details like that and you’re just inviting trouble in.

Once the black-hats are on the inside, their job becomes orders of magnitude easier. Nothing beats hands-on access to a system when it comes to compromising it, and even if the attacker isn’t directly interfacing with your system, having him or her on the inside makes social engineering attacks that much simpler. System security starts with physical security, and physical security starts with understanding how to keep the doors locked.

join-hack-chatTo help us dig into that, Deviant Ollam will stop by the Hack Chat. Deviant works as a physical security consultant and he’s a fixture on the security con circuit and denizen of many lockpicking villages. He’s well-versed in what it takes to keep hardware safe from unauthorized visits or to keep it from disappearing entirely. From CCTV systems to elevator hacks to just about every possible way to defeat a locked door, Deviant has quite a bag of physical security tricks, and he’ll share his insights on keeping stuff safe in a dangerous world.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, June 3 at 12:00 PM Pacific time. If time zones have you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

3D Printed Snap Gun For Automatic Lock Picking

At a far flung, wind blown, outpost of Hackaday, we were watching a spy film with a bottle of suitably cheap Russian vodka when suddenly a blonde triple agent presented a fascinating looking gadget to a lock and proceeded to unpick it automatically. We all know very well that we should not believe everything we see on TV, but this one stuck.

Now, for us at least, fantasy became a reality as [Peterthinks] makes public his 3D printed lock picker – perfect for the budding CIA agent. Of course, the Russians have probably been using these kind of gadgets for much longer and their YouTube videos are much better, but to build one’s own machine takes it one step to the left of center.

The device works by manually flicking the spring (rubber band) loaded side switch which then toggles the picking tang up and down whilst simultaneously using another tang to gently prime the opening rotator.

The size of the device makes it perfect to carry around in a back pocket, waiting for the chance to become a hero in the local supermarket car park when somebody inevitably locks their keys in their car, or even use it in your day job as a secret agent. Just make sure you have your CIA, MI6 or KGB credentials to hand in case you get searched by the cops or they might think you were just a casual burglar. Diplomatic immunity, or a ‘license to pick’ would also be useful, if you can get one.

As mentioned earlier, [Peter’s] video is not the best one to explain lock picking, but he definitely gets the prize for stealth. His videos are below the break.

In the meantime, all we need now are some 3D printed tangs.

Continue reading “3D Printed Snap Gun For Automatic Lock Picking”

Giant 3D Printed Lock Helps Teach Picking

Despite what the media might tell you, picking locks isn’t just for spies and guys wearing balaclavas. Those who pick as a hobby, or even competitively, think of locks as logic puzzles. Each lock is a unique challenge, and defeating it requires patience, dexterity, and perhaps most importantly the experience that comes from regular practice. But where does one start if they want to get into the world of recreational lock picking, also known as locksport?

Many people begin their journey on a practice lock, usually made of clear plastic so you can see its inner-workings. That’s fine for the individual, but what if you’re trying to demonstrate lock picking to a group? [John Biggs] may have the solution for you, assuming you’ve got the time and material. His huge 3D printed cutaway lock, and appropriately sized tools, allow even the folks in the back of the room to see how basic picking techniques work.

A print of this size is nothing to sneeze at; a quick peek on the reference printer here at the Hackaday Chamber of Secrets indicates you’re probably looking at the better part of 20 hours to print everything out. Once printed you’ll likely need to take a file and some sandpaper to all the surfaces to make sure things operate smoothly. It doesn’t appear to be a terribly challenging print all things considered, but we wouldn’t call it a beginner’s project either.

The only non-printed part in this design is the springs, which [John] mentions he hasn’t quite found the solution for yet. They need to be fairly weak or else the lock is too hard to pick, but springs large enough to work with the pins are usually pretty strong. This might be a perfect application for some custom wound springs.

After you’ve mastered the PLA lock, it might be time to make your own picks and see if anyone is giving free lock picking workshops in your area.

See You At LayerOne This Weekend

LayerOne, the first level of security. [Brian Benchoff] and I are excited to take part in our first LayerOne conference this Saturday and Sunday in Monrovia California.

Anyone in the Los Angeles area this weekend needs to get out of whatever they have planned and try out this conference that has a soul. Get the idea of a mega-con out of your head and envision a concord of highly skilled and fascinating hackers gathering to talk all things computer security. Speakers will cover topics like researching 0day exploits, copying keys from pictures taken in public, ddos attacks, social engineering, and more.

It’s not just talks, there is a ton of hands-on at LayerOne as well. I plan to finally try my hand at lock picking. Yep, I’ve covered it multiple times and we’ve even had a session led by [Datagram] at the Hackaday 10th Anniversary but I’ve never found time to give it a roll. Of course electronics are my game and [Brian] and I will both be spending a fair amount of time in the hardware hacking village. We’ll have a bunch of dev boards along with us if you want to try out an architecture with which you’re unfamiliar. This year’s LayerOne badges are sponsored by Supplyframe; we’ll have something in store for the best badge hacks we see during the weekend.

See you there!

3D Printed Bump Keys

Getting past a locked door is easy if you have the right tools. It’s just a matter of knowing how to adjust the pins inside to an even level while turning the mechanism at the same time when everything is perfectly in place. That’s the beauty of a bump key. You never have to see the actual key or what it looks like. And with a simple hit to the back of the key, and bumping it just enough, the lock can magically be opened.

Lock picking items like this can be ordered online for a couple of dollars, or as [Jos Weyers] and [Christian Holler] showed in a recent Wired article, alternatively you can print your own at home. The video of these 3D printed keys (which can be viewed below) attempts to prove that a person can unlock a door with plastic, which was a little bit surprising to us because it seems like the edges would break off right away. But as it turns out, a thin plastic bump key can be made and does function. Not sure how long these keys can last though, but sometimes all you really need is a one time use when trying to open a specific, tricky lock.

As the article states, “Weyers and Holler aren’t trying to teach thieves and spies a new trick for breaking into high-security facilities; instead, they want to warn lockmakers about the possibility of 3-D printable bump keys so they might defend against it.” Although this information is geared towards lockmakers, we see our Hackaday readers finding this data useful as well. Organizers of hackerspaces who hold regular lock-picking events might want to print their own keys and teach classes centered around security. The uses for this are boundless in regards to educating the public about how locks truly work.

Continue reading “3D Printed Bump Keys”