Join us on Wednesday, June 3 at noon Pacific for the Physical Security Hack Chat with Deviant Ollam!
You can throw as many resources as possible into securing your systems — patch every vulnerability religiously, train all your users, monitor their traffic, eliminate every conceivable side-channel attack, or even totally air-gap your system — but it all amounts to exactly zero if somebody leaves a door propped open. Or if you’ve put a $5 padlock on a critical gate. Or if your RFID access control system is easily hacked. Ignore details like that and you’re just inviting trouble in.
Once the black-hats are on the inside, their job becomes orders of magnitude easier. Nothing beats hands-on access to a system when it comes to compromising it, and even if the attacker isn’t directly interfacing with your system, having him or her on the inside makes social engineering attacks that much simpler. System security starts with physical security, and physical security starts with understanding how to keep the doors locked.
To help us dig into that, Deviant Ollam will stop by the Hack Chat. Deviant works as a physical security consultant and he’s a fixture on the security con circuit and denizen of many lockpicking villages. He’s well-versed in what it takes to keep hardware safe from unauthorized visits or to keep it from disappearing entirely. From CCTV systems to elevator hacks to just about every possible way to defeat a locked door, Deviant has quite a bag of physical security tricks, and he’ll share his insights on keeping stuff safe in a dangerous world.
Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, June 3 at 12:00 PM Pacific time. If time zones have you down, we have a handy time zone converter.
Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.
At a far flung, wind blown, outpost of Hackaday, we were watching a spy film with a bottle of suitably cheap Russian vodka when suddenly a blonde triple agent presented a fascinating looking gadget to a lock and proceeded to unpick it automatically. We all know very well that we should not believe everything we see on TV, but this one stuck.
Now, for us at least, fantasy became a reality as [Peterthinks] makes public his 3D printed lock picker – perfect for the budding CIA agent. Of course, the Russians have probably been using these kind of gadgets for much longer and their YouTube videos are much better, but to build one’s own machine takes it one step to the left of center.
The device works by manually flicking the spring (rubber band) loaded side switch which then toggles the picking tang up and down whilst simultaneously using another tang to gently prime the opening rotator.
The size of the device makes it perfect to carry around in a back pocket, waiting for the chance to become a hero in the local supermarket car park when somebody inevitably locks their keys in their car, or even use it in your day job as a secret agent. Just make sure you have your CIA, MI6 or KGB credentials to hand in case you get searched by the cops or they might think you were just a casual burglar. Diplomatic immunity, or a ‘license to pick’ would also be useful, if you can get one.
As mentioned earlier, [Peter’s] video is not the best one to explain lock picking, but he definitely gets the prize for stealth. His videos are below the break.
In the meantime, all we need now are some 3D printed tangs.
Continue reading “3D Printed Snap Gun For Automatic Lock Picking”
Despite what the media might tell you, picking locks isn’t just for spies and guys wearing balaclavas. Those who pick as a hobby, or even competitively, think of locks as logic puzzles. Each lock is a unique challenge, and defeating it requires patience, dexterity, and perhaps most importantly the experience that comes from regular practice. But where does one start if they want to get into the world of recreational lock picking, also known as locksport?
Many people begin their journey on a practice lock, usually made of clear plastic so you can see its inner-workings. That’s fine for the individual, but what if you’re trying to demonstrate lock picking to a group? [John Biggs] may have the solution for you, assuming you’ve got the time and material. His huge 3D printed cutaway lock, and appropriately sized tools, allow even the folks in the back of the room to see how basic picking techniques work.
A print of this size is nothing to sneeze at; a quick peek on the reference printer here at the Hackaday Chamber of Secrets indicates you’re probably looking at the better part of 20 hours to print everything out. Once printed you’ll likely need to take a file and some sandpaper to all the surfaces to make sure things operate smoothly. It doesn’t appear to be a terribly challenging print all things considered, but we wouldn’t call it a beginner’s project either.
The only non-printed part in this design is the springs, which [John] mentions he hasn’t quite found the solution for yet. They need to be fairly weak or else the lock is too hard to pick, but springs large enough to work with the pins are usually pretty strong. This might be a perfect application for some custom wound springs.
After you’ve mastered the PLA lock, it might be time to make your own picks and see if anyone is giving free lock picking workshops in your area.
LayerOne, the first level of security. [Brian Benchoff] and I are excited to take part in our first LayerOne conference this Saturday and Sunday in Monrovia California.
Anyone in the Los Angeles area this weekend needs to get out of whatever they have planned and try out this conference that has a soul. Get the idea of a mega-con out of your head and envision a concord of highly skilled and fascinating hackers gathering to talk all things computer security. Speakers will cover topics like researching 0day exploits, copying keys from pictures taken in public, ddos attacks, social engineering, and more.
It’s not just talks, there is a ton of hands-on at LayerOne as well. I plan to finally try my hand at lock picking. Yep, I’ve covered it multiple times and we’ve even had a session led by [Datagram] at the Hackaday 10th Anniversary but I’ve never found time to give it a roll. Of course electronics are my game and [Brian] and I will both be spending a fair amount of time in the hardware hacking village. We’ll have a bunch of dev boards along with us if you want to try out an architecture with which you’re unfamiliar. This year’s LayerOne badges are sponsored by Supplyframe; we’ll have something in store for the best badge hacks we see during the weekend.
See you there!
Getting past a locked door is easy if you have the right tools. It’s just a matter of knowing how to adjust the pins inside to an even level while turning the mechanism at the same time when everything is perfectly in place. That’s the beauty of a bump key. You never have to see the actual key or what it looks like. And with a simple hit to the back of the key, and bumping it just enough, the lock can magically be opened.
Lock picking items like this can be ordered online for a couple of dollars, or as [Jos Weyers] and [Christian Holler] showed in a recent Wired article, alternatively you can print your own at home. The video of these 3D printed keys (which can be viewed below) attempts to prove that a person can unlock a door with plastic, which was a little bit surprising to us because it seems like the edges would break off right away. But as it turns out, a thin plastic bump key can be made and does function. Not sure how long these keys can last though, but sometimes all you really need is a one time use when trying to open a specific, tricky lock.
As the article states, “Weyers and Holler aren’t trying to teach thieves and spies a new trick for breaking into high-security facilities; instead, they want to warn lockmakers about the possibility of 3-D printable bump keys so they might defend against it.” Although this information is geared towards lockmakers, we see our Hackaday readers finding this data useful as well. Organizers of hackerspaces who hold regular lock-picking events might want to print their own keys and teach classes centered around security. The uses for this are boundless in regards to educating the public about how locks truly work.
Continue reading “3D Printed Bump Keys”
Let’s start off with some lock picking. Can you be prosecuted if it was your bird that broke into something? Here’s video of a Cockatoo breaking into a puzzle box as part of an Oxford University study. [Thanks Ferdinand via Endandit]
[Augybendogy] needed a vacuum pump. He headed off to his local TechShop and machined a fitting for his air compressor. It uses the Venturi Effect to generate a vacuum.
Build your own Arduino cluster using this shield designed by [Bertus Kruger]. Each shield has its own ATmega328. Many can be stacked on top of an Arduino board, using I2C for communications.
[Bunnie Huang] has been publishing articles a few articles on Medium called “Exit Reviews”. As a treasured piece of personal electronics is retired he pulls it apart to see what kind of abuse it stood up to over its life. We found his recent article on his Galaxy S II quite interesting. There’s chips in the glass, scuffs on the bezel, cracks on the case, and pervasive gunk on the internals.
We’d love to see how this this paper airplane folder and launcher is put together. If you know of a post that shares more details please let us know.
Squeezing the most out of a tiny microcontroller was a challenge. But [Jacques] reports that he managed to get a PIC 10F322 to play a game of Pong (translated). It even generates an NTSC composite video signal! Watch the demo video here.
Can anyone argue against this being the least-secure hotel room lock on the market? Regular readers will recognize it as an Onity key card lock. A few months back a glaring flaw in the security was exposed that allows these locks to be opened electronically in less than a second. So we are not surprised to hear that a series of hotel room robberies in Houston are suspected to have been performed using this technique.
The image above is from a demonstration video we saw back in October. That hack used an Arduino-compatible chip inside of a dry erase marker as an end-run around the lock’s electronics. It reinforced the warning sound by [Cody Brocious] when he presented the exploit at this year’s Blackhat conference. The barrel jack on the outside of the door lock doubles as a 1-wire communications port and that is how an attacker can gain access. Investigators can find no other means of entry for these thefts.
We applaud one of the victims in this story. At the end of the article she is asked if the information about the Onity flaw should have been kept secret. She said that if there’s a vulnerability that’s not being fixed people have a right to know about it. Bravo [Janet Wolf]!