Making A “Unpickable” Lock

Every time manufacturers bring a new “unpickable” lock to market, amateur and professional locksmiths descend on the new product to prove them wrong. [Shane] from [Stuff Made Here] decided to try his hand at designing and building an unpickable lock, and found that particular rabbit hole to be a lot deeper than expected. (Video, embedded below.)

Most common pin tumbler locks can be picked thanks to slightly loose fits of the pins and tiny manufacturing defects. By lifting or bumping the pins while putting tension on the cylinder the pins can be made to bind one by one at the shear line. Once all the pins are bound in the correct position, it can be unlocked.

[Shane]’s design aimed to prevent the pins from being set in unlocked position one by one, by locking the all pins in whatever position they are set and preventing further manipulation when the cylinder is turned to test the combination. In theory this should prevent the person doing the picking from knowing if any of the pins were in the correct position, forcing them to take the difficult and time-consuming approach of simply trying different combinations.

[Shane] is no stranger to challenging projects, and this one was no different. Many of the parts had to be remade multiple times, even with his well-equipped home machine shop. The mechanism that holds the pins in the set position when the cylinder is rotated was especially difficult to get working reliably.  He explicitly states that this lock is purely an educational exercise, and not commercially viable due to its mechanical complexity and difficult machining.

A local locksmith was unsuccessful in picking the lock with the standard techniques, but the real test is still to come. The name [LockPickingLawyer] has probably already come to mind for many readers. [Shane] has been in contact with him and will send him a lock to test after a few more refinements, and we look forward to seeing the results! Continue reading “Making A “Unpickable” Lock”

The Mystery Of A Particular ATtiny85 Fuse

First-timers playing with 8-bit micros such as the AVR and PIC will at some point in their lives, find themselves locked out of their MCUs. This is usually attributed to badly configured fuses that disable certain IO functions rending the device unprogrammable via conventional ICSP methods. [Uri Shaked] shares his story of how his ATtiny85 got locked and became the subject of a lengthy investigation into fuse bit configurations.

[Uri]’s journey started when he accidentally left some pins of the device connected to a second board while he was flashing the firmware. He quickly researched online for a solution for the problem and it turns out, there are a number of recipes to resolve the issue. As it turns out, his problem was not so straight-forward and warranted more digging. [Uri] ended setting up a High Voltage Programming serial programming setup and then probing the communications. He discovered that the chip refused to reset its fuses and would reject attempts to set fuses.

Further investigation of the fuse bits and reading them proved useful in understanding that the memory protection features were preventing alteration of the device. The quick-fix was to erase the ATtiny and things were back to normal thereafter. [Uri] details his pursuit of reading and comparing fuse bits from the impacted chip against a fresh device which is where he makes the discovery. The write-up is a case study in the investigation into the idiosyncrasies of device programming and will be a great resource for many and reduce hair loss for some.

Once you get your hands on an ATTINY, there are a number of small experiments to be done to cure boredom. Be sure to share your experiments and stories with us to inspire the masses.

Son Of Rothult

We are continuously inspired by our readers which is why we share what we love, and that inspiration flows both ways. [jetpilot305] connected a Rothult unit to the Arduino IDE in response to Ripping up a Rothult. Consider us flattered. There are several factors at play here. One, the Arduino banner covers a lot of programmable hardware, and it is a powerful tool in a hardware hacker’s belt. Two, someone saw a tool they wanted to control and made it happen. Three, it’s a piece of (minimal) security hardware, but who knows where that can scale. The secure is made accessible.

The Github upload instructions are illustrated, and you know we appreciate documentation. There are a couple of tables for the controller pins and header for your convenience. You will be compiling your sketch in Arduino’s IDE, but uploading through ST-Link across some wires you will have to solder. We are in advanced territory now, but keep this inspiration train going and drop us a tip to share something you make with this miniature deadbolt.

Locks and security are our bread and butter, so enjoy some physical key appreciation and digital lock love.

Secret Knock Unlocks Door

Watch any movie about the years of prohibition, and you’ll probably see character gain admittance to a speakeasy by using a secret knock on the door. In the old movies, a little sliding door would open so the doorman could check you out and let you in. With [IsmailSan’s] electronic lock, the secret knock automatically unlocks the door. You can see a video of how it works, below.

(Ed Note: Grrr…GitHub repo got pulled between writing and publication. Go check out the in-links in the bottom paragraph if you’re interested in knock-detectors.)

The device uses a piezoelectric speaker to detect the knocking. A speaker is a transducer and like many transducers, it will work — to some extent — in either direction. A servo motor manages the deadbolt. An Arduino runs the whole thing.

Continue reading “Secret Knock Unlocks Door”

Lock Your Keys In The Car On Purpose With Aluminum Foil

[TJ] is a surfer, and drives his car to get to the beach. But when he gets there he’s faced with a dilemma that most surfers have: either put his key in your baggies (shorts) or wetsuit and hope it doesn’t get lost during a wipeout, or stash it on the rear wheel of his car. Hiding the keyfob by the car isn’t an option because it can open the car doors just by being in proximity to the car. He didn’t want to risk losing it to the ocean either, so he built a waveguide of sorts for his key out of aluminum foil that lets him lock the key in the car without locking himself out.

Over a series of trials, [TJ] found out that his car, a 2017 Chevy Cruze, has a series of sensors in it which can determine the location of the keyfob based on triangulation. If it thinks the keyfob is outside of the car, it allows the door to be locked or unlocked with a button on the door handle. If the keyfob is inside the car, though, it prevents the car from locking via the door handles so you don’t accidentally lock yourself out. He found out that he could “focus” the signals of the specific sensors that make the car think the keyfob is outside by building an open Faraday cage.

The only problem now is that while the doors can be locked, they could also can be unlocked. To solve that problem he rigged up an ESP32 to a servo to open and close the opening in the Faraday cage. This still means there’s a hidden device used to activate the ESP32, but odds are that it’s a cheaper device to replace than a modern car key and improves security “through obscurity“. If you have any ideas for improving [TJ]’s build, though, leave them in the comments below. Surfers across the world from [TJ] to the author would be appreciative.

Bike Lock Secures Car

[Buttim] loses his car a lot, which might sound a little bit like the plot from an early-00s movie, but he assures us that it’s a common enough thing. In a big city, and after several days of not driving one’s car, it can be possible to at least forget where you parked. There are a lot of ways of solving this problem, but the solution almost fell right into his lap: repurposing a lock from a bike share bicycle. (The build is in three parts: Part 2 and Part 3.)

These locks are loaded with features, like GPS, a cellular modem, accelerometers, and in this case, an ARM processor. It took a huge amount of work for [Buttim] to get anything to work on the device, but after using a vulnerability to dump the firmware and load his own code on the device, spending an enormous amount of time trying to figure out where all the circuit traces went through layers of insulation intended to harden the lock from humidity, and building his own Python-based programmer for it, he has basically free reign over the device.

To that end, once he figured out how it all worked, he put it to use in his car. The device functions as a GPS tracker and reports its location over the cellular network so it can’t become lost again. As a bonus, he was able to use the accelerometers to alert him if his car was moving without him knowing, so it turned into a theft deterrent as well. Besides that, though, his ability to get into the device’s firmware reminded us of a recent attempt to get access to an ARM platform.

The Key To This City Opens A Real Lock

There are few more satisfying moments than the first time you pick a lock. No matter that it’s a dollar-store padlock that you opened with a pick from a $10 eBay kit, the magic of something that should be secure clicking open in the palm of your hand is hard to beat. Pin tumbler locks are surprisingly simple devices, and to demonstrate this [Farmcraft 101] has produced one at 10x scale to demonstrate their operation on the bench.

The video is a delightful exercise in wood-shop voyerism, as we see him construct the various parts of the lock using his lathe and other workshop tools. A key of the size usually reserved for Freedom Of The City is made, but this one really does slide into the keyway and operate those pins. At the back is a latch mechanism, and the result is a fully-functional model that anyone should be able to use to figure out how the lock works.

Thelock itself isn’t the whole story though, because given the date he’s used it as the basis for a cracking April Fool in which he sends up the [Lock Picking Lawyer] and proceeds to demonstrate the glaring insecurities in his creation. Both videos are there for your enjoyment, below the break. And if you can’t wait to have a go at a lock or two, don’t forget you can always make your own tools using paperclips.

[Ed note: streetcleaner bristles. Thank me later.]

Continue reading “The Key To This City Opens A Real Lock”