The Terrible Security Of Bluetooth Locks

Bluetooth devices are everywhere these days, and nothing compromises your opsec more than a bevy of smartphones, smart watches, fitbits, strange electronic conference badges, and other electronic ephemera we adorn ourselves with to make us better people, happier, and more productive members of society.

Bluetooth isn’t limited to wearables, either; deadbolts, garage door openers, and security systems are shipping with Bluetooth modules. Manufacturers of physical security paraphernalia are wont to add the Internet of Things label to their packaging, it seems. Although these devices should be designed with security in mind, most aren’t, making the state of Bluetooth smart locks one of the most inexplicable trends in recent memory.

At this year’s DEF CON, [Anthony Rose] have given a talk on compromising BTLE locks from a quarter-mile away. Actually, that ‘quarter mile’ qualifier is a bit of a misnomer – some of these Bluetooth locks are terrible locks, period. The Kwikset Kevo Doorlock – a $200 deadbolt – can be opened with a flathead screwdriver. Other Bluetooth ‘smart locks’ are made of plastic.

The tools [Anthony] used for these wireless lockpicking investigations included the Ubertooth One, a Bluetooth device for receive-only promiscuous sniffing, a cantenna, a Bluetooth USB dongle, and a Raspberry Pi. This entire setup can be powered by a single battery, making it very stealthy.

The attacks on these Bluetooth locks varied, from sniffing the password sent in plain text to the lock (!), replay attacks, to more advanced techniques such as decompiling the APK used to unlock these smart locks. When all else fails, brute forcing locks works surprisingly well, with quite a few models of smart lock using eight digit pins. Even locks with ‘patented security’ (read: custom crypto, bad) were terrible; this patented security was just an XOR with a hardcoded key.

What was the takeaway from this talk? Secure Bluetooth locks can be made. These locks use proper AES encryption, a truly random nonce, two factor authentication, no hard-coded keys, allow the use of long passwords, and cannot be opened with a screwdriver. These locks are rare. Twelve of the sixteen locks tested could be easily broken. The majority of Bluetooth smart locks are not built with security in mind, which, by the way, is the entire point of a lock.

[Anthony]’s work going forward will concentrate expanding his library of scripts to exploit these locks, and evaluate the Bluetooth locks on ATMs. Yes, ATMs also use Bluetooth locks. The mind reels.

Have A Laser Cutter? Here’s A Cool Combination Lock Box You Can Build!

Laser-cut plywood boxes are cool. Don’t believe me? Take a look at the free projects out there for people to get started with when they get a laser cutter – it’s obviously a popular genre of project. Laser cut plywood boxes with combination locks are even cooler, especially when the combination is entered on four separate number selectors, on four sides of the very same box.

That’s exactly what [Sande24] has done, and the final result is mesmerizing. 30-40 parts are cut from plywood with a laser cutter, and assembled to construct the lockbox. The design could easily be reused to make the box out of acrylic, or even aluminum or steel if you were so inclined. Check it out in the video below.
Continue reading “Have A Laser Cutter? Here’s A Cool Combination Lock Box You Can Build!”

Doc Brown’s Security Briefcase Needs Speed

If you just wait around long enough, the future becomes the past. And that’s happened to the “Back to the Future” future, as you probably all remember. But BttF-themed projects are still pouring in.

[ossum] sent us the link for his build of Doc Brown’s briefcase that only opens above 88 mph. His writeup is fantastically detailed, and worth a look if you’re interested in working with a GPS unit and microcontrollers, driving seven-segment LEDs with shift registers, or just driving too fast in an old Jetta. And there’s a video demo just below the break if you’re not a believer.

Continue reading “Doc Brown’s Security Briefcase Needs Speed”

Hack A Padlock Key From Plastic Scraps

Not too many years ago, if you wanted a decent copy of a key made, you had to head to either a locksmith’s shop or the nearest hardware store, where real people actually knew their trade. Now we generally take our keys to the Big Orange Box o’ Stuff and have it copied by a semi-automated machine, or even feed it into one of the growing number of fully automated key-copying kiosks, with varying results. But as [BlueMacGyver] shows us, a serviceable padlock key can be whipped up quickly at home with nothing but scraps.

The video below details the process – soot the profile of the key with a lighter, transfer the carbon to some stiff plastic with Scotch tape, and cut out the profile. With a little finagling the flat copy makes it into the lock and opens it with ease. Looks like the method could be applied to locks other than padlocks. As for raw material, we think we’ve found a use for all those expired credit cards collecting in the desk drawer.

We’ve given a lot of coverage lately to hacks involving locks, including copying keys from photos and making bump keys with a 3D printer. But we like this hack for its simplicity. True, you need physical access to the key to copy it, and that limits the hack’s nefarious possibilities. But maybe that’s not such a bad thing.

Continue reading “Hack A Padlock Key From Plastic Scraps”

Avoid Procrastination With This Phone Lock Box

Smart phones are great. So great that you may find yourself distracted from working, eating, conversing with other human beings in person, or even sleeping. [Digitaljunky] has this problem (not surprising, really, considering his name) so he built an anti-procrastination box. The box is big enough to hold a smart phone and has an Arduino-based time lock.

The real trick is making the box so that the Arduino can lock and unlock it with a solenoid. [Digitaljunky] doesn’t have a 3D printer, so he used Fimo clay to mold a custom latch piece. A digital display, a FET to drive the solenoid, and a handful of common components round out the design.

Continue reading “Avoid Procrastination With This Phone Lock Box”

Teardown: An Electronic Master Lock

[rohare] has an interesting teardown for us over on the keypicking lock picking forums. It’s a Masterlock combination lock – specifically the Masterlock 1500eXD – and yes, it’s a completely electronic lock with buttons and LEDs. Think that’s the mark of a terrible lock? You might be surprised.

The first impressions of this lock were surprisingly positive. It was heavy, the shackle doesn’t move at all when you pull on it. Even the buttons and LEDs made sense. Once the back of the lock was drilled open, things got even more impressive. This lock might actually be well-built, with a ‘butterfly’ mechanism resembling a legendary padlock, actuated by a small but sufficient motor. Even the electronics are well-designed, with the programming port blocked by the shackle when it’s closed. [rohare] suspects the electronics aren’t made by Masterlock, but they are installed in a very secure enclosure.

The teardown concludes with a fair assessment that could also be interpreted as a challenge: [rohare] couldn’t find any obvious flaws to be exploited, or a simple way to break the lock. He concludes the most probable way of breaking this lock would be, “knowing some trick of logic that bypasses the codes on the electronics”. That sounds like a good enough challenge for us, and we’re eagerly awaiting the first person to digitally unlock this physical lock.

Combination Lock Made Out Of Paper

Most projects we feature are of the metal/wire/wood variety, but there is an entire community devoting to making very interesting and intricate things out of paper. Imgur user [Criand] has been hard at work on his own project made entirely out of paper, a combination lock that can hold a secret message (reddit post).

The motivation for the project was as a present for a significant other, wherein a message is hidden within a cryptex-like device and secured with a combination that is of significance to both of them. This is similar to how a combination bike lock works as well, where a series of tumblers lines up to allow a notched shaft to pass through. The only difference here is that the tiny parts that make up the lock are made out of paper instead of steel.

This project could also be used to gain a greater understanding of lock design and locksport, if you’ve ever been curious as to how this particular type of lock works, although this particular one could easily be defeated by a pair of scissors (but it could easily cover rock). If papercraft is more of your style though, we’ve also seen entire gyroscopes and strandbeests made of paper!