Nitric Acid Is The Hot New Way To Pick Locks

Lockpicking is a grand skill to have, and one that’s often presumed to be one of the dark arts of the burglar. However, a new technique has come to the fore in some European contexts. It appears nitric acid is being used to damage locks to allow criminals to gain entry into residential premises.

Germany’s Bild has covered this matter, as has Feuerwehr Magazine. The technique has apparently come to prominence in the last couple of years. Attackers pour the corrosive liquid into the keyway of a typical door lock. This damages the cylinder, and perhaps the pins inside as well. Once the metal has been eaten away and the structure of the lock is sufficiently degraded, it can presumably be forced open quite easily with hand tools. The technique is apparently especially effective in Germany, where locks are typically installed with the pins facing down. This makes it easy for any liquid trickled into the lock to eat away at the pins in the bottom.

German authorities advised people to be on the look out for discoloration around door locks. If seen, it’s important to avoid contact with any corrosive liquid that may have been used on the lock.

It’s a nasty technique that doesn’t just damage locks, but doors as well! Meanwhile, if you’re learning the art of lockpicking, just remember not to practice on any important locks you might actually need. More pictures after the break.

Continue reading “Nitric Acid Is The Hot New Way To Pick Locks”

Hacked Electric Toothbrush Defeats Locks With Ease

The movie version of lockpicking tends to emphasize the meticulous, delicate image of the craft. The hero or villain takes out a slim wallet of fine tools, applies them with skill and precision, and quickly defeats the lock. They make it look easy, and while the image isn’t far from reality, there are other ways to pick a lock.

This expedient electric toothbrush lockpick is a surprisingly effective example of the more brute force approach to lockpicking. As [Jolly Peanut] explains, pin tumbler locks work by lining up each pin with the shear line of the cylinder, which allows the lock to turn. This can be accomplished a pin at a time with picks, or en masse by vibrating the pins until they randomly line up with the shear line just long enough for the lock to turn. A locksmith might use a purpose-built tool for the job, but a simple battery-powered electric toothbrush works in a pinch too. [Jolly Peanut] removed the usual business end of the brush to reveal a metal drive rod that vibrates at a high frequency. The rod was slimmed down by a little grinding to fit into the keyway of a lock, and with the application of a little torque, the vibration is enough to pop the pins into the right position. He tries it out on several locks in the video below, and it only takes a few seconds each time.

Such brute force methods have their drawbacks, of course. They’re not exactly subtle, and the noise they create may attract unwanted attention. In that case, hone your manual lockpicking skills with a giant 3D-printed see-through lock.

Continue reading “Hacked Electric Toothbrush Defeats Locks With Ease”

Opening A Ford With A Robot And The De Bruijn Sequence

The Ford Securicode, or the keyless-entry keypad available on all models of Ford cars and trucks, first appeared on the 1980 Thunderbird. Even though it’s most commonly seen on the higher-end models, it is available as an option on the Fiesta S — the cheapest car Ford sells in the US — for $95. Doug DeMuro loves it. It’s also a lock, and that means it’s ready to be exploited. Surely, someone can build a robot to crack this lock. Turns out, it’s pretty easy.

The electronics and mechanical part of this build are pretty simple. An acrylic frame holds five solenoids over the keypad, and this acrylic frame attaches to the car with magnets. There’s a second large protoboard attached to this acrylic frame loaded up with an Arduino, character display, and a ULN2003 to drive the resistors. So far, everything you would expect for a ‘robot’ that will unlock a car via its keypad.

The real trick for this build is making this electronic lockpick fast and easy to use. This project was inspired by [Samy Kamkar]’s OpenSesame attack for garage door openers. In this project, [Samy] didn’t brute force a code the hard way by sending one code after another; (crappy) garage door openers only look at the last n digits sent from the remote, and there’s no penalty for sending the wrong code. In this case, it’s possible to use a De Bruijn sequence to vastly reduce the time it takes to brute force every code. Instead of testing tens of thousands of different codes sequentially, this robot only needs to test 3125, something that should only take a few minutes.

Right now the creator of this project is putting the finishing touches on this Ford-cracking robot. There was a slight bug in the code that was solved by treating the De Bruijn sequence as circular, but now it’s only a matter of time before a 1993 Ford Taurus wagon becomes even more worthless.

Modify Locks To Baffle Burglars

While it’s often thought of as a criminal activity, there’s actually a vibrant hobby community surrounding the art of lock picking. In the same way that white hat hackers try to break into information systems to learn the ways that they can be made stronger, so do those in the locksport arena try to assess the weaknesses of various locks. For the amateur, it can be exciting (and a little unnerving) to experience the ease at which a deadbolt can be picked, and if your concern is great enough, you can go a little farther and modify your locks to make them harder to defeat.

The lock in question was sent to [bosnianbill] by [Rallock67] with a device that [Rallock67] had installed using common tools. Known as a Murphy Ball, a larger-than-normal spring was inserted into one of the pins and held in place by a ball bearing. This makes the lock almost completely immune to bumping, and also made it much more difficult for [bosnianbill], an accomplished and skilled locksmith, to pick the lock due to the amount of force the spring exerted on the cylinder. The surprising thing here was that this modification seems to be relatively easy to do by tapping out some threads and inserting a set screw to hold in the spring.

Locksport and lockpicking are a great hobby to get into. Most people start out picking small padlocks due to their simplicity and ease. It’s even possible to pick some locks with a set of bobby pins. And, if you really want to see how easy it is to defeat some locks and/or how much good the TSA does for your overall security, you’ll want to take a look at this, too.

Thanks to [TheFinn] for the tip!

Continue reading “Modify Locks To Baffle Burglars”

3D Printing Lock Picks

Over at the 23B hackerspace in Fullerton, CA, [Dano] had an interesting idea. He took a zip tie, and trimmed it to have the same profile of a lock pick. It worked. Not well, mind you, but it worked. After a few uses, the pick disintegrated, but still the concept of picks you can take through a TSA checkpoint was proven.

A few days after this demonstration, [C] realized he had a very fancy Objet 3D printer at work, and thought printing some pics out would be an admirable goal. After taking an image of some picks through the autotracer in Solidworks, [C] had an STL that could be printed on a fancy, high-end 3D printer. The printer ultimately used for these picks was a Objet 30 Pro, with .001″ layer thickness and 600dpi resolution. After receiving the picks, [C] dug out an old lock and went to town. The lock quickly yielded to the pick, and once again the concept of plastic lock picks was proven.

Although the picks worked, there were a few problems: only half the picks were sized appropriately to fit inside a lock. Two picks also broke within 15 minutes, something that won’t happen with traditional metal picks.

Still, once the models are figured out, it’s easy to reproduce them time and time again. A perfect lock pick design is then trivial, and making an injection mold becomes possible. They might still break, but they’ll be far easier to manufacture and simple to replace.

Picking Locks With Toool

What Maker Faire would be complete without teaching children the joys of jiggling and twisting locks until they’ve opened? Toool, the open organisation of lockpickers made their way to New York this weekend to show off their bumping skills and get the kids interested in manipulating small mechanical devices.

The guys from Toool had a very cool setup – just a bunch of tables and chairs with a few picks and torsion wrenches. There were a few classic Master Locks on the table, but also a series of six tumbler locks each labeled with a number 1 through 6 signifying how many pins were in the lock. The idea is to get someone started on a one-pin lock, and eventually have them work their way up to the full six pins.

In the video after the break, one of the more animated guys from Toool explains why they were there, and also shows off picking a Master Lock twice in under 30 seconds. Seriously, people: educate yourself on locks before buying one.

Continue reading “Picking Locks With Toool”

Marc Weber Tobias Vs Medeco

tobias

This month’s Wired magazine has an extensive profile of [Marc Weber Tobias]. He’s a professional lock picker that delights in coming up with new techniques for taking on high security locks. In recent years, he’s run afoul of the US’s premier high security lock manufacturer, Medeco, by publishing Open in Thirty Seconds with [Tobias Bluzmanis]. Medeco still denies that this is even possible. Wired decided to to test the team by purchasing six new cylinders and timing them. Each one was open in under nine minutes. You can see a video of this on Wired’s site.

Last fall we covered a decoding attack against Medeco locks by [Jon King].

[via blackbag]