An Evening of Lockpicking in Montana

Video Statistics and Information

Video

Captions Word Cloud

Captions

well thank you all for being here this is wild so why are we all here and why why are you learning from a guy like me whose name is usually deviant nowadays much to my mother's chagrin how many people have ever picked a lock before wow that's not a lot of hands but that's completely gonna change tonight next excellent so Who am I and what do I do well you've heard some of that right I have a computer consulting firm that turned into a physical consulting firm we teach people we lecture we give a lot of good information to people who want to know how easy it is to break into their security sometimes we try to encourage better security practices by educating others on nights like tonight or by running trainings or just by doing consulting off-site other times when you have people who just kind of don't want to believe their security could be that bad as people that LMG will tell you there's nothing like a good audit of their facility a nice red team test to convince them of that and we have probably the best story that we always illustrate this this by is a client says you know they think their data is secure they've tried to do the best practices and this and that and if they hire a firm like for example LMG LMG you might try to pop the network get and remotely take over the controller you know exfiltrate data we had a job similar to that we broke into their dev lab and data center unwrapped a server I just walked out of it because the front door is often the weakest link in a lot of systems if you can physically get to the data that is it that that is that is the ballgame right there so that's why we like to talk about things like this we also do because it's fun there's a world there's a whole culture just called lock sport or competitive and hobbyist lock-picking many of us are part of that community I sit on the board of directors for tool which is a 501 C 3 that just does public outreach and education we show the universities we show up at conferences this is walk on the big annual lock-picking competition where people from all around the world get together the co-owner of core Bob Vick is in the corner looking very intently at mem Fred the German champion and we have the honor of being turned into a comic recently so my life's neon pretty good it's a fun field to be in I don't deny the idea of breaking into buildings at night just because you were asked to and can never possibly go to jail it's it's got its moments I will tell you that so why do these locks matter to us why do you care about what I'm trying to say well we already kind of made the case for those of you who are here with HTC I a cetera you can do everything right on your network and if a company like mine is tasked with trying to break in I'm literally going to walk up to this device throw console cables into everything I see and drop a single user motor just start changing firewall routes if someone was a big push now especially a lot of our clients in journalism and such they say we're so concerned about eavesdropping you know we want to communicate securely with our sources and we just paid all this money for a new phone system when there's crypto and voice over IP and I sense probably great there's probably also a room like this in the basement where all that copper comes trunking down and what kind of lock is literally on this door that no one goes to if I can get in that room and I can just clip right in start listening to phone calls so we always remind people that you can do everything right from the perspective of your InfoSec architecture and your infrastructure but it gets undermined by the wrong person buying something at Home Depot and beyond that though locks hold a very special place in our world the idea of the locks for community and the hobbyist lock-picker community people are just fascinated by locks and keys you may have even seen you know tokens and trinkets and jewelry they're not functional blocks but locks just resonate with us in a very visceral way they they appeal to our sense of self and our sense of personal property in our sense of privacy a friend of mine named Skyler makes a really cool example of this talking about a hypothetical door and I want to take you on kind of an imaginary journey right now you are going to meet with someone and you're supposed to be meeting this person here maybe seeing an apartment you need to rent or it's a professor with office hours need to go visit him or her you're going to someone else's place and they're expecting you to a lot but you arrive before they do you call them up and you say hey is are you here I'm leaving you this voicemail maybe I maybe I beat you here he's stuck in traffic let's say the place you arrived it is literally a door hanging open just like this what do you do do you like go in do you maybe at least stick your head in kind of like pure okay are you here you look knocking on the door frame what if the door is shut do you do the same thing do you just open the door maybe you would maybe would this every situations different if you're seeing that apartment I said maybe you know it's vacant I'm supposed to be here maybe you're the type opens the door maybe you're not but what if that door has a lock instantly that door means something different and even if you're literally on the phone with someone and you're like hey I got here before you are you around and they say oh yeah the rock is like under you know in the garden look for the key under that maybe there's some people who probably are so into people's personal space then on the phone look how far you're at five minutes others wait for you I don't want to open that door because the lock means something to us and Skylar wraps it up by saying now imagine that door is hanging open but it literally is a door with a lock that's installed and whether you are the type to go through the door or not I guarantee you that door means something different than this door just because the lock was there and that's what locks mean to us and that's why we find fascinating and that's why we'd like to explore them we treat them as puzzles to be solved and dissected if you've ever been into the brain teasers and the community as a whole is a great one we we really enjoy it we pick a lot of locks and meetings and public places we have contests you can win prizes at various hackathons and if you get really into it the top top-tier competitors do come from around the world once a year this year in fact it is being held not too far from here in Seattle it's usually in the Netherlands but la com is once a year with the best lock pickers in the world all get together and it's an amazing time well let's get a little more simple for a second many people will dismiss the topic of lock picking especially from a security perspective when you start to explain you say well what if someone you know picks your locks you should maybe consider this better lock I just learned about locks a lot of times especially unfortunately in the business world you'll get people saying things like why do we want to spend more on locks there's glass windows right here someone can just throw brick if you ever seem like a nice beautiful public-facing server room like with big glass walls and all the blinky lights and nice perfectly tied back wires I've literally had clients that have said we're not going to upgrade that lock come on don't you see this is glass someone can heave one of these chairs right through the plain glass okay let me give you an old story that hopefully illustrates this modern story and how it was in the old marine culture when sailors in the Merchant Marines and sailors and all sort of walks of the Navy kept their personal effects and you know their sail back when you would put into port and this is we're talking 18th 19th century sailors would always make sure to tie their bag off with a reef knot or square knot if anyone was ever in scouts you know the simple square knot over-under over-under very very basic like as opposed to this is like this is like an outdoorsy community right who can tell me what this is is not square knot right what is it it's granny knot sailors would always tie their effects bags with a reef knot not because it's a particularly great not itself cinch but if a thief went into the bag stole something because there are people coming on off the boats back then they're moving material on and off they're moving goods if a sailor came back to his or her bag and they said woohoo this is not a reef knot they would instantly know somebody's probably been in here and it's not me it's not one of my fellow people on the ship and they wouldn't before they put out to sea to say hey who's trying to sell my whatever whatever down the dock criminals got wise to that criminals started to learn how to tie belief lock it's not a hard knot to tie just over-under so sailors started tying this that is not a reef knot that is a thief knot now interestingly enough hopefully our camera will work here on the other screen as well if I whip this together and tell me if I'm on camera does that look like a square knot right but the lead ends the working ends are coming off the wrong angles it is not a square knot it's actually virtually impossible to tie that knot by accident you have to manually take a bite of rope and manually feed through through the feet around sailors would tie a thief not not because they thought it was impenetrable it's just a knot but even though like the plain glass window if somebody smashes it if somebody unties it the sign is there for you the knot acts like a seal they would instantly be able to tell away whoa this is a reef not someone thinks they're tricky they're not tricky I know someone's been in here using good locks forces people to do something destructive to get in and if you force an attacker to be destructive hopefully you will notice it hopefully you'll be able to respond correctly that's why we want to talk about picking we want to talk about some of the covert tactics if you deny an attack or a covert path of entry you leave them nothing but a choice to expose themselves and hopefully that's kind of convincing so we had a couple of hands when I asked if you've done any lock picking we're diving right into it and we're gonna then spend the whole evening just doing hands-on fun if you've never tried this let's talk about it let's talk about locks that we use every day here is a locking doorknob here is a padlock kind of hanging on its side of a house here's a deadbolt mortise into a wall every one of these locks in these pictures they look very different externally they're form factors are rather different but they are actually all the exact same mechanism virtually all of the locks we use particularly here in North America are the same mechanism physically they're what's called a pin tumbler design it's been around for a very long time even in its current form it's so-called modern form it's well over 100 years old and you're probably familiar with this I mean there's a housing which fits a plug that is the round part that turns when you operate the lock if you look down the keyway which will have its own unique shape due to boarding on the edges you'll be able to see a little bump of metal I will flip to the webcam again in a minute you'll be able to see a small piece of metal and again in addition to that there is there's a warning there's a natural profile shape that every brand of lock will have well what you're not seeing we can look at on the inside here there are other pins in the law many people are aware either from the name pin tumbler lock or from looking at block you see a little pin doing something what you saw from the outside was that keep in the driver pin shown in blue and our diagrams here that is what's holding your lock shut most of the time and of course on the outside here you can't usually say the driver pane is kind of up in the housing of shell but that driver pin along with a spring above it what we would call the pin stack when left at its default rest position the driver pin is blocking the rotation of the plug so you can't get that plug you can't just stick anything in lock at the plug to turn the driver pin is blocking or binding and this holds true no matter which way the lock is mounted or facing he's on that padlock right with some kind of sideways if you're from Europe or you go to Europe extensively you'll know that this looks much more familiar to the people of many countries in Europe they mount their locks this direction it's very interesting in that lock on event where there's locksmiths from around the world blacksmiths love to just say top pin and bottom pin this and that when they're talking about their supply kits well if you're talking to a fellow in Germany and someone else is from Chicago a top pin and a bottom pin or not the same thing but we could say keep in driver pin spring in this pin stack the lock doesn't care which way it's facing no key in the lock the default at rest position prevents the plugs returning so what have you doing thread key the operation of a lock you've done it every day it is push the pins then turn the plug you push the pins by inserting the key the blade of the key pushes the key pin which is the driver pin you want to get that shear line between the two pins at the edge of the plug you push the pins and turn mechanically does this make sense all right nice clear diagrams that is basically the only thing happening inside of your locks day in and day out I say basically because if we kind of swing to the side view it's not a single pin stacking your locks that would be pretty weak security it's a series of them but they all work the same way every single pin stack has a key pin a driver pin and spring a key driver pin to the spring and those different key pins those red pins just happen to be varying in height because that is what corresponds to the cuts on the blade of your key that's called the fitting of the key you're curious and if the bidding cuts are all correct when the key rides it's push the pins then turn that's mechanically the only thing going on inside your locks when you operate them does this diagram also make sense okay you now fundamentally understand 90% of the locks you've ever used there's not a lot of variation here we have one pin stack in this key cut is a little too deep this one pin stack a little too low right but we would say low in the US and in Europe of course but that driver pin is just not quite clear it's not quite high enough it's not at the edge of this plug the same would hold true if the cut was too shallow on the blade of the key again and that this is what we would call the number two position usually when discussing a key we speak of the head of the key the shoulder and then you would cap going on to the tip so this is the first position the second the third the fourth most conventional locks you use our five pins that's a pretty average number but the second position near the cuff is too shallow the red pin the key pin is now jammed up at the edge of the plug that will bind just as effectively as the driver pin would so this will not work either you have to be you know it's very Goldilocks gonna be just right another point to consider the pins themselves are not are not exactly what's holding the lock together they're not exactly the pins are not keeping let's say the shackle of a padlock retained locks pins are not keeping a door shut we'll talk about this a little bit later with some bypassing attacks but for example these are all padlocks sitting on board and those of you who are outdoorsy types will recognize this is a long end of a firing range to be standing when let stars fly but we run a large shooting event just prior to Def Con every year Las Vegas we go out in the desert and one year my buddy Steve brought out some locks and he starts throwing 308 downrange and he's he's pretty sharp out it actually he's really good at it so he's we brought a lot of ordnance that year actually a lot of people started firing at these locks but I'm pretty sure of Steve who picked a few of them really nicely and here he is he's you know blasted right into these look at the really nice shot with his power he not only punches it word with a pin stack with P but he blows the entire core of a lot right out what is the lock shot it's still shot right the lock is being retained shot by a shackle and some latches up here well if that's what's holding this latch you know this shackle shut the latches are why attack the pins and the plug and everything else but you can just go around that's the principle of bypassing that's why although as you've seen in those commercials in the 80s then the tough under fire master lock everybody is able to either pick this lock or just shim it open relatively easily even though bullets but let's get back to picking because you're all eager to try that inside of a lock we've now seen it from the side view this is kind of a top view over here imagine this is the plug that we're looking down from above like we've stripped the lock apart all those holes those are the chambers that are drilled into the plug during manufacturing they're all the same diameter because the pins are all the same diameter they're all lined up can you folk read on the slide what it says in yellow and all these pins does it say find imagine you're trying to turn this plug with no key in it those pins they're all at the wrong height so they would all ostensibly be binding they would all be hitting or binding or black but it says it's up this is in a perfect world we don't live in a perfect world we live in a world where mass-produced goods come from factories many times overseas always at the lowest bidder and somebody is mass assembling a machined part that is not going to be precision engineered it just has to be good enough to work this is a brand new lock stripped apart photographic up close so here we have those pin chambers do not I mean you act like this is bad but like you ever try to drill into a curved surface do that a thousand times an hour you are now a lock factory the pins inside of the lock there nicely beautifully cylindrical of my diagrams but in the real world peonies have some irregularity names blemishing and pitting scarring all of these little imperfections in a pin tumbler lock means that this is much more like yeah can you see the difference even in the back do you see those pin chambers they're not perfectly true the pins themselves are not perfectly the same shape every time all the way down if you have slight imperfection in this lock as you do in all locks the idea of trying to turn with no key in it does not actually bind every single driver pin simultaneously it's like if you put a bunch of people in formation but they're kind of raggy as a line they're not really lined up perfectly and you say walk forward if there's a big table to follow one person is going to hit that table before anyone else does if they start it off a little bit out of alignment that's what happens inside of a lot whenever you try to manipulate it not every driver pin is going to bind your grab at the same time and this is what allows us to use pick tools we talked about operating a lock with a key it's pushed the pins then turn the only thing with a lock picking is you just reverse that you turn first and then try to push the pins and use some special tools to do it this is a lock pick this is a very basic hook shaped lock pick it's kind of what you may have seen you know if you've never even done lock picking maybe you've seen it in the movies like that looks like a lock pick right it looks like the kind of thing an actor or actress has in CSI or James Bond films this is also essential for lock picking you are far less likely to see this in Hollywood productions this is the turning tool and it is just as essential because we talked about just then you have to turn and then manipulate the pins using these two tools and we'll show you some more diagrams in a minute this is all you do try to turn there's a pin binding somewhere right like the driver pin that's the furthest one over is hitting and binding if you push underneath the driver pin that is binding if you push that pin stack you I mean have to eventually get to the right height it is in a chamber these pins can only go one way you will eventually reach the right height that the proper key would have raised depends anyway when you do that pin stock cook is no longer binding now the lock won't open yet there's many pins in the lock but do you see what you've done not only have you gotten this drawer get out of the way but a tiny lip right here will hold the driver pin up and out of the way as long as you maintain that gentle turning pressure from the side this is picking one tool goes in the turning tool little turning pressure on the lock now in pin is binding you don't know where you have to find it here we see using a hook pick to reach in you're just fishing around feeling how the pin stacks behaves and maybe one pin stack feels like there's a little more friction maybe you even hear a slight click awesome you probably found what's binding no longer is keep hunting around oh this one feels a little stiff click so in a world where you're sort of blind with your eyes but you can see with your hands this is picking it's reaching around and exploring finding the difference between loose and binding and if you feel a binding click and this five pin lock is now only meeting held shut by two pins let's keep exploring that and that feels pretty loose oh this one that feels kind of tight click now it's only one thing when you finally get down to the last pin you think what happens then blue that is all lock-picking it's in a nutshell instead of push and turn it's turn then push and you can all do this remember remember remember the turning tools a lot of people when they first like we spread all the locks out they just grab the cool looking lock pick since they look more awesome the turning tool is essential I'm going to give you a few tips with it even if it didn't stay in the top of the slide bad turning tool usage a few of you might recognize because we stay up late and watch TV anyone on a TV commercial in black and white is always doing it long so this person is not correct are you tired of your locks not open so yeah this person is sort of throwing a finger over the turning tool and is hooking with it I don't find that to be as soft and gentle and precise as pushing with the tip of your finger because your use of that turning tool is incredibly light your fingertips should always be fingertip colored it shouldn't discolor and we could look at this be like a look at that dummy but you press your finger it doesn't take a lot to make your finger tip not look flush color the amount of pressure on a turning tool can be thought of as akin to pushing a key on like a membrane keyboard that's the enough pressure imagine stacking a few coins like balancing them on the tool that's enough pressure very very light light pressures all you need the less pressure the better there are all different sizes and styles of turning tool but you can think of them in two broad categories standard or edge of the plug turning tools they will insert away from the pins way down here at the edge of the plug that isn't usually a longer headed turning tool that will reach further into the key way it'll achieve a pretty nice bite into that key way you will compromise your workspace a little bit but as long as the keyway is big and wide enough you can still get picks in there in the American market our key ways you can drive a truck through them compared to the European key ways of the world the only real problem is if you're turning tools slips way down start scraping along the edge how do you solve that well you take a thicker turning tool there's all different thicknesses and sizes of turning tools so this one is slipping around but a really fat one sticks in the keyway now of course you can't get the pins maybe I flip it the other way you're always picking kind of the big enough the biggest turning tool you can that will lock into the key way but still leave you enough room to look speaking of enough room to work smaller head and turning tools ones with tiny tips those are designed to insert right in the middle of the plug some locks you simply need all this space to get your pick tools in now this won't achieve as good of a purchase at the keyway it might bounce out on you but it gives you a room to work so it's a balancing act when we spread the locks out I'm going to give you a few introductory things to try the biggest number of locks we have with us that we'll share with everyone are these what we call progressive cylinders look across them and find the low number of cylinders like block number one let's say it literally has one big stack in it it's a great look for the lower numbers to start out it will be easier to try this tactic you'll be able to build it's like building your way up slowly by the way all of these lock cylinders the front face is where you want to stick all your tools in you do not want to do anything with the tail cap you don't want to unscrew the tail cap or taking a par usually when they have big public villages by the end of the day at least three locks are in pieces and look what happened in here yeah don't take a lock sparklies I mean mark and I could refit them but we don't want to if you're holding the lock in your bare hands we have some vices if you really want to mount them up and you know look at look write it forward but most people just hold locks in their hands keep in mind that tail cap is important so while you're holding the lock and stabilizing it don't pinch the tail cap in your hands you won't actually be you know they're actually holding the plug at that one you're not allowing the plug to turn so just keep it gentle use a turning tool there we go I can even do a little little demo for you on camera here just so you know we're not making this up it's not complete you know hooey the idea of being able to pick locks open quickly and easily so here we have just these are pulled right out of conventional doors you're gonna pull a couple of picks here and here now my turning tools am I still on camera all right so that locks open that's not that's not to barred a technique I'm about to show you with a different style of tool that doesn't look like the other ones you saw this wavy headed tool there's a technique called raking that's even faster we'll talk about why some techniques are faster than others or how different tools can be employed but when you're starting out why do I love that first like number one cylinder well we talked about how picking is this hunting around trying to find that did what what's the binding pin which does this feel different than this one if you stick in lock pick in with no turning tool you can feel the springiness in that pin stock then put a turning tool in you have a binding pin and there's no guesswork like which one's the binding pin it's the only pin stack in this lock put your pick tool back in not only will it open easily but hopefully it will feel differently you can reset it try it again try it again with less turning pressure it'll amaze you you have little turning pressure you need to still feel that friction whether you're directly lifting or locking lifting those techniques are fine whatever works for you and is comfortable in your hands I did say there are some other tools there's also some common mistakes on a cover before the end of the other tools understand that when you set a pin and you probably saw this in the other animation the driver pin stays up the key pin will move freely and if you move your picks away like some people look into the lock and they're just like oh that pins keep falling down or alternately someone will come up to and say I got a little pins jammed up they're not moving but this isn't opening well they just pushed everything too far they basically did this this is someone starting out the right way and then you'll see something go long so this person is bizarre and I understand this picking on feeling I'm feeling this is pretty loose okay that's not too bad oh I've got a tight one here let me follow click alright I've going along great how about this one that's pretty loose no nothing happening there this one I feel a little clogged it click and this person gets so excited it's so happy that they're picking that's all of a sudden off what happened there well they've over set is that red pin coming down for anything not now the only way to get that back down is to release your rusha let everything drop you don't want to jam things so high up that's usually more of a problem with locking I mean I tend to do locking technique mostly but just be mindful of the light be gentle some other tools not all tools look like little hooks you saw me using the rake the squiggly tip shaped tools those are designed to touch multiple pin stacks at once and then because you're touching more than one pin stack at once you're not sort of deliberately saying am i working the first pin now I'll try the second pin you're just trying to hit all the pins as rapidly as you can and get luck kind of lower quality locks cheaper locks will tend to break open very easily if you get lucky if you're a computer person it's like buzzing the lock it's like just throwing a lot of random data at it and seeing what falls out there's also the half diamond a lot of people like to keep a half time and in their kit it fits in tiny spaces very well techie ways here you can lift with it you can kind of rake with it or you might even say shovel with it other people love a half diamond because it is the only tool in your kit probably that has a flat edge all the way out to the tip if you invert the half diamond and try to lift up those pins this will not open the lock but slowly extracting it it will allow you to count the pins because you'll actually hear them click click click as they're dropping off the tip of that tool let me pull a half diamond over here and let me grab one of these and maybe in the front row if I shut my loud mouth some people can tell me how many bins this one had six and yet it just opens as easily as you saw so when you try this relax relax relax less pressure always always remember less pressure on the turning tool than you think you need less pressure on the lifting pick than you think you need and when you get a lot open say open so that everyone around you knows that you got it open and I know you've got something and I know that I'm teaching you something up here hmm there are a few other things I want to cover and then we'll kind of go into this interesting rolling evening where you pick a little and you look a little and we go up here a little I show you some other stuff some locks are harder to pick the others there are pick resistant locks out there and they're not that complicated from an engineering perspective to things that manufacturers will do to make locks harder to pick one change the key way I mentioned that in Europe a lot of the key ways are tighter more narrow or just not as much room in the key way if you get a key way that's really aggressively angled not only does it make it harder for someone to make blanks though you know makes it's your particular brand of blank but it's a lot harder to get tools in there like this is a real key way it's very expensive lock it's harder to engineer it's a gig a brand block for Austria but it's a very nice robust defense against the picking much more common than changing the shape of the key weight is changing the shape of the pins though here we have what's called a spool pin the driver pin is not perfectly cylindrical it has a little lip now if this pin is left alone if you're just doing push with a key then turn this pin doesn't care at all but if you turn before you've pushed you can see the idea is it'll kick over it'll expose a small lip and that might jam up or hang up when someone's trying to pick is it impossible to pick no if that is jammed over off a lip you can still push extra art underneath and because of that gap wants to include that gap shut you will actually get the plug to what's called back rotate just slightly you can see the black lines the indicator lines maybe some other pins you've set are now falling down and it gets frustrating but you can try to go back do your word again it's usually considered possible most people who we could probably get a spool pin block open there's about one or two hours of practice on training maybe by the end of the night some of you are going to get some of them open and manufacturers have been making custom shape driver pins for a very long time this is the same idea a mushroom pin it will drag with more friction but still have that limp serrated pins just have cuts all down them they Jam up a lot harder and you can take this to extremes there's a company in Sweden ASSA they're not part of the ASSA ABLOY group they do a double spool kind of pin with this counter milling in the plug for lockup way more expensive but still very very good design our most quote pick resistant locks impossible to get through not impossible maybe some of you will get through some of them tonight but we're gonna talk about that we're gonna talk about other things like combination locks bumping attacks we have a lot of fun things to cover but I don't want to just be staring at you while you stare at me I want to bring the that middle switch over back there let's bring the lights back up let's let people try a few things and I think I also smell the food arrived well also just will keep rolling through this whole evening there's a whole lot more to cover and I hope you're enjoying it thus far there any questions thus far or is the question can I please eat and play with us why don't you guys go ahead and get anything that is the food here though oh I don't know I'm smelling in the solution a it totally does someone so much bigger there are cookies and beer content yourself with that while we spread out some things for you play with so combination locks the classic you know gym locker lock right the epitome of a lock in this cut it's the kind of thing that you see on website logos where you put your password in it looks like a lot it's like what we think of as a lock it's the most popular lock in this country this lock provides effectively no security when we say you know if you're using a standard dial combination lock you're basically doing this you're basically saying please I would like my stuff to be here when I get back why is that well it has to do with what you're seeing here these are padlock shims padlock shims are tools used by locksmiths to quickly spring a lock open without attacking the the actual pins or the combination numbers remember that footage from the gun range you have the desert why attack the pins when you could just attack the shackle this is attacking the shackle so these little shims are designed to slip down inside the shackle again like inside the body of the lock because when you use a combination lock let me flip to my camera here for a second if you are using a combination lock and you want to actually lock it up if you want if it was open and you wanted to close it would you have to actually manipulate the numbers do you have to enter your combination or do you just slap it shut right you just slap it shut the latch inside of here is a spring-loaded latch and that just pushes out of the way says oh the shackle is coming down I better spring out of the way well if it's just a spring-loaded lever like it doesn't matter what pushes on so I can go ahead and take some metal from a beer can and if I you can see I'm gonna duck down so you can see what I'm doing so I'm just gonna take some canned metal some little nippers here on my mini Leatherman tool I'll need to cut a special shape and then I'll show you on the slides what's actually you know being done here so here I have just a piece of metal right and this lock is locked let me fold that metal over little here when we fold that metal over a little bit here bend it into shape and then if I drive this down into the lock I might get lucky and pop that open this was literally free like this is garbage and I can pop this lock over and that is all because if you can see it on the camera let me know do you see the little spring-loaded bar that's I'm just pushing that bar out of the way by slipping something down into the lock body so conventional locksmith shims they weren't great I make mine out of beer can they work justice I think they've been slippin a little better they're thinner they get into tighter spaces not gonna last you forever but you know drink another beer you make another five of them right there if you want to try that I've cut some my free cuts on I have other cans and we can try to play with there's some kombu locks up here we can spread them around when you try this when you slip that down into the lock it's the nose of the Shem goes in my experience I go down the outside I pinch those wings together to give it some strength and rigidity and you want to spin that around and drive it down you see that not only did these wings swing out over here but look how much lower in the lock the Shem is you really want to drive that Shem deep down into the lock let me do that one more time and then here's some pre-cut Shem metal we can cut some more later as needed when you're that's exactly yes you got a there's no there's no recycling in this town people don't get the aluminum address so this is that little M shape that I was cutting out and there's if you like going YouTube look for beer can add like gym there's plenty of people me among them with videos talking about this weakness so I fold once down from the top and then these little bits at the sides I just fold them up and around just to get them out the right and there you have it when you're looking at any of these locks looking at the dial the left side is where we're shaming the right side is nothing so just like you saw in the diagrams the Shem kind of gets seated pinch those wings together and some people will kind of get on this with a thumb and really dig down and push hard as they are spinning it around and if you think you've got it this one might have slipped in all the way or it might have jammed up on me if you think you got it don't pull up on the Shem just leave it alone just pull right up on the shackle and that should work and you can already see I mean this is not a perfect perfect tool or losing pieces of metal in there but that's fine it's again it's the ultimate and just kind of hone attacks and if it works great a lot of these locks by the way a lot of these you know can these simple easy to shim locks master lock has changed the design they've made that latch that spring-loaded latch they've made it narrower and they've made this sort of little jagged shape it just in general to interfere of slipping simple shoes in we've still got them to work you can look on YouTube for anti shim padlock shimmed and you'll see it still kind of works for us half the time but they've tried at least master is trying something in my opinion that's not good enough when better better designs exist I'll show you some here's a fun homebrew zoom story by the way friends of ours u-haul trailer they're moving across country they actually stopped at Def Con on the way and they were at Def Con with all their stuff for the outside the Alexis Park and I'm gonna you can see what they did here this is the kind of padlock it's called a great free shackle where the entire lock body can come off of the shackle when they slapped it back shut they were a little not paying attention this is the key way up here so that's no good but it's Def Con right selling we have the right supplies so we didn't even have time I was like they pulled me out of a pool I'm dripping wet I got no knife or anything on me but I finished the you know a Guinness and I kind of crumpled the can in my hands and crunched it around as best I could and we Jam didn't switched it around we got it to work it was ugly as heck but you know we were able to ship it almost any simple latch style padlock can be shimmed but this style lock cannot this is a double ball mechanism this is a can control cylinder in the middle that has to turn enabling these two solid steel balls to fall inward that is a proper padlock that is unsure mobile that it's nice its robust doesn't mean it's going to be expensive you can find really cheap jump go padlocks that's you can see this double bond right here or you can see on the packaging this is an Argentine you know lock that didn't cost a whole lot but sure enough double ball mechanism stainless steel the pins weren't great maybe it's tough picking but at least this is it's a simple enough technique it's something that exists too if you want have a combination lock you can still have one but look for warm it's not just a spring-loaded lever that also does not mean using the multi wheel combination locks those are also pretty bad they are attacked by the way and we're kind of glossing past this with what's called a decoding a sesame decode is one of the tactics used the idea is you might not know exactly what's happening inside the lock with different mechanisms on the wheels but if you can get the inner wheels line up with themselves by means of a thin piece of metal so here we see let's say this is like a briefcase you're slipping something down and you're finding the irregularity on each wheel as long as the wheels themselves are now aligned you can turn them in concert with each other just trying each combination one after the next one after the next one after the next and usually that's a pretty reliable way of eventually just hitting on the combination and popping it up so combination based locks not always the easiest thing to make secure either assuming with metal or this is you know a little mini knife that you would use a decoding attack like that someone asked me about another style or you know show up on the market it is then you've never seen a lock like this so this is the master 1500 I or speed dial it is the silliest name ever because nothing is dialed in this lock this is a button that can only go up or down or side to side and the combination is a series of pushes of this button it's a really interesting design there's a series of gear wheels internally that all shift position based on the direction of push and the position they were in when the push came so we call it the hash lock that's art it's like it performs a hashing function of your pushes if you know someone's kind of geeky and has one the main weakness is that it's usually up up down down left right left right that's the most popular combination on these so that works on that one there is an attack against it there is a sort of it involves a micrometer and measuring shackle travel very very gently and then pushing up once doing a lot of math a German friend of ours Michael Googler did a big write-up about this with beautiful designs and I can show you later at the end some of his you know just some of his animations of how this works internally gorgeous research but for a lot that costs all of nine dollars and it's about a 20 minute attack from the guy who invented the attack that's not bad in my book it's not shippable it's a it's a cool conversation piece of a lock I like that lock honestly I like it for mid-range stuff we use it when we you know go to the gym which clearly I should do more often how are you doing so far they're more questions are the more who's gotten like a lock open anybody got a five yet not mark it looks alright basic people is this your first time you got five amazing you are picking like actual doors at this point you are picking a conventional lock that would be on someone's door and it's not the end of the world frankly because most people are generally pretty honest most people don't go around just popping locks open for the heck of it but seeing what you saw earlier and seeing what you're trying now it gives you the knowledge hopefully then if you wanted to make your locks a little better it's not crazy expensive to do that you can speak with a proper locksmith and say hey I would like this lock to be pinned up with some antique picker parents or maybe and he'd say I'd like this lock to be resistant against bumping attacks we haven't talked about bumping yet but I would like to has anyone heard of bumping before there should be a there should be some hands they are very good bumping was known by locksmiths for a long time and it really hit the news in kind of a big way around 2005-2006 a lot of brands of manufacturers started saying oh the bumping we will make our locks bump resistance and you know some of those worked and some didn't well what is bumping what is the bumping attack or what is a bump key a bump key is simply a specially cut key usually with a series of very deep cuts that leave behind these little ridges that will exploit basic principles of physics to pop a lock open very quickly and if you keep getting Lots please please keep coming up as we're talking about this stuff keep cycling your locks out I want to see more people trying stuff so what is this bump key gonna do here well if anyone remembers their high school physics class Newtonian rules of motion this cue ball is on the felt behind it you got a three in a tube if you shoot this cue ball what's gonna happen just shatter those describe them look at twos Mullen the three is not transfer emotion right from one body to the next that is what happens inside of a lock when someone uses a snapper gun or sometimes erroneously called a pick gun you sometimes see these you know in like spy drama Zoar you see them in the backer like delta press catalog and stuff a snapping gun or you know I say wooden really called a picking gun the idea is this needle reaches in the lock and when you pull the big handle and you release this pent-up smacking pressure it punches the bottom of those pins it smacks into the key pins hopefully transferring energy up through to the driver pins hopefully just knocking those driver getting the driver pins to jump as you know out of there out of there plug and you turn very quickly just at the right moment in my experience it doesn't work out well I don't like snapper guns they're bulky they're big you know one wants to carry them around they make a hell of a noise it's obvious you're doing something you shouldn't be doing when you have one we don't use them a lot on pen tests we do use buck keys though a bunkie which is just again of special key little ridges if you smack that into the lock that's the bump happening if you bump the key into the lock you can smack into those key pins all simultaneously and hopefully jump those driver pins out of the plug just for a moment and flick the key almost at the same time the hit is coming some people will do this method kind of the pulled method where the key is pulled outward by one notch and then hit in other people instead of this method they will actually trim down the shoulder of their key maybe even the tip as well and that key can over insert ever so slightly and they will do what's called the push method a minimal movement method the principle of mechanics is the same in each case we can try to do a little demo of that here I've got my simple bump hammer although any any heavy blunt object will do you see people do it with butter knives and screwdrivers here I have a bump key you can see the low ridges right and this key does not operate this lock this is not it should never probably operate any lock I mean no key would be cut to this combination but this is not the right key for this lock if however and this is a negative shoulder a minimum Liuba I've cut this key down you can see it kind of Springs into the lock a little further if I give this key a little flick just at the same moment as I strike it with this bump hammer it will hopefully open now I don't want to earn like be pushing on this key right now why not yes they'll but you got you know you guys are conditioned that I'd be binding the very pins that I want to make them leap so barely a whisper of pressure just a little flick it's a lot of hit and a little flip how much hit and if you miss it will hurt we've seen news reporters trying to do bump key stories and they're like I bought these on eBay look so easy it's not working well you're not hitting hard enough so you got a pang there you go that's it right there no magic no hocus pocus just physics this is not the key but if I hit it it is the key simple as that this is fully populated five or six pins I believe that's a that's gonna work in a lot of locks we have a couple of bunk keys we have some you know tester locks if you want to try that at the next lights up break they're friends of ours are friends of ours in Holland who documented this really heavily tool the organisation of which I'm very pleased to be a part tool was founded in the Netherlands and they were one of the first people to really get on the news and tell people hey this is a risk and it's not a risk just for cheap blocks like you can see these are some these are some music some dimple locks this is a pin within pin system dimple that you'll see later AUSA is a big brand dom as was a beautiful lock manufacturer they found it work just as well with high-quality locks as with chip blocks it's not good for I shouldn't do this to your high quality box but it's also not hard to understand why it's going to work that way it's also not hard to prevent again competent locksmith a nice locksmith who is aware of his problem which everyone is now locksmiths knew about this for a long time but no one really engineered a good fix a locksmith can install what is known as an anti bump driver pit it's just a very low-mass driver man almost looks like a little nail and it is paired with a very high strength spring so this high heavy strength spring it doesn't mean that little nail kind of pin will never jump or move it might bounce a little but it will crest and fall back down before the other pins have even finished their ascent it messes up with the timing it actually completely screws up the timing in the lock and if you populate a lot but even one of these in there and that's what they look like the environment of parts catalog locksmiths can get these from common toko they come in a bag of 10 and for very little cost I mean they cost about a dollar or two each you can populate a lock up here is a conventional pin tumbler lock and it's a see-through housing so you can see what I'm doing just like the kind of locks you're using but I've populated you know a standard chamber and now I'm putting this antique pump pin in one chamber pressing that down some serrated driver pins this would be a monstrous lock to pick and it's not like I've reinvented the wheel here so if you have a door or a you know facility that there's this business I really need some better security on this ox consider something like this it's not going to run you three figures we have plenty of amazing stories of high security locks that will if you just need to know that no one could get in someone who's skilled enough could probably pick this I don't think I honestly would if they encountered a lock like this in the job I would not try to release waste my time it would take me a couple of hours a lot of frustration maybe some note-taking I might get in that's why we're gonna get to the high security section in a minute but it's absolutely please coated it's absolutely possible to make basic locks a lot better and then in a minute we'll get to the high security section as well can we hit the middle switch back there one more time and what we'll talk some I want to see how people are doing I'll send the bump keys around what you get are you still having a good time so far all right how many people have gotten I always keep asking around four or five how many people got a four how many people got five and then I'm help of you how many people is this your first time trying that is so cool that is so cool so did anybody get bumping to work I saw a couple of people getting it nice there's some hands we still have more beer can metal or soda can metal or some other kind of whatever I was drinking if you want to try simming later if you haven't tried that yet my usual question who's gotten the floor who's got a vibe that's a lot of you man this is so cool let's talk for a minute as invariably people get curious let's talk about locks that simply cannot be opened with these basic basic attacks everybody has their own definition of high-security like what that word means it's not an industry defined term for me my definition is that high security locks require tools and techniques that are not like right off the rack basic you can get these for third box because the kit like the pics you are all using basic pic kits are out there 15 20 30 bucks online that's they're all there this is basic they're not complicated tools and they'll apply to a broad range of locks in my world a high-security lock requires special knowledge special tactics special tools or is virtually impossible like this one this twin style lock if you've ever seen a lock that looks like two keys sandwiched together that's often the design inside of something like this you have conventional pin stacks working along with additional usually very smaller pin stack coming in from the side often they're interacting with what is known as a sidebar so running the entire length of the plug is this bar that will only fall inward if other conditions are met this is of course from AUSA again this is a European model the twin the v10 twin the American market does have from the Schlage company she laid the Allegiant company Schlage is their big brand I mean that is that is commercial locks in this country every industrial cover every big business building you go into is probably going to have slag dead bolts and handle sets on all the doors slay does have a product line called the Primus the Primus is a you know double fitted lock it is conventional bidding here side cuts here additional pins we would sometimes call them finger pins coming in from the side interacting with this side bar along with the main in event you know typical pins up here is there no way to pick this no I wouldn't say that I've seen it done I've seen it bumped I've seen a lot of things with a Schlage Primus but almost always they either had someone who had made some special tools for themselves or they had some knowledge about the system what do I mean the system well a big building that has Schlage Primus on every door probably has different bidding cups and different pins because you know not everyone has the same key in the office but many times the sidebar is shared throughout the whole system so you can compromise one lock or if you're in a small enough you know area if you get more luckily if you find out who their locksmith is that's selling them these Primus locks sometimes you can buy more Primus locks from that same dealer and try to get the side bar code because there's different levels of side bar mark can probably speak more reliably about this than I but I think it goes from levels one through eight in terms of level one and level one plus is the national side bar just all over the Americas if you are a small small vendor and you say hey yeah then this one customer asking me about Primus and you've contacts late well say yeah we can sell you some Primus you're getting level one because you don't want a big contract for resale if you're a big you know you I'm gonna sell nothing but Primus and put all these buildings you might get a higher level where they might give you your own unique sidebar code or maybe a couple of sidebar codes or we're at you know Vegas every summer we're out of black and sands and other events most of the Caesars Entertainment properties have Primus on all this all the locks I guarantee you someone in the shop probably in the basement of Harrah's the old the old original house is probably their in-house locksmith and I bet you they have their own unique side bar code for those profits doesn't mean you couldn't take one lock apart read the side bar code and it know what it is so there are some weaknesses but for picking attacks very robust there's a very popular brand of lock in the u.s. called medico if you do any work with the government you may have seen medico locks how do they work they do have a sidebar the key pin actually spins while it is lifted up and exposes a slot on the side of the plug four fingers of the sidebar to drop into here's you know what's happening there the key pin is a special chisel tip it has grooves running down it the keys themselves are cut at angles it's a really interesting system here's a top view of a Medeco plug those little black dots are the cuffs in the key pins and just the side bar removed but you can see them oscillating and turning it's a really cool idea doesn't mean that it's completely unthinkable no it does not there is a gentleman named Mark Tobias he is a lock researcher and a security expert he has published a number of books in the field of lock picking in lot research and police research guides mark published a book just about attacking medical locks he had a real big he had them in his crosshairs for years and he and his partner Tobias Kuzma has published a number of attacks and so you'll see this is at lock-on this was the final round with this is all over Peterson and I think this gentleman is from Spain I never remember his name they are attacking medical locks in this video now can anyone know it's really hard and they also they were using a series of specialty puppies to try to set the sidebar before picking a lot but it's still possible there's a very popular brand of lock called multi lock also these are all I'm trying to focus on the American market but you're likely to see here multi lock it's originally an Israeli design its popular widened by a lot of locksmiths in the US it is a dimple style key but it spins within pins so you have key pins inside of key pins driver pins inside of driver pins it's a telescoping pin system really neat idea very robust design have there been attacks against multi lock yes there have this is the latest generation called the MT 5 it has a series of sliders there's a little slider groove running down the key the only thing we don't get into a lot of deep deep details that some of our like NBA is don't allow us to say I will say and some of Sheree students who saw this presentation before they know what's coming this gorgeous looking empty five I can't even pass 25 around you can play with it you can see what it feels like in your hands it's a neat idea as far as locked out it's very well made and just hang out passing around play with that but there's this little tiny hole right here that hole probably doesn't need to be there and in fact on later generations of the MT 5 it's not there now they didn't call it it's on the MT 6 they just quietly don't have that hole anymore it was a small security flaw and it didn't completely compromised the lock but it made it a lot easier to attack and even like the electronic version just because something looks newer doesn't mean it's newer like the click-click is also a Blois electromechanical technology that they put in a lot of their cylinders this is the mt 5 click still has the whole like they don't move as many click products off the shelf so is this a problem no no I wouldn't think of it someone's immediately attacking an MT 5 plus but you never know just because thing looks high security doesn't mean it's completely infallible a whole different design of lock that doesn't use pins at all is the rotating disk system of locks if you've ever seen a key that looks anything like this some bike locks you may have seen the keys like this the rotating disc system was very big still is very big in Scandinavian all up in the Nordic countries you see these there a ton that's kind of the region where they originated they almost worked like miniature safes inside they're a series of wheels that all have to spin exposing a groove slot to a side bar that wants to fall in are there manipulation tools there are they're different than conventional picks but they exist they're out there I think they're a little harder to use but maybe a you know a scandal ijen person thinks these are easier to use and our picks are hard because that's what they grew up with there is a very restricted very high-end tools that I only have fuzzy photos of that are just for attacking very high-end rotating this blocks but there are certain products on the market that currently have and one of them is a rotating disc currently have what we would call no publicly known attack or bypass and this one lock you're seeing a cutaway of this is by the aah blade company the aah bleep protec lock I love this design it's a again a series of miniature wheels a series of sidebars ask me if you want more during some Q&A time I can explain the envelope protec a little better but for reasons essentially for math reasons it is not possible to attack or manipulate this lock by any currently known system I love this design and I incorporate it in some of the padlocks I use one other type of lock where there currently is no publicly known attack or bypass is a very high-end magnetic lock some locks have magnets embedded in the key me was a company from Japan makes really nice magnetic locks mid-range I saw one another on apartment building once in New York this is an Austrian one this is the MCS by Ewa the magnetic code system I should be really clear I don't like get free stuff or even t-shirts or any of these firms that I talk none of the ones that I crap on and other ones that I praise I don't have any relationships with them other than hey I'm talking about your stuff again want to send me some free things no okay bye so Ewa makes the MCS if you see the key I mean that's serious business looking key and if I tell you there's magnets on the key some people might presume like oh it's got to be like you know some arrangement of north-south north-south and probably consequently underneath on the other side must be the opposite many magnetic keys work that way this does not those of you who know some EE background or some some physics know that if you pass a conductive material at gas get up and go through a coil of charge coil you can magnetize it you can s how you maintain bar magnet right in the construction of the MCS they pass disks through the charge coupler and they actually magnetized them like this assemble them with tiny rotors in the lock so that the key itself it's not simple north-south north-south it's discrete zones of magnetism helical e around each pad of the key it is a gorgeous design so that each side of the key has one of eight possible rotary positions in the eight magnet paths do the math permutations large numbers this is how it looks on the inside these little rotor wheels all have to spin aligning a gate that would normally be randomized they line it all up and now the sidebar can fall it and that sometimes in conjunction with other sliders or other passive elements other sides of the cake it's a gorgeous system very expensive but again if you have like a server room and it's thousands of pun thousands of records in that room or if you have a collection of varying like I have a huge collection of firearms I'm going to spend possibly three four hundred dollars on a lock on a safe if I can leave my attacker no Avenue of covert entry I would argue that the server room is way scarier of a breach then like my gun safe so it gets into my guns you know what I'm pissed that I don't have them but like there's plenty of guns the criminals out on the streets they're gonna do what they do the idea of someone covertly getting to the server room and then what's the second half of that getting out again without you knowing that's the scariest kind of luxury that's why these sort of unbreakable or you know no known attacker bypass systems have merit even if there's a glass on the front of the server whether any did any of those have you ever seen any goes in use maybe so you might have seen some multi lock somewhere anybody seeing a multi lock in the US one and in the back medico anybody Fed Army yeah meta go is kind of popular you never see the hablo you never seen MCS you just don't see him here there's one vendor that sells them in the US market it's a friend of ours name is an iteration mitch is based in Washington State he runs the site called security snobs and if you really just really want one of these crazy European locks he works with a friend of ours in Holland to import them and he doesn't give me anything free for saying that he's a nice dude he's the sweetest guy ever and I'm glad that he tries to you know sell some interesting stuff now I showed you all the high security let us drop it back down to some crazy low security problems because we talked a little bit during shimming about bypassing right let's talk about one of my favorite bypassing stories the story of the American padlock not like murica but like the brand American lock and they are an American firm like they're they're a really nice firm they've since been acquired by master lock who now owns them and is slowly phasing out the American brand name you don't see much else much American Lock used to be like V lock on city streets at night you know the cladding comes well not in this town you have a nice town I'm from Philadelphia so like the big storefronts that come down at night enemies big like these were the locks you'd see us floor funds now they are a double ball mechanism hardened shackle they have enough brass and other metals in the shackle to prevent oxidizing flame cutting double ball mechanism we have the control cylinder here the cams you know cuts here marry them up against this is the the core which is a removable core its ejectable if you have to rekey it the core touching here little half circle little quarter circle I can show the actual parts show right here so here's the core here's the control cylinder here's one of the ball bearings that is all what's inside an American padlock and that's a smaller version of the big model now someone created this it looks like a lockpick it is not a lock this is a bypass tool or a bypass driver just for this padlock how does it work well if this is your core and this is the front of the keyway right the key way as almost all key ways are and the plug is cut all the way through to the rear of the plug so this is the rear side of the keyway which again this would normally be touching up against here so this tool which is not a lock pick it does not manipulate the pins it goes in the other way around it goes all the way through the key way if I can line up and you can so I want you to actually see how I'm going down if you lay here you can push it straight through darn little stiff on this one essentially you can push it straight through and just flick right at the tail side you can just flick that control someone there open will get why mess with the pins if you don't have to here is a proper you know American padlock I can stick it now I'm not pushing it up into the pins I'm down away from the pins straight through and that attack works on the giant model the min worked on all the different locks that is a classic you know just case of bypassing go around the lock and there's a great will loop back to that at the end and I loved including with the second half of that story other kinds of my passing door latch bypassing is huge like I used to grow up watching Bill Cosby and the Robert what was his name I spy remember that show and they would like credit card doors open and stuff people shaking their heads here you're so young but the idea of using thin tools think hooks or little thin spikes to just push in to a doorframe and slip the latch out that's still a valid attack on plenty of doors here's a locked door oops that works modern doors should prevent that they should be what are called anti loitering or anti thrust if you're curious the term loitering which is Locke's missile no that term it refers to way back in the 40s and 50s celluloid was used they would use this flexible but stiff celluloid just slip into the doorframe and try to push the plunger or the latch out of the way modern doors should be resistant to that kind of attack many of them are not mostly because of Miss installation or door fitment or just you know or product choice you can find these on a red tape with like I will walk through your building point all this stuff out scare you and then I'll be like now ready to fix this you might be spending it's not a lot of money to fix this cat problem it's also not a lot of money to fix this this doors locked what happened that door had a passive exit system they requested to exit system tied to its infrared beans take a can of spray or spray duster flip it upside down like I used to do to scare the cats when they were getting into something I didn't want them to do a giant cloud of cold air that a lot of these sensors don't know the difference between a human who's warm and cold they just see temperature differential that doors oh this is real simple stuff to mitigate if you understand how to change your sensors positionally or how to change the logic and how they work or just in your secure environments use a push to exit button there's a whole lot we could get into but understand that these vectors of attack are usually what I'm using on a pen test I'm not picking most doors I'll go back around and like will documents and picking and put it in the report to show the client yes this lock brand is probably for neural but most of the time we are bypassing our way through everything getting in easily and all because you know people are not using locks that are resistant to covert entry the way I love to try to make we'll think about this we've been touching on this every time tonight I keep coming back to it these are very nice locks off the shelf you might call all three of these quote high security locks I probably wouldn't this Master Pro Series it's probably about a forty five dollar lock everything I've taught me today you could get into this lock probably if I take you a while it's got some anti pick pins it's got some heavy Springs but you could use these basic tools in front of you and the tactics you've learned tonight you could get that up or conversely an attacker could get that open if you had a bunch of valuable stuff in a storage unit and you locked it up with this and you came back to the storage unit and it's still there do you know nobody's been in there not with this lock for this office locked office is a German brand this is a rotating disk system the Granite's lock you could get that open with a very hard to attain tool and very specialized training I have not you know covered rotating disc manipulation tonight because frankly we don't have the time to get into it our advanced training covers it we do it for the government stuff but again is that like a better lock than this first one I know I mean it costs a heck of a lot more it's like 150 euro but it's way more resistant the last lock on the end that's the omelet protec of which I spoke there are no known attacks or biases again you're paying a little one that's probably a that's probably about 250 III in a lock it's there that's their biggest version but what's your Pete is your peace of mind worth like an extra 65 bucks a hundred bucks depending on the installation are you guarding against covert entry or brute force entry like it's all it's it's all a rich tapestry right every situation is different but understanding that some locks have a purpose beyond just you know your key in the door again the color in the glass door oh my gosh someone could throw a brick through this door or like my luggage when I travel with my Pelle case it's my right fly I have oblah locks on them they're the tiny out you can get a tiny oblong lock it's like thirty bucks and I put one on each side and people say you know those are so small someone can cut them you know like oh you could break the case open look yeah that's happening you want somebody cut the locks I knew that it happened I knew it the instant my luggage came out of the belly of the airport and conversely every time and she'll tell you I fly way more than I wish I did these days every time I get off the plane I pick up the bags as soon as I see the ABLOY locks dangling from my luggage I know like in my heart I know nobody's been in the luggage because the only way they could get in is by destroying a lot our ebler locks are countable not completely this is a bit of program just for the protec community and the idea is you can carve exactly the right size out and pull the disc back out and then you can operate the lock like with a screwdriver now is that a condemnation of a ploy Oh in my opinion enough spent like super heavy carbide steel enough metal and power will get through anything but that's obviously a lock that somebody messed with if you come in on Monday and your glass is still glass and your lock does not look like that you know no one's been in there so that's what we like to summarize that's what we like to always keep you thinking about in the real world when you're facing most attackers of brute force and all these but these are like neighborhood watch kind of advising keep your doors you know screwed in correctly don't let anybody smash their way in but in the business whoa if you use the right lock at the right time you are really guarding yourself against any kind of pillar injury this is a great it's a hilarious scene in a movie called red and this you know she's saying oh did you can you get in did he get the code and he said no changes every six hours no let me forget it so he kicks through the drywall it's unbreakable the lock but a force impossible but the principle reigns like they got in with five minutes later a guard should be seeing this and setting off alarms and everything else so in my opinion it's great cinema but that that lock works you've denied the attacker covert access you've forced the attacker to be overt in their technique that's that's what it's about if we're just we're not throwing you out when I show you in concluding here we're gonna keep hanging out as long as you want but if you want to learn more if you how many people have fun tonight excellent if you want to learn more I finally put my friggin books on the slides people I always don't like talking about myself whatever there's plenty of videos online there's tons of presentations that we've given and other people like us have given you can use Google or look on YouTube for lock-picking for a lot of this stuff take it with a grain of salt not everything you see is completely accurate but a lot of style ah this knowledge is out there every talk I ever give on a lock-picking if I have ever recorded I throw it up online and you can just watch it later if you want to get into sport picking there are lots of tool chapters there are lots of chapters of other Loch sport groups one in Montana yet maybe let us know at the end of this if you really want to have like a monthly meeting maybe we'll start a tool chapter in Montana now fun if you're curious about the legality of picks every state you see in green picks are legal if you've heard that fix are not legal in your state you have probably given bad information there are only four states that appear in yellow on this map they're Mississippi Ohio Virginia and Nevada they are still rather legal there just ask me what the question mark is the only other state Tennessee appears in amber still kind of legal there ask me later if you happen to be visiting those states a lot I'll explain why these colors are these colors so to conclude right we had a bunch of jokes early on like people think that lock-picking is this shady field and people think that lock Pickers are scary but for the most part I like I cop and I like to talk about this because we're not we're regular people people who are interested in locks are people like media we're young and old for men and women we're just people from all different walks of life the Loch sport community is growing more and more in this country and people are learning that it's not an affair at open months people are learning it's not like this nefarious art that's no one should talk about it's perfectly fun it's just like any sort of if you learn more if you're kids learning martial arts or if you learn to use firearms like people will say oh you're going to attack people no like this is fun stuff it's good knowledge it's self discipline and it's this community where people compete in this camaraderie and the competition is serious and everyone's friendly at the end I love being a part of this world and I love sharing this world with other people and if you have you know actual business concerns or real concerns about security remember that by participating in talks like this and sharing knowledge like this you're helping people be more secure not only are you more well-versed and able to make better decisions like when you go to Home Depot but remember that bypass driver right so American lock much to their credit did not respond by trying to sue like the manufacturer of this tool this is a guy named Ken and make this tool an American lock didn't try to be like no this is all fake in issued press releases American lock was like well this is no good so they started making this little punched piece of metal they call the security wafer and they would say all right eject your core put it on the lock and like reassemble to disassemble the lock and new locks are shipping from American with that little security wafer and they say it's literally like if you're a computer person it's like a cache it's like they real it's like it's Tuesday right now like download this boom there you go so you're secure so what a Ken knew Ken Pearson who runs Peterson Tools he's like I see what you did there American lock and he went to his lab he's like new but package pricing you can buy the bypass tool like this well what is this this is a way for a breaker set and you twisting you punch and you're spreading it back and it punches a hole exactly where you need it in the wafer and the end result of this though is not that the sky is following and oh my god is and everything horrible American lock looked at this looked at their designs look talked again they said alright we're not solving this problem with 10 cents worth of stamped steel an American lock redesigned their whole system they still sell a conventional padlocks but the big product now and the one that everyone started moving to is the hockey puck look at the shackle is padlocked this was the American 2000 one of the earliest locks to do this complete list there is no shackle there is no control cylinder full of different design the bypass doesn't work on it most picking is really hard on it they use really aggressive pins and because people like Ken created that bypass attack and because people like us share knowledge and talk about it exposing bad security drives the industry in a healthier direction and it drives the consumer in a better direction and by talking about things that some people think are scary you're actually doing the most you can to make people's lives safer and I thank you for listening and thank you for being a part of this hangout thank you very much yes question in the back sir so the gentleman says when he goes to the airport the TSA does not usually care for locks on his luggage certainly not locks like you saw in mine your luggage probably does not have a firearm in every case so that is that is the reason why I fly with a firearm in every single check bag I ever check and because of that you are not just allowed you are required to use a non TSA proper padlock there was a talk I gave I want to say at DEFCON 18 called packing in the friendly skies search for flying with firearms like on YouTube I talk all about it I talk about every airline all the policies it's simple to do if you are flying like we both grew up in New Jersey not a gun friendly state if you're flying back to the Garden State flare gun flare gun is 50 state legal 50 states no permits of any kind and it is a firearm expels projectile by means of combustible propellant you put a flare gun in your luggage you are allowed in fact required to proper lock it heart up I usually just have like my 1911 or my m9 or something in there but yeah you do what you want that's that's the end does that answer your question yes very good and you had a hand oh the answer that was it's movie there's a fella in India his name is Brock and he created a site called hacker strip so he reached out to people in the tech community and said tell me cool stories about jobs you pulled and things you've done and he just like rendered this amazing comic strip and I wrote the script with him and he just beautiful drawings and my team loved it and he's been doing these product about seven or eight issues out of different people all different Jason streets in one Charlie Miller doing auto hacking it's just really really cool to see and he eventually this he's this guy who just wants to sell a book one day he's like tech community you guys got a lot of discretionary income I'll sell stories about yourself to yourselves but I love it like if you guys have a team of individuals that you've done cool research like reach out to the people at hacker strip they always want stories and then you could be immortalized eat ink any other questions anything you did not get to try including beer and pizza which there probably is still someone else yes questionable yes so tom was asking and not while I'm answering that I'll try to flip up to it tom was asking if you think a lock has been attacked can you you know what what do you do there are whole fields and whole specialists and you know we have folk on the team who basically specialize in what's called lock-picking forensics or locks forensic locksmithing a yep a lock will reliably and repeatedly be touched by certain you know pieces the lock will be touched by a key overtime when you're at the middle switch again when you're using the lock day in and day out so that'll have certain effects that'll do things like the pins those will get polished essentially by the key over time so a brand new pin manufactured with these sort of concentric rings they will tend to polish out polish out and polish out other things in the lock will will leave a lot of traces of oil and debris and deposits but where you start getting interesting data has to do with picking picking will touch places that a normal you know key would never touch you'll start to get scrapes that don't belong there it will also leave scrapes and very noticeable marks on the bottom of the pins so these are actual you know forensic imagery that we've had one of our fellows datagram just he does testimony in court this is raking this is pickin this lock has been attacked this lock was attacked by so yes I mean that there's a whole field just about forensics and it's a very specialized field it's not just going to you know your your corner locksmith the corner locksmith is fixing getting the new lock in and doing a good job of it a specialist is taking images like that and maybe talking to an insurance company we've had you know is it like you have a break-in oh my god that stuff's gone and you call the insurer and you say oh we had a break-in they say ok we'll send somebody right out to document the photos the broken door and you say well no no no it wasn't a door you say well we were talking about the window please know if there wasn't if they picked in they use lock picks and the insurance companies will say sure they didn't tell me another one you have bad key control you had a rogue employee you had bla bla bla bla bla you didn't lock up and people have had to go to cool you're talking about you know five six figure pets and they've gone to court and in pretrial discovery when somebody like turns over this sort of imagery it says well this is what we're preparing to testify to now insurance firms will say we drop our objection whatever here's your check so it's real money at stake sometimes and you know talk to us later about preservation at the chain of evidence and as anybody who works with oMG knows it's it's not just can you document the evidence it's can you document it in a verifiable way that it's it is literally evidence as submissive in court so hopefully that answered that question that was a little bit long anyone else we can hit that middle switch again yes oh very good so the question is why are European locks service or seemingly more advanced more than anything is a problem of standards in Europe many locks are rated by insurance companies and the police and you will get cuts on your insurance premiums and doesn't matter if you use a certain rating of lock in the u.s. we do have lock standards they're almost all industry wet so the builders when the VHD finished FTM a bonus manufacturing trade association and antsy antsy has a standard virtually all of those standards are a wear and tear so how many uses and to fail or route force resistance drilling wrenching cracking they'd like for the years they didn't have a standard that addressed bumping and bumping was known great they've added language but I think it's dumb the language says like hey Locke is antsy great one if it can resist bumping for fifteen minutes like do you know how pumping works and either is or isn't going to work it's it's not a 15-minute attack I don't get why that language was developed I don't and that's mostly what it I think it's a problem of standards and public education and it's also kind of interesting to me and it's this is where you get a little tear in the eye about our country as we watch I'll get political for a second as we watch our like freedoms crumble away we're still not the same thing as like an unfree country in Europe in parts of the world where like France France has a really like fish a makes gorgeous locks of their big brand in France and their highest lock is the f.3d amazing intricate system hundreds of euros and I asked somebody once at la Cotte I asked my buddy Alex I'm like so if Rick buys this like what is like this doesn't even it's so huge it doesn't even fit in a normal door you have to buy like a heavy door and I was like this is for like serve them like who puts who puts this on like their house he's like oh lucky me and I said why why is that he said well deviant you like to you know bitch about law enforcement and other problems in your country but if you have a problem chances are you're probably calling the voice we live in a country where within our parents down generation some of them are grandparents the police and the government were the ones coming for you and there's this culture of much greater distrust and much greater guardedness of your private property in Europe which is strange when you think about how a lot of their social networks are but that's I think that's a part of it too it's a very different culture and like the Germans and the Swiss our culture of engineering so their locks are just very intricate we were a culture of mass-produced goods that's kind of I should have like a bourbon in my hand now you just talk about that kind of all night well that's kind of the dresses that sling yes other questions everyone's just diligently you a everyone probably has somewhere to go or they're like we want to feel like it's time to leave if you want to know if you want to like head out you can keep playing you can stick around you can do whatever you want to do but I'm gonna stick around here for a little while longer thank you so much for being

Info

Channel: DeviantOllam

Views: 38,203

Rating: 4.6375837 out of 5

Keywords:

Id: 7dFoo8NRmIA

Channel Id: undefined

Length: 89min 31sec (5371 seconds)

Published: Thu Apr 30 2015

Reddit Comments