Hackers crack high-tech locks

August 1, 2010
A woman uses a fingerprint scanner. Security maverick Marc Tobias showed hackers on Saturday how simple it is to defeat some of the world's top high-tech locks.

Security maverick Marc Tobias showed hackers on Saturday how simple it is to defeat some of the world's top high-tech locks.

"These locks might be winning awards but they are forgetting the basics," Tobias said while giving AFP a first-hand look at how to crack several models. "They might be clever, but they aren't secure."

A Biolock model 333 designed to scan and unlock for chosen people was opened by simply pushing a paper clip into a key slot.

An Amsec ES1014 digital safe was breached by sliding a flat metal file folder hangar through through a crack at the edge of the door and pressing an interior button allowing the access code to be reset.

Tobias grew passionate when it came to an award-winning electromagnetic lock made in China for Finland-based iLoq.

The innovative iLoq used the action of a key being pushed into the lock to generate power for electronics that then checked data in a chip on the key to determine whether the user is cleared for access.

Tobias and lock-cracking colleague Tobias Bluzmanis pointed out that the iLoq design counted on a small hook being tripped to reset the devices as a key was removed.

In what they referred to as a viable inside attack possible on locks geared for office settings, someone could borrow a key and shave tiny bit of metal from the tip and it would no longer catch the iLoq reset hook.

A pocket-sized tool available in US stores for about 60 dollars could be used to grind down the hook in seconds, the men demonstrated.

With either method, the result would be that once a valid key is used to open the iLoq it will yield to any key or even a screw driver stuck in the slot because it remains stuck in the unlocked position.

An audit trail left by a compromised iLoq would stop at the person whose key legitimately opened the lock.

"It is really clever, but it is also very defective," said Tobias, a longtime advocate for tougher standards in the lock industry.

"Electromechanical locks are more secure if done right. The question is whether the technology is implemented properly."

The security.org crew opened a Kwikset programmable "smartkey" lock with a key blank, a screw driver and a vice grip tool.

Tobias and his team consistently show up at the annual DefCon gathering in Las Vegas to pop locks with wires, magnets, air, shock, screw drivers and other improvised tools.

Their presentation this year was met with hoots and applause.

Lock-picking holds a natural appeal to hackers, who thrive on bending hardware or software to their wills.

Explore further: The first molecular keypad lock

Related Stories

The first molecular keypad lock

January 8, 2007

How can defense or intelligence agencies safeguard the security of top-secret data protected by a computation device the size of a single molecule?

When off-target is right on

July 26, 2007

Weizmann Institute scientists have developed a model showing that even though it appears counterintuitive, the observation that some molecular keys are not always an exact fit for their molecular locks actually helps them ...

Chemical 'Keypad Lock' for Biomolecular Computers

March 19, 2008

Chemists are reporting development of a "keypad lock" for accessing data from biomolecular computers, which promise to be powerful tools in many fields, including medicine and personal security.

A chemical 'keypad lock' for biomolecular computers

March 24, 2008

Researchers in New York are reporting an advance toward a new generation of ultra-powerful computers built from DNA and enzymes, rather than transistors, silicon chips, and plastic. Their report on development of a key component ...

So many passwords, so little memory

April 15, 2009

How many keys are on your keychain? I just looked at mine and counted nine keys. And that's not counting the bulky little remote control key fob that locks and unlocks my car. I've tried to consolidate my keys by making one ...

Recommended for you

Team develops targeted drug delivery to lung

September 2, 2015

Researchers from Columbia Engineering and Columbia University Medical Center (CUMC) have developed a new method that can target delivery of very small volumes of drugs into the lung. Their approach, in which micro-liters ...

Not another new phone! But Nextbit's Robin is smarter

September 2, 2015

San Francisco-based Nextbit wants you to meet Robin, which they consider as the smarter smartphone. Their premise is that no one is making a smart smartphone; when you get so big it's hard to see the forest through the trees. ...

Team creates functional ultrathin solar cells

August 27, 2015

(Phys.org)—A team of researchers with Johannes Kepler University Linz in Austria has developed an ultrathin solar cell for use in lightweight and flexible applications. In their paper published in the journal Nature Materials, ...

Magnetic fields provide a new way to communicate wirelessly

September 1, 2015

Electrical engineers at the University of California, San Diego demonstrated a new wireless communication technique that works by sending magnetic signals through the human body. The new technology could offer a lower power ...

3 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

Sanescience
not rated yet Aug 02, 2010
Who do they think they are, testing the security of products who's purpose is security.

LOL!
AlejoHausner
5 / 5 (1) Aug 02, 2010
It's probably a socialist plot to interfere with the well-meaning corporations who are trying to make an honest dollar selling high-tech locks. Shame on these researchers!
ForFreeMinds
1 / 5 (2) Aug 02, 2010
Hooray for these ingenious guys. It's a good thing they show everyone the easy to pick locks, so the better locks win.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.