Wire pops lock certified for US defense facilities

Aug 07, 2011

Hackers at a DefCon gathering were shown how a high-security lock certified for use in sensitive US government facilities can be easily opened with just a piece of wire.

Security specialist Marc Weber Tobias had plans to meet in Switzerland with lock-maker Kaba to discuss ways that the Swiss company's Access Control E-Plex 5800 model and its predecessor can be foiled.

"It is a threat to the government," Tobias told AFP after his presentation at DefCon, which wraps up in Las Vegas on Sunday.

"I am serious about it because I don't know where they have been installed," he continued. "They could be at the Pentagon."

The Kaba 5800 was described as the first lock certified as meeting new US requirements for coded access that keeps track of which contractors or federal workers open which doors.

The lock is designed to be opened by swiping a key card and then entering a long number code.

Tobias and cohort Toby Bluzmanis showed how a Kaba 5800 could be opened by poking a piece of wire through the casing of a small LED light on the lock face and short-circuiting underlying electronics.

Red and green LED lights on the lock are part of a feature that lets a receptionist open a door remotely with a push of a button.

The lock could also be opened with the thump of a mallet or by removing an inside plate and inserting a wire in a way that lets someone, from that point forward, open the door by pushing a handle up instead of down, according to the duo.

"We figured out nine different ways to break 5800," Tobias said.

"You are not going to get away with some of these techniques at the Pentagon; you would have a nine-millimeter pistol pointed at you."

Tobias and his team began to scrutinize the lock after learning that several years ago members of the Jewish community figured out that an earlier Kaba keypad access model could be opened using a magnet.

Keypad locks had found a niche in the Jewish community because the religion prohibits using keys on the Sabbath, according to Tobias.

"A Jewish geek squad was helping elderly people open their doors when they couldn't remember key codes," Tobias said. "They figured out you could open the locks with a magnet."

The Kaba 5800 model is priced at more than a thousand dollars and the company was said to have sold fewer than 2000 units, with the new DHS standard not being in place until next year.

"Kaba is a good company," Tobias said. "This is a problem endemic in the lock industry, they think like engineers not hackers."

Explore further: Report: FBI's anthrax investigation was flawed

add to favorites email to friend print save as pdf

Related Stories

Hackers crack high-tech locks

Aug 01, 2010

Security maverick Marc Tobias showed hackers on Saturday how simple it is to defeat some of the world's top high-tech locks.

The first molecular keypad lock

Jan 08, 2007

How can defense or intelligence agencies safeguard the security of top-secret data protected by a computation device the size of a single molecule?

A chemical 'keypad lock' for biomolecular computers

Mar 24, 2008

Researchers in New York are reporting an advance toward a new generation of ultra-powerful computers built from DNA and enzymes, rather than transistors, silicon chips, and plastic. Their report on development of a key component ...

Chemical 'Keypad Lock' for Biomolecular Computers

Mar 19, 2008

Chemists are reporting development of a "keypad lock" for accessing data from biomolecular computers, which promise to be powerful tools in many fields, including medicine and personal security.

Internet warriors hone skills at Black Hat - DefCon

Jul 26, 2010

Internet warriors are gathering this week to explore chinks in the armors of computers, bank teller machines, mobile phones, power grids, and other "smart" devices intrinsic to modern life.

Hackers school next generation at DEFCON Kids

Jun 26, 2011

DEFCON hackers will share their skills with the next generation at a first-ever children's version of the infamous gathering of software renegades, lock pickers and social engineers.

Recommended for you

Report: FBI's anthrax investigation was flawed

Dec 19, 2014

The FBI used flawed scientific methods to investigate the 2001 anthrax attacks that killed five people and sickened 17 others, federal auditors said Friday in a report sure to fuel skepticism over the FBI's ...

Study reveals mature motorists worse at texting and driving

Dec 18, 2014

A Wayne State University interdisciplinary research team in the Eugene Applebaum College of Pharmacy and Health Sciences has made a surprising discovery: older, more mature motorists—who typically are better drivers in ...

Napster co-founder to invest in allergy research

Dec 17, 2014

(AP)—Napster co-founder Sean Parker missed most of his final year in high school and has ended up in the emergency room countless times because of his deadly allergy to nuts, shellfish and other foods.

LA mayor plans 7,000 police body cameras in 2015

Dec 16, 2014

Mayor Eric Garcetti announced a plan Tuesday to equip 7,000 Los Angeles police officers with on-body cameras by next summer, making LA's police department the nation's largest law enforcement agency to move ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Isaacsname
not rated yet Aug 08, 2011
Yup, don't forget social manipulation. I convinced a tech for Diebold to tell me things he shouldn't have, ....years ago.( for legitimate purposes ) Most locks are easily defeated,...jus' sayin'.....
scidog
not rated yet Aug 08, 2011
a lock of course is just to protect people on the outside,pop that lock to sneak in will get you a good beating by the MP's or whatever.
david_42
not rated yet Aug 08, 2011
When I was in the Navy, we have mechanical cipher locks. The security officer took great joy in changing the codes, then keying the new code and saying, "Got that?". The keypad had a shield over it so you couldn't see what keys he was punching, but I almost always "got the code" just by watching the tendons flex in the back of his hand. Nothing is perfect.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.