Wire pops lock certified for US defense facilities

Aug 07, 2011

Hackers at a DefCon gathering were shown how a high-security lock certified for use in sensitive US government facilities can be easily opened with just a piece of wire.

Security specialist Marc Weber Tobias had plans to meet in Switzerland with lock-maker Kaba to discuss ways that the Swiss company's Access Control E-Plex 5800 model and its predecessor can be foiled.

"It is a threat to the government," Tobias told AFP after his presentation at DefCon, which wraps up in Las Vegas on Sunday.

"I am serious about it because I don't know where they have been installed," he continued. "They could be at the Pentagon."

The Kaba 5800 was described as the first lock certified as meeting new US requirements for coded access that keeps track of which contractors or federal workers open which doors.

The lock is designed to be opened by swiping a key card and then entering a long number code.

Tobias and cohort Toby Bluzmanis showed how a Kaba 5800 could be opened by poking a piece of wire through the casing of a small LED light on the lock face and short-circuiting underlying electronics.

Red and green LED lights on the lock are part of a feature that lets a receptionist open a door remotely with a push of a button.

The lock could also be opened with the thump of a mallet or by removing an inside plate and inserting a wire in a way that lets someone, from that point forward, open the door by pushing a handle up instead of down, according to the duo.

"We figured out nine different ways to break 5800," Tobias said.

"You are not going to get away with some of these techniques at the Pentagon; you would have a nine-millimeter pistol pointed at you."

Tobias and his team began to scrutinize the lock after learning that several years ago members of the Jewish community figured out that an earlier Kaba keypad access model could be opened using a magnet.

Keypad locks had found a niche in the Jewish community because the religion prohibits using keys on the Sabbath, according to Tobias.

"A Jewish geek squad was helping elderly people open their doors when they couldn't remember key codes," Tobias said. "They figured out you could open the locks with a magnet."

The Kaba 5800 model is priced at more than a thousand dollars and the company was said to have sold fewer than 2000 units, with the new DHS standard not being in place until next year.

"Kaba is a good company," Tobias said. "This is a problem endemic in the lock industry, they think like engineers not hackers."

Explore further: What if our children are the screen-obsessed couch potatoes of the future?

Related Stories

Hackers crack high-tech locks

Aug 01, 2010

Security maverick Marc Tobias showed hackers on Saturday how simple it is to defeat some of the world's top high-tech locks.

The first molecular keypad lock

Jan 08, 2007

How can defense or intelligence agencies safeguard the security of top-secret data protected by a computation device the size of a single molecule?

A chemical 'keypad lock' for biomolecular computers

Mar 24, 2008

Researchers in New York are reporting an advance toward a new generation of ultra-powerful computers built from DNA and enzymes, rather than transistors, silicon chips, and plastic. Their report on development of a key component ...

Chemical 'Keypad Lock' for Biomolecular Computers

Mar 19, 2008

Chemists are reporting development of a "keypad lock" for accessing data from biomolecular computers, which promise to be powerful tools in many fields, including medicine and personal security.

Internet warriors hone skills at Black Hat - DefCon

Jul 26, 2010

Internet warriors are gathering this week to explore chinks in the armors of computers, bank teller machines, mobile phones, power grids, and other "smart" devices intrinsic to modern life.

Hackers school next generation at DEFCON Kids

Jun 26, 2011

DEFCON hackers will share their skills with the next generation at a first-ever children's version of the infamous gathering of software renegades, lock pickers and social engineers.

Recommended for you

Amazon says FAA drone approval already obsolete

Mar 27, 2015

The approval federal aviation officials gave Amazon.com last week to test a specific drone design outdoors is already outdated, the company's top policy executive said Tuesday in written testimony to a Senate subcommittee.

Special ops troops using flawed intel software

Mar 26, 2015

Special operations troops heading to war zones are asking for commercial intelligence analysis software they say will help their missions. But their requests are languishing, and they are being ordered to use a flawed, in-house ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Aug 08, 2011
Yup, don't forget social manipulation. I convinced a tech for Diebold to tell me things he shouldn't have, ....years ago.( for legitimate purposes ) Most locks are easily defeated,...jus' sayin'.....
not rated yet Aug 08, 2011
a lock of course is just to protect people on the outside,pop that lock to sneak in will get you a good beating by the MP's or whatever.
not rated yet Aug 08, 2011
When I was in the Navy, we have mechanical cipher locks. The security officer took great joy in changing the codes, then keying the new code and saying, "Got that?". The keypad had a shield over it so you couldn't see what keys he was punching, but I almost always "got the code" just by watching the tendons flex in the back of his hand. Nothing is perfect.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.