Wire pops lock certified for US defense facilities

Aug 07, 2011

Hackers at a DefCon gathering were shown how a high-security lock certified for use in sensitive US government facilities can be easily opened with just a piece of wire.

Security specialist Marc Weber Tobias had plans to meet in Switzerland with lock-maker Kaba to discuss ways that the Swiss company's Access Control E-Plex 5800 model and its predecessor can be foiled.

"It is a threat to the government," Tobias told AFP after his presentation at DefCon, which wraps up in Las Vegas on Sunday.

"I am serious about it because I don't know where they have been installed," he continued. "They could be at the Pentagon."

The Kaba 5800 was described as the first lock certified as meeting new US requirements for coded access that keeps track of which contractors or federal workers open which doors.

The lock is designed to be opened by swiping a key card and then entering a long number code.

Tobias and cohort Toby Bluzmanis showed how a Kaba 5800 could be opened by poking a piece of wire through the casing of a small LED light on the lock face and short-circuiting underlying electronics.

Red and green LED lights on the lock are part of a feature that lets a receptionist open a door remotely with a push of a button.

The lock could also be opened with the thump of a mallet or by removing an inside plate and inserting a wire in a way that lets someone, from that point forward, open the door by pushing a handle up instead of down, according to the duo.

"We figured out nine different ways to break 5800," Tobias said.

"You are not going to get away with some of these techniques at the Pentagon; you would have a nine-millimeter pistol pointed at you."

Tobias and his team began to scrutinize the lock after learning that several years ago members of the Jewish community figured out that an earlier Kaba keypad access model could be opened using a magnet.

Keypad locks had found a niche in the Jewish community because the religion prohibits using keys on the Sabbath, according to Tobias.

"A Jewish geek squad was helping elderly people open their doors when they couldn't remember key codes," Tobias said. "They figured out you could open the locks with a magnet."

The Kaba 5800 model is priced at more than a thousand dollars and the company was said to have sold fewer than 2000 units, with the new DHS standard not being in place until next year.

"Kaba is a good company," Tobias said. "This is a problem endemic in the lock industry, they think like engineers not hackers."

Explore further: Freight train industry to miss safety deadline

add to favorites email to friend print save as pdf

Related Stories

Hackers crack high-tech locks

Aug 01, 2010

Security maverick Marc Tobias showed hackers on Saturday how simple it is to defeat some of the world's top high-tech locks.

The first molecular keypad lock

Jan 08, 2007

How can defense or intelligence agencies safeguard the security of top-secret data protected by a computation device the size of a single molecule?

A chemical 'keypad lock' for biomolecular computers

Mar 24, 2008

Researchers in New York are reporting an advance toward a new generation of ultra-powerful computers built from DNA and enzymes, rather than transistors, silicon chips, and plastic. Their report on development of a key component ...

Chemical 'Keypad Lock' for Biomolecular Computers

Mar 19, 2008

Chemists are reporting development of a "keypad lock" for accessing data from biomolecular computers, which promise to be powerful tools in many fields, including medicine and personal security.

Internet warriors hone skills at Black Hat - DefCon

Jul 26, 2010

Internet warriors are gathering this week to explore chinks in the armors of computers, bank teller machines, mobile phones, power grids, and other "smart" devices intrinsic to modern life.

Hackers school next generation at DEFCON Kids

Jun 26, 2011

DEFCON hackers will share their skills with the next generation at a first-ever children's version of the infamous gathering of software renegades, lock pickers and social engineers.

Recommended for you

Freight train industry to miss safety deadline

32 minutes ago

The U.S. freight railroad industry says only one-fifth of its track will be equipped with mandatory safety technology to prevent most collisions and derailments by the deadline set by Congress.

Gaza cops trade bullets for laser-tech in training

Apr 14, 2014

Security forces in the Hamas-ruled Gaza Strip are using technology to practice shooting on laser simulators, saving money spent on ammunition in the cash-strapped Palestinian territory.

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Isaacsname
not rated yet Aug 08, 2011
Yup, don't forget social manipulation. I convinced a tech for Diebold to tell me things he shouldn't have, ....years ago.( for legitimate purposes ) Most locks are easily defeated,...jus' sayin'.....
scidog
not rated yet Aug 08, 2011
a lock of course is just to protect people on the outside,pop that lock to sneak in will get you a good beating by the MP's or whatever.
david_42
not rated yet Aug 08, 2011
When I was in the Navy, we have mechanical cipher locks. The security officer took great joy in changing the codes, then keying the new code and saying, "Got that?". The keypad had a shield over it so you couldn't see what keys he was punching, but I almost always "got the code" just by watching the tendons flex in the back of his hand. Nothing is perfect.

More news stories

Freight train industry to miss safety deadline

The U.S. freight railroad industry says only one-fifth of its track will be equipped with mandatory safety technology to prevent most collisions and derailments by the deadline set by Congress.

Microsoft CEO is driving data-culture mindset

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

IBM posts lower 1Q earnings amid hardware slump

IBM's first-quarter earnings fell and revenue came in below Wall Street's expectations amid an ongoing decline in its hardware business, one that was exasperated by weaker demand in China and emerging markets.

Down's chromosome cause genome-wide disruption

The extra copy of Chromosome 21 that causes Down's syndrome throws a spanner into the workings of all the other chromosomes as well, said a study published Wednesday that surprised its authors.

Ebola virus in Africa outbreak is a new strain

The Ebola virus that has killed scores of people in Guinea this year is a new strain—evidence that the disease did not spread there from outbreaks in some other African nations, scientists report.