Hackers crack high-tech locks

Aug 01, 2010
A woman uses a fingerprint scanner. Security maverick Marc Tobias showed hackers on Saturday how simple it is to defeat some of the world's top high-tech locks.

Security maverick Marc Tobias showed hackers on Saturday how simple it is to defeat some of the world's top high-tech locks.

"These locks might be winning awards but they are forgetting the basics," Tobias said while giving AFP a first-hand look at how to crack several models. "They might be clever, but they aren't secure."

A Biolock model 333 designed to scan and unlock for chosen people was opened by simply pushing a paper clip into a key slot.

An Amsec ES1014 digital safe was breached by sliding a flat metal file folder hangar through through a crack at the edge of the door and pressing an interior button allowing the access code to be reset.

Tobias grew passionate when it came to an award-winning electromagnetic lock made in China for Finland-based iLoq.

The innovative iLoq used the action of a key being pushed into the lock to generate power for electronics that then checked data in a chip on the key to determine whether the user is cleared for access.

Tobias and lock-cracking colleague Tobias Bluzmanis pointed out that the iLoq design counted on a small hook being tripped to reset the devices as a key was removed.

In what they referred to as a viable inside attack possible on locks geared for office settings, someone could borrow a key and shave tiny bit of metal from the tip and it would no longer catch the iLoq reset hook.

A pocket-sized tool available in US stores for about 60 dollars could be used to grind down the hook in seconds, the men demonstrated.

With either method, the result would be that once a valid key is used to open the iLoq it will yield to any key or even a screw driver stuck in the slot because it remains stuck in the unlocked position.

An audit trail left by a compromised iLoq would stop at the person whose key legitimately opened the lock.

"It is really clever, but it is also very defective," said Tobias, a longtime advocate for tougher standards in the lock industry.

"Electromechanical locks are more secure if done right. The question is whether the technology is implemented properly."

The security.org crew opened a Kwikset programmable "smartkey" lock with a key blank, a screw driver and a vice grip tool.

Tobias and his team consistently show up at the annual DefCon gathering in Las Vegas to pop locks with wires, magnets, air, shock, screw drivers and other improvised tools.

Their presentation this year was met with hoots and applause.

Lock-picking holds a natural appeal to hackers, who thrive on bending hardware or software to their wills.

Explore further: Spanish scientists create algorithms to measure sentiment on social networks

add to favorites email to friend print save as pdf

Related Stories

Internet warriors hone skills at Black Hat - DefCon

Jul 26, 2010

Internet warriors are gathering this week to explore chinks in the armors of computers, bank teller machines, mobile phones, power grids, and other "smart" devices intrinsic to modern life.

A chemical 'keypad lock' for biomolecular computers

Mar 24, 2008

Researchers in New York are reporting an advance toward a new generation of ultra-powerful computers built from DNA and enzymes, rather than transistors, silicon chips, and plastic. Their report on development of a key component ...

Chemical 'Keypad Lock' for Biomolecular Computers

Mar 19, 2008

Chemists are reporting development of a "keypad lock" for accessing data from biomolecular computers, which promise to be powerful tools in many fields, including medicine and personal security.

The first molecular keypad lock

Jan 08, 2007

How can defense or intelligence agencies safeguard the security of top-secret data protected by a computation device the size of a single molecule?

So many passwords, so little memory

Apr 15, 2009

How many keys are on your keychain? I just looked at mine and counted nine keys. And that's not counting the bulky little remote control key fob that locks and unlocks my car. I've tried to consolidate my keys by making one ...

When off-target is right on

Jul 26, 2007

Weizmann Institute scientists have developed a model showing that even though it appears counterintuitive, the observation that some molecular keys are not always an exact fit for their molecular locks actually helps them ...

Recommended for you

N. Korea suffers another Internet shutdown

16 hours ago

North Korea suffered an Internet shutdown for at least two hours on Saturday, Chinese state-media and cyber experts said, after Pyongyang blamed Washington for an online blackout earlier this week.

Sony's PlayStation 'gradually coming back'

16 hours ago

Sony was still struggling Saturday to fully restore its online PlayStation system, three days after the Christmas day hack that also hit Microsoft's Xbox, reporting that services were "gradually coming back."

Chattanooga touts transformation into Gig City

16 hours ago

A city once infamous for the smoke-belching foundries that blanketed its buildings and streets with a heavy layer of soot is turning to lightning-fast Internet speeds to try to transform itself into a vibrant ...

Uber broke Indian financial rules: central bank chief

16 hours ago

India's central bank chief lashed out at Uber, already under fire over the alleged rape of a passenger, saying the US taxi-hailing firm violated the country's financial regulations by using an overseas payment ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Sanescience
not rated yet Aug 02, 2010
Who do they think they are, testing the security of products who's purpose is security.

LOL!
AlejoHausner
5 / 5 (1) Aug 02, 2010
It's probably a socialist plot to interfere with the well-meaning corporations who are trying to make an honest dollar selling high-tech locks. Shame on these researchers!
ForFreeMinds
1 / 5 (2) Aug 02, 2010
Hooray for these ingenious guys. It's a good thing they show everyone the easy to pick locks, so the better locks win.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.