Kensington Laptop Locks Not So Secure

eric434 writes "According to a security alert released by Security.Org, the Kensington laptop lock that many of us use and love isn't secure. In fact, it can be opened in 30 seconds after about a minute of practice with a $1 worth of equipment. (A Bic pen, and a pair of scissors. In the interest of giving people some time to stop using the locks, the actual method of opening the lock is left up to the reader.) To make matters worse, Kensington's 'We'll give you $1500 if someone steals your laptop' guarantee doesn't apply -- because the process of opening the lock doesn't damage the lock or cable." Mind the source, though -- security.org wouldn't mind selling you a book on locks and safes.

have to email author for details of the exploit

[Engineer+Andy]

For the sake of those who thought to RTFA, the article gets you to email the author regarding the details of the exploit.

Extract from article:
You may contact the author for further details as to the method of entry. All computer owners and administrators should be aware of the potential for theft if you utilize this device. The full details of how to compromise this device are contained in LSS+ Version 5.0 Multimedia edition of Locks, Safes, and Security. Kensington may be contacted for further information at 800-535-4242. The company was notified of the problem by the author on July 13, 2004 and has refused to comment on or acknowledge the problem, or to return any telephone calls or e-mails. The author believes that the manufacturer can remedy the problem and should be required to do so. All purchasers of this device may wish to request a replacement from the manufacturer that prevents this form of bypass.

No, dumbass

A simple pair of wirecutters would not remove the locking cylinder.

The point of the Kensington lock is not so much to secure the laptop to something as to ruin the resale value of it by virtue of the damage likely to occur to the laptop if the lock is forcibly removed.

This hack apparently allows the lock cylinder itself to be cleanly removed, rendering the lock useless and giving the thief a laptop to sell that doesn't scream out "Look at this torn-off case plastic! I was stolen!"

Picking locks.

Hell, I can pop most locks in under a couple of minutes.
The cost is not the materials used, it's the expertise and practice. Be aware, most policemen are well aware what a set of picks looks like, even if you disguise them. :)

Re:I can attest to this fact.

[TheFlyingGoat]

Also, don't carry your laptop around in one of those $200 leather laptop cases. I use a backpack. Sure, it was designed for a laptop but it doesn't look like it was. Maybe I have gym shoes and a change of clothes in there, or maybe I have an iBook, iPod, spare battery, Tréo 600, Passport, etc

Amen to that. I made the mistake of using a laptop bag to carry around my school books for a while. Left it in my backseat overnight and got my window busted out. Yeah, they didnt get away with a laptop, but I had to replace the window and school books. I'm sure it pissed them off too.

Re:How to make the warranty work for you

[CodeBuster]

A lot of product insurance contracts, notably cell phone replacement plans, require the filing of a police report but one can usually get past this by simply being stubborn and simply demanding your refund/replacement. I find that the long pause on the phone after they remind you of the police report requirement is often effective in getting them to drop the troublesome requirement in the name of "better customer service". After all if they get a reputation for hassling claimants then nobody will buy those warranty replacement plans anymore because "it isn't worth the hassle." With warranty replacement plans everything can be negotiated if you are persistent enough.

Re:Looking at picture of lock

[DiscoBobby]

Parent's "Doom Tweak Guide" link is nasty-fake. Don't click. :)

Re:I have one as a deterant

[ejaw5]

Also consider that each lock model has the same key throughout the line, so if someone really wanted a laptop he/she'd just need to buy the same model lock you're using and use that key.

I also use the cable lock as the "Laptop Club" when I leave my laptop unattended in the lab. If someone really wanted the machine, all is needed is a cable cutter or hacksaw to cut the thing the cable was wound around. Or I'm sure one could rip the lock connecter off the socket if tried hard enough. Cable lock is good for stopping the lazy-stealers.

Wewt!

[c0dedude]

I got it, I think! It's a tubular lock, but a damn big one with weak springs. Use the scissors as a torque wrench to apply constant turning pressure. Use the pen to push in the individual pins. Very weak lock.

Re:Funny lock story from Australia

[Nogami_Saeko]

Not to mention that steering wheels are actually pretty soft. If you've ever seen one of the crash-tests in slow-motion, the steering wheel looks like a rubber band during the impact. They're designed to be soft so as not to impale you when you're in an accident.

If a crook wants past your club, they can just cut through the steering wheel and remove the club.

I've seen a different sort of club-type device on TV that hooks around the brake pedal. Looks like a better product to use anyway.

Re:"Guarantees replacement"

[Gamefreak99]

"If theft of your laptop computer results from the Kensington Guaranteed Notebook Replacement MicroSaver computer lock being broken or opened by forceful means Kensington Technology Group will pay you the replacement value of your laptop up to US $1,500.00." Sounds like depending on the method employed it could fall under "forcefull means"...

Re:Wire Cutters

[madfgurtbn]

The tool *is* available, you can probably find it for under $20. Most every hardware store will have one. They're used in construction to do exactly what the name implies; cut bolts :)

Actually, bolt cutters aren't very good at cutting cables. What you need are cable cutters, which have more of a hooked scissors or shears type of head. The head of a cable cutter resembles the beak of a predator bird, actually; probably for a good reason.

Bolt cutters are designed to cut a single solid piece of metal, so they are not effective at cutting the many strands of a cable. The cable kinda squashes and the individual strands are too flexible for a bolt cutter.

Bolt cutters will work, eventually, but the right tool for the job is a cable cutter.

Re:How to make the warranty work for you

[Cryptnotic]

Yeah, but this is $1500, not a cell phone that costs $50 plus a lot more if they don't lose you as a customer. Filing a false police report is equivalent to perjury.

Re:Looking at picture of lock

[JWSmythe]

I have two ideas on it.

The first is what you're implying, using common tools like a lockpick set.

The other, which may be more likely in this case is the way I "encourage" doors open when some fool locks themselves out.

I'd be willing to bet that this lock sets itself when you slide the end of the cable in. Kinda like a door latch. It slides over the angled bolt, and once it's over it is trapped til you use the key.

If the pen was a common white bic, and you removed the tip, ink, and back, you'd have a thin plastic white tube. If you used the scissors to cut the tube in half, even for just an inch or two, you'd halve a half-pipe roughly the size of the cable. Slide that down between the cable and the lock, and it would push the lock's bolt out of the way, and allow the cable to come free.

It's a little harder to do with a common home or office door, but can be done with a credit card. :)

This doesn't work for dead bolts (obviously). It also don't work on most padlocks, because the space is too small to slide something in.

Personally, I believe locks to be a tool to make people feel safe, and to keep 'honest' people honest.

A locked office in most office buildings can be accessed through the drop ceilings, or with the "assistance" of the janitorial staff.

A locked door on a house can be circumvented by going through a window, locked or not.

But, seeing a lock on a laptop, or a locked door on a room or building, makes a person think twice. The next one they find may be that much easier. Why go for the one with the Kensington lock that takes 30 seconds to steal, when you can just pick up the next guy's laptop bag with everything in it when he's not looking? You could tie your laptop off with a length of rope and be just as secure.

Kinda like 802.11b encryption. It's easy enough to crack, but most people will move on to the unencrypted network. :)

Re:Funny lock story from Australia

[Jeremy+Erwin]

Might as well post a link to some handy denver boot removal advice. Some boots are so poorly constructed that a hammer and chisel can dislodge the various spot welds.

Cordless Dremel?

[beesquee]

On of those new lithium cordless dremels with a standard cutting wheel would probaly get through pretty quick. Just a few minutes alone with it would be all you need.

Re:How to make the warranty work for you

[DotNM]

I feel compelled to mention that I work for my local school board. A colleague of mine (a technician for the school in question) informed me that someone broke into the school and stole three or four computer systems (on a side note, they obviously didn't do their homework... they stole computers with 32 MB of RAM that are aged quite a bit). The police fingerprinted everything and when I walked into that classroom several days later, I could still smell the fingerprint dust. This is in Ontario, Canada though, so I'm not sure about wherever you are.

Re:Lock Picking

[AVryhof]

So you want to know about lock picking?

There is this wonderful site that has a great article about it: http://home.howstuffworks.com/lock-picking.htm

Re:I can attest to this fact.

[schof]

Reminds me of the brilliant thing I did once...

Had a loft in downtown LA; parked my shitbox car in a "secured" place -- not that secure. Left the doors unlocked so people could check that there wasn't anything worth stealing without breaking in. Worked fine, until the morning I came out and found someone sleeping in the back seat. Even better news when I chased him away and discovered that he had poor bladder control -- half the back seat was soaked.

Just 'cause it seems like a really brilliant idea at the time, doesn't make it so.

DMCA Precedence

[CHaN_316]

Ummm..... you have to understand the context of the joke. A while back, there was a slashdot article about Sony touting its new high tech copy protection stuff for its CDs. Ironically, this copy protection was circumvented by a humble felt marker pen. So, there was a joke on slashdot that Sony would use the DMCA's anti-circumvention clause to ban felt markers. My comments above is to poke fun at these cases.

Loosen up dude! It's funny... laugh.

No need for dremels or clippers

[robnauta]

A colleague of mine has a kensington key that can open any lock. He claims to have bought it in Asia. But it works, he opened my laptop lock plus the lock on the LCD monitor on the desk with his key. The laptop key was in my pocket and the LCD lock keys are locked in a managers office. I have no doubts it'll work on any lock.

After all, it's not a really secure lock like a cylinder, the number of combinations of the impressions on the rim of a key is limited so I guess there are only a few different lock combinations. Anyone could buy a Kensington and get one with the same key as yours.

Re:No need for dremels or clippers

[hawkeyeMI]

That may be, but every kensington lock I've seen has the same key. My sister's lock and my girlfriend's lock can both be opened by my key. Now, I understand that that's a small sample size, but the very fact of the matter is that no three locks should ALL HAVE THE SAME KEY especially not a random sample of three, of slightly different types, bought from three different places. I don't even use the damn thing anymore. Bottom line, if you don't want it stolen, take it with you.

How to unlock/pick the lock

[Hoch]

The scissors are used to torque the lock, they are jammed in the notch and twisted. Then you push the pins down and they will lock in place if tension is applied to the scissors. I figured this out in like five minutes. I am currently looking for a better tool to torque the lock.

Re:How to unlock/pick the lock

[Hoch]

shit, i found a much quicker method. use a key to another round lock and just jam it in there, then turn it and presto you have the lock open. This takes less than 5 seconds.

Here's how

[JaredOfEuropa]

Hmm... I can't believe it took this long for this 'exploit' to surface. Any geek with a laptop, some boredom and a paperclip should have figured this out already.

Anyhoo: what you need is a pair of scissors and a paperclip. if you have no scissors, a second paperclip will work, if not so well.

Jam one point of the scissors into the rectangular hole on the circumference of the circular key slot. Twist the scissors so that the inner part of the lock turns into the 'open' direction. Keep applying a gentle pressure, and use the paperclip to push in the little pins in the circular groove, one by one. Push down lightly and slowly until you feel the pin 'snap'. If you release the pin, it should be held in place and not spring back up again. If it does, just try first with another pin. Eventually you'll get them all and the lock will turn open. You can close the lock again in the same way.

Some of these locks have a security feature... when you've twisted the cilinder halfway to the 'open' position, it will lock again. In this case you'll need both points of the scissor to apply torque to the lock cilinder.

This isn't hard... with some practice, you can open these locks in a minute or 2. We used to do this at the office, going around during luch break to swap everyone's Kensington locks around, then watch the frustration at the end of the day, as everyone discovered that their key did not fit anymore. I know, it's lame, but we were bored okay?

I don't have any qualms about revealing the 'secret' of Kensington lock picking, as I would have with revealing a hot new exploit. This trick is years old, and asa I said: any bored person with a paper clip can figure this out for himself.

Re:Pedant heal thyself

[Paleomacus]

I think definitions 1 and 2.a work pretty well in this context.

1 : the result of work or thought 2 a : the output of an industry or firm

Why bother with a lock?

[pclminion]

If your data is important to you, back it up somewhere. If it is sensitive, encrypt it.

If you want to be reimbursed for your laptop if it is stolen, buy an insurance policy to cover it.

Yes, it might cost a bit more than a "good" lock, but not a lot more (my girlfriend insured her PowerBook for two years for $90), and you're guaranteed to get your laptop back if it is stolen. Or if it burns in a fire -- let's see your Kensington warranty cover that. Just make sure your policy gives you "replacement cost," not just "market value." And back up your friggin' data!

Seriously, why bother with a lock?