Slashdot Mirror
Kensington Laptop Locks Not So Secure
eric434 writes "According to a security alert released by Security.Org, the Kensington laptop lock that many of us use and love isn't secure. In fact, it can be opened in 30 seconds after about a minute of practice with a $1 worth of equipment. (A Bic pen, and a pair of scissors. In the interest of giving people some time to stop using the locks, the actual method of opening the lock is left up to the reader.)
To make matters worse, Kensington's 'We'll give you $1500 if someone steals your laptop' guarantee doesn't apply -- because the process of opening the lock doesn't damage the lock or cable." Mind the source, though -- security.org wouldn't mind selling you a book on locks and safes.
sooo... if you steal my laptop, please take the cable and lock, so I can still get my $1500...
We'll give you $1500 if someone steals your laptop' guarantee doesn't apply -- because the process of opening the lock doesn't damage the lock or cable.
After your lock has been cleanly picked, go to your local Home Depot, get a cable cutter and cut the cable yourself. Make sure you make a real mess of it. Then send back to Kensington and claim the $1500.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Just because the cable and the lock were not damaged does not mean that the lock and cable actually did the job correctly! Kensington should pay the warranty claim out since it was obviously ineffective in actually securing the device.
If you use this Kensington lock and your laptop gets jacked, use a pair of bolt cutters and damage your cable before filing your claim.
well. . I mean I guess it wouldnt matter to me wheather it was a len or a wire cutter. 1500 dollers might cover a good portion of the hardware costs, but usually the information on the drive itself is far more sensitive. What they need is a lock that causes the computer to self distruct.=) it not only protects the programmer, but teaches the thief a good lesson!
How Now Brown Cow
Wouldn't a simple pair of wirecutters do the trick to begin with? I don't think you have to be McGuyver to get through those locks.
"I use a Mac because I'm just better than you are."
For the sake of those who thought to RTFA, the article gets you to email the author regarding the details of the exploit.
Extract from article:
You may contact the author for further details as to the method of entry. All computer owners and administrators should be aware of the potential for theft if you utilize this device. The full details of how to compromise this device are contained in LSS+ Version 5.0 Multimedia edition of Locks, Safes, and Security. Kensington may be contacted for further information at 800-535-4242. The company was notified of the problem by the author on July 13, 2004 and has refused to comment on or acknowledge the problem, or to return any telephone calls or e-mails. The author believes that the manufacturer can remedy the problem and should be required to do so. All purchasers of this device may wish to request a replacement from the manufacturer that prevents this form of bypass.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World" 1 John 4:14
I just arrived home from an out-of-state family reunion, where I had my ThinkPad locked to a picnic table with a Kensington lock, to find out that my computer was not nearly as secure as I would have thought. My wife points out that there were pens and scissors there, too! They could have taken my preciousssss!
Does this mean I can get a Powerbook to replace the Tandy 286 laptop I have sitting in my closet?
I saw MacGyver do this years ago.
And *he* didn't need the scissors.
---anactofgod---
---anactofgod---
"Equal opportunity swindling - *that* is the true test of a sustainable democracy."
They probably use the bic pin to set the pins and the scissors to apply the torque.
You do realize that the DHS protects its laptops with Kensington locks, right? That means you just won free holidays in Cuba.
-- Signed: John A. <ashybaby@dhs.gov>
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Kensington should start selling a lock for their laptop lock! Money in the bank if you ask me...
I've seen those computer "locks" on the back of computers that need those special round keys. They replace screws to try to prevent someone from opening the case. What I found over time when working with them, is that you can just use a set of small pliers to twist them off. Not very secure at all.
A simple pair of wirecutters would not remove the locking cylinder.
The point of the Kensington lock is not so much to secure the laptop to something as to ruin the resale value of it by virtue of the damage likely to occur to the laptop if the lock is forcibly removed.
This hack apparently allows the lock cylinder itself to be cleanly removed, rendering the lock useless and giving the thief a laptop to sell that doesn't scream out "Look at this torn-off case plastic! I was stolen!"
Most laptop locks are insecure.
Back in 2000 I had one of those Kensington motion sensing laptop locks which gave off this ear-piercing noise if anyone moved the device.
Thing was so insecure that I was playing with it in the airport on a business trip one day and I realized all I had to do was to push the pin inwards and it immediately came off.
Sure, the alam went off too, but it still wouldn't have stopped someone from jetting away and stealing the bag or laptop.
Now, I secure both my laptops (work and personal) the old fashioned way. I never let them leave my sight or I lock them in a locker or the trunk of my car.
Physical controls can't beat plain common sense sometimes when it comes to the security of your personal belongings.
Neer leave a laptop bag in the front-seat or rear-seat of your car iwhere it's in plain sight. That's just begging for someone to smash your window and steal it.
Also, don't carry your laptop around in one of those $200 leather laptop cases. I use a backpack. Sure, it was designed for a laptop but it doesn't look like it was. Maybe I have gym shoes and a change of clothes in there, or maybe I have an iBook, iPod, spare battery, Tréo 600, Passport, etc.
Then again, maybe I don't.
A Bic pen, and a pair of scissors...
Damn you MacGyver!!
They probably use the bic pin to set the pins and the scissors to apply the torque.
Correct.
That method actually works for any/all barrel-type locks, though the better quality ones (e.g. vending machines) will have tighter tolerances and stronger springs making them much more difficult.
Kensington just needs to spend a few more bucks on a higher quality mechanism (preferably with more than 5 pins!! Geez...)
This reminds me of one of my favourite pieces of Australian TV.
I'm sure you are all familiar with steering wheel locks, the most well known in Australia is called a Club Lock.
A magazine called "Choice", which reviews and tests products, reviewed all available steering wheel locks and claimed that the Club Lock could be defeated in less than 30 seconds by someone with no experience at car theft.
The manufacturer responded by modifying and improving the lock mechanism, but the magazine repeated their claim that it could be defeated easily.
This went on for about 4 generations of Club Lock and saw the introduction of a "star shaped" key to making picking the locks "impossible", as well as other developments. But Choice maintained that the Club Lock had not been fixed and anyone could defeat it in under a minute.
A local TV current affairs show filmed a carpark showdown between the manufacturer of the Club Lock and a reporter from the magazine, as the manufacturer prepared to release their latest model and the magazine claimed it would be able to defeat it in less than 30 seconds.
They were screaming at each other in a car park and honestly looked like they were going to hit each other. The manufacturer claimed (in near hysteria) that it was impossible for someone to pick their locks, and that the magazines claims were wrong. The magazine denied this, and so were challenged to demonstrate their claim on TV.
A brand new model Club Lock was placed on a car steering wheel.
The magazine reporter got in the car, grabbed it, and gave it a good hard yank, and it came off easily.
The manufacturer went very very quiet.
The funny thing about this - and the reason I remember it - was that the people who made Club Locks never asked the magazine HOW they'd been defeating their product. They all assumed that the locks had been picked. Practically all the improvements they made to the product over 4 years were in improving the lock mechanism. They never expected that the piece of metal which hooks around the steering wheel was so weak it could be easily bent. They shouldv'e thought laterally.
Anyway it was very funny. Trust me, I still remember it and it was about 15 years ago.
Putting syrup in coffee is some form of blasphemy.
Parent's "Doom Tweak Guide" link is nasty-fake. Don't click. :)
I have a powerbook. what loc should i buy if the Kensington one sucks?
Look, laptop locks are psychological blocks, not physical blocks. If you can't hork a cablelock out of a plastic laptop case in less than 15 seconds you don't deserve to steal that laptop.
They keep honest people honest. They're speedbumps for the pros. Don't leave you leptop alone!
Most of the hardware at my high school was locked down to the desks using cable locks, but the mechanism used to attach it was certainly inferior to the kensington type.
Basically, there was a metal reciever that was screwed into a rubber/plastic pad that is epoxied to the hardware you want to keep. The cable is slipped through the reciever and then locked to a suitably heavy piece of cheap furniture, while the other end was to large to pass though the reciever However, since the unlocked end was not attached to anything, you simply slacked the cable, then passed the end under and around to unscrew the reciever from the epoxied pad.
It wouldn't have worked if it was riveted instead of screwed, but then again, it's a really a deterrent in the end.
Even people that believe in pre-destiny look both ways before crossing the street.
I got it, I think! It's a tubular lock, but a damn big one with weak springs. Use the scissors as a torque wrench to apply constant turning pressure. Use the pen to push in the individual pins. Very weak lock.
Since when has this country used intellectual elite as a pejorative term?
Just use the DMCA's anti-circumvention clause and ban bic pens, and scissors! I'm sure this follows the spirit of the law, and totally what the legislators intended the DMCA for. Enforcement of this ban should be pretty easy as well...
"There is no spoon." - The Matrix
I just leave my crappy old 150mhz Toshiba next to a few friends' Powerbooks.
Problem solved.
From the Kensington product description page linked in the article:
... ...
D. The laptop was stolen by any means other than violating or breaking the Kensington brand Guaranteed Notebook Replacement MicroSaver Lock.
Guarantees replacement of any locked laptop that's stolen
Sounds pretty specific, huh? ANY locked laptop that's stolen... Which is quite different than what it says when you click the warranty link on the page...
If theft of your laptop computer results from the Kensington Guaranteed Notebook Replacement MicroSaver computer lock being broken or opened by forceful means Kensington Technology Group will pay you the replacement value of your laptop up to US $1,500.00.
It goes on to say:
Kensington Technology Group will NOT be liable if the theft occurred because:
Now... that seems pretty vague to me. Are they talking specifically about the locking device? Or are they talking about the entire thing and calling it the Guaranteed Notebook Replacement MicroSaver Lock because that's the name of the product? Vague vague vague...
sig.
Why pick on Kensington?
Anyone who knows how to pick a lock can open most locks with 5 cents worth of equipment: a couple bent paperclips. Lets write a big story about how all these locks are weak.
So what? The lock is pickable; so are most other locks.
Unless the big story here is about the warrany. The fact they knew the lock is weak, so they worded the warranty in a way to avoid paying up.
Kryptonite has a similar warranty. Though if your bike is stolen, they often steal the lock, as well, leaving you with no evidence of a broken/compromised lock. So bike messengers will keep a spare Kryptonite lock. If their bike is stolen, they beat the crap out of the lock, busting it open, and then use this busted lock to claim their warranty.
In the Summer 2004 issue of 2600 Magazine there is an article on lock picking with less common types of picks. They talk about how to pick a lock with a pen, bobbe pin, sciccors, and everyones favorite the paperclip.
When in doubt, use brute force. -- Ken Thompson
Call me old fashioned, but I like a dump to be as memorable as it is devastating - Bender
... Well, they are, but any thief intent to steal a laptop-- and who is prepared and has the equiptment ready to do the job-- will probably get away with it. This implies some forethought, though. Ask anyone who's owned a bicycle in NYC... There is no lock that can't be broken.
What locks ARE good for, is deterring the casual thief. Someone who spots a notebook untattended in a library, a cafe, an office, sees that no one around... And grabs it. They're not likely to pick a lock or cut a cable. Since this is far, far more likely-- unless someone is really casing you for the info. on the computer-- it does make sense to use a lock.
I have two ideas on it.
:)
:)
The first is what you're implying, using common tools like a lockpick set.
The other, which may be more likely in this case is the way I "encourage" doors open when some fool locks themselves out.
I'd be willing to bet that this lock sets itself when you slide the end of the cable in. Kinda like a door latch. It slides over the angled bolt, and once it's over it is trapped til you use the key.
If the pen was a common white bic, and you removed the tip, ink, and back, you'd have a thin plastic white tube. If you used the scissors to cut the tube in half, even for just an inch or two, you'd halve a half-pipe roughly the size of the cable. Slide that down between the cable and the lock, and it would push the lock's bolt out of the way, and allow the cable to come free.
It's a little harder to do with a common home or office door, but can be done with a credit card.
This doesn't work for dead bolts (obviously). It also don't work on most padlocks, because the space is too small to slide something in.
Personally, I believe locks to be a tool to make people feel safe, and to keep 'honest' people honest.
A locked office in most office buildings can be accessed through the drop ceilings, or with the "assistance" of the janitorial staff.
A locked door on a house can be circumvented by going through a window, locked or not.
But, seeing a lock on a laptop, or a locked door on a room or building, makes a person think twice. The next one they find may be that much easier. Why go for the one with the Kensington lock that takes 30 seconds to steal, when you can just pick up the next guy's laptop bag with everything in it when he's not looking? You could tie your laptop off with a length of rope and be just as secure.
Kinda like 802.11b encryption. It's easy enough to crack, but most people will move on to the unencrypted network.
Serious? Seriousness is well above my pay grade.
I subscribe to the famous "If I can't have it, no one can" theory.
If I see an unguarded locked laptop, I dump a cup of coffee onto the keyboard.
Ok, not really.. but I wonder if anyone does this. I remember Denial of Service was a huge thing to do in highschool. People would beat the shit out of random combination locks on peoples lockers, you couldn't get your locker open. Bastards.
Better you just let the a-hole take it and get some some use out of it, I'd say.
On the other hand, if you are actually watching it (I mean, who locks a laptop and leaves it somewhere?) prolly nothing will happen to it.
This is analogous to the $500 damage someone does to your car to pull a stereo that has a $20 street value.
I am just rambling now... but what good is a laptop cable anyhow? Seems to me you have a couple of scenarios; A cable might work if you don't quite trust your roommate or his friends, I guess. Otherwise, forget it. You are in a "safe" environment, or not.
Bottom line, if you leave something valuable where folks might steal that something, it will get stolen, sooner or later.
I know, I've had much damage done to cars for little apparent gain for the thief. On the other hand I leave "tens of dollars" worth (but no more) of stuff on the sand when I am at the beach (add it up - towel(s), backpack, sunscreen...) with no ill results, so I am not totally paranoid, but not stupid either.
This issue is a bit more complicated than you think.
I have played with one of these locks, and they are not made well. I assume the guts of them are not machined to very close tolerances. Locks that are not machined well are vulnerable to picking much easier.
If you look at the lock, you'll see a center thing that rotates. Open the scissors slightly, put one end into the notch on the center thingy, and the other end somewhere into the circular groove surrounding the center. Inside the groove are tiny pins... Apply a slight turning force on the scissors, and then use the Bic pen to poke each pin until they snap into place. You may have to poke each one multiple times because only one will be able to fall into place at a time, and you won't know which one because each lock has different tolerances due to they quality of manufacturing.
You can actually buy devices that do this all for you through lockpicking sites. However, I think the kensington lock is a bit smaller, and the commercial ones probably will not fit.
In any case, the lock is still a deterrent. I used to work in downtown minneapolis. Around christmas time, laptop thefts in our office would go up dramatically. Theives would get dressed up, and walk into the office like they were supposed to be there, and then just grab one and leave. Because there were people everywhere, spending 30 seconds doing something shady to a laptop lock is probably not something they would want to do. Especially since there were plenty of non-locked machines laying around.
Need Free Juniper/NetScreen Support? JuniperForum
Combination locks are usually just as easy. It took me a couple of hours to work out how to open these Targus Defcon CL locks, but now I can do it in under a minute, with no tools, and find the combination. Or, I can find a digit in 15 seconds and come back later.
These days I get emails in my work when people forget the combination on their locks to come and remove them. It's really easy, and I think if everyone knew it would be barely worthwhile using them.
illegal != wrong
After all, it's not a really secure lock like a cylinder, the number of combinations of the impressions on the rim of a key is limited so I guess there are only a few different lock combinations. Anyone could buy a Kensington and get one with the same key as yours.
Why not just strap a bra around the laptop?
That would at least prevent male thieves from stealing the laptop.
- Peter Brodersen; professional nerd
Hmm... I can't believe it took this long for this 'exploit' to surface. Any geek with a laptop, some boredom and a paperclip should have figured this out already.
Anyhoo: what you need is a pair of scissors and a paperclip. if you have no scissors, a second paperclip will work, if not so well.
Jam one point of the scissors into the rectangular hole on the circumference of the circular key slot. Twist the scissors so that the inner part of the lock turns into the 'open' direction. Keep applying a gentle pressure, and use the paperclip to push in the little pins in the circular groove, one by one. Push down lightly and slowly until you feel the pin 'snap'. If you release the pin, it should be held in place and not spring back up again. If it does, just try first with another pin. Eventually you'll get them all and the lock will turn open. You can close the lock again in the same way.
Some of these locks have a security feature... when you've twisted the cilinder halfway to the 'open' position, it will lock again. In this case you'll need both points of the scissor to apply torque to the lock cilinder.
This isn't hard... with some practice, you can open these locks in a minute or 2. We used to do this at the office, going around during luch break to swap everyone's Kensington locks around, then watch the frustration at the end of the day, as everyone discovered that their key did not fit anymore. I know, it's lame, but we were bored okay?
I don't have any qualms about revealing the 'secret' of Kensington lock picking, as I would have with revealing a hot new exploit. This trick is years old, and asa I said: any bored person with a paper clip can figure this out for himself.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Man, I don't know where you come from, but ten seconds? You must have either really blunt knives in your town, or titanium spiked butter or something, but damn!
Cogito, ergo sig.
Instead of locking the laptop to a desk or table, loop the cable around a body part - preferably a body part where constriction will not kill you (neck = bad, waist=good). When you stand up to walk away, the laptop will be dragged along with you.
This also serves as a work-around for many short term memeory disorders - answering once and for all the age old question of: crickey, where did I leave my laptop?
Next week we will tackle the problem of leaving valuable files in insecure filing cabinets. (hint: think backpack)
but didn't you agree to their terms when you bought their lock? they only warrant their cable - they'll say you should have read and understood that.
If you want to be reimbursed for your laptop if it is stolen, buy an insurance policy to cover it.
Yes, it might cost a bit more than a "good" lock, but not a lot more (my girlfriend insured her PowerBook for two years for $90), and you're guaranteed to get your laptop back if it is stolen. Or if it burns in a fire -- let's see your Kensington warranty cover that. Just make sure your policy gives you "replacement cost," not just "market value." And back up your friggin' data!
Seriously, why bother with a lock?