Slashdot Mirror
Kensington Laptop Locks Not So Secure
eric434 writes "According to a security alert released by Security.Org, the Kensington laptop lock that many of us use and love isn't secure. In fact, it can be opened in 30 seconds after about a minute of practice with a $1 worth of equipment. (A Bic pen, and a pair of scissors. In the interest of giving people some time to stop using the locks, the actual method of opening the lock is left up to the reader.)
To make matters worse, Kensington's 'We'll give you $1500 if someone steals your laptop' guarantee doesn't apply -- because the process of opening the lock doesn't damage the lock or cable." Mind the source, though -- security.org wouldn't mind selling you a book on locks and safes.
sooo... if you steal my laptop, please take the cable and lock, so I can still get my $1500...
We'll give you $1500 if someone steals your laptop' guarantee doesn't apply -- because the process of opening the lock doesn't damage the lock or cable.
After your lock has been cleanly picked, go to your local Home Depot, get a cable cutter and cut the cable yourself. Make sure you make a real mess of it. Then send back to Kensington and claim the $1500.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Just because the cable and the lock were not damaged does not mean that the lock and cable actually did the job correctly! Kensington should pay the warranty claim out since it was obviously ineffective in actually securing the device.
If you use this Kensington lock and your laptop gets jacked, use a pair of bolt cutters and damage your cable before filing your claim.
well. . I mean I guess it wouldnt matter to me wheather it was a len or a wire cutter. 1500 dollers might cover a good portion of the hardware costs, but usually the information on the drive itself is far more sensitive. What they need is a lock that causes the computer to self distruct.=) it not only protects the programmer, but teaches the thief a good lesson!
How Now Brown Cow
Wouldn't a simple pair of wirecutters do the trick to begin with? I don't think you have to be McGuyver to get through those locks.
"I use a Mac because I'm just better than you are."
For the sake of those who thought to RTFA, the article gets you to email the author regarding the details of the exploit.
Extract from article:
You may contact the author for further details as to the method of entry. All computer owners and administrators should be aware of the potential for theft if you utilize this device. The full details of how to compromise this device are contained in LSS+ Version 5.0 Multimedia edition of Locks, Safes, and Security. Kensington may be contacted for further information at 800-535-4242. The company was notified of the problem by the author on July 13, 2004 and has refused to comment on or acknowledge the problem, or to return any telephone calls or e-mails. The author believes that the manufacturer can remedy the problem and should be required to do so. All purchasers of this device may wish to request a replacement from the manufacturer that prevents this form of bypass.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World" 1 John 4:14
I just arrived home from an out-of-state family reunion, where I had my ThinkPad locked to a picnic table with a Kensington lock, to find out that my computer was not nearly as secure as I would have thought. My wife points out that there were pens and scissors there, too! They could have taken my preciousssss!
Does this mean I can get a Powerbook to replace the Tandy 286 laptop I have sitting in my closet?
I saw MacGyver do this years ago.
And *he* didn't need the scissors.
---anactofgod---
---anactofgod---
"Equal opportunity swindling - *that* is the true test of a sustainable democracy."
They probably use the bic pin to set the pins and the scissors to apply the torque.
You do realize that the DHS protects its laptops with Kensington locks, right? That means you just won free holidays in Cuba.
-- Signed: John A. <ashybaby@dhs.gov>
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
A simple pair of wirecutters would not remove the locking cylinder.
The point of the Kensington lock is not so much to secure the laptop to something as to ruin the resale value of it by virtue of the damage likely to occur to the laptop if the lock is forcibly removed.
This hack apparently allows the lock cylinder itself to be cleanly removed, rendering the lock useless and giving the thief a laptop to sell that doesn't scream out "Look at this torn-off case plastic! I was stolen!"
Most laptop locks are insecure.
Back in 2000 I had one of those Kensington motion sensing laptop locks which gave off this ear-piercing noise if anyone moved the device.
Thing was so insecure that I was playing with it in the airport on a business trip one day and I realized all I had to do was to push the pin inwards and it immediately came off.
Sure, the alam went off too, but it still wouldn't have stopped someone from jetting away and stealing the bag or laptop.
Now, I secure both my laptops (work and personal) the old fashioned way. I never let them leave my sight or I lock them in a locker or the trunk of my car.
Physical controls can't beat plain common sense sometimes when it comes to the security of your personal belongings.
Neer leave a laptop bag in the front-seat or rear-seat of your car iwhere it's in plain sight. That's just begging for someone to smash your window and steal it.
Also, don't carry your laptop around in one of those $200 leather laptop cases. I use a backpack. Sure, it was designed for a laptop but it doesn't look like it was. Maybe I have gym shoes and a change of clothes in there, or maybe I have an iBook, iPod, spare battery, Tréo 600, Passport, etc.
Then again, maybe I don't.
A Bic pen, and a pair of scissors...
Damn you MacGyver!!
They probably use the bic pin to set the pins and the scissors to apply the torque.
Correct.
That method actually works for any/all barrel-type locks, though the better quality ones (e.g. vending machines) will have tighter tolerances and stronger springs making them much more difficult.
Kensington just needs to spend a few more bucks on a higher quality mechanism (preferably with more than 5 pins!! Geez...)
This reminds me of one of my favourite pieces of Australian TV.
I'm sure you are all familiar with steering wheel locks, the most well known in Australia is called a Club Lock.
A magazine called "Choice", which reviews and tests products, reviewed all available steering wheel locks and claimed that the Club Lock could be defeated in less than 30 seconds by someone with no experience at car theft.
The manufacturer responded by modifying and improving the lock mechanism, but the magazine repeated their claim that it could be defeated easily.
This went on for about 4 generations of Club Lock and saw the introduction of a "star shaped" key to making picking the locks "impossible", as well as other developments. But Choice maintained that the Club Lock had not been fixed and anyone could defeat it in under a minute.
A local TV current affairs show filmed a carpark showdown between the manufacturer of the Club Lock and a reporter from the magazine, as the manufacturer prepared to release their latest model and the magazine claimed it would be able to defeat it in less than 30 seconds.
They were screaming at each other in a car park and honestly looked like they were going to hit each other. The manufacturer claimed (in near hysteria) that it was impossible for someone to pick their locks, and that the magazines claims were wrong. The magazine denied this, and so were challenged to demonstrate their claim on TV.
A brand new model Club Lock was placed on a car steering wheel.
The magazine reporter got in the car, grabbed it, and gave it a good hard yank, and it came off easily.
The manufacturer went very very quiet.
The funny thing about this - and the reason I remember it - was that the people who made Club Locks never asked the magazine HOW they'd been defeating their product. They all assumed that the locks had been picked. Practically all the improvements they made to the product over 4 years were in improving the lock mechanism. They never expected that the piece of metal which hooks around the steering wheel was so weak it could be easily bent. They shouldv'e thought laterally.
Anyway it was very funny. Trust me, I still remember it and it was about 15 years ago.
Putting syrup in coffee is some form of blasphemy.
Parent's "Doom Tweak Guide" link is nasty-fake. Don't click. :)
Look, laptop locks are psychological blocks, not physical blocks. If you can't hork a cablelock out of a plastic laptop case in less than 15 seconds you don't deserve to steal that laptop.
They keep honest people honest. They're speedbumps for the pros. Don't leave you leptop alone!
Just use the DMCA's anti-circumvention clause and ban bic pens, and scissors! I'm sure this follows the spirit of the law, and totally what the legislators intended the DMCA for. Enforcement of this ban should be pretty easy as well...
"There is no spoon." - The Matrix
If my answers frighten you, stop asking scary questions.
I just leave my crappy old 150mhz Toshiba next to a few friends' Powerbooks.
Problem solved.
From the Kensington product description page linked in the article:
... ...
D. The laptop was stolen by any means other than violating or breaking the Kensington brand Guaranteed Notebook Replacement MicroSaver Lock.
Guarantees replacement of any locked laptop that's stolen
Sounds pretty specific, huh? ANY locked laptop that's stolen... Which is quite different than what it says when you click the warranty link on the page...
If theft of your laptop computer results from the Kensington Guaranteed Notebook Replacement MicroSaver computer lock being broken or opened by forceful means Kensington Technology Group will pay you the replacement value of your laptop up to US $1,500.00.
It goes on to say:
Kensington Technology Group will NOT be liable if the theft occurred because:
Now... that seems pretty vague to me. Are they talking specifically about the locking device? Or are they talking about the entire thing and calling it the Guaranteed Notebook Replacement MicroSaver Lock because that's the name of the product? Vague vague vague...
sig.
The apple I-lock. Its transperant purple, has only one key and costs $349.95.
In the Summer 2004 issue of 2600 Magazine there is an article on lock picking with less common types of picks. They talk about how to pick a lock with a pen, bobbe pin, sciccors, and everyones favorite the paperclip.
When in doubt, use brute force. -- Ken Thompson
Call me old fashioned, but I like a dump to be as memorable as it is devastating - Bender
... Well, they are, but any thief intent to steal a laptop-- and who is prepared and has the equiptment ready to do the job-- will probably get away with it. This implies some forethought, though. Ask anyone who's owned a bicycle in NYC... There is no lock that can't be broken.
What locks ARE good for, is deterring the casual thief. Someone who spots a notebook untattended in a library, a cafe, an office, sees that no one around... And grabs it. They're not likely to pick a lock or cut a cable. Since this is far, far more likely-- unless someone is really casing you for the info. on the computer-- it does make sense to use a lock.
I have two ideas on it.
:)
:)
The first is what you're implying, using common tools like a lockpick set.
The other, which may be more likely in this case is the way I "encourage" doors open when some fool locks themselves out.
I'd be willing to bet that this lock sets itself when you slide the end of the cable in. Kinda like a door latch. It slides over the angled bolt, and once it's over it is trapped til you use the key.
If the pen was a common white bic, and you removed the tip, ink, and back, you'd have a thin plastic white tube. If you used the scissors to cut the tube in half, even for just an inch or two, you'd halve a half-pipe roughly the size of the cable. Slide that down between the cable and the lock, and it would push the lock's bolt out of the way, and allow the cable to come free.
It's a little harder to do with a common home or office door, but can be done with a credit card.
This doesn't work for dead bolts (obviously). It also don't work on most padlocks, because the space is too small to slide something in.
Personally, I believe locks to be a tool to make people feel safe, and to keep 'honest' people honest.
A locked office in most office buildings can be accessed through the drop ceilings, or with the "assistance" of the janitorial staff.
A locked door on a house can be circumvented by going through a window, locked or not.
But, seeing a lock on a laptop, or a locked door on a room or building, makes a person think twice. The next one they find may be that much easier. Why go for the one with the Kensington lock that takes 30 seconds to steal, when you can just pick up the next guy's laptop bag with everything in it when he's not looking? You could tie your laptop off with a length of rope and be just as secure.
Kinda like 802.11b encryption. It's easy enough to crack, but most people will move on to the unencrypted network.
Serious? Seriousness is well above my pay grade.
I have played with one of these locks, and they are not made well. I assume the guts of them are not machined to very close tolerances. Locks that are not machined well are vulnerable to picking much easier.
If you look at the lock, you'll see a center thing that rotates. Open the scissors slightly, put one end into the notch on the center thingy, and the other end somewhere into the circular groove surrounding the center. Inside the groove are tiny pins... Apply a slight turning force on the scissors, and then use the Bic pen to poke each pin until they snap into place. You may have to poke each one multiple times because only one will be able to fall into place at a time, and you won't know which one because each lock has different tolerances due to they quality of manufacturing.
You can actually buy devices that do this all for you through lockpicking sites. However, I think the kensington lock is a bit smaller, and the commercial ones probably will not fit.
In any case, the lock is still a deterrent. I used to work in downtown minneapolis. Around christmas time, laptop thefts in our office would go up dramatically. Theives would get dressed up, and walk into the office like they were supposed to be there, and then just grab one and leave. Because there were people everywhere, spending 30 seconds doing something shady to a laptop lock is probably not something they would want to do. Especially since there were plenty of non-locked machines laying around.
Need Free Juniper/NetScreen Support? JuniperForum
Combination locks are usually just as easy. It took me a couple of hours to work out how to open these Targus Defcon CL locks, but now I can do it in under a minute, with no tools, and find the combination. Or, I can find a digit in 15 seconds and come back later.
These days I get emails in my work when people forget the combination on their locks to come and remove them. It's really easy, and I think if everyone knew it would be barely worthwhile using them.
Hmm... I can't believe it took this long for this 'exploit' to surface. Any geek with a laptop, some boredom and a paperclip should have figured this out already.
Anyhoo: what you need is a pair of scissors and a paperclip. if you have no scissors, a second paperclip will work, if not so well.
Jam one point of the scissors into the rectangular hole on the circumference of the circular key slot. Twist the scissors so that the inner part of the lock turns into the 'open' direction. Keep applying a gentle pressure, and use the paperclip to push in the little pins in the circular groove, one by one. Push down lightly and slowly until you feel the pin 'snap'. If you release the pin, it should be held in place and not spring back up again. If it does, just try first with another pin. Eventually you'll get them all and the lock will turn open. You can close the lock again in the same way.
Some of these locks have a security feature... when you've twisted the cilinder halfway to the 'open' position, it will lock again. In this case you'll need both points of the scissor to apply torque to the lock cilinder.
This isn't hard... with some practice, you can open these locks in a minute or 2. We used to do this at the office, going around during luch break to swap everyone's Kensington locks around, then watch the frustration at the end of the day, as everyone discovered that their key did not fit anymore. I know, it's lame, but we were bored okay?
I don't have any qualms about revealing the 'secret' of Kensington lock picking, as I would have with revealing a hot new exploit. This trick is years old, and asa I said: any bored person with a paper clip can figure this out for himself.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Man, I don't know where you come from, but ten seconds? You must have either really blunt knives in your town, or titanium spiked butter or something, but damn!
Cogito, ergo sig.