Slashdot Mirror
Kensington Laptop Locks Not So Secure
eric434 writes "According to a security alert released by Security.Org, the Kensington laptop lock that many of us use and love isn't secure. In fact, it can be opened in 30 seconds after about a minute of practice with a $1 worth of equipment. (A Bic pen, and a pair of scissors. In the interest of giving people some time to stop using the locks, the actual method of opening the lock is left up to the reader.)
To make matters worse, Kensington's 'We'll give you $1500 if someone steals your laptop' guarantee doesn't apply -- because the process of opening the lock doesn't damage the lock or cable." Mind the source, though -- security.org wouldn't mind selling you a book on locks and safes.
sooo... if you steal my laptop, please take the cable and lock, so I can still get my $1500...
We'll give you $1500 if someone steals your laptop' guarantee doesn't apply -- because the process of opening the lock doesn't damage the lock or cable.
After your lock has been cleanly picked, go to your local Home Depot, get a cable cutter and cut the cable yourself. Make sure you make a real mess of it. Then send back to Kensington and claim the $1500.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
For the sake of those who thought to RTFA, the article gets you to email the author regarding the details of the exploit.
Extract from article:
You may contact the author for further details as to the method of entry. All computer owners and administrators should be aware of the potential for theft if you utilize this device. The full details of how to compromise this device are contained in LSS+ Version 5.0 Multimedia edition of Locks, Safes, and Security. Kensington may be contacted for further information at 800-535-4242. The company was notified of the problem by the author on July 13, 2004 and has refused to comment on or acknowledge the problem, or to return any telephone calls or e-mails. The author believes that the manufacturer can remedy the problem and should be required to do so. All purchasers of this device may wish to request a replacement from the manufacturer that prevents this form of bypass.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World" 1 John 4:14
I just arrived home from an out-of-state family reunion, where I had my ThinkPad locked to a picnic table with a Kensington lock, to find out that my computer was not nearly as secure as I would have thought. My wife points out that there were pens and scissors there, too! They could have taken my preciousssss!
Have you seen one of these cables? They are actually quite thick and strong, so wirecutters would not have any effect other than slicing the outer skin.
However, I'm sure there are tools for this job available at your local Home Depot or other hardware emporium. Just remember to make the cut nice and messy.
A simple pair of wirecutters would not remove the locking cylinder.
The point of the Kensington lock is not so much to secure the laptop to something as to ruin the resale value of it by virtue of the damage likely to occur to the laptop if the lock is forcibly removed.
This hack apparently allows the lock cylinder itself to be cleanly removed, rendering the lock useless and giving the thief a laptop to sell that doesn't scream out "Look at this torn-off case plastic! I was stolen!"
Thing was so insecure that I was playing with it in the airport on a business trip one day and I realized all I had to do was to push the pin inwards and it immediately came off.
I had one of these and they're a waste of $70.
Here's another good one: pick the thing up very very slowly, so it doesn't start screaming, lift it about 10" off the table, then slam it flat on the table, battery down, as hard as you can. The motion sensor will be busted right out and the thing won't peep a sound. If, by some misfortune, it does start beeping, press your thumb real hard against the hole underneath, where the piezo is, to silence it.
These things are crap, honestly. Stay away from it...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
well. . I mean I guess it wouldnt matter to me wheather it was a len or a wire cutter. 1500 dollers might cover a good portion of the hardware costs, but usually the information on the drive itself is far more sensitive. What they need is a lock that causes the computer to self distruct.=) it not only protects the programmer, but teaches the thief a good lesson!
Australian Defence Force laptops (all thinkpads, that I've seen) have this. Try to break in and various parts of the laptop burst into flame.
See how easy it is getting data off a hard drive that's protected by a lithium/oxygen lock.
This reminds me of one of my favourite pieces of Australian TV.
I'm sure you are all familiar with steering wheel locks, the most well known in Australia is called a Club Lock.
A magazine called "Choice", which reviews and tests products, reviewed all available steering wheel locks and claimed that the Club Lock could be defeated in less than 30 seconds by someone with no experience at car theft.
The manufacturer responded by modifying and improving the lock mechanism, but the magazine repeated their claim that it could be defeated easily.
This went on for about 4 generations of Club Lock and saw the introduction of a "star shaped" key to making picking the locks "impossible", as well as other developments. But Choice maintained that the Club Lock had not been fixed and anyone could defeat it in under a minute.
A local TV current affairs show filmed a carpark showdown between the manufacturer of the Club Lock and a reporter from the magazine, as the manufacturer prepared to release their latest model and the magazine claimed it would be able to defeat it in less than 30 seconds.
They were screaming at each other in a car park and honestly looked like they were going to hit each other. The manufacturer claimed (in near hysteria) that it was impossible for someone to pick their locks, and that the magazines claims were wrong. The magazine denied this, and so were challenged to demonstrate their claim on TV.
A brand new model Club Lock was placed on a car steering wheel.
The magazine reporter got in the car, grabbed it, and gave it a good hard yank, and it came off easily.
The manufacturer went very very quiet.
The funny thing about this - and the reason I remember it - was that the people who made Club Locks never asked the magazine HOW they'd been defeating their product. They all assumed that the locks had been picked. Practically all the improvements they made to the product over 4 years were in improving the lock mechanism. They never expected that the piece of metal which hooks around the steering wheel was so weak it could be easily bent. They shouldv'e thought laterally.
Anyway it was very funny. Trust me, I still remember it and it was about 15 years ago.
Putting syrup in coffee is some form of blasphemy.
Look, laptop locks are psychological blocks, not physical blocks. If you can't hork a cablelock out of a plastic laptop case in less than 15 seconds you don't deserve to steal that laptop.
They keep honest people honest. They're speedbumps for the pros. Don't leave you leptop alone!
Just use the DMCA's anti-circumvention clause and ban bic pens, and scissors! I'm sure this follows the spirit of the law, and totally what the legislators intended the DMCA for. Enforcement of this ban should be pretty easy as well...
"There is no spoon." - The Matrix
If my answers frighten you, stop asking scary questions.
I just leave my crappy old 150mhz Toshiba next to a few friends' Powerbooks.
Problem solved.
The apple I-lock. Its transperant purple, has only one key and costs $349.95.
I have two ideas on it.
:)
:)
The first is what you're implying, using common tools like a lockpick set.
The other, which may be more likely in this case is the way I "encourage" doors open when some fool locks themselves out.
I'd be willing to bet that this lock sets itself when you slide the end of the cable in. Kinda like a door latch. It slides over the angled bolt, and once it's over it is trapped til you use the key.
If the pen was a common white bic, and you removed the tip, ink, and back, you'd have a thin plastic white tube. If you used the scissors to cut the tube in half, even for just an inch or two, you'd halve a half-pipe roughly the size of the cable. Slide that down between the cable and the lock, and it would push the lock's bolt out of the way, and allow the cable to come free.
It's a little harder to do with a common home or office door, but can be done with a credit card.
This doesn't work for dead bolts (obviously). It also don't work on most padlocks, because the space is too small to slide something in.
Personally, I believe locks to be a tool to make people feel safe, and to keep 'honest' people honest.
A locked office in most office buildings can be accessed through the drop ceilings, or with the "assistance" of the janitorial staff.
A locked door on a house can be circumvented by going through a window, locked or not.
But, seeing a lock on a laptop, or a locked door on a room or building, makes a person think twice. The next one they find may be that much easier. Why go for the one with the Kensington lock that takes 30 seconds to steal, when you can just pick up the next guy's laptop bag with everything in it when he's not looking? You could tie your laptop off with a length of rope and be just as secure.
Kinda like 802.11b encryption. It's easy enough to crack, but most people will move on to the unencrypted network.
Serious? Seriousness is well above my pay grade.
So you want to know about lock picking?
There is this wonderful site that has a great article about it: http://home.howstuffworks.com/lock-picking.htm
Make America grate again!
Hmm... I can't believe it took this long for this 'exploit' to surface. Any geek with a laptop, some boredom and a paperclip should have figured this out already.
Anyhoo: what you need is a pair of scissors and a paperclip. if you have no scissors, a second paperclip will work, if not so well.
Jam one point of the scissors into the rectangular hole on the circumference of the circular key slot. Twist the scissors so that the inner part of the lock turns into the 'open' direction. Keep applying a gentle pressure, and use the paperclip to push in the little pins in the circular groove, one by one. Push down lightly and slowly until you feel the pin 'snap'. If you release the pin, it should be held in place and not spring back up again. If it does, just try first with another pin. Eventually you'll get them all and the lock will turn open. You can close the lock again in the same way.
Some of these locks have a security feature... when you've twisted the cilinder halfway to the 'open' position, it will lock again. In this case you'll need both points of the scissor to apply torque to the lock cilinder.
This isn't hard... with some practice, you can open these locks in a minute or 2. We used to do this at the office, going around during luch break to swap everyone's Kensington locks around, then watch the frustration at the end of the day, as everyone discovered that their key did not fit anymore. I know, it's lame, but we were bored okay?
I don't have any qualms about revealing the 'secret' of Kensington lock picking, as I would have with revealing a hot new exploit. This trick is years old, and asa I said: any bored person with a paper clip can figure this out for himself.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...