Slashdot Mirror
Steel Bolt Hacking
The beginning of the book discusses the origins of lock-picking sporting groups, crews in the U.S and Europe, competition around the country, and how to become a part of a lock-picking group. One of the groups out of Colorado Springs, DC719, are a bunch of computer geeks that have taken up the art of lock picking and sponsor a lock-picking contest every year at DefCon. According to Mr. Chick, computer people are the fastest group to pick up the art of lock picking. (I must warn you though, there are also a lot of disclaimers about the author not being responsible for the misuses of the information contained in this book.)
The book is fully illustrated with pictures of different types of lock picking instruments, tools to make your own picks as well as padlocks, deadbolt, and combination locks. There are pictures of locks that have been cut open and even how to crack push-button combination locks. (You know, the kind you find on the door to a server room.) I have to say, for a little book, (114 pages) it is brimming with valuable information for a beginner. What I didn't realize was that software isn't the only thing that has security vulnerabilities; mechanical things like padlocks and deadbolts do as well. What was scary to learn is how easy cheap locks can be picked, and that 80 percent of all locks used are cheap locks. Expensive locks are just likely to take a little longer.
I liked that the book didn't exaggerate. It didn't tell me that I was going to be a master lock picker after only a few tries. It took a little time, practice and sore fingers, but after a couple weeks of practice, I could pick every lock in my house. And as a computer person, I liked all of the jargon that was used to explain locksmith techniques. There was also enough humor to keep the book interesting; it's difficult to read any type of textbook and still maintain a reasonable interest. The illustrations are good and there is a resource section to purchase the tools you need from the Internet.
What I didn't like about the book: The most annoying point, I felt, is the considerable redundancy in methods between different types of locks to be picked. Also, the book suggests that there might be a lock-picking group in every city in the U.S., when in fact I am having a difficult time finding one in my are. And I live near D.C. -- You'd think there would be one on every corner around here. I think that the sport is still in its infancy and Mr. Chick is hoping his book will draw more people to it. The author put his e-mail address on the back of the book. He hasn't responded to my e-mail yet, but I suppose that he's probably a busy man.
All in all, I found the book informative, entertaining and worth the purchase price of 19.99.
You can purchase Steel Bolt Hacking from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
quicktime movie of the same.
-knowles
In DC, basic possession of lockpicking instruments is illegal, unless you are a licensed locksmith. You don't have to prove intent. This is the same in many other states. Be careful and don't do anything stupid.
If you're interested in learning a bit about lock picking, but aren't sure you want to spend $20 on this book yet, take a look at this article at Howstuffworks.com.
It offers a great introduction to lock picking, and has some nice graphics that really helped me understand how locks work, and how they can be circumvented. If you really get into it, then I'm sure this book would offer a lot more information to help you along.
Wait until the streep sweeper comes by and follow it down the street. The bristles are spring steel that is perfect for lock picks. They fall off, just pick them up off the street.
I've never made a set of picks so I don't know if this is true or not, but there was a decent lock picking culture at MIT in the late 70s.
You might also check out Ted the Tool's on-line book called the "MIT Guide to Lock Picking" found here among lots of other places.
I'm suprised no one has linked to the (in)famous MIT Guide to Lockpicking yet.
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
Speaking of MIT, why hasn't anyone mentioned the MIT lock picking guide ?
Abloy locks employ a sidebar and rotating disks. It's very, very difficult to pick them for several reasons; sidebar locks are intrinsically difficult to pick (such as the old GM locks, which didn't have a pick set for them until the late 1980's or early 1990's, when some smartass figured out that you could use a special spring compression tool to allow the wafers to free-float. That makes them subject to move when vibrated or rapped, and the sidebar (which is then under spring pressure) can line them up.
Abloy has no such constraint. IIRC, the world record for picking an Abloy is 36 hours. That may have changed; I don't know.
For high security locks like Medeco, ASSA, Abloy, etc., the fastest way through them is a grinder. Used to be an ice pick attack to the latch, and although some locks are still improperly installed, that's largely gone the way of the dodo.
As a locksmith myself, I'd rather have Abloy on my doors more than anything else. But they're hard to find here in the US, so I use Medeco instead. Beats the hell out of a $15 Kwikset, lemme tell you.
First, the obligatory link to a mirror of the MIT Lockpicking Guide.
Second - as another poster noted, lock pins aren't typically made from high-strength alloys. A battery-powered hand drill (and a screwdriver to turn the lock when the pins are gone) is the best and fastest lock pick that there is. Didn't even leave any visible damage when I used this approach on a filing cabinet we'd lost the key to. Just pick a bit as wide as the key entryway, and drill down the line of pins.
Be advised that the lock tends to jam after closing again, as the remains of the pins fall back into their channels when the lock returns to its original position. But if you're drilling a lock, you're typically looking for a one-time solution anyways.
Nope. This model of lock must have either really crappy manufacturing or a design flaw or both. What they're doing is the equivalent to "raking" in a conventional lock -- that's when you put some tension on the cylinder and just run a pick along the pins without any attempt to feel the individual pins. It generally won't work in a lock with security features and tight tolerances (though sometimes you get lucky). In addition, tubular locks are usually designed so you have to turn it at least 1/4 turn to open it, which would involve picking the lock several times. The Kryptonite they show releases the shackle in an intermediate position -- bad design there. A real tubular lock pick should open those locks; a simple plastic cylinder of the right diameter should not.
And never forget the value of the handy old credit card. A friend and I got started in lockpicking with some sets we got off ebay back in middle school, and by the end of high school were quite profficient.
But I've found now that just about any locked door that doesn't use a deadbolt can be opened much faster with a credit card. I keep three of varying thickness in my wallet depending on the situation. I use my ID badge at work to get into the conference rooms because it's quicker than pressing in the door code.
Also, two butter knives work pretty well too if you have a reasonable gap between the door and frame, just alternate force on them to "walk" the latch out. Best part is, you haven't touched the door handle at all, so it's about as non-invasive as you can get
Okay, in many states you can legally own lockpicks as a hobbyist.
HOWEVER!!
IF YOU ARE ARRESTED FOR -ANY- CRIME, POSSESSION OF LOCKPICKS WILL CAUSE YOU TO ALSO BE CHARGED WITH POSSESSION OF 'BURGLERY TOOLS'! This could even include a speeding ticket if the Officer decides to search you. So if you are going to carry lockpicks on your person, BE CAREFUL!
Boy is this true. Having worked with card-access systems for 5 years, I always chuckle at the way movie characters get past these things, and not trip any alarms in the process.
Just some notes for those people contemplating getting past a card reader.
- Pulling apart the reader may trigger an alarm, not always but often enough.
- Shorting the wires together will not open the lock. What it will do is A) send lots of alarms (read fails) to the guard at the security desk. B) Very possibly short out the door control and make the door locked permanitly.
- From the Resident Evil movie, running a needle through a card reader will get you jack. Maybe its a good thing they just let her out.
- You will never "lock in" a single digit of a PIN combination on one a electronic combination lock by running through numbers. What you will do is send through a bunch of alarms to the guard.
- While cutting the wires to a door alarm will technically disable the alarm, the loss of the door loop will send through its own alarm. Those wires carry a specific resistance, if that changes an alarm is sent.
Those are about the worst offenders off the top of my head, in reality getting past an electronic lock is a pain in the ass, this is why the government/military uses them.Necessity is the mother of invention.
Laziness is the father.
Whine about it for awhile longer. Then use the Wayback Machine.
The opinions stated herein do not necessarily represent those of anybody at all. Deal with it.
Lever locks have the combination component one step removed from the input component, which makes them harder to force. If you try to force a lever lock, you may trash the levers, but that won't open the lock.
Safe deposit boxes are traditionally lever locks, although not always very good ones. Jail locks are usually level locks of massive size.
Lever locks are usually big rectangular boxes, unsuitable for embedding in a door. So they're not used much unless serious security is required, as in a jail.