Slashdot Mirror
The Study of Physical Hacks at DefCon
eldavojohn writes "DefCon usually focuses on electronic security, but Saturday a talk was held that focused on possibly the oldest form of hacking — lockpicking. As software security becomes better and better, the focus may be shifting towards simple hacking tips like looking over someone's shoulder for their password, faking employment or just picking the locks to gain access to the building where machines are left on overnight. From the article: 'Medeco deadbolt locks relied on worldwide at embassies, banks and other tempting targets for thieves, spies or terrorists can be opened in seconds with a strip of metal and a thin screw driver, Marc Tobias of Security.org demonstrated for AFP ... Tobias says he refuses to publish details of 'defeating' the locks because they are used in places ranging from homes, banks and jewelers to the White House and the Pentagon. He asked AFP not to disclose how it is done.' I'm sure all Slashdot readers are savvy enough to use firewall(s) but do you know and trust what locks 'physically' protect your data from hacks like these?"
...with a Smith & Wesson (or a Glock, or a Bushmaster, or a Remington).
>>do you know and trust what locks 'physically' protect your data from hacks like these?"
I know I weld my doors shut nightly. You should too!
Shiny. Let's be bad guys.
"...simple hacking tips like looking over someone's shoulder for their password."
How far the meaning of this word has come from it's original usage.
Now that I think about it, I'm pretty sure everything I just said is completely wrong.
Because doors are riddled with 0-day exploits in the frames and hinges. With even a small vehicle, you can exploit a stack-overflow in the frame, popping the entire door out. DOS attacks against hinge pins can also be used to completely bypass a lock.
the focus may be shifting towards simple hacking tips like looking over someone's shoulder for their password, faking employment or just picking the locks to gain access to the building where machines are left on overnight.
It's not shifting at all. I've done my share of hacking when I was younger (ahem) and the weakest link was always the human link. It was much easier to con the secretary into giving a password than hacking the secretary's computer, and I suspect it's even more the case now with more solid computer systems. That's called social engineering and it will always work very well indeed, because much to my dismay, computer users get dumber and dumber as computer get more and more powerful.
As for lockpicking, it's not really a secret that no lock is safe. Look up "bump key" in your favorite search engine and you'll see what I mean.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
Why do they put door locks on a convertible?
What?
Google is your friend. All of about 30 seconds of searching came up with this article as well as others. Although I didn't watch them I also found a few videos posted on YouTube that claim to demonstrate how to do it.
Yeah you can get an army of zombies to help you pick the lock, but you have to get the in close proximity to the lock and make sure they don't trip over each other.
Besides, most zombies don't have the physical dexterity necessary for good lock-picking. In large groups they are good at tearing the door off its hinges or ramming through it though.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
There's probably a door around back that is standing open.
lol: You see no door there!
The cuts in the key are individually angled so they rotate the tumblers as well as lifting them. Slots in the tumblers are lined up by the rotation to unlock a sidebar that fits into a longitudinal slot in the cylinder.
Bump keys can't even get started opening that.
More burglars have feet than have lockpicking skills. Step one in physical security is to combat kick-in attacks. Replace your strike plate, which I can almost guarantee is inadequate, with a reinforced model like the Mag-3 and most important, install it with #10 wood screws at least 3" long, so it can't tear out of the studs when subjected to a good kick. Predrill the holes and put soap on the threads so you don't break screws as you install it.
A block watch is a great idea too. Neighbors are a security mechanism.
An alarm system also protects you against fire, which depending on where you live can be a bigger threat than burglary.
One summer I was forced to park right in the same neighborhood as crack houses, etc, because of where I had to work. As did my co workers. They all locked their doors and trunks, result, all of them got busted glass and popped trunks. I warned them too, I really did, I said "look at reality, these cars are targets now". Nope, none of them listened. I left my doors unlocked and the trunk slightly open, just eased down. The ride was so old and ratty I wasn't afraid of it getting stolen, albeit that was a chance. There was nothing left in the car to steal, a very cheap in dash radio not even worth a dollar at a pawn shop, but I made it easy for the crooks to ascertain that, because I knew they would look.
Ya, it sucked doing that,the principle rankled me, but my practical nature took over, because it was better than having to replace a door window.
Most modern stick frame construction houses are vulnerable to a razor knife. Just pick a section of wall and slice a hole. You got plastic siding, a thin tyvek sheet, some cheap ass pressboard stuff,(glorified cardboard really), some spun fiberglass insulation, then drywall. That's all you need, a couple minutes with a razor knife and any thief can get in easy, let alone if they use something like a cordless sawzall thing.
A big problem with mechanical locks is the form factor. Anything that has to fit in a standard US cylinder lock hole is inherently weak. It's just too small.
There are some good locking systems out of Israel. Mul-T-Lock makes door locks that extend three or four deadbolts through the door and into the frame, like a vault door. These are made to work like ordinary door lever locks.
The best residential doors are found in older HUD-financed housing projects in bad neighborhoods. Apartment doors are steel fire doors mounted in steel frames, and walls are reinforced concrete. Those things will resist a battering ram. The lock mechanisms usually aren't that great, but the threat there is generally brute force, not lockpicking.
It's surprisingly hard to get good doors and locks in the US. There are better locks in parts of the Third World.
I think it is medeco http://www.medeco.com/ not "medico". Medico locks are for locking up your girlfriend so nobody can access her private parts.
These locks are harder, but not impossible to bump for a very skilled locksmith. Nothing is 100% hack-proof, just harder to hack.
Everything I write is lies, read between the lines.
That's what encryption is for. Even with physical access, your files are secure as long as the key lives inside your brain.
Of course they can then be deleted, but someone who would have access to my computer could only "damage" my most precious data, not read it. A computer does not work like a safe, it can be much more efficient.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
Locks are easy compared to trying to unhook her bra with your left hand in the dark.
I'm currently managing a transition to using only encrypted file systems, using loop-aes. As the parent says, one reason to use encrypted file systems is protection against burglars. The access keys for the data disappear as soon as the power is disconnected, so the burglar gets the hardware but no data. Thieves have to be unusually smart if they want to copy the plaintext - they'll have to trick you into revealing the key to them somehow.
But it doesn't just protect my data from burglars. It also enables me to return hard disks for warranty replacement without worrying that the manufacturer will be able to look through my files. I don't have to scrub my disks before sending them off. Disk scrubbing is never 100% effective, and might not even be possible if the controller has failed.
Loop-aes is now supported by Debian stable. I just needed to apt-get two packages, loop-aes-utils and loop-aes-modules-$KERNELVERSION. Through this, it is very easy to add non-root encrypted filesystems to your machine. An encrypted root filesystem is harder to arrange, but well worth having. There are HOWTO guides to help you set one up. The usual implementation requires you to enter a passphrase as your machine boots.
>north
You're an immobile computer, remember?
The Dell key-logger hoax has probably the best decoy story to move
_ html/jbug-Usenix06.html
professional hackers/security staffers into the wrong direction, as in
May 2006, USENIX published the following research article :
"Keyboards and Covert Channels"
by Gaurav Shah, Andres Molina and Matt Blaze , 2006-05-17
Department of Computer and Information Science
University of Pennsylvania
http://www.usenix.org/events/sec06/tech/shah/shah
In it the authors demonstrate that todays unwarranted wire tapping NSA
activities, normally don't result in much success as serious internet
users routinely apply encryption into their communications, like IPSec
tunneling, ssh, VPN access connections, secure web-traffic https when
i.e. doing Internet banking activities.
However, secret service found a clever approach to all this, by
covertly installing a Keyboard JitterBug into your keyboard. Here's
how to secure your most trusted keyboard :
Keyboard JitterBug eavesdropping
http://crashrecovery.org/internet/#jitter
where i may add, that lock picking _ALSO_ has been the best hoax ever
on public display. Why? How many people today design their _OWN_
locksmith locks? All installed door-locks worldwide are somehow sold in
stores, hence its products and replacement keys are in the archives of
the local secret service.
Robert
Remember, there were no nuclear weapons before women were allowed to vote.
Parent's point I'd guess would be that it's an arms war. If you're saying that the way to stop being knifed is to carry a knife yourself, then the criminals carry guns. And if you match that with a gun, surely the only solution is for everybody to carry fecking ridiculous big guns around? Personally I am happy to be able to walk down to the shops without needing to carry a weapon.
If weapons stop crime, how come the USA, one of the most tooled up countries in the world, has so much crime and so many people die from gun injuries?
you can't bump medeco's. the pins are all placed on angles (like 15 degrees or something). that's was the whole point of medeco's to start with, they're impossible to bump, and a headache to pick traditionally.
I remember buying a Samsonite briefcase with digital lock. Two weeks later I had a bunch of people try to open it over a weekend. Nobody managed to crack the 4 digit lock during the two days despite trying all available combinations and despite me opening it every time when I was handed it.
:-)
Why?
Because they DIDN'T try all available combinations. I discovered that the Samsonite digital lock with 4 positions from 0..9 can have a total of 11110 combinations instead of 10000 because you do not need to use all positions (which is not even in the little manual). In other words, the number of possible combinations is 10000 + 1000 + 100 + 10. The combination in use was "9" with me pretending to press the remaining 3 digits so there was a little bit of misdirection involved
Having said that, that specific lock has a more fundamental flaw that allows it to be easily reset, and this type of briefcase is not popular with airport security so I eventually stopped using it.
Insert
Lockpicking is the oldest form of cracking, not hacking. Hacking is best summed up as "unconventional and creative use of technology". It is not a synonym for breaking and entering.
This used to be news for nerds -- please get it right.
Gotta agree with you on this one. I too am somewhat familiar with the Medeco series of locks and until I see
:)
someone actually open one without a key, I will remain very, very skeptical of any claim otherwise.
The units I am familiar with were used on high security doors. Things like weapons lockers, arms magazines,
even my Armored Box Launched Tomahawk Cruise missile launchers. . . . .
I did lock picking as a hobby and a means to keep my sanity during deployments. I was able to pull apart a
Medeco cylinder to see what made them so tough. Besides the fact that the pins are made of carbide ( as well
as carbide inserts in the face of the lock to deter drilling ) there is no shear line that you will be able to
hear or feel.
Medeco's use an angled tumbler concept where a hole is drilled into the side of each tumbler. The key is
beveled so it will both lift and twist the pin to the proper height and angle for the drilled hole to line
up with a pinned sidebar. My cylinder was equipped with six or seven tumblers. Thus lifting to the correct
height, twisting for the correct angle and holding it for each of the tumblers is a very tall order for someone
trying to ' pick ' the lock.
Once all the tumblers are lifted to height X and twisted for angle Y, all of the drilled holes line up with the
pins on the sidebar. The sidebar is able to seat and the cylinder will now open.
Bottom line, they can make all the claims they want. I'll believe it when I see it. Easier to blast the door open
with some C-4.
The "pressboard stuff" you're referring to is called OSB (Oriented Strand Board). Yeah it does look cheap, like scraps glued together, but actually it's stronger than either plywood or a wooden plank of the same thickness. (Both plywood and OSB are what they call engineered woods)
Anyways there's no way in hell you're going to punch a hole that you can walk through on an OSB exterior wall with a razor, in any reasonable amount of time. (it will take you hours)
Yes you can saw through it with a power tool, but that applies to any wooden house of any vintage, not just "modern stick frame" ones.
I really don't want to advertise but here in Finland about 99.99% of households and companies use Abloy locks. Yes, they have sort of monopoly here but that's gained on true merits. The locks are so hard to pick, that if you lose your key, locksmiths will just break your door or the lock if possible. It's not worth spending 10 hours picking it. A second good reason for using Abloy is that it doesn't freeze or get jammed as like pinlocks. There does exists tools to open Abloy locks but they can be used only on models made in the 70's so they basically useless.
The thin strip of metal is called a "key" - you insert it into the "lock", and turn it. I'm not sure of the screwdriver's purpose. Perhaps you use it to scratch your head, wondering why you brought it along.
Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
I came in here to read about locks and lock security and lockpicking. Instead it has turned into almost complete gun control debate. Letting people stray so far off topic should be discouraged so we can read posts that relate more to the subject at hand. /if there is an off topic mod I guess this should be given the same rank as well.
My Xbox Live Gamer Card