Slashdot Mirror
Shrinky Dinks As a Threat To National Security
InflammatoryHeadlineGuy writes "What do Shrinky Dinks, credit cards and paperclips have in common? They can all be used to duplicate the keys to Medeco 'high-security' locks that protect the White House, the Pentagon, embassies, and many other sensitive locations. The attack was demonstrated at Defcon by Marc Weber Tobias and involves getting a picture of the key, then printing it out and cutting plastic to match — both credit cards and Shrinky Dinks plastic are recommended. The paperclip then pushes aside a slider deep in the keyway, while the plastic cut-out lifts the pins. They were able to open an example lock in about six seconds. The only solution seems to be to ensure that your security systems are layered, so that attackers are stopped by other means even if they manage to duplicate your keys."
I bet those new 3-D type printers could perform the same thing without using razor blades and such. In fact, you could probably make a computer program to transfer from images to the final "printout."
My granddad was a blacksmith who taught his trade to young crims at a borstal in the 1950s. One of them showed how he could open a Yale lock in about 30 seconds. He needed whatever plastic was equivalent to a credit card way back then, and a cigarette. He could feel the piston movement and burn the height into the plastic. No photos needed. The young crims summary: "Locks is to keep honest people out, boss."
In a sense, a moderately good lock that is all that is needed. I'd agree with the article that the objective is to remove a defense of accidentally straying. The next layer of entrapment is the real one.
Brad Blog has this story from when Diebold had a picture of their key on their corporate website back in January 2007. Diebold's since replaced the picture. There's a video of the key in action @ the link I just posted.
That which does not kill me only postpones the inevitable.
20 years ago, my house used to have a 3D-key - in other words, it had teeth all-around its central axis. Why? Because it is much harder to manipulate the tumblers that way. Not to mention that just photocopying the key won't work - or won't work as easily.
I'm surprised a high-security key has its teeth still on a line.
Those who can, do. Those who can't, sue.
Shrinky dinks? Paper clips? Gimme a break. I can duplicate a Medeco key blank with a piece of brass stock and a dremel tool, then cut a perfect key from a photocopy using my HPC Blitz. There's nothing amazing about what this guy's done. Given the appropriate information (cut depths and angles) any medeco key can be duplicated without serious difficulty. Heck, that's the case with all mechanical key locks. I once showed the Medeco rep who came to my lock shop how I could duplicate a standard G3 Biaxial key using a slightly modified commonly available Rolls Royce key blank. He was understandably dismayed, but not surprised. There are two kinds of locksmiths in this world: 1) the kind like the guy quoted in the article who said "Your locksmith will tell you this is impossible", and 2) guys like me who will tell you "yeah, someone could make a key to that--- I've done it myself". Point is, you want to use a locksmith more like 2) than 1). The first guy will feed you the standard Medeco marketing bullshit about how "only we can make your keys" and convince you that equals security. The second guy will tell you key control is useful, but it's not relevant beyond its obvious purpose. There are really only two kinds of common break-ins: inside jobs and random burglaries. In the case of inside jobs, all the key control in the world won't matter because the perp has a key already. This key could have been given to them, taken out of a desk drawer, or otherwise acquired via lax internal key management. This makes up 99% of all break ins. The other 1% is burglaries by random opportunist perps taking advantage of a weakness, usually on the spur of the moment. Back doors propped open by people out for a smoke, simply walking in during business hours wearing a suit, etc. All this spy crap people have in their heads about about burglars picking locks and James Bonding into their houses is fantasy bullshit. Real burglars wait till you're not home and throw a brick through the window, or let themselves in with the key you gave the cleaning service. All this hoo-hah over making a medeco key with a credit card is total yawnsville, and if anyone thinks they can get into the white house with a shrinky dink key, they're totally on crack. The whit House has things like SECRET SERVICE AGENTS, and ALARM SYSTEMS because they know keys alone are not enough.
If a job's not worth doing, it's not worth doing right.
I don't know about Medeco 3, but one lock mechanism that was out in other countries for almost four years before making it to the US which is quite pick resistant is Abloy's PROTEC cylinder.
It uses no pins or springs, so bumping is useless. Vibrating the key isn't going to magically move the detainer disks into position. Picking it requires a different technique altogether than pin tumbler locks.
So far, if I recall right, the best picking record for PROTEC cylinders took over 10-11 hours.
Of course, if you want the best in anti pick protection, purchase either an Abloy or Mul-T-Lock Cliq lock. It has a pick resistant mechanical key, as well as a small chip and solenoid with a challenge/response system. If someone does make a key impression, it won't help much. However, for $500 a cylinder, its pricy.
There exist keypads that are clear with LED displays behind... they scramble, and display numbers beneath the keys when activated. No patterns.
I used to be a blacksmith myself, and I never needed a credit card. My tool of choice was a ground-down .02-inch feeler-gauge (you can get one from any DIY car maintenance shop) and a screwdriver (to do the work of turning the barrel).
it's simpler than that. Each KEY has a unique (not repeated on blanks) number used once (like iButton, etc) and they're paired to the car at the dealership. The tooth pattern opens the mechanical door locks, the car doesn't start without the matching number code whether the key turns or not. Disabling the battery won't work as it happens all the time, so it's written to flash somewhere in the car computer. The various manufacture alarms all trigger off various mismatches of key versus code chip.
And to complete the circle, in most cases you have to replace not just the PCM (powertrain control module, which runs the engine and controls things like fuel injection and timing adjustment, or on distributor-free systems, initiates the sparks themselves) but also the sensor-reader. Sometimes this is built into the ignition switch itself, and sometimes it's just wrapped around it - but you have to get into the column to mess with it. This does NOT stop people from stealing these high-dollar cars, it only raises the bar. It more or less means you need a car to practice on before you can steal them, but dealers have to employ someone to service cars... And anyone can go to the dealer service schools, masquerading as a service mechanic.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"