Marc Weber Tobias and Matt Fiddler are talking about bump-opening most of the locks out there in the United States. The full paper is availavle at security.org. They also conducted a research with USPS and Mailboxes, etc. While USPS quickly worked with the researchers and agreed that the issue was there, MailBoxes, etc. keeps denying there’s a problem. A PDF with detailed technical analysis is also available. The presentation promised:
Case examples and demonstrations detailing a major security flaw and vulnerability in locks used by the federal government and a private sector corporation that affect millions of users will be presented.
and it certainly delivered that. Live in an apartment complex? you can make a bump key out of your key that will open any apartment. Rent a mail box? Gain access to anything that uses the same type of key. And if you’re bothered too much with creating your own bump keys, just buy some off eBay.
