DefCon Chronicles: open any lock under 5 seconds
Marc Weber Tobias and Matt Fiddler are talking about bump-opening most of the locks out there in the United States. The full paper is availavle at security.org. They also conducted a research with USPS and Mailboxes, etc. While USPS quickly worked with the researchers and agreed that the issue was there, MailBoxes, etc. keeps denying there’s a problem. A PDF with detailed technical analysis is also available. The presentation promised:
Case examples and demonstrations detailing a major security flaw and vulnerability in locks used by the federal government and a private sector corporation that affect millions of users will be presented.
and it certainly delivered that. Live in an apartment complex? you can make a bump key out of your key that will open any apartment. Rent a mail box? Gain access to anything that uses the same type of key. And if you’re bothered too much with creating your own bump keys, just buy some off eBay.
August 6th, 2006 at 12:36 pm #Defcon adventures at post-next -Ted Drake’s sketchbook
[...] I’m not at Def Con, the convention for hackers and anti-hackers. Heck, 90% of the tech would go straight over my head. However, Alex “The Iron Wall of Foosball” is at Def Con and sending a stream of blog posts highlighting the weekend’s adventures. Tune in and pretend that you too were picking locks and picking on the norms. [...]