Lockpicking Forensics

New Anti-Forensics article & Updates!

A new article called "Anti-Forensics: The Keys to the Farm" has been added to the Articles section. It details a new type of lockpicking tool designed by a Lockpicking 101 member. It was an attempt to evade forensic detection, and a very creative one, at that! Start reading: Anti-Forensics: The Keys to the Farm.

The Mul-T-Lock article is also updated with information on the Mul-T-Lock CLIQ attacks discussed at Defcon 17 and Hacking at Random a few months ago. From what I understand, researchers also have attacks against the newest generation of Mul-T-Lock CLIQ; they'll be included in the paper if/when they're made publicly available.

It was also Lockwiki's 1 year birthday in November! I hope you all had a great Thanksgiving, Christmas, and New Years. Some new articles should be out in a few weeks, so stay tuned.

Posted by datagram, 01.15.10

Toorcon 11, Magazines, and updates

Hello! Sorry for the delay in updates, but I've been very busy working on a few projects, including Lockwiki.com. I'll be speaking on "Lockpicking Forensics" at Toorcon 11 in sunny San Diego, CA at the end of the October. This version of the talk will be somewhat different, as it is extended and includes material that I haven't had time to present in the past. I'll also be running the Lockpicking Village at the conference over the weekend, so feel free to stop in and say hi! I'm also working on getting a workshop together for the pre-con events. The workshop is titled "Applied Physical Security - Lockpicking and Safecracking" and will be an in-depth, hands-on course that covers attacks against locks and safes. For more information visit the Toorcon 11: Workshops page for more information. If you are interested, please contact me; I can likely get you a discount on the entry cost.

In other news, I've been contacted by a few different physical security and locksmithing magazines to write articles on forensic locksmithing. I'm not sure when these will be officially published, but as soon as they are I will post about it here. I'm working on getting scans or online versions of the articles to post when they are ready, too.

Aside from all that, I'm working on some updates to the site, particularly with non-pin lockpicking, sidebars, combination locks, and other odds and ends. The Mul-T-Lock paper will also be updated as soon as I finish organizing input from all you guys and add some new sections (of interest, the Mul-T-Lock CLIQ section will get a big update now that Tobias, Bluzmanis, and TOOOL NL have given out more attack information). For now, the Pick Guns page has been updated to show the plug walls of a lock picked with a vibrational pick gun. Some new articles are in the works, too, but are currently on hold until Toorcon and some private training events are completed.

Defcon wrap-up, Mul-T-Lock, and Bypass updates

Another fine year of Black Hat and Defcon has passed. I spoke at both conferences, and the talk seemed to go over well even with people that were unfamiliar with locks and lockpicking. At Defcon I stopped in on Alek Amrani and Schyuler Towne's "Intro to Lockpicking" pre-con workshop. It was a great introduction for beginners, and most of the people in the room seemed glued to their seats. I worked in the Lockpicking Village over the weekend at Defcon, which was also lots of fun. The village was packed all weekend and we were constantly giving talks on lockpicking, combination locks, impressioning, and safecracking.

While at Black Hat I sat in on Deviant Ollam and Babak Javadi's excellent "Physical Security; from Beginner to Expert" workshop. While there Babak demonstrated a bypass technique for the Code Lock 4000 series electromechanical lock (originally discovered by Marc Tobias). I was lucky enough to have some time alone with the lock to do a basic analysis and get some great macro shots of the tool marks and material transfer. Both have been added to the Bypass page, including an updated American 700 tool mark photo.

I should also be getting a set of teflon coated picks (now standard on all TOOOL US picksets) to add to the site. These are not surreptitious, though many people think they are. This information will be added to the Lockpicking page under "Non-metal Lockpicks" once available.

Finally, Marc Tobias and Tobias Bluzmanis gave an excellent talk on electromechanical locks and attacks against them at Defcon. They demonstrated a variety of attacks against the CLIQ, Logic, and Nexgen platforms. Information on the CLIQ attack, specifically the Mul-T-Lock CLIQ, will be added to the Mul-T-Lock paper soon. A few corrections and additions to the paper will also be included, but if there is anything you feel could be added or improved, feel free to e-mail me!

Mul-T-Lock: Design and Security

The first article for the site is available, titled "Mul-T-Lock: Design and Security". It is a comprehensive guide to Mul-T-Lock telescoping pin-tumblers over the company's nearly forty year history. It also includes analysis of the attacks against various Mul-T-Lock systems and references for keying, coding, and patent information. Much of the information is not available elsewhere, especially the information on the newer MT5/MT5+ models. Be sure to check it out! The paper is available on the Articles page. (or direct pdf link)

In the paper you'll see various notes where I could use more information or expertise. Please contact me if you can help with any of these! This paper is very much a community work; many people have helped to contribute, review, and proofread it. I'd like to keep it updated where possible, so feel free to contact me if you feel there is anything missing or incomplete.

Black Hat and Defcon are in about two weeks. See many of you there! Check the Events page for more information on upcoming events.

Black Hat, Defcon & Articles

Well it's about that time of year again. I'll be speaking at both conferences on Lockpicking Forensics, but the Black Hat version is slightly longer (75 minutes). At Defcon I'll be working in the Lockpicking Village most of the weekend, manning the tables and giving mini-talks on various topics. If you'll be at either conference come introduce yourself! More info on upcoming events is available on the Events page.

In other news, I'm getting ready to publish the first two articles for this site. One is a whitepaper that I wrote for the Blackhat and Defcon talks; mostly a re-hash of the information on this site, though some people might find it easier to digest. The other is an article on a specific lock company and just about every lock they've produced over the last 40 years. It will cover design, function, and security. Similar to Han Fey's Abloy articles, but with more of an eye toward security than function. Who is it? That'll be left as a surprise! (Tip: they are a high-security lock manufacturer famous for a specific type of lock). Stay tuned!

Acid, Vibration Picks & LayerOne Wrapup

Well, LayerOne was a blast. Special thanks to Deviant Ollam and scorche for working hard to make the Lockpicking Village awesome. Pictures from the village are now included on the Events page under "Past Events". The next scheduled events are talks at Black Hat USA and Defcon 17, both in the same week in Las Vegas at the end of July. I'll also be with TOOOL USA in the lockpicking village at Defcon, giving talks, manning the tables, and so on. See many of you there!

A brief discussion of forensic evidence left behind by nitric acid based attacks against brass pin-tumblers is now on the Destructive Entry page. Expect this to be updated in the future as I get more concentrated nitric acid as well as other things that claim to dissolve brass.

Freaky of Irvine Underground (IVU) was kind enough to lend me some of their vibration picks at LayerOne to test. Forensic evidence is now included on the Pick Guns page.