[HN Gopher] Saintcon: Lock Picking Lawyer Keynote
___________________________________________________________________
Saintcon: Lock Picking Lawyer Keynote
Author : brudgers
Score : 385 points
Date : 2021-11-28 04:42 UTC (18 hours ago)
(HTM) web link (www.youtube.com)
(TXT) w3m dump (www.youtube.com)
| xaduha wrote:
| I keep bringing up smartcards in every thread, but I just can't
| help it. Car keys seems to be moving towards contactless, at
| least Tesla got a right idea, there's even open-source
| implementation as an applet for it
| https://github.com/darconeous/gauss-key-card.
|
| Cryptography is math and you can't beat math, cost and scale will
| always limit complicated physical keys. And most existing
| electronic keys/tags/fobs/cards use cheaper not-quite-smartcards
| that are vulnerable to replay attacks and cloning, LPL even had
| some videos about them.
| judge2020 wrote:
| Tesla got it wrong in the sense BT is vulnerable to repeater
| attacks and such could likely be used to steal your car,
| assuming you were targeted by someone trying.
|
| Edit for reference:
| https://news.ycombinator.com/item?id=25187170
| xaduha wrote:
| Cut Bluetooth then, I'm not talking about Bluetooth. Google
| Titan also had a Bluetooth version which was also vulnerable
| I think. And even BLE needs a battery, smartcards (or smart
| rings) don't.
| tux1968 wrote:
| I don't know how Tesla implemented their key, but there's
| nothing in BT that makes it inherently vulnerable to repeater
| attacks. Garage doors addressed that problem a long time ago
| by changing the code after every successful opening.
| marcan_42 wrote:
| That's not a repeater attack; that's a replay attack.
|
| A repeater attack means tunneling the communications over
| the internet/long distance radio/whatever, where someone's
| in your car and someone else is following you. That's the
| repeater bit, they have a pair of devices that act like a
| long distance radio repeater.
| tux1968 wrote:
| That's diabolically clever. I'm curious how any
| technology can overcome that, and why BT is apparently
| more susceptible?
| xaduha wrote:
| > I'm curious how any technology can overcome that
|
| Faraday cage/foil wallets for things that don't require
| any auth or PINs or even a button press.
| tux1968 wrote:
| Okay, but that would work for a BT device too. I was
| mostly curious why BT was seen as a bad choice and more
| vulnerable than another option.
| xaduha wrote:
| This whole comment tree kinda got derailed into
| bikeshedding about BT with confusion between replay and
| repeater attacks to boot. It probably isn't any more
| susceptible than similar RF alternatives.
|
| Personally I wouldn't want a BT key because I used smart
| rings, namely a contactless payment ring and an OMNI
| ring. They aren't without issues, but they are miles
| ahead of a device like Chameleon Tiny Pro (which I also
| used) when it comes to usability. There might be smaller
| BLE devices out there, but it is pretty small. About the
| same as Google Titan BLE based on the images.
| istjohn wrote:
| You just need a technology that only works across spaces
| no larger than a couple feet.
| PeterisP wrote:
| There really aren't common technologies that *only* work
| across spaces no larger than a couple feet; the
| technologies that _normally_ are limited to very close
| range can actually be used at larger distances with
| proper (large, directional) antennas and more powerful
| radio hardware.
| ema wrote:
| If you can make the response fast enough that the speed
| of light delay dominates you can measure the latency and
| have an upper bound on how far away the key can be.
| oxplot wrote:
| Repeater attacks can be mitigated by putting a time limit for
| a response from the device used as the key (e.g. phone).
| That's how a lot of contactless payment terminals ensure the
| physical credit card is in proximity of the reader and
| someone isn't relaying the responses across the country.
| chrisseaton wrote:
| > Car keys seems to be moving towards contactless
|
| Moving towards? I don't think you can buy a car that has a
| physical key anymore can you (except for the emergency key you
| can pry out.)
| folmar wrote:
| There is no shortage of those Dacia Spring Dacia Sandero
| Stepway Renault Clio Renault Captur Renault Megane VW T-Cross
| ...
|
| I'm tired to list more.
| BenjiWiebe wrote:
| And there's the weakness. An emergency key that you can use
| means there's an emergency keyway that can be picked.
|
| And thank goodness, too. I spoke to a locksmith a while back
| and he told me about some fancy import sports car with no
| emergency keyway and there was a child locked in, and of
| course the key was in the vehicle.
|
| He did get the door open, IIRC there was a button to press to
| unlock, but not where his long-reach tool could easily get
| to. He said a cop had to watch from the other side and guide
| him to the button. He said it took around an hour to open.
| approxim8ion wrote:
| In US and some EU countries perhaps, but I can assure you
| that is not the case for most of us out here.
| pavel_lishin wrote:
| > _Cryptography is math and you can 't beat math_
|
| But you can beat badly written software.
| speedgoose wrote:
| If youtube suggests way too many lock picking videos after you
| watched this one, you can go to your YouTube history and remove
| the video from the list.
| timonoko wrote:
| Happiness is when you finally discover and experience "counter
| rotation" all by yourself.
| codezero wrote:
| And madness is when there are only serrated pins. At least for
| me :)
| cranium wrote:
| LPL videos are an example in educational videos. Clear
| explanations, no fluff, no finger pointing (except for Master
| Lock and unbacked marketing claims) and real expertise.
| Stevvo wrote:
| They stand out in all of the fluff on YouTube because it's just
| about the locks. No vane selfie cams.
| sneak wrote:
| There are a lot of famous no-face YouTubers. AvE, Maru's
| human, etc.
| mnw21cam wrote:
| Similar to Big Clive.
| unixhero wrote:
| Now we're talking:
| https://www.youtube.com/watch?v=zfJjicQkYsU
| oxplot wrote:
| I want LPL to tell me _once_ what to buy, not keep telling me
| what not to buy 1400 times. It 's educational, I understand, but
| man, can you put up one video where you tell us what you use on
| your own front door?
| dotancohen wrote:
| > I want LPL to tell me once what to buy,
|
| That would entail far more responsibility - and possibly
| liability - than telling you what not to buy. Remember, this
| guy is a lawyer.
| half-kh-hacker wrote:
| There is a video for modified Kwikset that he showed that's
| what is on his door, AFAICT.
| ImJasonH wrote:
| https://youtu.be/7JlgKCUqzA0
| kamranjon wrote:
| This goes into some padlocks he considers to be quality:
| https://youtu.be/L6iMmCSayBQ
| geertj wrote:
| Besides the modified Kwikset, he was also unable to pick the
| Bowley lock.
| bjoli wrote:
| I have done a little bit of lock picking as a hobby, and LPL is
| somewhat of a lock-picking Mozart. Locks I struggle with, he
| picks in less than 30 seconds.
|
| He has inspired me to become better at lock picking, which helped
| me at least once when I locked myself out of my locker at work.
| My Assa-Abloy lock which would have taken me 20 minutes before
| was open in under 2 minutes.
| codezero wrote:
| I am convinced he's a savant. A combination of maybe naturally
| higher senses in the fingers and a methodical approach to
| solving puzzles.
|
| I got pretty good pretty fast at picking, and that convinced me
| he is otherworldly in his talent and abilities.
|
| On another note, I'm really going to miss Bosnian Bill, he
| excelled as a teacher and worked hard to remove anything
| mystical or subjective from approaching lock picking. LPL is
| great, but still doesn't quite go into deep detail about how to
| improve at tensioning, dealing with various types of pins, in a
| way that resonates with "regular" people, where Bill was just a
| huge help in those areas.
| delusional wrote:
| The wonderful thing about video is that even as Bosnian Bill
| retires his lessons will remain available, all 1909 of them.
| codezero wrote:
| Unless he shuts down his channel, though I suppose folks
| will have made copies.
| unixhero wrote:
| We do datahoard, yes.
| aphroz wrote:
| I've watched way too many lockpicking videos since I discovered
| LPL. A little click on one, two is binding..
| carreau wrote:
| Read some of these and tell me if you hear his voice.
|
| https://www.reddit.com/r/WritingPrompts/comments/irszx0/wp_h...
|
| "Anyways, that's all for me today, if you liked this video
| please subscribe to see more videos like this, and as always,
| have a nice day."
| JaakkoP wrote:
| I too find his explanation on each click soothing.
|
| Except when he got challenged to open a "difficult" bike lock
| in under 2 minutes by another locksmith he was dead silent the
| entire time and opened it in like 20 seconds.
| masklinn wrote:
| The first video using lishis was absolutely stellar as well
| as it showed much more clearly what was happening under the
| hood.
| shapefrog wrote:
| "And back to one"
| unixhero wrote:
| "Got a click out of him/hem"
| junon wrote:
| Watched this the other day. Great talk by a legend lockpicker.
| TwinProduction wrote:
| I love LPL. I knew he liked his craft, but even his intentions
| are pure -- I had no idea he purposely shortened his videos to
| icnrease his reach.
| lgsilver wrote:
| Funny that right after he explained how he keeps his family safe
| by keeping his face and name off the internet, he spent the rest
| of the video focusing on the ineffectiveness and "downright
| stupidity" of security by obscurity.
| [deleted]
| GuB-42 wrote:
| I think there is a misunderstanding about security by
| obscurity. What is bad is hiding defects instead of addressing
| the problem. It does not mean you should reveal everything! I
| find it well explained in the video.
|
| For example, if you don't tell people what kind of lock you are
| using to secure your stuff, this is a form of security by
| obscurity, but it is not a bad thing. Even if your lock is one
| of the best, if an attacker knows what it is, he will be better
| prepared. I think no one who cares about security will tell you
| things that you don't need to know, it is called OPSEC, I
| believe.
|
| What is bad is when you realize that your lock is weak,
| _instead_ of trying to fix it, you try to hide the weakness.
| And that 's the idea that LPL criticizes in his talk.
|
| Hiding his identity is most likely not his only defense against
| the craziness of the internet. From his videos, we know that he
| has guns, and who knows what he secures his house with. He is
| most likely prepared to deal with the consequences of an
| identity leak, but that doesn't mean he wants it to happen.
| That's defense in depth, an other important part of security.
| elcomet wrote:
| > From his videos, we know that he has guns
|
| This is interesting because we know that's not a good
| security. In fact, it has been shown that having a gun in the
| house is associated with more firearm-related deaths and not
| less. So I suggest anyone that is thinking of buying guns to
| read this.
|
| https://pubmed.ncbi.nlm.nih.gov/15522849/
| [deleted]
| lgsilver wrote:
| Yep. That's totally fair and you're right. Would be
| interesting for him to compare / analogize that with the lock
| companies' approach.
| mongol wrote:
| Has there ever been a lock which he could not pick?
| alserio wrote:
| If you watch the conf video, he couldn't get into his wife's
| Beaver and just gave up. But he's done it with ease in other
| videos.
| arka2147483647 wrote:
| What would be the odds that was an intentional joke!
| Twisol wrote:
| Very intentional. He's also quite self-aware -- later in
| the same keynote, he says something about using a hole for
| something it wasn't designed for, then notes how wrong that
| sounded.
| aix1 wrote:
| For those not familiar with his channel, he's got a whole
| April Fools theme going. Here's another classic:
| https://www.youtube.com/watch?v=k9VewWKfH_0
| dugmartin wrote:
| Watch his April Fools Day videos - they are full of not
| very subtle innuendo (and pretty funny).
| the_mitsuhiko wrote:
| A lot of security locks he does not pick. I know that quite a
| few EVVA locks people were interested in but they were never
| picked.
| cillian64 wrote:
| Last time I looked I couldn't find any convincing videos of
| anyone picking an Abloy Protec2 cylinder. Abloy cylinders
| aren't that uncommon so I took that as a sign of these locks
| being basically unpickable rather than nobody trying.
| unclekev wrote:
| > Abloy Protec2 cylinder
|
| Something I hear quite often in lock picking circles is "The
| only quick/reliable bypass for a Protec2 is a titanium drill
| bit"
|
| They are _exceptionally_ difficult to try and bypass with
| traditional methods.
|
| I've been picking as a hobby for 15+ years and picking the
| Protec2 is a pipe dream I spent far too long chasing. Never
| got it.
| novok wrote:
| For people who don't know much about drill bits, but know
| that steel is harder than titanium, it's a drill coating of
| titanium nitride or similar according to wikipedia that
| makes it harder than stainless steel:
| https://en.wikipedia.org/wiki/Drill_bit#Coatings
| szundi wrote:
| That would be interesting to know
| mongol wrote:
| Yes. After having watched the keynote, I have mixed feelings.
| He keeps repeating how awful common locks are, and that it is
| in the interest of lock users that that is revealed. But
| never does he mention how a lock buyer can evaluate if a lock
| is good. What should we look out for?
| codezero wrote:
| Look out for (keep away from) US residential lock brands,
| like Schlage or anything you can buy at Home Depot. Newer
| Kwikset locks are OK but still susceptible to some more
| moderate attacks with a shim.
|
| In general, try to get any "rated" European lock. They have
| standards for pick resistance and brute force resistance
| unlike retail US locks. Look for something with dimple
| pins, an active element, or multiple pin stacks with
| security pins, trap pins (anti tamper).
|
| With all that said I don't think the low security locks we
| have are such a problem. You can break a window open or
| just find an unlocked door if you are looking to do some
| bad shit. I like how Schuyler Towne put it: locks are just
| a social contract. I'm saying, hey, don't go opening that
| door, and as a civil society we agree not to.
|
| A higher security lock on your home isn't going to make
| your flimsy door harder to kick down, or your window harder
| to break, so yeah it's nice to be educated on the security
| trade offs you make physically, but I'm not sure it's
| important to beef up residential security in the US.
| mongol wrote:
| I don't agree that locks are "just" a social contract. If
| they were, the most simple and cheap lock would be
| sufficient for everything. They are a social contract,
| but they are also for theft prevention. Those people that
| are determined to take something from you don't care
| about that contract and you need as good lock as possible
| to make it hard for them.
| codezero wrote:
| But attacking the lock is the last thing a smart or
| determined person will do. Sure a better lock helps, this
| is why most modern cars have much better locks than
| homes, but even they can be easily opened with the right
| tools, and often even easier with improvised tools.
|
| Most locks really are cheap and sufficient for
| everything, in the US, at least, because we are using
| them right now. Schlage and Master Lock are everywhere
| and I taught my sister to pick them in a single sitting
| over drinks.
|
| Even the most common combination locks are easily
| openable without any tools whatsoever. All those key
| holding real estate locks are even easier to open than
| the doors the containing key opens.
|
| But remember, social contracts of all kinds get broken,
| and that's why we have a justice system.
| [deleted]
| Eelongate wrote:
| > _But attacking the lock is the last thing a smart or
| determined person will do._
|
| I think that is contextual. In a whole lot of apartment
| buildings, the windows into the apartment are
| inaccessible from the outside. The door frame is metal,
| so kicking down the door would wake half the apartment
| building. Without a lock on the door, anybody who got
| into the building (generally easy) could silently enter
| any unoccupied apartment and nobody would know it. But
| _with_ a good lock, nearly every would-be thief who can
| 't pick locks will go someplace else.
| novok wrote:
| Most thieves DGAF that their target knows that they've
| been broken into. They want to get stuff to sell later,
| they want to be in and out very quickly, and they tend
| not to be the smartest people out there, and having lock
| picks increases your jail time if caught.
|
| When a thief steals, you are going to notice the missing
| items either way, a broken window doesn't change that
| much. Apartment dwellers also tend to be poorer, which
| makes homes the better target in more ways than one. If
| the lock is too hard, your just getting more bashed in
| doors or walls instead, or thieves / creeps climbing
| porches and going in that way, which happened recently in
| my area. Many porches are windows and often unlocked.
|
| Also many apartments are not steel framed with steel
| doors. I have a skinny window in the interior wall of
| mine, and it's a solid wood door on a wood frame. Also
| you could get a sledge hammer and bash through the
| drywall. Or bring drills and take out the door that way.
|
| Also having a fancy lock might actually make you more
| attractive, because the thief casing out your place might
| recognize it, think you might have more than the typical
| person and bring the appropriate battery powered tool and
| cut out the lock.
| [deleted]
| Twisol wrote:
| > You can break a window open or just find an unlocked
| door if you are looking to do some bad shit.
|
| > A higher security lock on your home isn't going to make
| your flimsy door harder to kick down, or your window
| harder to break
|
| From the keynote, that's why LPL puts a heavy focus on
| bike locks, gun safe locks, etc. The audiences for those
| locks have a more vested interest in physical security
| than mere "social conventions". A well-locked bike makes
| it more difficult for a thief to get all the / enough
| value from the target. A well-locked gun safe prevents
| accidents and saves lives.
|
| Also, I live in an apartment on an upper floor. No
| accessible windows. The only viable way into my residence
| is through the front door. (There are like two RFID-gated
| doors before mine, but tailgating renders them pretty
| ineffectual, and let's not talk about elevator security.
| [0]) It's not worth it for me to put a better lock on my
| door, but I'm also not kidding myself about its
| effectiveness.
|
| [0] https://www.youtube.com/watch?v=oHf1vD5_b5I
| formerly_proven wrote:
| To be perfectly honest, I'm amazed how bad physical
| security is in the residential and even commercial US
| space. E.g. just the fact that deadlatches, which rely on
| precise alignment of door and frame to actually be
| locked, are a thing is amazing. The Euro-stuff has some
| other issues (cylinder snapping), but at least the bolt-
| for-locking is literally just a 8x40 mm bolt that goes
| into the doorframe. I've also never even seen a flat
| doorframe profile - not even bathroom stalls have them.
| Manipulating stuff on the other side becomes pretty easy
| if there's a 9.3/64" gap between door and frame.
| codezero wrote:
| And yet, I would bet money that thefts in the US rarely
| are from lock manipulation (picking, drilling, but maybe
| brute force eg door frame). We have too many accessible
| windows in the US, and a lot lower density, maybe this is
| why Euro locks are more advanced, but regulation is also
| a factor, we don't have it here, at least in residential,
| which makes me wonder if we need it (I assume our
| insurance system effectively covers the risk)
| formerly_proven wrote:
| Most of what I wrote is not about lock manipulation.
| timonoko wrote:
| From a row of cheap locks, you can easily find the best.
| The key has deep cut (ie long pin) first. It is really
| difficult to pick behind that first pin.
| timonoko wrote:
| Also the long pin might be long enuff to prevent comping,
| as demonstrated by the Lock Picking Lawyer.
| mongol wrote:
| I am surprised that my comment is downvoted. I think my
| criticism is valid
| smolder wrote:
| I think because you somewhat misunderstood the point of
| the keynote at this security conference. Giving advice
| about how to buy better locks is either going to be too
| basic or too lengthy & detail oriented for a presentation
| of this kind, meant to promote the practice of picking
| and give historical context. (And entertain.)
| dskloet wrote:
| https://news.ycombinator.com/item?id=29367405
| russellbeattie wrote:
| I have an idea for a LPL-proof lock: Take a decent padlock, one
| that gets high marks from LPL, and then weld a curved steel tube
| to it ending at the keyhole. Then take the key and cut it in half
| at the head, welding a long stiff spring to attach the two
| halves, like a plumber's snake. To unlock, you simply stick the
| key bit down the tube around the bend and (with some fiddling I'm
| sure) into the keyway, then you can turn the key to open.
|
| Without direct access to the tumbler, I'm not sure how you'd be
| able to pick it.
| svennek wrote:
| Some safes I have seen have insanely long keys, like 20 cm of
| "trunk"... I wonder if that is the reason ...
| formerly_proven wrote:
| The lock is on the inside and the key reaches through the
| entire door.
| userbinator wrote:
| To pick that, he would probably just make a pick and tensioner
| that has a similarly long flexible shaft.
| dmitriid wrote:
| > I have an idea for a LPL-proof lock
|
| There's a lock on his channel that he can't open. Bowley lock:
| https://youtu.be/qV8QKZNFxLw and there's a different prototype,
| too: https://youtu.be/D6vioIPVzM4
| ryzvonusef wrote:
| there was some kerkuffle aboyut whether he actually tried to
| pick it, since it could be picked:
|
| https://www.youtube.com/watch?v=KS0FSzamUzc
|
| Or maybe the picker aligned his stars when picking... not
| sure
| dmitriid wrote:
| This is amazing. Thank you!
|
| There's discussion in the comments with Bowley Lock Company
| Inc saying that the stars did align, but we might never
| know
| raverbashing wrote:
| Yes, if you push hard enough everything is "pickable" I
| guess
|
| But an easy code, power tools and having the lock in an
| ideal work position doesn't make it easily pickable.
|
| Sounds like the same useless discussions on computer
| security where people will discuss key sizes but not
| rubberhose cryptography.
| ryzvonusef wrote:
| are you perhaps talking about the forever lock?
|
| https://www.youtube.com/results?search_query=Forever+Lock
|
| while difficult, it can be undone
|
| -----
|
| making a one-off "unpickable" lock is possible, here is some
| to-and fro between two youtube channels about such locks:
|
| Stuff Made Here:
|
| https://www.youtube.com/watch?v=_7vPNcnYWQ4
|
| https://www.youtube.com/watch?v=2A2NY29iQdI
|
| Lock Picking Lawyer:
|
| https://www.youtube.com/watch?v=Ecy1FBdCRbQ
|
| But things from installation issues, to making sure tolerances
| are maintained while making the locks on a production line,
| mean that there are always some gaps left in a mass produced
| and installed lock.
| filoeleven wrote:
| Their friendly competition was fun to watch. LPL made some
| great suggestions for improvements, and was impressed by the
| idea that Stuff Made Here came up with as a physical security
| "outsider."
| istjohn wrote:
| Here's a video of the Forever Lock being defeated with a
| custom-made bump key:
| https://m.youtube.com/watch?v=H4f1H6mYHOI
| userbinator wrote:
| If you watch LPL enough, you get the notion that most locks are
| for keeping honest people honest rather than stopping a
| determined attacker. All the comments from people who have
| managed to lock themselves out further reinforce that.
| LanceH wrote:
| I bought lockpicks for the kids when covid hit for something to
| do. Within an hour, everyone could open the practice lock which
| is in a clear casing. Within a week, we could all open your
| typical masterlock and my daughter could open any of the locks
| you might purchase from home depot.
| Fnoord wrote:
| Some locks are surprisingly easy to open, despite being highly
| in use.
|
| Locks are to slow an attacker. A determined attacker can bypass
| almost any lock, but not stealthy enough. If you drill the lock
| in my front door, you wake up the entire street. If you can
| pick it in 30 sec in the middle of the night, you wouldn't wake
| up anyone, but some kind of camera probably picked you up.
|
| I used to pass this bicycle parking at a train station twice a
| day. I'd always look at the locks (or lack thereof) while
| walking, quickly thinking which ones I could certainly open
| (and the question is always: how quick). But I never gave in to
| the desire, despite a lack of locks and peers (for
| practice/fun).
| stjohnswarts wrote:
| If you pick my lock and open my door (or any window in my
| house) you and I will hear a 90 dB siren and I'll be waiting
| with a 12 gauge in about 5 seconds after the alarm goes off.
| I don't understand why anyone doesn't have a basic security
| and motion sensor setup in their house in this day and age.
| LinuxBender wrote:
| The locks I am most impressed with are from the days of alcohol
| prohibition. Some doors to speak-easy's looked like part of the
| wall, had no key holes. Rather just small holes all over the
| "wall" and you had to poke a piece of metal through the right
| holes and push/pull the wall in a known way. No windows, no
| appearance of a room, just a wall. The stairs leading down to
| it would usually go right past the "door" into a basement
| storage room with nothing exciting to see. The cops could walk
| right past the door a thousand times. It might be fun to build
| a home like this. I suppose you just have to design it so
| people can not see where you actually entered.
| andrewflnr wrote:
| Reminds me of port knocking. Is there a name for these, info
| on how they're designed?
| iso1210 wrote:
| You have to realise that LPL has a very specific set of skills.
| Skills he has acquired over a very long career. Skills that
| make hom a nightmare for people like masterlock.
|
| I had a locksmith out a couple of years ago, and was very
| disappointed when he simply got out a drill rather than
| starting with 'click out of one'.
|
| LPL makes things look easy, I'm sure they aren't.
| tylermenezes wrote:
| Locks are worse than you think. I'm not skilled, I don't
| practice, but I've been able to get my parents back in their
| house within 5 minutes both times they've locked themselves
| out.
|
| You call out masterlock but they're particularly bad. I lost
| the key to one and kept using it for a year because unlocking
| it was as simple as just putting the pick in while turning.
| celticninja wrote:
| The locksmith drills your lock because it takes no skill and
| allows them to sell (or forces you to buy) a new lock and set
| of keys at whatever weird time of day it happens to be. The
| price is almost certainly going to be higher out of normal
| hours. Plus if he picks the lock in 30 seconds you may not
| pay such a high fee.
| dwighttk wrote:
| If he picked it as fast as LPL does some locks I may be
| inclined to buy a new lock from them
| wayoutthere wrote:
| The one who I call is more than happy to drive by, smack a
| bump key with a hammer and charge me $125 for the pleasure.
| nirui wrote:
| I would probably (mentally) look down on the locksmith if
| he/she just going to drill it out without trying anything
| else first. I own a power drill too and I know how to use
| it to break a lock myself with zero knowledge on how lock
| works (for some weak locks, even a flat head screwdriver is
| enough to get it done).
|
| On the other hand, if the locksmith clicked my lock out in
| just 30 seconds, I would probably ask him/her to sell me a
| better (and sometimes more expensive) lock based on his/her
| professional opinion.
| loloquwowndueo wrote:
| But how are you going to get your power drill if you're
| locked outside? :)
| eatbitseveryday wrote:
| Garage door opener glued to the outside that uses a PIN?
| loloquwowndueo wrote:
| You assume a garage exists or that said person keeps
| tools there and not in the basement.
| accountofme wrote:
| The hardware store?
| RyJones wrote:
| I locked myself out one night and called a service. The guy
| showed up and asked if I wanted a show, or the door open. I
| said open the door please. He did in about ten seconds and
| I gladly paid full fare for the work.
|
| Spoiler: he leaned on the door to hold the latch in place,
| then used a plastic shim to trip it open.
| kzrdude wrote:
| Don't you need a new lock anyway? After all, you no longer
| have the keys.
| evilduck wrote:
| A locksmith (or interested individual) can rekey a lock.
| The pins and keys are the cheapest part of the lock too,
| which is a contributing factor towards why locksmiths
| lean towards destructive entry. They get to be lazy, the
| method can't fail and make them look stupid in front of a
| customer and they get to offer you a sales pitch on
| buying a new lock right then and there.
| paranoidrobot wrote:
| > Plus if he picks the lock in 30 seconds you may not pay
| such a high fee.
|
| A story I was told once by an electrician who worked at a
| steel works for years.
|
| The story goes something like this:
|
| One day he was called out to a big engineering workshop,
| all their fancy new equipment is on the blink.
|
| He walks up to one of the machines, has a look, then
| without saying anything promptly turns around and walks
| outside, followed by the curious manager.
|
| The electrician circles the building and turns on the first
| tap he sees, and lets the water flow for a few minutes
| spilling on the ground. After leaving that go for a while,
| he turns the tap off again, and walks back in and tells the
| machine operators to try again. Magically, they all start
| working again.
|
| The electrician has been there for barely a few minutes and
| hasn't even touched the machine or anything else
| electrical.
|
| The manager asks for an explanation, since the electrician
| didn't even touch anything electrical. By way of response,
| the electrician says "You had someone fix that tap outside
| that was leaking, didn't you?" the manager replies in the
| affirmative. The electrician then explains that the leaking
| tap was keeping the building grounded - the slow leak was
| just enough to keep the sandy soils moist enough for a
| proper earth connection.
|
| The electrician hands over the bill, with the emergency
| callout fee and minimum hours, etc. The manager protests
| that surely just turning on a tap didn't warrant a fee that
| large.
|
| The electrician replies that turning the tap on was free,
| knowing to turn the tap on was what they were paying for.
|
| Whether that story is true or not, there's plenty of
| similar ones.
|
| The point is that while you might get annoyed that an
| expert came in and solved the problem quickly, without that
| expert you were going to wait a lot longer or spend a lot
| more trying to fix it some other way.
|
| Personally, I'd rather deal with a locksmith that gave me
| the option: We can drill the lock, you can pay (say) $300
| for new locks and keys and it'll take 30 minutes. Or, you
| can pay $300, we'll pick it in a minute, you keep your
| existing keys.
|
| The locksmith I called a few years ago used a long piece of
| wire with a string attached, slid it under the door to pull
| down the door handle from the inside.
| jcrawfordor wrote:
| This seems like a variation on the old story about
| Steinmetz, the Wizard of Schenectady, making a chalk mark
| on a generator at a Ford plant. Which seems to be a true
| story, although often not attributed. The punchline to
| this one has always been Steinmetz's itemized bill, of $1
| to make the chalk mark and $9,999 to know where to make
| it.
| iso1210 wrote:
| Another version of the old "hit with a hammer" parable,
| albeit one where the incompetence of the elecrtician is
| rewarded.
| lathiat wrote:
| Time to watch this one
|
| "Locksmith says my videos are BS... Loses $75 (Maybe)"
|
| https://youtu.be/NSuaUok-wTY
|
| Also if you actually watch this keynote half the problem
| isn't locks you can actually pick but stuff you can just open
| with very basic tools that don't even require the skill he
| has. Like combs, rakes, hammers, slithers of metal, etc.
| delusional wrote:
| You have to excuse that I didn't watch the video, so i might
| be missing some context.
|
| LPL's career isn't lockpicking is it? I was under the
| impression that it was just a hobby that turned into a
| youtube channel. I seem to recall him saying that he just
| picks locks all the time, and that's why he's good. I think
| he said that when he watches movies he takes a 30 locks and
| then he just sits there and picks them while watching.
| Quequau wrote:
| It wasn't (he used to be lawyer) but he's won lock picking
| contests, apparently has a gargantuan collection of locks
| some of which he habitually practises on, and these days
| runs a company that sells lock picking tools (though I have
| no idea if that's his only gig).
|
| Anyway, if you watch all / most of his videos the near
| constant refrain running through them isn't "with finely
| honed skills and the right hard to find speciality tools
| it's easy to open this lock" (though he does do that).
| Instead it's: "it's easy to open this lock with no or few
| skills, no or little practice, with trivially found,
| improvised, or purchased tools, using exploits that have
| been known in the lock manufacturing and locksmithing
| industries for decades or centuries".
|
| That in turn is his point in this keynote. These exploits
| have been known in the lock manufacturing and locksmithing
| industries for decades or centuries and yet many, perhaps
| most of the locks that people can buy in stores, still have
| those flaws (which are easy and inexpensive to eliminate in
| the design and construction process).
| donatzsky wrote:
| > (though I have no idea if that's his only gig).
|
| Pretty sure it's not. From what I've gathered, watching
| his videos, he's also doing consulting/training for
| companies on physical security.
| xondono wrote:
| > I had a locksmith out a couple of years ago, and was very
| disappointed when he simply got out a drill rather than
| starting with 'click out of one'.
|
| That's a common occurrence because of the incentives. The
| locksmith wants to spend as little time as possible (average
| time), and doesn't pay a premium for destroying the lock,
| since most people don't confront them on that.
|
| LPL is amazing, but any decent locksmith could get at least
| near enough him in competence. It's not that it's so hard
| that very little people can do it, it's that is very niche
| for most people to learn.
| celticninja wrote:
| I bet most locksmiths are the drill and replace type and
| could not pick a lock reliably anyway. Locksmiths are
| taught how to dismantle and remove a lock these days rather
| than how a lock works and therefore how to beat it.
| xondono wrote:
| After thinking about this, I realized it makes a lot of
| sense given what LPL is saying.
|
| After all, if you spent a fortune in some lock and the
| locksmith can open it in 5 seconds flat, you'll feel
| ripped off. It's possible that a lot locksmiths believe
| the locks to be safe, and they think they're saving time
| by going the drill route.
|
| Not to mention that if the locksmith is selling you the
| lock, he will want to avoid damaging their reputation.
| TravelPiglet wrote:
| Damaging the lock in the process of picking it is also an
| outcome that isn't shown in the videos. LPL damages locks
| as well.
| lrvick wrote:
| Honestly, when it comes to most US locks, they really are a
| joke.
|
| I learned to pick my parents safe and door locks by 8, and
| have taught dozens of children to pick virtually every lock
| you can find in a hardware store.
|
| As a security engineer the first thing I teach peers isn't
| even software, but lock picking.
|
| Peoples minds really open up when you show them how to open
| every lock in their own office in under an hour of training.
|
| "Is security on almost everything we trust every day really
| this shit?!"
|
| "Yes"
| techdragon wrote:
| Thank you for this insight. I will forever advise anyone
| interested in getting started with computer security to
| learn lock picking first. Having done both In the other
| order id never thought of how insightful it is for fully
| realise the fragility of the illusion of safety as it
| exists in the real world as a better grounding for anyone
| about to learn the fragility of everything in the more
| complex and more abstract digital world.
| Quequau wrote:
| I feel like this comment comes up every time LPL is discussed
| outside of his context and I think it discounts the hundreds
| of low / no skill attacks he has demonstrated which apply to
| many, probably most, of the locks with recognisable name
| brands that are for sale in brick & mortar stores.
|
| It took me 30 minutes to make and use a tool that he
| demonstrated using on a lock similar to one I own and most of
| that time was spent rummaging around my place trying find
| stuff.
|
| Lastly, I think you got taken advantage of by a locksmith out
| to sell more locks and keys.
| notatoad wrote:
| The biggest part of the LPL skillset is his knowledge about
| all the low-skill attacks that exist, and which locks they
| work on. Low-skill attacks are only effective if you know
| about them, and remember which locks each exploit applies
| to.
|
| The only low-skill attack that seems to have any widespread
| effectiveness (and would therefore be worth trying on every
| lock) is raking, and that is pretty easily defeated by any
| lockmaker who cares.
| Quequau wrote:
| I believe that "low skilled attack" also includes the
| ability to search the internet and watch a video. There
| are literally thousands of videos on YouTube with
| demonstrations of low skilled attacks using improvised
| tools.
|
| For example I made a shim and opened a lock I own in less
| than 30 minutes after watching one of his videos that
| featured a similar lock. I had never opened a lock
| without a key before that day, don't have much use of two
| fingers on one hand, and my toolbox fits in a kitchen
| drawer.
|
| For your list of common low skill attacks which have
| widespread effectiveness I would also include shimming,
| hammering, and cutting. Also in the case of locks with
| electronics associated with them, strong magnets.
| sdmike1 wrote:
| He is also a very skilled SPPer which he will frequently
| demonstrate. He mentioned in the video the reason he uses
| so many low skill attacks is because they work so well on
| locks people *care* about.
| josefx wrote:
| Going by a presentation from a professional pen tester lock
| picking is usually far down on their list because there are
| easier ways to open many doors without picking the lock.
|
| https://www.youtube.com/watch?v=rnmcRTnTNC8
|
| Someone who wants to get in is probably already on his way
| out while LPL is only halfway through with the lock.
| JshWright wrote:
| A big part of what LPL does is exploit those non-
| destructive bypasses.
| xwolfi wrote:
| Many crimes are committed out of opportunity rather than
| careful obstinate planning, especially lock picking / breaking
| and entering:
| https://popcenter.asu.edu/sites/default/files/opportunity_ma...
|
| In other words, if there was no lock, I'd enter houses that I
| can reasonably think are empty / populated by feeble elders
| myself eventually, however "honest" I appear to be now when I'm
| surrounded with locks and barriers to crime in general.
| gonzo41 wrote:
| The best thing I learnt from lock picking lawyer was that hand
| pumped hydraulic bolt cutters existed.
| lrvick wrote:
| There are piles of great locks out there no one, including LPL,
| can open non destructively in hours of work, if at all.
|
| The trouble is very few of these can be found in the US as
| consumers here favor low prices and a 10/10 promise over any
| actual security.
| asimpletune wrote:
| Really? Asking because people send him locks all the time
| from all over the world, and he opens them all.
| lrvick wrote:
| He doesn't open them all. He videos the ones he -can- open
| to shame them.
|
| The Kwikset smart key v3 can't be picked because you get no
| feedback until all pins are set. You can decode them one
| pin at a time with expensive specialized tools such as a
| micro camera put into the cylinder but they will keep
| someone out for a while so they do their job. You still
| need to cut a custom key to get in even when you decode it
| so it is time consuming.
|
| A Medeco will keep out even an experienced lockpicker for a
| while since pins must be in the right rotation and the
| right heights.
|
| Beyond that there are really good Disk Detainer locks like
| the Protec 2 that have no feedback until all discs are
| correct. There are 0 public confirmed defeats of them.
|
| Beyond that you get into hybrid digital keys like the Cliq.
| Then you can combine an cylinder known to not have any
| defeats with a second set of pins that can only be engaged
| after an AES challenge/response between a microcontroller
| in the key and one in the lock.
|
| These also have never been defeated.
|
| There are also solutions like the Bowley lock that don't
| expose the tumblers to the outside world and can only be
| defeated with many hours of work making custom tools for
| that specific lock.
|
| I could go on and on.
|
| The reason you can't buy good locks at US hardware stores
| is fully because the uneducated masses rejected high
| security locks once companies like master lock pumped out
| $5 locks with 10/10 security ratings in spite of any
| informed child being able to open them.
|
| I would love to see people like LPL put their lawyer hats
| on and sue these companies for dangerously deceptive
| advertising.
| paulhart wrote:
| He also talks about things he can't pick - here's a video
| on the Bowley where he almost immediately admits he can't
| pick it:
|
| https://www.youtube.com/watch?v=qV8QKZNFxLw
|
| There are a couple of (old) videos on Medeco locks:
|
| https://www.youtube.com/watch?v=JmyC7KM5Qxk
|
| https://www.youtube.com/watch?v=4fh6IHCr7uo
|
| https://www.youtube.com/watch?v=avwt39uHDOQ
|
| Related to the Disc Detainer (come for the tooling
| discussion, stay for the picking):
|
| https://www.youtube.com/watch?v=QRO5wzAaT00
| lrvick wrote:
| Others have picked the Bowley even though LPL can't but
| it is more time and work than anyone could reasonably be
| able to do in a real world application so if anything
| those efforts are a strong endorsement of the lock.
| BenjiWiebe wrote:
| Kwikset Smart Key V3 can be picked, for example:
| https://www.youtube.com/watch?v=--tva7GA9f4
|
| Protec2: Very very difficult to pick, however there are
| videos of a few picking it:
| https://www.youtube.com/watch?v=6zVSJ_wauwg (https://www.
| reddit.com/r/lockpicking/comments/edrrjo/hardest...)
| https://www.youtube.com/watch?v=AsG90UGRTpw (https://www.
| reddit.com/r/lockpicking/comments/mie59t/abloy_p...)
| https://www.youtube.com/watch?v=6UZ6tcvgd9U
|
| The Protec2 I would trust far more than the Kwikset
| SmartKey V3, since it appears only several of the best of
| the locksport community have been able to pick it.
|
| I couldn't find record of anyone opening a Cliq. I'd be
| hesitant to say that's because they are unpickable,
| though. I believe quite a number of the locksport
| community would not be very interested in attempting to
| open a Cliq as it isn't purely mechanical.
| lrvick wrote:
| Fair points and thanks for the corrections. I
| underestimated how many new developments the pandemic
| would yield since I last did a deep dive here.
|
| Still they are all well designed locks.
|
| I recommend the smartkey v3 for people that need a lot of
| locks they can source quickly on a budget. The sidebar
| design is a real pain to defeat and if the lock is in a
| body with tight tolerances you may not be able to shim
| the sidebar at all. Without some kind of attack to
| tension the sidebar they can't be directly picked.
|
| For those with more money to burn the Medecos are good
| security for dollar.
|
| I put a couple Protecs on my luggage as tamper evidence
| devices so the TSA has to call me when they need to
| search it.
|
| I would not bother with Protecs on a home as they are
| very expensive and there are generally better areas you
| can invest in home security for that kind of money but if
| you have a small number of ingress doors they are nice.
|
| I don't think anything is unpickable/unbackable but when
| the time to defeat a particular lock someone has not seen
| before takes 10 minutes to hours and few if any in the
| world can do it I classify it as a "good" lock when the
| status quo can be defeated in seconds.
| asimpletune wrote:
| Ah ok, interesting. Thanks for the information. I wonder
| if LPL is on HN and is reading any of this.
| hun-nemethpeter wrote:
| Can you name or even link a few?
| gambiting wrote:
| So the interesting thing is that nearly all home insurance
| policies stipulate that you're only covered for theft if there
| are signs of forced entry - but clearly, any lock can be picked
| without leaving a mark. So I'd assume either these policies are
| a scam, or actual real world thieves are not very good
| lockpickers and a good old crowbar is simply faster and easier.
| switch007 wrote:
| My policy from a large building society in the UK has an
| explicit section for cover for theft /not/ using force and
| violence, but it doesn't apply if the house is
| lent/let/sublet. That is covered by the preceding section of
| theft using force and violence.
|
| I.e. force and violence required if letting the property.
| wdb wrote:
| Yeah, that makes insurances pretty useless. I have a
| jewellery insurance but it but the number of outs for the
| insurance company is saddening. I need to get hurt when I
| getting robbed on the street before they will cover the
| theft of my watch. One of the reasons why I mostly wear
| some watches at home. And if I get violently robbed they
| only cover up to the retail price and not the replacement
| cost/price.
|
| If anyone know a better insurance the cover the above cases
| in the UK. Please tell me.
| formerly_proven wrote:
| Lockpicking leaves marks inside the lock which look nothing
| like what a key leaves behind.
| http://www.lockpickingforensics.com/
| mtreis86 wrote:
| Depends on the atack, a Lishi key should leave little to no
| scratches on the pins. Raking would leave the most.
| formerly_proven wrote:
| > a Lishi key should leave little to no scratches on the
| pins
|
| https://www.youtube.com/watch?v=2YFW0nh7h3I
| pdpi wrote:
| The marks you're looking for are on the sides of the
| pins, where they get jammed against the barrel. The Lishi
| doesn't help that much in preventing this damage
| gambiting wrote:
| Huh that is very interesting. However I suspect that unless
| the door was actually damaged the insurer would just go
| "yeah you didn't lock your door, no claim for you" - I
| guess you'd have to pay to get your own lock forensics
| done.
| smolder wrote:
| Yeah, the insurance company isn't going to go out of its
| way to prove they _should_ pay a claim. But it could be
| useful for a claimant trying to get compensated.
| sandworm101 wrote:
| Unless they stole your gold brick collection, no insurance
| company is going to dismantle your locks (all of them) and
| send them for forensic tests. Nor would they accept your
| hired expert opinion. Such procedures are only rational in
| extreme cases.
| dwighttk wrote:
| > Nor would they accept your hired expert opinion.
|
| I guess they'd be hearing from my lawyer...
|
| My lock picking lawyer...
| phonon wrote:
| Source please? Standard HO-3 policy defines theft coverage as
|
| 9. Theft
|
| a. This peril includes attempted theft and loss of property
| from a known place when it is likely that the property has
| been stolen.
|
| b. This peril does not include loss caused by theft:
|
| (1) Committed by an "insured";
|
| (2) In or to a dwelling under construction, or of materials
| and supplies for use in the construction until the dwelling
| is finished and occupied;
|
| (3) From that part of a "residence premises" rented by an
| "insured" to someone other than another "insured"; or
|
| (4) That occurs off the "residence premises" of:
|
| (a) Trailers, semitrailers and campers; (b) Watercraft of all
| types, and their furnishings, equipment and outboard engines
| or motors; or (c) Property while at any other residence owned
| by, rented to, or occupied by an "insured", except while an
| "insured" is temporarily living there. Property of an
| "insured" who is a student is covered while at the residence
| the student occupies to attend school as long as the student
| has been there at any time during the 60 days immediately
| before the loss
| stjohnswarts wrote:
| So you're telling me if I'm ever robbed by an ex roommate who
| made a copy of the key I should take a crowbar to my door?
| gambiting wrote:
| I mean, I'm not saying that you would, but I don't see how
| the rational decision when you find out you've been robbed
| isn't to break a window yourself. If there's no signs of
| entry then you simply aren't covered.
| thurn wrote:
| It's really interesting stuff, although realistically, the
| situations in which it matters how hard to pick a lock is are
| pretty rare -- the majority of situations where an evil actor
| is trying to bypass a lock are ones where they'd be willing to
| employ destructive techniques instead.
| michaelt wrote:
| Well, there's a selection bias in LPL's videos: If he can't
| pick a lock _today,_ he doesn 't make a video until he _can._
|
| But you're right at a higher level: 99% of buildings have glass
| windows. Paying $$$$ for locks that go beyond "keeping honest
| people honest" is pointless if they can be bypassed with a
| rock.
| qwertox wrote:
| Breaking glass is noisy. If that would happen in my city, the
| entire neighborhood would know.
| morsch wrote:
| Presumably thieves professional enough to pick locks are
| also able to break glass windows without making a lot of
| noise?
| lrvick wrote:
| Most professional locksmiths can't even pick locks, let
| alone any successful former thieves I have known. You
| will rarely see either not go directly for a destructive
| entry method even when trivial bypasses are available if
| one had bothered to research.
|
| Lock picking is basically only found among the locksport
| community.
| Lhiw wrote:
| A rock wrapped in a t-shirt doesn't make much sound.
| aspaviento wrote:
| Isn't that the reason why you put tape on the glass first?
| corobo wrote:
| The neighbourhood might hear it but if nobody reacts who
| cares (from a burglary point of view)
|
| If a car alarm goes off my reaction is not "oh no, someone
| is stealing a car" it's "man I hope they know how to shut
| that off quickly"
| hellbannedguy wrote:
| 1. Break glass.
|
| 2. retreat to safe area.
|
| 3. look for security, or commotion.
|
| 4. Come back and loot the place.
|
| 5. #2 senerio. Just open the unlocked door, and loot the
| place while the family members are in the home.
|
| (We had a mountian bike thief that did this senerio for
| years, and was never caught in my wealthy enclave. It's
| estimated he stole over a million plus dollars. I always
| thought it was a unhinged angry doctor, or a lawyer.
| Doctor's wives shoplift in huge numbers. It's a behavioral
| psychological thing. Ask any security guard who steals the
| most. They are never arrested because they spend a lot in
| stores. Nordstrom's turns in the minority shoplifters, but
| let go the white wealthy ones. How do I know? Used to be a
| Security guard, and hoping Nordstrom's would be outed by
| now.)
| stjohnswarts wrote:
| gone in 60 seconds "i gotta get my tool"
|
| https://www.youtube.com/watch?v=ZJN6VHWaerA
| martincmartin wrote:
| I've heard the common way a burglar opens a door is using a
| crowbar.
| wayoutthere wrote:
| Last time I called a locksmith to let me into my house (me
| losing my keys and locking myself out is a somewhat
| frequent occurrence) he didn't even bother trying to pick
| it. Just took a few plastic wedges and used a rubber mallet
| to hammer them in between the door and the frame and the
| whole thing popped open. Took maybe 5 seconds.
|
| Of course, you can reinforce your door frame and this
| doesn't work. But the next locksmith (like I said, regular
| occurrence) used a bump key to pick it and was in just as
| fast.
|
| Needless to say, I don't trust door locks anymore.
| JKCalhoun wrote:
| The simplest were the old car-jacks that you could put
| sideways across a door: a few clicks to expand the jack
| and you could push the door frame out of linear enough
| that you can swing the door right open -- lock catch no
| longer reaches.
| JshWright wrote:
| This is my go-to technique for lockouts (I'm a
| firefighter, we'll get called for more "urgent"
| lockouts... a young child still inside, something on the
| stove, etc).
|
| There are plenty of custom made tools on the market that
| do a great job (with built-in pads to protect the door
| frame, etc).
|
| The only issue they commonly run into is a deadbolt with
| a throw long enough that you have to destroy the jamb and
| surrounding frame before it comes free.
| tgsovlerkhgsel wrote:
| Is this technique non-destructive and the frame returns
| to its original shape? From the description it sounded
| like it'd be way worse than something that destroys the
| entire door.
| bbradley406 wrote:
| You're just bowing the framing out enough for the bolt to
| clear, so maybe 1/4" inch in each direction. The studs
| will pop right back, but you might need to re-align the
| hinges or the bolt plate after.
| JshWright wrote:
| Ideally, yes. Wood is surprisingly flexible. Generally
| the worst that happens is that the paint cracks at the
| seams between the frame and the trim, or the jamb.
|
| In cases where the deadbolt extends significantly into
| the frame, then yes, it tends to be destructive. But
| doors with locks that substantial tend to be sturdy
| enough that brute forcing the door in any fashion (even
| if you're just attacking the door itself) is likely to
| damage the frame.
|
| There are options for "through the lock" forcible entry,
| where you attack the lock directly, using something like
| a Rex tool[1]. That will definitely destroy the lock, but
| usually preserves the door (but isn't suitable for every
| type of lock).
|
| [1] https://www.allhandsfire.com/Rex-Tool-Forcible-Entry-
| Tool
| toss1 wrote:
| I had a friend who had a car with different keys for the
| door and the ignition, and he lost the door key. I
| fashioned a coat-hanger wire into a tool to slide down
| the window and unlock the door.
|
| By the time he got a replacement key, I was literally
| faster at opening the door with my tool than he was with
| his key -- once you get the knack of it...
|
| (of course the tool was much more clumsy to carry around
| than a key, and 2 seconds vs 3 isn't enough to care)
| BrandoElFollito wrote:
| I saw a video where someone was opening doors with a
| hydraulic thing that moves heavyb things up (I do not know
| the English word for that, an inversed press).
|
| You find a strong pint to lean on (a wall, or the ground)
| and the door is forced open in a matter of seconds
| (something gives away, hinges or lock).
|
| This is why my lock is a smart one, to make it easier for
| people to get in (the ones I want to) and I know that a
| burglar is not going to analyze the emission spectrum but
| just force my door open.
|
| I would definitely prefer him to use technonoly and not
| break my door.
| slothtrop wrote:
| I'd sooner get door jam reinforcements for this reason. For
| everything else, there's alarms. Some are meant to detect
| windows breaking, but motion sensors are also a good catch
| all. Security-film on windows also makes breaking them more
| tedious.
| wayoutthere wrote:
| Glass break sensors are almost never installed in
| residential homes; motion detectors are a lot cheaper,
| easier to install and more effective since a lot of
| attacks against windows don't involve breaking the glass.
| slothtrop wrote:
| Can't get much cheaper than a DOBERMAN SECURITY Ultra-
| Slim.
| gameswithgo wrote:
| a swift kick or body slam often works too
| zffr wrote:
| I'm not sure that's so easy https://www.reddit.com/r/crin
| ge/comments/jwpr1e/guy_tries_ki...
| IgorPartola wrote:
| From what I gather:
|
| Bump keys are the simplest way to bypass common locks. You
| can make one in a few hours and it's pretty much universal.
|
| Most doors aren't that strong. You can't pick a lock but
| you can just knock the door in.
|
| If you can't knock a door in, try a window.
|
| House has a security system? Get a ladder and go to the
| second floor. Most security systems are only installed on
| the first floor.
|
| Or cut the phone line outside the house as that'll disable
| the security system entirely (unless it's wireless).
|
| If the security system has a combined control panel and
| main board, just run in and smash it. Good systems separate
| the control panel from the main board to delay the burglar
| finding it and allowing the system to call for authorities.
|
| Basically locks, security systems, cameras, reinforced door
| frames, and protective film on windows are just delays, not
| preventatives. The idea is to delay the burglar enough such
| that they either get caught or so they decide to hit the
| next house without as many obstacles.
| mschuster91 wrote:
| > You can't pick a lock but you can just knock the door
| in.
|
| A knocked-out door has the disadvantage of being noisy
| and visible - random passersby may spot either the act or
| the result and alert the police, whereas most won't even
| spot the difference between someone using a legit key and
| a comb key.
|
| The more time passes between the burglary and the
| discovery, the better for the burglar - if you're already
| two counties away when the police establishes local
| roadblocks these won't catch you, CCTV camera or ALPR
| records get deleted, phone tower (=which phone was logged
| in at a certain time in a certain area) records grow
| bigger and harder to sift through, potential witnesses
| forget details.
| randombits0 wrote:
| Raking is the simplest way to bypass common locks. I
| don't recall ever seeing LPL bump a lock. It's certainly
| not his first attack.
| BenjiWiebe wrote:
| Bump keys aren't quite universal. There are different
| keyways. Plus, not all locks are pin-tumbler locks. Also,
| this I'm not sure of, but I _think_ some quality pin-
| tumbler locks are bump-resistant.
| ploxiln wrote:
| That's all true, but what's interesting is how
| _ubiquitous_ the worst pin-tumbler lock design is. (I 'll
| be honest, I never shopped for a _good_ lock either! I
| 've only bought one extra lock for an apartment once, and
| didn't care to get anything but the typical kind!)
|
| The LPL is really similar to a lot of us, complaining
| that "right-click isn't really hacking, view-source isn't
| really hacking, come on your system is trivially broken"
| but about the locks practically everyone uses.
|
| We also complain about companies marketing Super
| Military-Strength Proprietary Encryption but basic key
| management not making sense ... similar to how LPL likes
| to get the Pro Max Security big beefy trailer/fence locks
| and show how they have some of the same trivial design
| bugs as the cheap locks.
| lrvick wrote:
| Any lock or building is easy to defeat if you are willing to
| be destructive. Good locks and windows are tamper evidence
| devices above all else.
| alex_h wrote:
| LPL has discussed locks without being able to pick them, eg
| the Bowley lock
|
| https://youtu.be/qV8QKZNFxLw
| intrasight wrote:
| Does he or anyone else have a list of locks that are really
| hard to pick?
| asimpletune wrote:
| Much has been made about LPL s and his astonishing skill, but I'd
| like to briefly mention my appreciation for LPL the showman.
|
| I really think the style and format of his show makes it so
| incredibly watchable. I love his voice, the delivery, and the way
| he so articulately breaks down how he thinks and approaches
| problem solving. He really makes you feel like you could do it
| too.
|
| It's very subtle but as a showman he's one of the alltime best on
| YouTube.
| GuB-42 wrote:
| He is a real lawyer after all, I believe that these are
| important skills in the profession.
| cianmm wrote:
| From years of experience of being around Lawyers, many of
| them seek the need to say things in the most unnecessary
| complex and impersonal ways. Lawyers are often terrible
| communicators.
| _wldu wrote:
| They are taught to speak that way in certain circumstances.
| It's called "circumlocution".
| https://en.wikipedia.org/wiki/Circumlocution
| 13415 wrote:
| What's the function, if I may ask? Is it to be more
| persuasive, or not to get pinned down easily?
| _wldu wrote:
| In some cases, the purpose is to say something in such a
| way that seems to have an opposite meaning to what is
| being said.
|
| Here's an example, _" I do not speak it in vanity, but
| simply record the fact, that I was not unemployed in my
| profession by the late John Jacob Astor;"_
|
| He could have instead said, _" I always worked for John
| Jacob Astor."_
|
| For many more examples of this, read _" Bartleby, The
| Scrivener"_ by Herman Melville.
|
| https://gutenberg.org/cache/epub/11231/pg11231.txt
| ehnto wrote:
| I think it can help make ambiguous statements more robust
| and complete. "I wasn't there" instead of "I was not at
| the location stated at the time recorded in the
| complaint".
|
| I sometimes use it if I'm discussing something with
| someone who likes to nitpick small details that aren't
| relevant to the main point of the discussion. It can help
| you railroad a discussion down a particular path. That
| makes me sound super rude but it's more of a defensive
| communication device in that circumstance.
| mschuster91 wrote:
| > or not to get pinned down easily?
|
| This. When dealing with legal stuff, it's _very_ easy to
| commit verbal mistakes that can sink your case - in
| Canada, they passed the Apology Act of 2009 for that
| reason.
| speg wrote:
| That's an Ontario law, but it looks like several other
| provinces have something similar.
| stjohnswarts wrote:
| I've met more than a few engineers and CS people who can
| do similar, especially when they get angry. Lawyers are
| on another level though.
| barney54 wrote:
| These are important skills for the profession, but many
| lawyers don't have them. The good ones do, however.
| dwighttk wrote:
| And the fact that he doesn't surround his videos with tons of
| cruft to make them longer.
|
| Probably the only YouTuber that tries to sell me stuff and I
| totally think that is a good and natural idea.
| thefunnyman wrote:
| He's also the only YouTuber I've ever bought something from.
| He does a great job of using the things he sells in videos to
| demonstrate their value and he's not overly pushy about it
| like many other creators. He'll simply mention that the tool
| he uses is one that is available for purchase from him, no
| different than mentioning the names of other tools he uses.
| It's an ingenious and very effective sales pitch.
| j16sdiz wrote:
| In the linked video at 33:10, he said he deliberately make
| his videos short.
| modriano wrote:
| In one of his videos he explained his process with videos. He
| wants to rule out the possibility of deceptive editing, so he
| only includes takes done in a single shot (at least for the
| portion where he demonstrates the technique). As a result, he
| keeps things short, as that reduces the chance of misspeaking
| and having to reshoot.
| mschuster91 wrote:
| > And the fact that he doesn't surround his videos with tons
| of cruft to make them longer.
|
| Unlike most full-time Youtubers, LPL does not need to pad out
| videos or pander to sponsors to make a living, and he doesn't
| need to engage in clickbaiting and SEO/algorithm manipulation
| to lure new viewers. This independency from anyone else is
| what allows him the complete artistic control to do videos
| the way he prefers.
| dwighttk wrote:
| It is interesting (read: irritating) to me that YouTube
| never puts his videos in my algorithmic feed. Every other
| channel to which I subscribe gets woven in but I had to
| actually click the bell icon to get notified of new videos
| for his channel.
| asimpletune wrote:
| It's probably because his videos are short so the algo
| doesn't like them
| reginold wrote:
| Indeed, it's all about incentives. He said during the
| keynote that his goal is to get the word out and change
| locks for the better. So far he's seen more incentive to
| get views than making money on the channel.
|
| This will not always be the case. Given his goals, the
| channel will change as his priorities shift. When he
| reaches his goal "everyone is aware that locks suck", his
| next goal is "change locks for the better". This will
| involve designing and selling locks and pointing viewers
| towards better locks in a commercial way.
| mschuster91 wrote:
| > This will involve designing and selling locks and
| pointing viewers towards better locks in a commercial
| way.
|
| Designing and selling his own locks on his own store
| would not be too different from his current business
| model of selling lockpicking tools.
|
| Pointing viewers towards better locks on a _commercial_
| way is something I cannot _ever_ see him doing. For one,
| he already points out there are some locks he cannot pick
| (IIRC some Abloy models). But especially: LPLs authority
| is directly derived from the fact he 's impartial and
| unmotivated by financial decisions. Taking money for lock
| recommendations would completely compromise that
| impartiality. It's similar to amateur nude models on
| Reddit and the "OnlyFans hate" - in the eyes of many
| viewers, once the line between "they are doing what they
| do for fun" and "they are in it only for the money"
| blurs, the attractivity fades.
|
| What I _do_ can see LPL do in the future - with far
| better chances of profit for him - is sell consultancy
| services and reviews to lockmakers. That would both fit
| his goal of improving the lockmacking business as a whole
| and net him a hefty chunk of money, without compromising
| his outward image.
| reginold wrote:
| Monetization models are interesting. In most amateur's
| case it seems to start out as "for fun" and then flip to
| "for money". Instead it's simply a gradient of
| incentives, whether acknowledged or not.
|
| As cryptocurrencies and other models increasingly
| securitize everything, I wonder what will happen to the
| "amateur" market. As viewers we get so much free benefit
| from the hard work of amateurs.
| stjohnswarts wrote:
| Eh locks are only as good as the doors they're attached
| to. Any healthy adult male (and probably determined
| females) can kick and shoulder through a typical door,
| especially on suburban houses.
| ohgodplsno wrote:
| Shouldering/kicking through a door is made to break the
| door at the hinges (unlikely), or the lock. An adult made
| that tries to kick through the body a door and break it
| open will take several minutes, at the very least.
| stjohnswarts wrote:
| You'd be surprised how quickly you can kick a door down
| when your psycho (ex) girlfriend deadbolts your door and
| says she's going to burn your house down because you are
| evicting her.
| stjohnswarts wrote:
| I love videos that jump right into the meat of the video,
| please put the fluff at the end :)
| sleavey wrote:
| > and the way he so articulately breaks down how he thinks and
| approaches problem solving
|
| Agreed. I think this video is a nice (simple) demonstration of
| his style in this regard:
| https://www.youtube.com/watch?v=SoGCIuO2XkM
| bitexploder wrote:
| Also, he doesn't start off being able to pick X lock in two
| seconds or whatever. He fiddles with things a while until it's
| optimized. That is what makes it entertaining as well. You
| don't have to sit through the whole process. He usually notes
| anything interesting that came up. Mostly you get results.
| tgsovlerkhgsel wrote:
| The intro explaining the weirdness he was exposed to as a result
| of the channel was eye-opening and shocking to me. Some weirdness
| is to be expected, but the level of stalking resulting from even
| such a non-controversial channel is not something I would have
| thought of.
|
| Edit: Didn't think of the "locksmiths hate it" aspect that
| probably explains at least some of the crazy (e.g. trackers).
___________________________________________________________________
(page generated 2021-11-28 23:01 UTC)