DEF CON 30 - Bill Graydon - Defeating Moving Elements in High Security Keys

Поделиться
HTML-код
  • Опубликовано: 29 окт 2024

Комментарии • 49

  • @robercik101
    @robercik101 2 года назад +24

    4:30 AM talk would be interesting ;)

  • @WalnutBun
    @WalnutBun 2 года назад +16

    When you mentioned the potential Mul-T-Lock improvement my immediate thought was twisting - it should be possible to shave the key at an angle, then to twist the key into position. I can't think of a way to fix that that wouldn't compromise the either-way-up insertion feature, though.

  • @godofsquirrels494
    @godofsquirrels494 2 года назад +5

    13:58 This is why I love talks like this. Absolutely hilarious

  • @NigelTolley
    @NigelTolley 2 года назад +4

    There's a certain irony in the MTL bypass only working because if the non-available blanks!
    Also, Bill, you really need to see a Wormald gas meter padlock - moving key elements have been around for centuries, the Wormald being the best, and in use until relatively modern times (post WWII, just about)

  • @quillclock
    @quillclock 2 года назад +4

    LETS GOOO
    let the talks flood in plz

  • @travelinman70
    @travelinman70 Год назад

    my favorite key bypass is C-4. Works every time, flawlessly.

  • @zyxzevn
    @zyxzevn 2 года назад +5

    Most of those moving elements can be replaced with a plastic pin held with some fresh spit.

  • @ISometimesFixComputers
    @ISometimesFixComputers 2 года назад +9

    Fantastic talk! I think that these are really some solid points, but kind of sad to see that you were ignored a bit by the manufacturers. I'll still hold onto my Protec2 lock (for now). With that unique lock from mul-t-lock, couldn't it be defeated by some kind of pick or shim inserted with the key to bypass one of the moving elements? I mean if both sides are keyed the same, then you really only have to worry about just one of those elements.
    Either way, sad I missed Def Con this year but have plans to get out there next year!

  • @Phred_Phlintstoner
    @Phred_Phlintstoner 2 года назад +6

    I'm guessing that the way around if they had used l both interactive elements in the MTL key is to make it rotate like you did with the protec key. I'm curious if anyone at your talk answered and claimed the medeco bump keys. Great talk! I'd love to see one of your presentations in person someday!

  • @arbitrary_username
    @arbitrary_username 2 года назад

    Thank you for the talk and the upload. Please upload more talks!

  • @cmuller1441
    @cmuller1441 2 года назад +5

    This is the Lock Picking Lawyer, and what I have for you today...

  • @freespam9236
    @freespam9236 2 года назад +3

    multi part bypass tools probably would be interesting way create a wider element inside the keyway, be it 2 slim parts ][ or even 3 parts ]|[ - 2 elements with key elements and final shim like element to push the key to the final width - things probably would become fragile with some elements tho

  • @zcktomcat
    @zcktomcat 2 года назад +3

    I’m guessing you could beat the multi-lock by shaving the key at an angle, allowing it to insert at an angle and twist into alignment? If correct, could you fix that by revising the positioning of the moving elements?

  • @venkatvasudevvarma4676
    @venkatvasudevvarma4676 2 года назад

    Huge fan of DEF CON

  • @Reth_Hard
    @Reth_Hard 2 года назад

    8:44
    It's funny when you are like: "Why isn't he just doing this" and then he just shows you "We also tried this, and..."

  • @zyrppa
    @zyrppa 2 года назад

    I still trust Abloy as they're one of the most difficult locking system to pick.

  • @Everfalling
    @Everfalling 2 года назад +2

    so i'm commenting having only watched 15 minutes into this but: instead of printing the ball bearing inside the key or attaching it to a compliant spring of sorts.... why not just print the key with the capturing chamber and press the ball bearing in?

  • @aussiebob1315
    @aussiebob1315 Год назад

    well lets hope the vendors reach out soon mate as these keys are being used everywhere in NZ for hunters to get into 'crown land' for hunting (all use those abloy locks) good job i was wondering how the bros were doing it and they sent me here Haha

  • @ttgflow
    @ttgflow 2 года назад +5

    make 3d printed key out of 2 halves, insert it into keyhole and then slide a shim between those 2 halves to increase thickness

    • @imwacc0834
      @imwacc0834 2 года назад +1

      I was thinking along the same line. Or insert one half, and then the second half... or make it ramped/wedged?... slide the two halves to make it wider?

  • @TheRealMrRoboto
    @TheRealMrRoboto 2 года назад

    Can stop the attack because of chirality and would mean that the pins would not be the correct orientation for a top to bottom flip of the key. becuase the key would have to be a directional key - eg top up only for insert (sorry english is poor)

  • @wpontius4355
    @wpontius4355 Год назад

    The fragile illusion of security locks provide. After taking a locksmithing course and studying bypass techniques for lockouts, there is little true security in locks. Physicist Richard Feynman was picking high security locks at the Manhattan Project.

  • @sethsends
    @sethsends 2 года назад

    Great talk

  • @imark7777777
    @imark7777777 Год назад

    Let's see a medico lock with a widening spot I would think would be trivial to bump correct granted it would be like a one in two chance or something like that.

  • @camronbay1
    @camronbay1 3 месяца назад

    I’ve used zip ties for Bi lock.

  • @Stjaernljus
    @Stjaernljus 2 года назад +2

    As someone whos career got effed over by an NDA, yes read NDAs carefully and be skeptical.

  • @AusMasterProductions
    @AusMasterProductions 2 года назад

    PLEASE DEFCON, I NEED MORE TALK UPLOADS. I BEG YOU.

  • @Curling12341
    @Curling12341 Год назад

    Show of hands, how many are here because you're a fan of the "lock picking lawyer"

  • @gamerpaddy
    @gamerpaddy 2 года назад

    how about printing two halfes with a hollow channel glued together where you can insert a solid core wire to push those dimple pins inside the lock

  • @robertbarron7711
    @robertbarron7711 2 года назад

    Casting after 3d printing helps

  • @zombieregime
    @zombieregime 2 года назад

    re: 17:00 what if you put a ramp in your multilock keyway on your house so youd need a shaved down key and a normal key would just jam XD

  • @ejonesss
    @ejonesss 2 года назад

    if your intent is to break into a locked property then the captive ball isnt required all you need to do is have a slot in the key going to the hole and then have a lock pick.
    or if the lock is smooth all the way up to the interactive element you could make a reed spring that goes into a slot and you squeeze the spring to put the key in and once it interacts with the element in the lock you should be able to open it.
    wont the rocking of the key cause some other pins to be slightly out of line with the shear line causing wear that would be detectable if the lock is forensically analyzed?
    even if it is still in patent the chinese will still make keys.
    can you renew a patent as simple as you renew a video rental? (pay the fee and have it for another term)?
    if the manufacturer does not respond in timely manner then release a mt5 exploit and make it so widely available that the manufacturer will be forced to mitigate it.
    again with ably release and force their hand
    you cant completely prevent imports.
    while customs can stop a shipment like fluke vs sparkfun the mail requires a warrant to raid.
    the retaining pin problem sounds like you can work the lock with a regular screwdriver or some lock picking turning tool.

  • @maxwel1
    @maxwel1 2 года назад

    Has he never seen LPL? He opens such locks in 30sec videos. 😊

  • @AviPars
    @AviPars 2 года назад

    Rav bariach?

  • @すどにむ
    @すどにむ 2 года назад

    I hate people adding images of bugs to slides

  • @aaronrobertcattell8859
    @aaronrobertcattell8859 2 года назад

    wow

  • @BossMan302
    @BossMan302 2 года назад +1

    Why would you resin print something that needs to be precise ? Why do you think the 3D printing gun community uses PLA +.

  • @Everfalling
    @Everfalling 2 года назад

    anyone else have to hunt for the phantom notification @31:17?

  • @evoboy67
    @evoboy67 2 года назад +2

    Where’s lockpickinglawer?

  • @tiltingtitanic
    @tiltingtitanic 2 года назад +1

    Definitely con?

  • @mariarahelvarnhagen2729
    @mariarahelvarnhagen2729 Год назад

    #HackTheGimme5

  • @TheTigero
    @TheTigero 2 года назад +2

    Can someone please de-mouth-noise this video?

  • @pseudonym3690
    @pseudonym3690 2 года назад

    Someone give this guy a tissue. This constant snorting is disgusting...

  • @illiteratebeef
    @illiteratebeef 2 года назад

    Great talk