@@seriousthree6071 More than average pickers. Andrew sent a few prototypes out to experienced pickers and, so far, we didn’t find any exploit. The lock can apparently be decoded but this is a extremely long and tedious process. I am trying to think out of the box but the design is excellent. So far no exploit has been found.
Hi Ash, I have been playing with a copy for the last couple of weeks and there is something I would like to try but I don’t have an EPG. The only exploit I can think of would be to lift all the pins to the very first position so you have only the driver pins in the bible. Then we would need to get them move randomly while gently tensioning the bar and eventually get them falling into place progressively. I have tried bumping the core with a rubber hammer, no luck. I have tried moving the driver pins with the Magneto on the side of the bible, no luck even If I believe that I set a couple a pins this way. Now I would like to see if an EPG pulsing the keyway could do something. I highly doubt we could transfer enough energy to compress the springs without hitting directly the pins but it may worth a try… In any case, this is the best idea I had so far. The only other option is to decode the lock wafer by wafer but this is extremely tedious and very difficult to achieve given the binding order on the wafers.
Now this looks like a challenge for the LockPickingLawyer. Especially since he doesn't shy back from using practical exploits, as demonstrated by the two locks stuff made here made. (both of which were great designs with a similar idea in the sense of checking the pins when the pins can't be manipulated anymore. But both had some practical exploits which still allowed picking and/or bypassing them.)
True, but it's clearly a prototype. "Unfortunately the designer made one fatal design flaw, he left these hex bolts all over the place..." I'd love to see what LPL would make of this. The crux is that Andrew has ingeniously airgapped the stack from the core, you can't tension the lock and pick at the same time. I'm far from an expert but I can't see how it could be picked by anything other than an exploit. And that then just becomes a case of iteration, patch a vulnerability and repeat. Astoundingly clever.
@@TmOnlineMapper sorry but there's a lot of stupid people in this world that would actually use a magnetic material for the lock mechanism and Lock Picking Lawyer knows too well that some locks are fantastic on the outside BUT dumb in design internally. LPL has a long history finding weakness in locks :)
Glad you found it interesting! I'm going to get to work making more to sell to anyone interested in giving it a try. I'll update the website with details.
Absolutely! Would love to get this figured out. Patience is key to this one. Especially using lock noobs method! Very cool lock. Great engineering 👏👏👏😎. Hope to see some soon!
This feels like an evolution of the first Stuff Made Here "unpickable" lock, locking the pins at a certain height for verification. The actual mechanism is different, but it's still cool to see.
What I like about this as opposed to other "unpickable" lock cores is that it isn't much more complicated to manufacture than a normal high-ish end lock core AND I don't see any reason why it couldn't use literally any other keyway, so key reproduction and sourcing could just be regular Schlage keys.
Also with that design, the physical security rests on the single transfer pin. With a keyway open like that, you could stick in a tool steel bit, and force the lock open.
@@ionstorm66 You're not wrong and I did notice that as a weakness though I didn't mention it, but we're talking about destructive entry at that point. I did also notice that the pins are all steel. Usually when you're trying to do an attack like that, you want to be shearing 1 brass pin, not gouging a steel pin through billet brass. The real problem for me was that the "sidebar" is also made of brass, which means that depending on the mechanical advantage of what forces the lock pin up, it could be really easy to deform that brass sidebar and punch that wedge through it. I would like to see that sidebar made of steel and the cam area that the lock pin rides on also made of steel. It would be a solid order of magnitude harder to force then. In fairness to who made it, its a low production prototype. All of those materials could change. If it were all steel and you didn't have the world's biggest keyway, I think you'd probably break that tool steel before the lock gave. As it stands right now? You're definitely right. I bet a decent screwdriver and no leverage other than your hand would be enough to force it.
@@htomerif The problem with using a steel sidebar is that it opens up a magnetic force exploit. You'd need to have an incredibly thick case and/or have some kind of opposed motion like a second sidebar that only works in the opposite direction, otherwise the crux of the mechanism could be manipulated externally.
@@dustinbrueggemann1875 That's not really a concern. You've probably been watching to much LPL. Stainless steel, for example (which is the only kind of steel you'd want to use in a lock for corrosion purposes) can be essentially completely non-responsive to magnets. I have a 3in diameter, 2in thick N52 strength neodymium magnet and my stainless steel silverware is unaffected by it. My stainless steel bucket is similarly unaffected. My stainless steel cookware just *barely* sticks but not enough to hold the weight of the magnet. Note about LPL: I blocked his channel about a year ago after having been subscribed since before he had 10k subs. While LPL himself is very good, his channel is just a bunch of memes now and his comments section is 100 percent people with zero lock experience making jokes for likes. LPL's channel has zero utility for me. That's why I'm on channels like this. You made a comment that happened to be incorrect, but was entirely relevant to the topic of the channel and very easy to clear up. Sometimes the shoe is on the other foot and I'm the one making the mistake. I appreciate channels that cater to people who want to learn and aren't just memes-4-views factories.
@@htomerifOh I'm aware of stainless and magnets, it's knowledge I've had to make all too much use of after knocking over a few part bins. That said, not every engineer jumps directly to stainless and so I would hardly dismiss the exploration of it as trivial nor would I harp on LPL for favoring a theme. The guy knows his audience, but he also knows his stuff. The fact that he's got so many examples is proof enough that a trivial idea to a few isn't quite as obvious to others.
This lock creator should send a version of it to LPL to get his input too. I am interested to hear the opinions of him too on this lock as it seems like a great way to keep pickers out.
LPL only shows locks he successfully picks. He only shows awfully designed electronic locks. He gives the impression that there is no safe system. Meanwhile, he never shows high quality vault locks, high quality electronic locks. And he won't show fancy unpickable mechanical locks.
@@Bvic3 true. that's his style and that's why a lot of people overrate his skills. not saying he's not skilled but people seem to think he's a lockpicking god. The thing is his channel is about exposing weak locks and not to showcase his godly lockpicking skills.
@@shapowlow This. Especially seeing how much he "improved" after he stopped taking locks apart - and gullible clowns still parrot same old tired BS failing to realize "picking" stuff in such conditions is utterly worthless, just remove all pins and pretend you do it...
I want to be seeing LockPickingLawyer take this on. For too many years, people have put out substandard locks that can be opened with comb-picks or bumping and Andrew Magil's Enclave lock actually attempts to solve problems.
Actually, judging simply by the 3d graphics this lock is also susceptible to a comb pick attack, and not only that, but it might actually also break the lock permanently.
@@ФилиппГерт Resolving a comb vulnerability is trivial though. The height of the driver recess can be shortened, or even just one or two pins having slightly longer tail ends to catch the sidebar at maximum.
@@ФилиппГерт How to spot brainless moron who failed to watch video and see big anti-comb feature - the post. Maybe watch next time before you make idiot post?
I don't know where you live but here in Paris France you'll see a lot of Fichet locks (their cheapest lock barrel is about 200 dollars), you'll rarely see anyone pick those.
How prone is this lock to getting stuck? One typically doesn’t put to much 1depth wafers in a lock, certainly not 2on top of each other because they risk sliding in between the rotor and the stator, This one might have very good tolerances but that might be a big risk in a mass manufacturing setting.
Looks to me like (if the animation is too scale) the wafers are at least .5mm thick, while the tolerance of the lock body is under .1mm. the wafers aren't likely to get stuck in the rotation with such a ratio. If mass production tolerances require larger tolerances, the ratio should still be able to be maintained and keep the jamming proof
@@Buongona yes soo many bs locks out there and way way to many are meant to lock up guns very said but still think he has the skill to take on very good locks as well
@@kirkanos3968 yeah it's sad, that gun locks depicted here are so bad, but that is good. When I'll need to get mine, I'll look up in here what NOT to buy. So LPL is doing a good service to make theese videos. Also there are situations where you might need a lock that is flawed such that it can be opened faster without the key. Locks in general never really stopped anyone who wanted to get in, they are there to slow down the progress and to give a sence of false security. As Isaac Arthur likes to say: "If brute force is not working, you just don't have enough of it"
@@Buongona he talked about this on a video he made a while back. He went from doing cool historical locks (like a lock version of forgotten weapons) to doing locks that the ordinary Joe wouldn't think twice about. I think his lock picking skill is clear, you should check out the "Naughty Bucket Chronicles" ruclips.net/p/PLlXtDbvIEH-NIdGaTGYhHYTJIgF3CNST1
This is a different implementation of the same idea of the Stuff Made Here lock. An actually practical version this time! I remember seeing that video and LPL's video on that lock and I thought that he was soooo close to something great. I think we found that something great here!
Exactly! It basically uses the same trick of separating the keying from the checking, by using a second spring loaded mechanism. I think it could really be quite challenging to defeat.
All of these designs could be potentially be vulnerable to laboratory level attacks where you put all pins in a turnable position, but with one pin at a chosen height. Turn the mechanism all the way and use a machinist's dial indicator to determine the amount of turn. For this lock you will get 6 pins 5 positions. One of these (the binder) should let it turn just the tiniest bit more. Now you know the correct position of one pin. From now on, always use that height for that pin, and try to find the second binder. Now you have 25 positions to check to find the second binder, etc. Heck of a lot slower than picking most locks and not really feasible in the field, but in theory this approach should work.
What is so interesting is that in all other cylinder type locks the more wafers make it easier to pick because of multiple shear lines, this works completely opposite. Great work!
Yep it is complete crap... you will be able to false pick it and then brute force it as your whole cylinder is protected by only one pin. Most likely you can also just ignore the whole picking part and just jam some brute force tool in it and most of the shear lines will be "picked". If you then put that lock to some EU certification lab then they gonna tell you that it can not have any good certification because it is simply to easy to simpy brute force it...
@@paulstubbs7678 Its is just a single small pin there will be no noise or impact resistance of any kind. The inventor got the silly idea that the picking is the only thing that he should be woried about. When in reality people that like to steal stuff love the brute force method and 5 or 6 pins holding the cylinder making it hard to rotate but in this case a kid would beable to do the tool and destroy the core with icecream in one hand and pulling the tool with the other hand...
@@Bialy_1 yeah especially with that big keyway, you can drive a truck thru there. Looks like it won't take much force to pop it. Great idea, needs to work on the back end to make it stronger.
I think this lock might be easier to pick after being used a lot. If the lock is only used with the right key for a long time, which is expected, the tight tolerances might smooth out parts of the wafers. This would give back some feedback, like if you had serated pins with one of the gap being wider/deeper.
Love the design! Just wondering how much abuse it would take. I imagine someone turning it with a stronger tool after jiggling the pins into any false set. (disc-slip). I am curious if metal in lock can deform by the forces leaving it unable to open later.
If it doesn't take realistic abuse, someone didn't put in enough work between prototype and final product. Thats the common way to make attractive, but useless stuff. I doubt the inventor will let us down like that- a manufacturer might, though.
10:10 I think that's more like decoding than picking but it will get the lock open if you continue doing that for long enough. Especially if you measure how much you can rotate the plug with any given pin setting. That said, this is the best pin tumbler design I've seen this far. I think it's vulnerable to brute force attack because the only thing holding the lock not open after a shear line for accessible pins have been set is that single pin with a diagonal ramp. Inserting a strong enough tool in the keyway and simply turning the lock open with force is probably going to work every single time either by compressing the pin with diagonal ramp or bending or cracking something inside the lock to allow the plug to rotate. In addition, the way this lock works, the actuator will rotate about 45 degrees with any key which may or may not be a problem depending on where this lock were used. Too bad it's patented or that could be a nice community project to try to improve the design further. I've been trying to design a pin tumbler lock design myself which requires much less parts but more pins because my design can only have 3 positions per pin. I think it cannot be picked either but I think any mechanical lock will be vulnerable to decoding. (The only mechanical lock (using a mechanical key) that I'm not sure if it can be decoded is Kromer Protector. And that's only because the actual specs of the lock have never been made public so the amount of possible cuts for each key location is unknown so you cannot test every possible cut for a single location. And that lock design requires that you have at least one correct cut for the whole key to be able to apply tension. Obviously, it would be easy if a single disk could have 6 different cuts, then you could have 6 different tensioning tools and just try which one works. The fact that the safety of that lock basically depends on not knowing how many different cuts a single position in a key can have makes it more like security by obscurity and that would obviously fail if many enough locks were in actual use.)
Definitely an LPL challenge :) I would be curious how hard this lock would be to pick with a Lishi style tool, that way you get past layer one of the lock quickly by putting in the same code. Then, when you try the combination, the force to turn the key changes based on how many pins are in the slot (the closer to the 45* pin=more force). The key to picking it is seeing if you can feel any difference in the L2 lock tension or not and work back from there.
Assuming you can only feel what is happening at the shear line, this would be very difficult. With 6 pins and 5 shear line positions, you would be looking at 5^6 or 15,625 combinations.
Perhaps there is a way to glean information about what's happening near the side bar. With fine measurement, you could see how far the "false set" moves and then you could "feel" the pins touching the side bar. So, my idea-- use a long and rigid turning tool-- or attach a long piece to a turning tool for measurement. The longer it is, the more detail you can get from small movements. Then measure how far you can turn it after setting a pin at each possible height. Then, you might be able to eliminate a pin after testing each of the shear lines. So you'd be looking at 30+25+20+15+10+5 or 105 different things to check. That would take a long time, but then you might just need a few hours to open it instead of a few days.
you don't understand the math of it. Lishi style tools help when you have feedback. Lockpicking is done based on feedback. If you have n pins and each pin can have m positions (potential cuts), brute force is O(m^n). If you have 6 pins, and 7 positions, that's 117 thousand combinations. With feedback, you cut it down to something like O(n*m) or O(n*n*m) which is way smaller than O(m^n). O(n*n*m) would be 252 (and in practice you do it with less than 100 interactions if you're experienced like LPL; that's why he does it in a minute or two). This lock gives you no feedback, so O(m^n) is unavoidable. This is the third lock I saw that's truly unpickable. Bowley lock is the best: it prevents access to the pins.
@@maolbz I think what they are saying is that you may be able to gain some feedback from the sidebar. Here's the method, it may be completely useless: Use a pick to align 1 pin to a position (a lishi tool could help with distinguishing the positions) then rotate the lock and feel how much strain is on the rotation from the side bar. If all of the pins are out of the side bar it should have slightly more tension than if 1 pin is correctly aligned. Repeat with the same pin at different heights until you find the correct height for that pin. Repeat for each of the pins, it may be easier the further on you get as you'll feel more looseness as fewer pins are interacting with the sidebar. Let's say you have 8 different pin heights for each of the 6 pins and you test each of these individually, the total number of tests with be 8 * 6 = 48. Each test will take quite long as you have to feel a tiny difference in tension but it makes the picking process actually plausible.
@@teh_jibbler only problem with that is theres no feedback from the sidebar or blocking pin at the back cos that blocking pin is only moved by the cam on the back of the cylinder, not the key. Once the core turns, all pin stacks are blocked from moving too so you cant feel through any of those what the sidebar is doing either. A brilliant design in that respect.
I have a hunch that the weak spot in this design is not the chamber and the pins, but the last special hidden pin. It looks like depending on the materials the lock core, the hidden pin, hidden plate, and lock top are made of, it could be possible to just force the lock open after the 45 degree point by applying sufficient rotational force to the core.
This could be made such that a force too great will destroy the cam pin and the lock will be unusable but not opened. You can do this with a common lock too but they then require an alternate entry to remove and replace once damaged. This is not lock picking this is theft prevention. Then the thief may up the game and knock down the door.
@@cronostvgif this were a challenge lock, I would agree with you, but the first thing he said in the video was that this is a new lock design intended for production. In the hobby space, pick resistance is the highest metric by which to rate locks because you're intentionally limiting yourself to the rules of the game so to speak. Someone looking to bypass this lock to steal your things isn't going to care about the rules of picking, and is going to do the most efficient thing. In this case, it would be brute force.
I'm wondering whether applying pulses of high pressure air to the front of the lock would be able to momentarily kick the driver pins up. If so, devising a situation where all the key pins and wafers are below the shear line and the driver pins are alone above it, playing with pulses of air and precise tension at the point where the "side bar" starts binding the driver pins might enable dropping them into place one by one...
There is a riddle toy- a wooden cylinder inside a bore- that you solve like that. Its pretty amazing when the cylinder rises out of the bore once you blow on it with breath alone. Your idea is the first promising one i've seen here- but, it could be defeated by a pathway next to each pin, quickly equalizing pressure above when you apply pressure from below.
Looking at the cam arrangements at the back and the angled pin I was thinking it would be susceptible to force it past the 45 degrees due to the mechanical advantage you get from the cam at the back. Brilliant idea.
Exactly what I thought. While being a destructive method this might leave the lock in a state where it still seems to be working, but is very easy to open with a pick or even the wrong key?
@@SailingSoWhat maybe solve it by making the back cam to be turned only by the tip of the key separating then cylinder from it. But only allowing it to turn with the cylinder (simple 45 degree dog linking them together )
i wonder how well it would survive a physical attack. once the core is in a false set, it is only the tapered part of the last pin that prevents rotation. i imagine that the brass bits would likely give out before the wedge of the steel pin failed.
The ingeniousness of the lock lies in the way it doesn't rely in any way on the tapered pin's structural integrity, but on the slider having that perfect groove to slide into. Without it, the seventh pin can't push the slider over. The idea of forcing that pin to push through the sidebar to allow plug rotation sounds unfeasible to me.
this was my first thought when Andrew posted on u/lockpicking. A bad person could make a nice strong key blank which lifts all the wafers to shear then put a spanner on it and brute force the last pin. Suggested remedy a thinner but of core between pins 6 and 7, which would fail if forced leaving the lock broken but locked.
Had the same thought. I was thinking to make a false open pop a big old screwdriver in the key hole and turn. Really depends on the Sidebar how and if it can deform in the casing. Cheers!
the Bible sits on top of the Slider and that sits on top of the 7th Pin. you'd have to be able to crush the Slider between the Bible and the 7th Pin. meaning you're saying that you're able to effectively cut that Slider into two pieces by the shape of the 7th Pin. this is... theoretically possible, but the amount of Force i expect you'd need to do that, you're at the point where you may as well just Sledgehammer or Drill the Door.
It seems like the sliding bar would have its own binding order which would be expressed in how far the tension wrench rotates when in a false set, so you might be able to get a bit more info by using a long tension wrench and marking the distance it rotates - it sounds pretty long winded though.
You can figour out where you are in the binding order so for the first pin 5 hights + 5 possible pins/ eliminate the 4 not binding rinse and repeat until Max trie 39 and you are in. Every false gate would potentially double the number of attempts.
The sliding bar only moves about a millimeter, and assuming non-insane machining tolerances, you'd still only get maybe 3 to 5 degrees in difference in rotation with the tensioner, depending on which pins are open and which are still locked. When it gets worn... who knows... The best picking attack is probably a lishi tool.
Yeah, it can reduce the amount of effort from worst case 6^6=46656 combinations to 126 (math see below). But you'd still be lifting the pins while they aren't truly binding, which requires skill. And you'd need to measure the angle of your tensioning tool, which requires both a precise reference (with some painters tape a non-issue) and consistency in the force you apply (again, some basic skill). Alternatively, you could bring a couple dozen key blanks and file or clip them into shape in front of the lock. But keep in mind that the purpose of a lock isn't to take a million years to pick. It's purpose is to make figuring out the combination a bigger hassle than any other method of entry (shimmying the latch, drilling the cylinder, grinding the hinges, convincing the neighbors that you're firefighters and need to axe through that door to put out a fire, ...). And having to try about half of those 126 combinations definitely is still discouraging enough. Why 126? To find the first binding pin, you'd need to try 6*6 combinations (in each you lift one of the pins to one of the heights). Only once you found that correct height for the correct first binding pin will you know that you've done it. With blanks it would be a bit easier, because you could first find out what height the first binding pin needs to be set to, by lifting all 6 pins in parallel to the 1st position, then all to the 2nd, ... up to to 6th. And after that you'd figure out which pin it is that needs to be set to that height. Either you make 6 tries lifting only 1 pin or 3-ish tries lifting half of the pins. 9 tries total for the first binding pin, and they can be very fast if you bring those first 24 "blanks" pre-cut. To find the next binding pin you try each of the 6 positions for the remaining 5 pins in order; and so on. In total it would be 6*(6+5+4+3+2+1)=126 combinations (max). Furthermore, when you're getting to the last pin, you first need to set the 5 known pins to their position and then the unknown one to a guessed position. In those (up to) 6 tries alone you are setting pins (up to) 36 times. And for blanks, you need to cut the known depths for all pins you've solved so far. And as mentioned by "s s", any time you either fail to set one of the combinations or measure the angle wrong, you slow down your progress.
use a fine-tipped sharpie to draw a line between the cylinder bit and the body while it's in a false set, so that if the next position rotates slightly further or slightly less, the line will be broken. you'd probably have to redo the line per pin. and a quick wipe with some isopropyl and the lines are gone.
I took a photo of the 3D design and measured the space of the spring on the top. In theory, you could push the key pins just above the sheer line since there is space given to do so with the length of the springs. Now there comes the problem of the bar, well, I also measured if the wafer pins would be in the position between the bar and that appears to be the case. If everything lined up, you would push all the pins above the sheer line and the bar would slide the wafer pins slightly making way for the piece connected to the core. What do you think?
At 2:14 he mentioned anti-overlift bars. As far as I could tell, those weren't in the 3d model. I'd imagine these are sized to prevent the wafers from ever getting to the hight of the slide bar. Plausible?
i'm curious as to how it would stand up to a bump key test or a vibration test. the separation of the core from the pins via the slide mechanism does prevent a lot of feedback that you get from direct contact of the pins with the core at the sheer line, it's been cleverly removed with this design.
I don't think a bump key would do much. You need to bump the key stacks up and then rotate the lock core about 60° before the pin stacks are pushed back down by the springs. But even if you manage that, now the pins are blocked from coming down completely. So you cannot simply easy on the tension to let them slide into the bar. And the lock does have overlift protection. So no bumping until a disc is at bar level.
@@HenryLoenwind I think the bump key vulnerability might be in the "sidebar". Because it is held in place with a spring it is possible you could hit the locking bar without turning the cylinder, and then once set, the rear pin the normally actuates the bar and prevents the lock from being turned without the key is just floating, and you could turn the lock. It probably depends on how stiff that spring is and how much shock you could translate to the lock,
@@rosecityrower The one issue with that is that the lock is usually mounted in a door. So bumping the body to get the topbar to move against its spring (or more exactly, move the body quickly and let inertia hold the bar in place) won't work. A normal bump attack transfers an impulse to something you can touch and move (Newton's cradle). But here you need to move the bar and there's nothing you can touch that would transmit the impulse to the bar in the right direction. So it becomes an inertia attack instead. Also, that bar can only move when the pins are in the right position, so you need to bump the bar while lifting all pins into the right position at the same time. But if you can do the latter, you can just turn the lock.
One possible attack I can think off is this: squirt in a slow working glue, that will glue the wafers together in say 24 hours. Then let the normal user open the lock with the key a few times, to break the glue between the correct wafers (and other moving parts). When the glue has set on all wafers (except the proper one), you could perhaps feel the correct wafer clicking in position.
Yep that’s the attack. Nice! How did u think of that? I could totally see this working. The user with the key probably wouldn’t even notice anything either. You have a good mind Sir. Good job.
This is amazing!! My thing is make the back of the core with a little less room and you can make the "false set" a little less witch would work better in an actual lock. Also because you are using master wafers you can master key this lock you just add another slot in the driver pins where the "sidebar" could slide into. This is a really good design IMHO!
Practiccaly though, you could easily force this open with a strong lever because the cam at the back of the lock would force the steel pin through the sidebar and allow the lock to be turmed.
@@tabaks that is not how you make a statement unless you are 7. But I agree for 1 reason. The pins are all steel and the bar and tumbler are brass. Brute force would ruin the bar an dtumbler and make the lock inoperable because the steel pins would damage the cam and wedge due to the small tolerances
@@gtjack9 possibly. The brass plate in this version looked very thin. Ive seen what brute force can do with a core puller on a lock with steel pins and brass tumbler, hence my comment. but hopefully youre right as the design is otherwise very good. Its nice to see lock makers finally looking at more inovative designs.
Yeah, and like maybe Thanos could use the Infinity Gauntlet on it. Unpickable means just that, it does not mean you can twat it with a hammer until it breaks and then claim victory.
What a great concept for a lock 👍👍 really cool 😊 seems really challenging and near to impossible. Would this fit in a real world format like a Euro cylinder? Maybe Max lifting and letting pins drop as controlled as possible could be a strategy? Cool that he prevents overlifting from the start 👌 would have been my first guess
the lock could clearly fit in almost any cylinder format. it's been made the way it is here for demonstration purposes clearly and there's a lot of excess material that could be trimmed off. also the body is aluminum and that's bad for a final product.
At this point if you lift all the pins the shear line would prevent the pins from falling while there is tension on the bar. So when the pins are able to fall there is no way to put tension on the bar.
I'm convinced lock manufacturers don't care that much about security. The designer better start his own company if he wants to see this in production. It's very cool!
If you raise up the pins while tensioning the top pin the wafers set before the bottom notch (where you would want it to set). Have you thought about picking the lock by raising a pin stack, tensioning, then slowly lowering the pins? Then the first set you get would be a true set (the bottom notch of the pin stack).
I'm no lock picker, I'm a design engineer, so excuse my terminology which won't marry with the video wholly. At a glance it looks like the lock's strongest feature is to rely on typical picking conventions; gradually loading up each spring in each pin's bore. It looks like the best methodology would be to fully preload each spring to it's stop and work backwards so that the undercut is aligned into correct position so that the shims in each bore don't have the opportunity to create the false positive. Of course, there may be a feature to negate this method but a good design all the same.
Things to note looking at this: there seem to be only 3 different types of driver pins and they can be placed in an up or down position. 1 and 6 are the same driver pin, 2 and 4, and finally 3 and 5. I bet if we somehow put a focus on those dimensions, we could get a way to decode it.
It could also be a coincidence that there are pairs of driverpins in this lock. I'm not a lockpicker, so correct me if i'm wrong. But if you look at the math of the different driver pins, you can have 6 different positions per driverpin for it to be in the correct position because of the wafers. If you calculate the theoretical amount of variations it would ammount to 1,3e+17 (6!^6) different ones. Let's assume you don't want it to turn with everything in the down or up position, you still would have at least 3 billion (5!^6 = 3x 10^12) different possible combinations.
You could put careful tension on the "sidebar" by rotating the core with a key with just the lowest bitting on all positions. By repeated impulses toward the top, the "sidebar"-pins will eventually find their correct position. This attack could be prevented in a future version by giving these "sidebar"-pins false gates.
I have been playing with another copy for some time and this is the only exploit I have imagined so far. That said I tried bumping the driver pins into place with repetitive strikes on the body, no luck. I also tried moving the drivers with a strong magnets, no luck. Apparently I successfully catched a few pins as I can hear them dropping when I release tension, but I never got the 6 of them. I don’t know if an EPG could bump the driver pins far enough to possibly make any combination. Remember that you don’t have access to the pin when you tension the bar, the only thing you can do is to induce pulses into the core.
Won't work, as the thin wafers will prevent the sidebar pins from coming down..Not all sidebar pins will need to go upward. In order to get tension on the sidebar lever, the key needs to be turned and this will remove access to the pins. See 1:56
@@MrDLRu It may work if you turn the core with all the wafers in the core and only the drivers left in the bible. However getting the driver pins to jump whitout any access to them is another story…
Bumping is the only way I see to move the real pins while the lock is tensioned. But the only way to do it is applying the bump to the whole lock and hoping the pins will randomly move the right way. In theory this could open the lock in less tries than trying all possible combinations, but when you realise that locks are usually in a door and cannot be bumped up/down...
hi, what happens when you turn the cylinder without anything inside, so that all "mini-plates" are inside the turning cylinder. Now the pins have the full freedom to move, only held back from moving by the little springs. So now holding a strong vibration device on the bottom, the pins will move/shake until the right position.
I saw when Andrew posted on the /r/lockpicking sub and looked at all the specifications, very innovative and original design. Beautiful lock, and I've seen others try to open it with no success. I love Bowley's lock's designs, but there is something about Andrew's design that is more beautiful (maybe not the right word, I'm at a loss). Either way, beautiful lock, great video.
I wonder if it would be possible to feel out which pin stack is binding the most by how the sidebar twists when the angled pin is under tension, and then focus on finding the correct height for that pin that allows the barrel to be turned a little bit further. A slower one would be raising all the pins to the same height at the same time, and checking if it’s able to turn slightly further, and then resetting stacks one at a time back to zero until that progress in turning the barrel is lost.
How prone would it be to brute force on the tensioner? as in, put it in a false set then force the barrel round to distort the 'extra' pin since that is the only thing blocking the barrel from turning. it seems the pin, the slider and/or the barrel could be susceptible to being worn away enough to allow it to open, especially if manufacturing tolerances slip. just a thought.
Andrew McGill's lock? Completed it. Lol nah this is a major step forward in lock security. No one, literally no one has though of these mechanisms (I remember 'Stuff Made Here' done one and sent it to LPL) but this one is on another level. Edit: saying that, LPL didn't really pick it, he merely bypassed it.
My concern is that the wafers allow the primary barring mechanism (the pins) to be bypassed, thus the only thing preventing the lock from turning is a pin riding on a cam, pushing into a brass plate. I have a hunch that a large blade screwdriver with a wrench on it will force the lock. The amount of force the cam can generate is quite substantial, either pushing the pin up, or bending or shearing it.
I think this lock is brilliant test lock, I was reading in a comment about having false gates. That is a excellent idea to, What about some wicked pins also. Very well explained brother man. Excellent video
How strong is the side bar spring when it is in position? If you strike the lock from the front, as you would with a bump key, you might be able to get that spring to bounce "engaging" the side bar without rotating the lock. If that works, you might be able to decode the lock by picking a pin, then bumping the lock and checking for a change in feedback. The theory being that at least one pin in the correct position should bind the sidebar when bounced, giving you the depth of the cut. It would still be a fair amount of decoding, just a lot fewer than than trying to decode the entire lock.
Do you think the wafers might be prone to jamming? I'm thinking of the long term maintenance of the lock, ie if it jams, doesn't matter how good of a design it is.
You can get information from the second row of pins by trying a few random combo, and see how far the lock can rotate. Due to slight manufacturing errors, if say number 3 from second row would have been the first to bind, then if it's set at the correct height, the cam would push the sliding plate a bit further, and allow the lock to rotate a bit further. You can now try again with a reduced set of pins. Obviously it needs to be tested, but the lock indeed leaks information on the key.. It's just not where it usually is. This is really the same principle as a traditional lock,
If that 7th Pin is steel, would applying a strong (i.e. Neodymium) magnet to the lock body above it apply tension to the slide bar whilst you still had access to the pins, allowing you to pick?
This lock seems really similar to the challenge lock StuffMadeHere made for LPL to me. As far as I can remember his mechanism worked really really similar to this one, so I am curious what date the creator of this lock filed his patent on, because if that video from StuffMadeHere was uploaded before he files his patent than there is a good chance the patent is null and void because of the existence of prior art.
If you could see the slide bar, even just from the front (e.g. drill a hole in the front and look in) you could tell when you've solved one of the pins at a time. Depending on tolerances, the slide bar is going to be in hard contact with only one pin at a time, and when it's pushed into position the slide bar will move the micrometer or whatever and be in hard contact with ... nevermind, the only tension on the slide bar is from the 7th pin when you actively turn the key. But when you've solved the "first" pin, the slide bar will be able to move a tiny bit further and you should be able to turn the key slightly further as a result.
i agree that it's an interesting design, certainly more pick resistant. i do wonder how well all those parts will continue to move over time, looks like it could get finicky, esp if it were exposed to the elements.
Do I understand correctly that if you make it to the 45deg position that then you would only be brut forcing past the one pin, that side bolt...permissive pin? I'll have to go back to the CAD animation. I don't think I got it on the first play through.
what if you started out overlifting the pins? idk if it would work or not, but it seems like if you overlifted them and put a lot of tension on the core you might be able to work backwards, using the tension of that sliding bar to judge when the pins set. might not work at all idk, just an idea
can it be shimmed? Imagining an L shaped shim that is inserted such that the lower part of the L slide into the back section and can be used to apply force to the rear pin. Maybe even two shims coming from either side to bind up and fill in the space where the rear pin resides to press it up. Not sure how else to go about it, the trick will be finding a way to push that rear pin up.
Wonder if it's possible to get enough of a grip on the back pin to tension it against the topbar without turning the drum, which might let you then get feedback from the pins while picking them when their slot gets aligned with it.
The real problem with this type of system as you know is no locksmith can cut a key for it no keys available no settings on your key machine available so the only people that will buy this are individuals that would buy a lock with this already installed in it and the keys, and if they ever wanted more keys I guess they would have to get a hold of the supplier for more no key blanks are on the market for it and nobody in the US with this tight supply chain. Problem is going to make keys for that like Ilčo but I sure like how you showed us the insides of it. You’re so very detailed and the accent doesn’t hurt at all either. Thanks again your buddy Mike.
This is definitely something id like to see LPL try to pikck or defeat. From my perspective the only weak spot i can see in this lock is this "lock pin" on the back or the top "sidebar". If its made from a strong material it should be resistant to forcebly turning the core once the "false set" is set. Given that someone is aware how this lock is made. Also after watching it now im thinking is the last pin round or not. As if it is round what would happen if it would turn 90 or even 180 degrees just because it can? Would it prevent it from sliding the bar?
if you put alot of force on the fauls gate could it wedge that end pin? giving you the opportunity to pic the slide bar? it would be difficult enough and be like picking two locks at once but correct me if I'm wrong
This is an ingenious design and something I love about it is that you could theoretically incorporate this mechanism into a lock which looks totally normal and standard from the outside using a totally normal looking key. Sometimes you don't want a lock or other security device to appear as if it's securing something worth nicking. It also has the advantage that it could be used in existing master keyed systems alongside conventinal locks using the same key where extreme pick resistance is not reauired.
It seems to have the same attributes that make a group 2 combo lock secure in that you can set the gates, or you can check the gates, but not at the same time. So picking this lock would be more similar to safe cracking in that you would need a special jig that can be configured to hold each pin at a specified bitting, and a way to accurately measure how much the core turns. Then you very the position of each pin by one setting at a time until you notice that the core turns a little further -- when the sidebar slides further into the gate on the binding pin. They way to defend against this would be similar to the way that S&G 8500 series locks work. The sidebar would have a spring loaded snap action mechanism so that the motion of the cylinder and side bar are never directly coupled, making it impossible to measure where the sidebar binds by measuring the rotation of the core.
I wonder what happens if you get it to rotate in the false position, then put a long/strong torsion bar and brute force it? Will that 1 pin and bar hold up?
If I understood you correctly the tension tool will turn 45 degrees on each pin changer at 6 places-each of the 5 wafers + the driver pin. This would mean that you have 6 choices per chamber that can be repeated-since the correct position of each chamber can be the same as the correct position of another chamber. Then lock is a permutation system of 6 choices that all seem correct. You mentioned is no discernible feeling between each of these 6 positions. If that is correct, you have 6 choices in each of the pin chambers, and there is no way of distinguishing the choices except by possibly estimating the height that you raised the pin of each chamber. This would mean you would have to brute force the solution on a geometric progression. Possible solutions per total chambers: 1 chamber-6 possible solutions 2 chambers-36 possible solution 3-216 4-1,296 5-7,776 6-46,656 Just being able to pick 4 chambers is quite a feat.
I'm an utter newbie at locks and lockpicking, so this could be completely off base, but the only thing I could see that would make this a bit more difficult would be to not have the same number of wafers in each pin. If you can guess how it's designed, or at least the wafer part of it, you could maybe figure out how many wafers are in one pin, and use that to help pick the other pins. But if there's a variable number of wafers that wouldn't help.
Is it possible to turn the cylinder hard enough jam the sliding bar against the pins? If it is then I can think of a decoding attack, but it won't be covert.
I think it could be opened faster than trying out every combination possible. I'm not saying that it would be easy or that I personally could do it, but approach would be to: 1. Make the key turn (by lifting the initial binding pins) and observer how far it turns. 2. Go through each position of each stack one by one (not all combinations) and find the position where the key turns the furthest. 3. Keep that stack in the correct position and find the next binding stack and correct position by observing which configuration allows the key to again turn a bit further. 4. Repeat step 3 until open. So in short, this technique would rely on the imperfections/tolerances in the sidebar and would require extremely careful measurement of how far the key turns. Probably will require special tools too, so I don't see anyone picking it open on a busy street anytime soon. I'm not even sure if this could be called picking anymore :D
It's nice when creators are thinking outside the box with their lock designs and coming up with something really unique, and more importantly: really secure
How hard would it be to break that last retaining pin? If you get the lock into a false set, it's the only thing preventing the lock from turning. Could you force it open with a screwdriver at that point?
The best solution I can think of for this sort of brute-force attack is to couple the lock mechanism to the slide bar, rather than to the rotating core. Simply add a projection to the slide bar that manipulates the locking mechanism (deadbolt or whatever), so that the lock is unlocked when the slide moves, rather than when the core rotates. Then you make the slide bar and spool pins out of the hardest non-magnetic steel or titanium, and the wedge pin out of something softer like brass. So if it's brute forced, the wedge pin deforms, the core turns, but the slide bar never moves and the lock doesn't unlock. This has the downside of making it less of a drop-in replacement into existing locking mechanisms.
I've been wondering - would it be possible to pick a lock using an expandable metal/rubber 'key' that you can just slip into the lock and it'll form to the right dimensions? I've been thinking about that for years but I don't know how practical it is.
Can that pin that moves sidebar be forced up, since it looks to be steel and sidebar is brass. So wonder what strong flat screwdriver with wrench would do
This is very interesting not just because of the difficulty in picking but you can attach an picking alarm to the lock quite easily. If the core stays at 45DEG for longer than a minute, ups the alarm triggers and potentially blocks the door completely for 30 minutes, or until cops show up. But it matters how easy it will be to mass-produce and at what cost and failure rate.
A well planed brute force can get the numbers down a ton. Trial and error you have 5^5 positions but since a mass-produced lock has much worse tolerances or it would be really expensive you can cut that number down to about 5^3 or even 5^2 because most keys don't make jumps of more than 2, so the key still slides in the first pin will also be a lower bit, especially if you have tight tolerances it is more likely to bind on big jumps between pins. If the tolerances are loosened a bit to lower cost and lower the chance of binding, the wafers would need to be thickened, or they will slide between the cylinder and body. You can essentially use numbers to lower the possibilities down to 25 and 125 tries as the worst case (with tight tolerances) with an average of 75 but assuming looser tolerances and removing unlikely combos like 555555 etc. you end up with a number much closer to that 25 number.
I think I can see two weaknesses: Picking-wise: Overlifting with a comb, remove, then turn. Can be fixed with precise chamber length. Destructive-wise: Only the lifting pin counters rotational force from the plug. Rotating too hard can damage the cam (brass vs steel), since the plug is rather sturdy, while allowing it to turn by brute force. A third weakness *might* be Time: When grime an filth enters that plug and pins through regular use, those wafers could get sticky except for where they regularily shear thanks to the right key. I doubt this could be exploited, though.
I suspect the vulnerability will come down to whether there's a way to actually tension the slide bar somehow, or manipulate the driver pins directly. Obviously he's put effort into warding it, but maybe some kind of vibration tool could jiggle the drivers while the actuator pin is under tension? I look forward to LPL taking a crack at it. I also wonder how easy it would be to force, given that the sliding bar is brass and there's only a small amount of material interfering with the driver pins. While it is destructive, it's possible the damage would be undetectable to future key users.
I don't know anything about lock picking but, would it not work if you lift all the pins up with a tool design just to lift (not to pick) and one by one go back while you drop the pins to gates?
Is this lock unpickable? It might just be the case 🔐😮
Probably not but it is going to be extremely difficult to do. It will certainly defeat the average lockpicker.
@@seriousthree6071 More than average pickers. Andrew sent a few prototypes out to experienced pickers and, so far, we didn’t find any exploit. The lock can apparently be decoded but this is a extremely long and tedious process. I am trying to think out of the box but the design is excellent. So far no exploit has been found.
Hi Ash,
I have been playing with a copy for the last couple of weeks and there is something I would like to try but I don’t have an EPG. The only exploit I can think of would be to lift all the pins to the very first position so you have only the driver pins in the bible. Then we would need to get them move randomly while gently tensioning the bar and eventually get them falling into place progressively. I have tried bumping the core with a rubber hammer, no luck. I have tried moving the driver pins with the Magneto on the side of the bible, no luck even If I believe that I set a couple a pins this way. Now I would like to see if an EPG pulsing the keyway could do something. I highly doubt we could transfer enough energy to compress the springs without hitting directly the pins but it may worth a try… In any case, this is the best idea I had so far. The only other option is to decode the lock wafer by wafer but this is extremely tedious and very difficult to achieve given the binding order on the wafers.
Its gonna need a Sputnik/Lishi tool.
@@gargoyle7508 Yeah a sort of Lishi where you could lock any identified height would be ideal.
Now this looks like a challenge for the LockPickingLawyer. Especially since he doesn't shy back from using practical exploits, as demonstrated by the two locks stuff made here made. (both of which were great designs with a similar idea in the sense of checking the pins when the pins can't be manipulated anymore. But both had some practical exploits which still allowed picking and/or bypassing them.)
Questioning what material the slide bar is made out of..... wondering if a very powerful magnet would come into play
@@Arch3r666 looks like brass. Making stuff that's part of the locking mechanism from a magnetic metal would be stupid. For that very reason.
True, but it's clearly a prototype. "Unfortunately the designer made one fatal design flaw, he left these hex bolts all over the place..."
I'd love to see what LPL would make of this. The crux is that Andrew has ingeniously airgapped the stack from the core, you can't tension the lock and pick at the same time. I'm far from an expert but I can't see how it could be picked by anything other than an exploit. And that then just becomes a case of iteration, patch a vulnerability and repeat.
Astoundingly clever.
@@TmOnlineMapper sorry but there's a lot of stupid people in this world that would actually use a magnetic material for the lock mechanism and Lock Picking Lawyer knows too well that some locks are fantastic on the outside BUT dumb in design internally. LPL has a long history finding weakness in locks :)
Click on 1, nothing on 2, binding on 3, and it's open. Now with a spaghetti noodle
Glad you found it interesting! I'm going to get to work making more to sell to anyone interested in giving it a try. I'll update the website with details.
Look forward to having one of these in the collection, kudos on winning the brain lottery!
Well done mate.. fantastic concept !!
I’d like one! Really good engineering!❤️
Great lock well done
Absolutely! Would love to get this figured out. Patience is key to this one. Especially using lock noobs method! Very cool lock. Great engineering 👏👏👏😎. Hope to see some soon!
This feels like an evolution of the first Stuff Made Here "unpickable" lock, locking the pins at a certain height for verification. The actual mechanism is different, but it's still cool to see.
The mechanism is different, but principle is almost the same.
Yes exactly. It's the same idea, but this time with a better solution and execution.
Very similar to not only the finished mechanism but some of his prototype steps as well.
It certainly follows the "SMH" suggestion to separate the pin setting and pin testing parts of the lock, with a much simpler design.
I was just thinking that. I hope he notices this video, he'd probably find it interesting
What I like about this as opposed to other "unpickable" lock cores is that it isn't much more complicated to manufacture than a normal high-ish end lock core AND I don't see any reason why it couldn't use literally any other keyway, so key reproduction and sourcing could just be regular Schlage keys.
Also with that design, the physical security rests on the single transfer pin. With a keyway open like that, you could stick in a tool steel bit, and force the lock open.
@@ionstorm66 You're not wrong and I did notice that as a weakness though I didn't mention it, but we're talking about destructive entry at that point. I did also notice that the pins are all steel. Usually when you're trying to do an attack like that, you want to be shearing 1 brass pin, not gouging a steel pin through billet brass.
The real problem for me was that the "sidebar" is also made of brass, which means that depending on the mechanical advantage of what forces the lock pin up, it could be really easy to deform that brass sidebar and punch that wedge through it.
I would like to see that sidebar made of steel and the cam area that the lock pin rides on also made of steel. It would be a solid order of magnitude harder to force then.
In fairness to who made it, its a low production prototype. All of those materials could change. If it were all steel and you didn't have the world's biggest keyway, I think you'd probably break that tool steel before the lock gave.
As it stands right now? You're definitely right. I bet a decent screwdriver and no leverage other than your hand would be enough to force it.
@@htomerif The problem with using a steel sidebar is that it opens up a magnetic force exploit. You'd need to have an incredibly thick case and/or have some kind of opposed motion like a second sidebar that only works in the opposite direction, otherwise the crux of the mechanism could be manipulated externally.
@@dustinbrueggemann1875 That's not really a concern. You've probably been watching to much LPL. Stainless steel, for example (which is the only kind of steel you'd want to use in a lock for corrosion purposes) can be essentially completely non-responsive to magnets.
I have a 3in diameter, 2in thick N52 strength neodymium magnet and my stainless steel silverware is unaffected by it. My stainless steel bucket is similarly unaffected. My stainless steel cookware just *barely* sticks but not enough to hold the weight of the magnet.
Note about LPL: I blocked his channel about a year ago after having been subscribed since before he had 10k subs. While LPL himself is very good, his channel is just a bunch of memes now and his comments section is 100 percent people with zero lock experience making jokes for likes. LPL's channel has zero utility for me.
That's why I'm on channels like this. You made a comment that happened to be incorrect, but was entirely relevant to the topic of the channel and very easy to clear up. Sometimes the shoe is on the other foot and I'm the one making the mistake. I appreciate channels that cater to people who want to learn and aren't just memes-4-views factories.
@@htomerifOh I'm aware of stainless and magnets, it's knowledge I've had to make all too much use of after knocking over a few part bins. That said, not every engineer jumps directly to stainless and so I would hardly dismiss the exploration of it as trivial nor would I harp on LPL for favoring a theme. The guy knows his audience, but he also knows his stuff. The fact that he's got so many examples is proof enough that a trivial idea to a few isn't quite as obvious to others.
This lock creator should send a version of it to LPL to get his input too. I am interested to hear the opinions of him too on this lock as it seems like a great way to keep pickers out.
LPL only shows locks he successfully picks. He only shows awfully designed electronic locks.
He gives the impression that there is no safe system.
Meanwhile, he never shows high quality vault locks, high quality electronic locks. And he won't show fancy unpickable mechanical locks.
@@Bvic3 true. that's his style and that's why a lot of people overrate his skills. not saying he's not skilled but people seem to think he's a lockpicking god. The thing is his channel is about exposing weak locks and not to showcase his godly lockpicking skills.
@@Bvic3 Simply not true.
@@shapowlow This. Especially seeing how much he "improved" after he stopped taking locks apart - and gullible clowns still parrot same old tired BS failing to realize "picking" stuff in such conditions is utterly worthless, just remove all pins and pretend you do it...
LPL was sent one of those locks some time ago, according to another commenter.
I want to be seeing LockPickingLawyer take this on.
For too many years, people have put out substandard locks that can be opened with comb-picks or bumping and Andrew Magil's Enclave lock actually attempts to solve problems.
Actually, judging simply by the 3d graphics this lock is also susceptible to a comb pick attack, and not only that, but it might actually also break the lock permanently.
@@ФилиппГерт Resolving a comb vulnerability is trivial though. The height of the driver recess can be shortened, or even just one or two pins having slightly longer tail ends to catch the sidebar at maximum.
I give it 2 minutes lpl
@@ФилиппГерт How to spot brainless moron who failed to watch video and see big anti-comb feature - the post. Maybe watch next time before you make idiot post?
I don't know where you live but here in Paris France you'll see a lot of Fichet locks (their cheapest lock barrel is about 200 dollars), you'll rarely see anyone pick those.
How prone is this lock to getting stuck?
One typically doesn’t put to much 1depth wafers in a lock, certainly not 2on top of each other because they risk sliding in between the rotor and the stator,
This one might have very good tolerances but that might be a big risk in a mass manufacturing setting.
If they move to mass production, they might make things bigger to accommodate sloppier tolerances.
Looks to me like (if the animation is too scale) the wafers are at least .5mm thick, while the tolerance of the lock body is under .1mm. the wafers aren't likely to get stuck in the rotation with such a ratio.
If mass production tolerances require larger tolerances, the ratio should still be able to be maintained and keep the jamming proof
That seems to be the weakest point in this lock: 25 tiny wafers. Other than that the overall concept is ingenious.
LPL needs a shot at this. I'd very much like to see that. This is engineering at its finest. 🙏🏼
I'm starting to think that LPL is picking his locks because there is an abundance of low hanging fruits.
@@Buongona yes soo many bs locks out there and way way to many are meant to lock up guns very said but still think he has the skill to take on very good locks as well
@@kirkanos3968 yeah it's sad, that gun locks depicted here are so bad, but that is good. When I'll need to get mine, I'll look up in here what NOT to buy. So LPL is doing a good service to make theese videos.
Also there are situations where you might need a lock that is flawed such that it can be opened faster without the key.
Locks in general never really stopped anyone who wanted to get in, they are there to slow down the progress and to give a sence of false security.
As Isaac Arthur likes to say: "If brute force is not working, you just don't have enough of it"
@@Buongona he talked about this on a video he made a while back. He went from doing cool historical locks (like a lock version of forgotten weapons) to doing locks that the ordinary Joe wouldn't think twice about.
I think his lock picking skill is clear, you should check out the "Naughty Bucket Chronicles" ruclips.net/p/PLlXtDbvIEH-NIdGaTGYhHYTJIgF3CNST1
@@Buongona No doubt, the pool of those who underestimate LPL is wide and deep :)
I wanna call it a “slide bar” instead of a side bar.
Also what an amazing lock. Gimmie gimmie!!!
That’s what I would call it, it’s a bar that slides
I would like to further add to this by calling it a "wafer stack slide bar".
lol had the same thought :D
This is a different implementation of the same idea of the Stuff Made Here lock. An actually practical version this time!
I remember seeing that video and LPL's video on that lock and I thought that he was soooo close to something great. I think we found that something great here!
Exactly! It basically uses the same trick of separating the keying from the checking, by using a second spring loaded mechanism. I think it could really be quite challenging to defeat.
@@coco805 yeah! We might look at an upcoming new meta for high security. It's already so good. Imagine when this technology matures!
All of these designs could be potentially be vulnerable to laboratory level attacks where you put all pins in a turnable position, but with one pin at a chosen height. Turn the mechanism all the way and use a machinist's dial indicator to determine the amount of turn. For this lock you will get 6 pins 5 positions. One of these (the binder) should let it turn just the tiniest bit more. Now you know the correct position of one pin. From now on, always use that height for that pin, and try to find the second binder. Now you have 25 positions to check to find the second binder, etc. Heck of a lot slower than picking most locks and not really feasible in the field, but in theory this approach should work.
@@kevincathcart4680 you might be able to put false gates in the upper pins which would make this approach much tougher
What is so interesting is that in all other cylinder type locks the more wafers make it easier to pick because of multiple shear lines, this works completely opposite. Great work!
I wonder how much rotational impact it can take in the "false set" position, yes noisy, but depending on the environment, maybe not a problem.
Yep it is complete crap... you will be able to false pick it and then brute force it as your whole cylinder is protected by only one pin.
Most likely you can also just ignore the whole picking part and just jam some brute force tool in it and most of the shear lines will be "picked".
If you then put that lock to some EU certification lab then they gonna tell you that it can not have any good certification because it is simply to easy to simpy brute force it...
@@paulstubbs7678 Its is just a single small pin there will be no noise or impact resistance of any kind. The inventor got the silly idea that the picking is the only thing that he should be woried about. When in reality people that like to steal stuff love the brute force method and 5 or 6 pins holding the cylinder making it hard to rotate but in this case a kid would beable to do the tool and destroy the core with icecream in one hand and pulling the tool with the other hand...
@@Bialy_1 yeah especially with that big keyway, you can drive a truck thru there. Looks like it won't take much force to pop it. Great idea, needs to work on the back end to make it stronger.
I think this lock might be easier to pick after being used a lot.
If the lock is only used with the right key for a long time, which is expected, the tight tolerances might smooth out parts of the wafers. This would give back some feedback, like if you had serated pins with one of the gap being wider/deeper.
Love the design!
Just wondering how much abuse it would take. I imagine someone turning it with a stronger tool after jiggling the pins into any false set. (disc-slip).
I am curious if metal in lock can deform by the forces leaving it unable to open later.
If it doesn't take realistic abuse, someone didn't put in enough work between prototype and final product.
Thats the common way to make attractive, but useless stuff.
I doubt the inventor will let us down like that- a manufacturer might, though.
Put a deep notch between pin 6 and pin 7. This will break the lock in the closed state.
10:10 I think that's more like decoding than picking but it will get the lock open if you continue doing that for long enough. Especially if you measure how much you can rotate the plug with any given pin setting.
That said, this is the best pin tumbler design I've seen this far. I think it's vulnerable to brute force attack because the only thing holding the lock not open after a shear line for accessible pins have been set is that single pin with a diagonal ramp. Inserting a strong enough tool in the keyway and simply turning the lock open with force is probably going to work every single time either by compressing the pin with diagonal ramp or bending or cracking something inside the lock to allow the plug to rotate. In addition, the way this lock works, the actuator will rotate about 45 degrees with any key which may or may not be a problem depending on where this lock were used. Too bad it's patented or that could be a nice community project to try to improve the design further.
I've been trying to design a pin tumbler lock design myself which requires much less parts but more pins because my design can only have 3 positions per pin. I think it cannot be picked either but I think any mechanical lock will be vulnerable to decoding.
(The only mechanical lock (using a mechanical key) that I'm not sure if it can be decoded is Kromer Protector. And that's only because the actual specs of the lock have never been made public so the amount of possible cuts for each key location is unknown so you cannot test every possible cut for a single location. And that lock design requires that you have at least one correct cut for the whole key to be able to apply tension. Obviously, it would be easy if a single disk could have 6 different cuts, then you could have 6 different tensioning tools and just try which one works. The fact that the safety of that lock basically depends on not knowing how many different cuts a single position in a key can have makes it more like security by obscurity and that would obviously fail if many enough locks were in actual use.)
Definitely an LPL challenge :)
I would be curious how hard this lock would be to pick with a Lishi style tool, that way you get past layer one of the lock quickly by putting in the same code. Then, when you try the combination, the force to turn the key changes based on how many pins are in the slot (the closer to the 45* pin=more force).
The key to picking it is seeing if you can feel any difference in the L2 lock tension or not and work back from there.
Assuming you can only feel what is happening at the shear line, this would be very difficult. With 6 pins and 5 shear line positions, you would be looking at 5^6 or 15,625 combinations.
Perhaps there is a way to glean information about what's happening near the side bar. With fine measurement, you could see how far the "false set" moves and then you could "feel" the pins touching the side bar. So, my idea-- use a long and rigid turning tool-- or attach a long piece to a turning tool for measurement. The longer it is, the more detail you can get from small movements. Then measure how far you can turn it after setting a pin at each possible height.
Then, you might be able to eliminate a pin after testing each of the shear lines. So you'd be looking at 30+25+20+15+10+5 or 105 different things to check. That would take a long time, but then you might just need a few hours to open it instead of a few days.
you don't understand the math of it.
Lishi style tools help when you have feedback. Lockpicking is done based on feedback.
If you have n pins and each pin can have m positions (potential cuts), brute force is O(m^n). If you have 6 pins, and 7 positions, that's 117 thousand combinations. With feedback, you cut it down to something like O(n*m) or O(n*n*m) which is way smaller than O(m^n). O(n*n*m) would be 252 (and in practice you do it with less than 100 interactions if you're experienced like LPL; that's why he does it in a minute or two).
This lock gives you no feedback, so O(m^n) is unavoidable.
This is the third lock I saw that's truly unpickable. Bowley lock is the best: it prevents access to the pins.
@@maolbz The Bowley has been picked.
ruclips.net/video/ai5Hf-wPXFE/видео.html
@@maolbz I think what they are saying is that you may be able to gain some feedback from the sidebar. Here's the method, it may be completely useless:
Use a pick to align 1 pin to a position (a lishi tool could help with distinguishing the positions) then rotate the lock and feel how much strain is on the rotation from the side bar. If all of the pins are out of the side bar it should have slightly more tension than if 1 pin is correctly aligned.
Repeat with the same pin at different heights until you find the correct height for that pin.
Repeat for each of the pins, it may be easier the further on you get as you'll feel more looseness as fewer pins are interacting with the sidebar.
Let's say you have 8 different pin heights for each of the 6 pins and you test each of these individually, the total number of tests with be 8 * 6 = 48. Each test will take quite long as you have to feel a tiny difference in tension but it makes the picking process actually plausible.
@@teh_jibbler only problem with that is theres no feedback from the sidebar or blocking pin at the back cos that blocking pin is only moved by the cam on the back of the cylinder, not the key. Once the core turns, all pin stacks are blocked from moving too so you cant feel through any of those what the sidebar is doing either. A brilliant design in that respect.
I have a hunch that the weak spot in this design is not the chamber and the pins, but the last special hidden pin.
It looks like depending on the materials the lock core, the hidden pin, hidden plate, and lock top are made of, it could be possible to just force the lock open after the 45 degree point by applying sufficient rotational force to the core.
Force open (shotgun, hammer, wrench, other locks, gallium) is not a valid lock picking technique.
This could be made such that a force too great will destroy the cam pin and the lock will be unusable but not opened. You can do this with a common lock too but they then require an alternate entry to remove and replace once damaged. This is not lock picking this is theft prevention. Then the thief may up the game and knock down the door.
@@cronostvgif this were a challenge lock, I would agree with you, but the first thing he said in the video was that this is a new lock design intended for production. In the hobby space, pick resistance is the highest metric by which to rate locks because you're intentionally limiting yourself to the rules of the game so to speak. Someone looking to bypass this lock to steal your things isn't going to care about the rules of picking, and is going to do the most efficient thing. In this case, it would be brute force.
I'm wondering whether applying pulses of high pressure air to the front of the lock would be able to momentarily kick the driver pins up. If so, devising a situation where all the key pins and wafers are below the shear line and the driver pins are alone above it, playing with pulses of air and precise tension at the point where the "side bar" starts binding the driver pins might enable dropping them into place one by one...
There is a riddle toy- a wooden cylinder inside a bore- that you solve like that.
Its pretty amazing when the cylinder rises out of the bore once you blow on it with breath alone.
Your idea is the first promising one i've seen here- but, it could be defeated by a pathway next to each pin, quickly equalizing pressure above when you apply pressure from below.
Looking at the cam arrangements at the back and the angled pin I was thinking it would be susceptible to force it past the 45 degrees due to the mechanical advantage you get from the cam at the back. Brilliant idea.
Exactly what I thought. While being a destructive method this might leave the lock in a state where it still seems to be working, but is very easy to open with a pick or even the wrong key?
@@SailingSoWhat maybe solve it by making the back cam to be turned only by the tip of the key separating then cylinder from it. But only allowing it to turn with the cylinder (simple 45 degree dog linking them together )
I read the title and my brain said.. "This is the lock picking lawyer...." using his voice.
i wonder how well it would survive a physical attack. once the core is in a false set, it is only the tapered part of the last pin that prevents rotation. i imagine that the brass bits would likely give out before the wedge of the steel pin failed.
The ingeniousness of the lock lies in the way it doesn't rely in any way on the tapered pin's structural integrity, but on the slider having that perfect groove to slide into. Without it, the seventh pin can't push the slider over. The idea of forcing that pin to push through the sidebar to allow plug rotation sounds unfeasible to me.
this was my first thought when Andrew posted on u/lockpicking. A bad person could make a nice strong key blank which lifts all the wafers to shear then put a spanner on it and brute force the last pin. Suggested remedy a thinner but of core between pins 6 and 7, which would fail if forced leaving the lock broken but locked.
Had the same thought. I was thinking to make a false open pop a big old screwdriver in the key hole and turn. Really depends on the Sidebar how and if it can deform in the casing. Cheers!
the Bible sits on top of the Slider and that sits on top of the 7th Pin. you'd have to be able to crush the Slider between the Bible and the 7th Pin. meaning you're saying that you're able to effectively cut that Slider into two pieces by the shape of the 7th Pin.
this is... theoretically possible, but the amount of Force i expect you'd need to do that, you're at the point where you may as well just Sledgehammer or Drill the Door.
Smashing a lock instead of picking is a vulnerability of all locks
10 hours?! Your tenacity is incredible
It seems like the sliding bar would have its own binding order which would be expressed in how far the tension wrench rotates when in a false set, so you might be able to get a bit more info by using a long tension wrench and marking the distance it rotates - it sounds pretty long winded though.
You can figour out where you are in the binding order so for the first pin 5 hights + 5 possible pins/ eliminate the 4 not binding rinse and repeat until Max trie 39 and you are in.
Every false gate would potentially double the number of attempts.
The sliding bar only moves about a millimeter, and assuming non-insane machining tolerances, you'd still only get maybe 3 to 5 degrees in difference in rotation with the tensioner, depending on which pins are open and which are still locked. When it gets worn... who knows...
The best picking attack is probably a lishi tool.
Yeah, it can reduce the amount of effort from worst case 6^6=46656 combinations to 126 (math see below).
But you'd still be lifting the pins while they aren't truly binding, which requires skill. And you'd need to measure the angle of your tensioning tool, which requires both a precise reference (with some painters tape a non-issue) and consistency in the force you apply (again, some basic skill). Alternatively, you could bring a couple dozen key blanks and file or clip them into shape in front of the lock.
But keep in mind that the purpose of a lock isn't to take a million years to pick. It's purpose is to make figuring out the combination a bigger hassle than any other method of entry (shimmying the latch, drilling the cylinder, grinding the hinges, convincing the neighbors that you're firefighters and need to axe through that door to put out a fire, ...). And having to try about half of those 126 combinations definitely is still discouraging enough.
Why 126? To find the first binding pin, you'd need to try 6*6 combinations (in each you lift one of the pins to one of the heights). Only once you found that correct height for the correct first binding pin will you know that you've done it. With blanks it would be a bit easier, because you could first find out what height the first binding pin needs to be set to, by lifting all 6 pins in parallel to the 1st position, then all to the 2nd, ... up to to 6th. And after that you'd figure out which pin it is that needs to be set to that height. Either you make 6 tries lifting only 1 pin or 3-ish tries lifting half of the pins. 9 tries total for the first binding pin, and they can be very fast if you bring those first 24 "blanks" pre-cut.
To find the next binding pin you try each of the 6 positions for the remaining 5 pins in order; and so on. In total it would be 6*(6+5+4+3+2+1)=126 combinations (max). Furthermore, when you're getting to the last pin, you first need to set the 5 known pins to their position and then the unknown one to a guessed position. In those (up to) 6 tries alone you are setting pins (up to) 36 times. And for blanks, you need to cut the known depths for all pins you've solved so far.
And as mentioned by "s s", any time you either fail to set one of the combinations or measure the angle wrong, you slow down your progress.
use a fine-tipped sharpie to draw a line between the cylinder bit and the body while it's in a false set, so that if the next position rotates slightly further or slightly less, the line will be broken. you'd probably have to redo the line per pin. and a quick wipe with some isopropyl and the lines are gone.
@@spambot7110 And how fine-tipped sharpie would you use? 0.25mm is kind of shitty for drawing on metal.
I took a photo of the 3D design and measured the space of the spring on the top. In theory, you could push the key pins just above the sheer line since there is space given to do so with the length of the springs. Now there comes the problem of the bar, well, I also measured if the wafer pins would be in the position between the bar and that appears to be the case. If everything lined up, you would push all the pins above the sheer line and the bar would slide the wafer pins slightly making way for the piece connected to the core. What do you think?
At 2:14 he mentioned anti-overlift bars. As far as I could tell, those weren't in the 3d model. I'd imagine these are sized to prevent the wafers from ever getting to the hight of the slide bar.
Plausible?
i'm curious as to how it would stand up to a bump key test or a vibration test. the separation of the core from the pins via the slide mechanism does prevent a lot of feedback that you get from direct contact of the pins with the core at the sheer line, it's been cleverly removed with this design.
I don't think a bump key would do much. You need to bump the key stacks up and then rotate the lock core about 60° before the pin stacks are pushed back down by the springs. But even if you manage that, now the pins are blocked from coming down completely. So you cannot simply easy on the tension to let them slide into the bar.
And the lock does have overlift protection. So no bumping until a disc is at bar level.
@@HenryLoenwind I think the bump key vulnerability might be in the "sidebar". Because it is held in place with a spring it is possible you could hit the locking bar without turning the cylinder, and then once set, the rear pin the normally actuates the bar and prevents the lock from being turned without the key is just floating, and you could turn the lock. It probably depends on how stiff that spring is and how much shock you could translate to the lock,
@@rosecityrower The one issue with that is that the lock is usually mounted in a door. So bumping the body to get the topbar to move against its spring (or more exactly, move the body quickly and let inertia hold the bar in place) won't work.
A normal bump attack transfers an impulse to something you can touch and move (Newton's cradle). But here you need to move the bar and there's nothing you can touch that would transmit the impulse to the bar in the right direction. So it becomes an inertia attack instead.
Also, that bar can only move when the pins are in the right position, so you need to bump the bar while lifting all pins into the right position at the same time. But if you can do the latter, you can just turn the lock.
One possible attack I can think off is this: squirt in a slow working glue, that will glue the wafers together in say 24 hours. Then let the normal user open the lock with the key a few times, to break the glue between the correct wafers (and other moving parts). When the glue has set on all wafers (except the proper one), you could perhaps feel the correct wafer clicking in position.
Yep that’s the attack. Nice! How did u think of that? I could totally see this working. The user with the key probably wouldn’t even notice anything either. You have a good mind Sir. Good job.
This is amazing!!
My thing is make the back of the core with a little less room and you can make the "false set" a little less witch would work better in an actual lock.
Also because you are using master wafers you can master key this lock you just add another slot in the driver pins where the "sidebar" could slide into.
This is a really good design IMHO!
This is as technically complex as they come, and you did a brilliant job explaining it. You are a terrific teacher!
Practiccaly though, you could easily force this open with a strong lever because the cam at the back of the lock would force the steel pin through the sidebar and allow the lock to be turmed.
No.
@@tabaks that is not how you make a statement unless you are 7. But I agree for 1 reason. The pins are all steel and the bar and tumbler are brass. Brute force would ruin the bar an dtumbler and make the lock inoperable because the steel pins would damage the cam and wedge due to the small tolerances
I agree with you, though the I bet the patented design addresses this weak point and the version we see here is just a proof of concept
@@gtjack9 possibly. The brass plate in this version looked very thin. Ive seen what brute force can do with a core puller on a lock with steel pins and brass tumbler, hence my comment. but hopefully youre right as the design is otherwise very good. Its nice to see lock makers finally looking at more inovative designs.
Yeah, and like maybe Thanos could use the Infinity Gauntlet on it. Unpickable means just that, it does not mean you can twat it with a hammer until it breaks and then claim victory.
What a great concept for a lock 👍👍 really cool 😊 seems really challenging and near to impossible. Would this fit in a real world format like a Euro cylinder?
Maybe Max lifting and letting pins drop as controlled as possible could be a strategy?
Cool that he prevents overlifting from the start 👌 would have been my first guess
the lock could clearly fit in almost any cylinder format. it's been made the way it is here for demonstration purposes clearly and there's a lot of excess material that could be trimmed off. also the body is aluminum and that's bad for a final product.
At this point if you lift all the pins the shear line would prevent the pins from falling while there is tension on the bar. So when the pins are able to fall there is no way to put tension on the bar.
I'm convinced lock manufacturers don't care that much about security. The designer better start his own company if he wants to see this in production. It's very cool!
Because it doesn’t add any security that matters. Bad guys are not going to pick your locks. They will use brute force and speed.
@@hannes7695Plenty of criminals pick locks, and some situations do not have a brute option.
Bowley seems to care.
@@MattH-wg7ou Hopefully they continue care and the market doesn't wear them down.
Problem is, a cylinder is only as secure as it's surroundings. Most doors are easy to kick in. Most chains easily cut.
If you raise up the pins while tensioning the top pin the wafers set before the bottom notch (where you would want it to set). Have you thought about picking the lock by raising a pin stack, tensioning, then slowly lowering the pins? Then the first set you get would be a true set (the bottom notch of the pin stack).
Maybe pick proof but I'd be concerned about how practical/resistant to wear it is.
I'm no lock picker, I'm a design engineer, so excuse my terminology which won't marry with the video wholly.
At a glance it looks like the lock's strongest feature is to rely on typical picking conventions; gradually loading up each spring in each pin's bore.
It looks like the best methodology would be to fully preload each spring to it's stop and work backwards so that the undercut is aligned into correct position so that the shims in each bore don't have the opportunity to create the false positive.
Of course, there may be a feature to negate this method but a good design all the same.
Things to note looking at this: there seem to be only 3 different types of driver pins and they can be placed in an up or down position. 1 and 6 are the same driver pin, 2 and 4, and finally 3 and 5. I bet if we somehow put a focus on those dimensions, we could get a way to decode it.
It could also be a coincidence that there are pairs of driverpins in this lock.
I'm not a lockpicker, so correct me if i'm wrong. But if you look at the math of the different driver pins, you can have 6 different positions per driverpin for it to be in the correct position because of the wafers. If you calculate the theoretical amount of variations it would ammount to 1,3e+17 (6!^6) different ones. Let's assume you don't want it to turn with everything in the down or up position, you still would have at least 3 billion (5!^6 = 3x 10^12) different possible combinations.
it looks like you could just force the retaining pin through the side bar with a little force.
You could put careful tension on the "sidebar" by rotating the core with a key with just the lowest bitting on all positions. By repeated impulses toward the top, the "sidebar"-pins will eventually find their correct position. This attack could be prevented in a future version by giving these "sidebar"-pins false gates.
I have been playing with another copy for some time and this is the only exploit I have imagined so far. That said I tried bumping the driver pins into place with repetitive strikes on the body, no luck. I also tried moving the drivers with a strong magnets, no luck. Apparently I successfully catched a few pins as I can hear them dropping when I release tension, but I never got the 6 of them. I don’t know if an EPG could bump the driver pins far enough to possibly make any combination. Remember that you don’t have access to the pin when you tension the bar, the only thing you can do is to induce pulses into the core.
Won't work, as the thin wafers will prevent the sidebar pins from coming down..Not all sidebar pins will need to go upward. In order to get tension on the sidebar lever, the key needs to be turned and this will remove access to the pins. See 1:56
@@MrDLRu It may work if you turn the core with all the wafers in the core and only the drivers left in the bible. However getting the driver pins to jump whitout any access to them is another story…
@@yom73 I'm thinkin' that is impossible to do. You may get 1 or 2, but at some point the small wafers will allow the cylinder to turn beyond the pins.
Bumping is the only way I see to move the real pins while the lock is tensioned. But the only way to do it is applying the bump to the whole lock and hoping the pins will randomly move the right way. In theory this could open the lock in less tries than trying all possible combinations, but when you realise that locks are usually in a door and cannot be bumped up/down...
hi, what happens when you turn the cylinder without anything inside, so that all "mini-plates" are inside the turning cylinder. Now the pins have the full freedom to move, only held back from moving by the little springs. So now holding a strong vibration device on the bottom, the pins will move/shake until the right position.
I saw when Andrew posted on the /r/lockpicking sub and looked at all the specifications, very innovative and original design. Beautiful lock, and I've seen others try to open it with no success. I love Bowley's lock's designs, but there is something about Andrew's design that is more beautiful (maybe not the right word, I'm at a loss). Either way, beautiful lock, great video.
Elegant is probably the word you're looking for.
I wonder if it would be possible to feel out which pin stack is binding the most by how the sidebar twists when the angled pin is under tension, and then focus on finding the correct height for that pin that allows the barrel to be turned a little bit further.
A slower one would be raising all the pins to the same height at the same time, and checking if it’s able to turn slightly further, and then resetting stacks one at a time back to zero until that progress in turning the barrel is lost.
Lock: I'm unpickable
"Hello this is the lock picking lawyer."
Lock: why do I hear boss music?
How prone would it be to brute force on the tensioner? as in, put it in a false set then force the barrel round to distort the 'extra' pin since that is the only thing blocking the barrel from turning. it seems the pin, the slider and/or the barrel could be susceptible to being worn away enough to allow it to open, especially if manufacturing tolerances slip. just a thought.
Andrew McGill's lock? Completed it. Lol nah this is a major step forward in lock security. No one, literally no one has though of these mechanisms (I remember 'Stuff Made Here' done one and sent it to LPL) but this one is on another level.
Edit: saying that, LPL didn't really pick it, he merely bypassed it.
This is basically a rethinking of a segal pick proof, just changing the sleeve out for a sidebar
My concern is that the wafers allow the primary barring mechanism (the pins) to be bypassed, thus the only thing preventing the lock from turning is a pin riding on a cam, pushing into a brass plate. I have a hunch that a large blade screwdriver with a wrench on it will force the lock. The amount of force the cam can generate is quite substantial, either pushing the pin up, or bending or shearing it.
I think this lock is brilliant test lock, I was reading in a comment about having false gates. That is a excellent idea to, What about some wicked pins also. Very well explained brother man. Excellent video
How strong is the side bar spring when it is in position? If you strike the lock from the front, as you would with a bump key, you might be able to get that spring to bounce "engaging" the side bar without rotating the lock. If that works, you might be able to decode the lock by picking a pin, then bumping the lock and checking for a change in feedback. The theory being that at least one pin in the correct position should bind the sidebar when bounced, giving you the depth of the cut. It would still be a fair amount of decoding, just a lot fewer than than trying to decode the entire lock.
Very clever design, it also seems relatively easy to produce compared to some other challenge locks.
all those thin wafers are going to cause problems if this gets mass produced. likely will need to be changed
@@Brain-washed2 these seem to be standard height two master pins.
Do you think the wafers might be prone to jamming? I'm thinking of the long term maintenance of the lock, ie if it jams, doesn't matter how good of a design it is.
You can get information from the second row of pins by trying a few random combo, and see how far the lock can rotate.
Due to slight manufacturing errors, if say number 3 from second row would have been the first to bind, then if it's set at the correct height, the cam would push the sliding plate a bit further, and allow the lock to rotate a bit further. You can now try again with a reduced set of pins.
Obviously it needs to be tested, but the lock indeed leaks information on the key.. It's just not where it usually is. This is really the same principle as a traditional lock,
If that 7th Pin is steel, would applying a strong (i.e. Neodymium) magnet to the lock body above it apply tension to the slide bar whilst you still had access to the pins, allowing you to pick?
This lock seems really similar to the challenge lock StuffMadeHere made for LPL to me. As far as I can remember his mechanism worked really really similar to this one, so I am curious what date the creator of this lock filed his patent on, because if that video from StuffMadeHere was uploaded before he files his patent than there is a good chance the patent is null and void because of the existence of prior art.
The pin tester plate looks flimsy, just force it with a screwdriver. Also, try bumping.
Id love to see LPL with this lock
A click on pin one, a click on two and we have an ope... . Oh ummmm grabs phone Bill fancy a trip to the firing range...
🤣🤣🤣🤣
It's not a $5 amazon lock or a car door so he wouldn't be interested
I bet he has one, and just hasn’t put the time into after seeing the internals😂🤷🏼😜.
LPL can pinpoint when the wafer defense was first used. Hes done one or two vids on this concept.
wait this isn't a lockpickinglawyer video, but I'm not complaining
Can't wait to see LPL take on this lock!
If you could see the slide bar, even just from the front (e.g. drill a hole in the front and look in) you could tell when you've solved one of the pins at a time. Depending on tolerances, the slide bar is going to be in hard contact with only one pin at a time, and when it's pushed into position the slide bar will move the micrometer or whatever and be in hard contact with ...
nevermind, the only tension on the slide bar is from the 7th pin when you actively turn the key. But when you've solved the "first" pin, the slide bar will be able to move a tiny bit further and you should be able to turn the key slightly further as a result.
i agree that it's an interesting design, certainly more pick resistant. i do wonder how well all those parts will continue to move over time, looks like it could get finicky, esp if it were exposed to the elements.
I wonder what happens if you try to force the core to turn, might the sidebar fail and allow it to open?
Thanks for sharing- I’d love to see the Lock Picking Lawyer have a shot!!!
Do I understand correctly that if you make it to the 45deg position that then you would only be brut forcing past the one pin, that side bolt...permissive pin?
I'll have to go back to the CAD animation. I don't think I got it on the first play through.
what if you place magnet on front face of the lock? will it attract the "sidebar" so there is constant pressure on pins?
what if you started out overlifting the pins? idk if it would work or not, but it seems like if you overlifted them and put a lot of tension on the core you might be able to work backwards, using the tension of that sliding bar to judge when the pins set. might not work at all idk, just an idea
can it be shimmed? Imagining an L shaped shim that is inserted such that the lower part of the L slide into the back section and can be used to apply force to the rear pin. Maybe even two shims coming from either side to bind up and fill in the space where the rear pin resides to press it up.
Not sure how else to go about it, the trick will be finding a way to push that rear pin up.
Wonder if it's possible to get enough of a grip on the back pin to tension it against the topbar without turning the drum, which might let you then get feedback from the pins while picking them when their slot gets aligned with it.
The real problem with this type of system as you know is no locksmith can cut a key for it no keys available no settings on your key machine available so the only people that will buy this are individuals that would buy a lock with this already installed in it and the keys, and if they ever wanted more keys I guess they would have to get a hold of the supplier for more no key blanks are on the market for it and nobody in the US with this tight supply chain. Problem is going to make keys for that like Ilčo but I sure like how you showed us the insides of it. You’re so very detailed and the accent doesn’t hurt at all either. Thanks again your buddy Mike.
This is definitely something id like to see LPL try to pikck or defeat. From my perspective the only weak spot i can see in this lock is this "lock pin" on the back or the top "sidebar". If its made from a strong material it should be resistant to forcebly turning the core once the "false set" is set. Given that someone is aware how this lock is made. Also after watching it now im thinking is the last pin round or not. As if it is round what would happen if it would turn 90 or even 180 degrees just because it can? Would it prevent it from sliding the bar?
if you put alot of force on the fauls gate could it wedge that end pin? giving you the opportunity to pic the slide bar? it would be difficult enough and be like picking two locks at once but correct me if I'm wrong
just so you'd get feedback to decode the lock
Would it be just as hard to pick after years of use when it’s all a bit worn and the internal clearances greater?
This is an ingenious design and something I love about it is that you could theoretically incorporate this mechanism into a lock which looks totally normal and standard from the outside using a totally normal looking key. Sometimes you don't want a lock or other security device to appear as if it's securing something worth nicking. It also has the advantage that it could be used in existing master keyed systems alongside conventinal locks using the same key where extreme pick resistance is not reauired.
😂 let's just make each pin stack have 27 wafers. Love the thinking here!
It seems to have the same attributes that make a group 2 combo lock secure in that you can set the gates, or you can check the gates, but not at the same time. So picking this lock would be more similar to safe cracking in that you would need a special jig that can be configured to hold each pin at a specified bitting, and a way to accurately measure how much the core turns. Then you very the position of each pin by one setting at a time until you notice that the core turns a little further -- when the sidebar slides further into the gate on the binding pin.
They way to defend against this would be similar to the way that S&G 8500 series locks work. The sidebar would have a spring loaded snap action mechanism so that the motion of the cylinder and side bar are never directly coupled, making it impossible to measure where the sidebar binds by measuring the rotation of the core.
I wonder what happens if you get it to rotate in the false position, then put a long/strong torsion bar and brute force it? Will that 1 pin and bar hold up?
If I understood you correctly the tension tool will turn 45 degrees on each pin changer at 6 places-each of the 5 wafers + the driver pin.
This would mean that you have 6 choices per chamber that can be repeated-since the correct position of each chamber can be the same as the correct position of another chamber.
Then lock is a permutation system of 6 choices that all seem correct.
You mentioned is no discernible feeling between each of these 6 positions.
If that is correct, you have 6 choices in each of the pin chambers, and there is no way of distinguishing the choices except by possibly estimating the height that you raised the pin of each chamber.
This would mean you would have to brute force the solution on a geometric progression.
Possible solutions per total chambers:
1 chamber-6 possible solutions
2 chambers-36 possible solution
3-216
4-1,296
5-7,776
6-46,656
Just being able to pick 4 chambers is quite a feat.
Would a magnet on the front not help you pick from back to front?
Is it possible to push a pin up high enough for a wafer to get stuck in the sliding bar?
I'm an utter newbie at locks and lockpicking, so this could be completely off base, but the only thing I could see that would make this a bit more difficult would be to not have the same number of wafers in each pin. If you can guess how it's designed, or at least the wafer part of it, you could maybe figure out how many wafers are in one pin, and use that to help pick the other pins. But if there's a variable number of wafers that wouldn't help.
Is it possible to turn the cylinder hard enough jam the sliding bar against the pins? If it is then I can think of a decoding attack, but it won't be covert.
I think it could be opened faster than trying out every combination possible. I'm not saying that it would be easy or that I personally could do it, but approach would be to:
1. Make the key turn (by lifting the initial binding pins) and observer how far it turns.
2. Go through each position of each stack one by one (not all combinations) and find the position where the key turns the furthest.
3. Keep that stack in the correct position and find the next binding stack and correct position by observing which configuration allows the key to again turn a bit further.
4. Repeat step 3 until open.
So in short, this technique would rely on the imperfections/tolerances in the sidebar and would require extremely careful measurement of how far the key turns. Probably will require special tools too, so I don't see anyone picking it open on a busy street anytime soon. I'm not even sure if this could be called picking anymore :D
Doesn't that make for a buffer zone for each pin? Making the possible correct area bigger for each pin?
It's nice when creators are thinking outside the box with their lock designs and coming up with something really unique, and more importantly: really secure
How hard would it be to break that last retaining pin? If you get the lock into a false set, it's the only thing preventing the lock from turning. Could you force it open with a screwdriver at that point?
The best solution I can think of for this sort of brute-force attack is to couple the lock mechanism to the slide bar, rather than to the rotating core.
Simply add a projection to the slide bar that manipulates the locking mechanism (deadbolt or whatever), so that the lock is unlocked when the slide moves, rather than when the core rotates. Then you make the slide bar and spool pins out of the hardest non-magnetic steel or titanium, and the wedge pin out of something softer like brass. So if it's brute forced, the wedge pin deforms, the core turns, but the slide bar never moves and the lock doesn't unlock.
This has the downside of making it less of a drop-in replacement into existing locking mechanisms.
how easy is it to flip one of those disks on it's side and jam the lock up, for instance if you were using a pick gun, or a rake?
I've been wondering - would it be possible to pick a lock using an expandable metal/rubber 'key' that you can just slip into the lock and it'll form to the right dimensions? I've been thinking about that for years but I don't know how practical it is.
Can that pin that moves sidebar be forced up, since it looks to be steel and sidebar is brass. So wonder what strong flat screwdriver with wrench would do
Have you tried popping everything up and releasing tension to pop the plate into the pin slits?
Lock - "Why can I hear Boss music"
New Combatant - "Hello and welcome to The Lock Picking Lawyer"
This is very interesting not just because of the difficulty in picking but you can attach an picking alarm to the lock quite easily. If the core stays at 45DEG for longer than a minute, ups the alarm triggers and potentially blocks the door completely for 30 minutes, or until cops show up. But it matters how easy it will be to mass-produce and at what cost and failure rate.
A well planed brute force can get the numbers down a ton. Trial and error you have 5^5 positions but since a mass-produced lock has much worse tolerances or it would be really expensive you can cut that number down to about 5^3 or even 5^2 because most keys don't make jumps of more than 2, so the key still slides in the first pin will also be a lower bit, especially if you have tight tolerances it is more likely to bind on big jumps between pins. If the tolerances are loosened a bit to lower cost and lower the chance of binding, the wafers would need to be thickened, or they will slide between the cylinder and body. You can essentially use numbers to lower the possibilities down to 25 and 125 tries as the worst case (with tight tolerances) with an average of 75 but assuming looser tolerances and removing unlikely combos like 555555 etc. you end up with a number much closer to that 25 number.
I think I can see two weaknesses:
Picking-wise: Overlifting with a comb, remove, then turn. Can be fixed with precise chamber length.
Destructive-wise: Only the lifting pin counters rotational force from the plug. Rotating too hard can damage the cam (brass vs steel), since the plug is rather sturdy, while allowing it to turn by brute force.
A third weakness *might* be Time: When grime an filth enters that plug and pins through regular use, those wafers could get sticky except for where they regularily shear thanks to the right key. I doubt this could be exploited, though.
so what stops someone from setting the other pins to their false set and then just jiggling the last pin such that it opens?
Lock picking Lawyers: hold my beer
can you magnet the top so it is always out of the way of last pin?
I am confused.. Didn't you pick it full open at 9:15?
Did these ever get put into production? What a fantastic body… hell of a locking mechanism!
I suspect the vulnerability will come down to whether there's a way to actually tension the slide bar somehow, or manipulate the driver pins directly. Obviously he's put effort into warding it, but maybe some kind of vibration tool could jiggle the drivers while the actuator pin is under tension? I look forward to LPL taking a crack at it. I also wonder how easy it would be to force, given that the sliding bar is brass and there's only a small amount of material interfering with the driver pins. While it is destructive, it's possible the damage would be undetectable to future key users.
I feel pretty confident I know how to get in to this lock. I would like to get my hands on one of these.
Would it be possible to overset the pins ie lifting them, then dropping it till you have a set?
I don't know anything about lock picking but, would it not work if you lift all the pins up with a tool design just to lift (not to pick) and one by one go back while you drop the pins to gates?
What's preventing pin 7 from turning 180 degrees and making the lock unopenable?