One of the unintended consequences of cheap 3-D printing is that any troublemaker can duplicate a key without setting foot in a hardware store. Now Andy Greenberg reports that clever lockpickers are taking that DIY key-making trick a step further printing a "bump key" that opens even high-security locks in seconds, without seeing the original key.
A bump key resembles a normal key but can open millions of locks with a carefully practiced rap on its head with a hammer. Using software they created called Photobump, Jos Weyers and Christian Holler say it's now possible to easily bump open a wide range of locks using keys based on photographs of the locks' keyholes. As a result, all anyone needs to open many locks previously considered "unbumpable" is a bit of software, a picture of the lock's keyhole, and the keyhole's depth. "You don’t need much more to make a bump key," says Weyers. "Basically, if I can see your keyhole, there’s an app for that."
Weyers and Holler want to warn lockmakers about the possibility of 3-D printable bump keys so they can defend against it. Although Holler will discuss the technique at the Lockcon lockpicking conference in Sneek, the Netherlands, next month, he doesn't plan to release the Photobump software publicly and is working with police in his native Germany to analyze whether printed bump keys leave any forensic evidence behind.
Ikon maker Assa Abloy argues 3-D printing bump keys to its locks is an expensive, unreliable trick that doesn’t work on some locks whose keys have hidden or moving parts but Weyers argues that instead of dismissing 3-D printing or trying to keep their key profiles secret, lockmakers should produce more bump resistant locks with electronic elements or unprintable parts.
"The sky isn't falling, but the world changes and now people can make stuff," says Weyers. "Lock manufacturers know how to make a lock bump-resistant. And they had better."
Related Stories
Spotted over at 3ders.org
In Minnesota, contractor Andrey Rudenko is currently working on a project of gargantuan proportions that seems to be stretching and exploring the limits of 3D printing technology. Using a printer that was substantially modified and expanded, he has printed a concrete castle in his own backyard. And at 3 by 5 meters, this concrete structure is the world's first 3D printed concrete castle, and one of the largest objects that has, up till now, ever printed with 3D printing technology.
Also 3dprint has more details on the capabilities of the printer and some additional information from Andrey.
Go to Andrey's homepage for more pictures of the castle construction, news links and printer details.
(Score: 5, Informative) by gman003 on Tuesday September 02 2014, @01:53AM
Bump keys are already easy. All you really need is a key for any similar lock that you can file down - one that will fit into the lock, but not necessarily turn it. So if I did that to my apartment key, I would (theoretically) be able to use it on any other apartment in my complex, or any other that uses that same lock design (regardless of how it was keyed). All 3D printing does is remove the difficulty of getting that blank key.
Bump keys are also a well-known problem. Many common locks are still vulnerable to them, but any high-security lock will have countermeasures. This doesn't really change the attack, it's basically the equivalent of a script-kiddie version of an existing well-known attack.
(Score: 4, Informative) by frojack on Tuesday September 02 2014, @02:01AM
Right, this whole 3D printing business is becoming like "do any common thing with a computer and suddenly its novel and new and (usually) scary.
Go look at any hardware store and you will find the shelves are full of new locks (not even the high-security models) that advertise Non-Bump-able.
There are a bazillion locks installed that are bumpable, but locks tend to get replaced when people move out or in. The problem is that large apartment buildings don't want to replace all their locks, they just want to re-key them. Non-bump usually involves replacing the cylinder, rather than simply rekeying (changing the pins). Almost any lock smith can replace a bumpable cylinder with a non-bump one for a few bucks. But chances are your building super won't want to foot that bill.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Tuesday September 02 2014, @04:07PM
Go look at any hardware store and you will find the shelves are full of new locks (not even the high-security models) that advertise Non-Bump-able.
RTFA! This is about making working bump keys for said "Non-Bump-able" locks.
(Score: 2) by frojack on Thursday September 04 2014, @05:56AM
Nope. There isn't a hint of a suggestion of that capability in the article or the linked sites.
No, you are mistaken. I've always had this sig.
(Score: 5, Interesting) by Snotnose on Tuesday September 02 2014, @02:15AM
CSB
About 30 years ago I lived in an Apt complex that consisted of about 10 rows of rectangular buildings, all with 8 units each, each had a different street address. I worked night shift at the time and we used to get off at midnight, close a local bar, go get dinner, and head home. One night I unlocked my door but, when I went to open it the door chain was on. As my brain was processing WTF some old guy comes up to the door yelling "hey,who are you and what are you doing!".
Turns out I'd gone to the row next door. A bit of experimentation the next day showed that my #7 key unlocked all 10 #7 doors. Went to my neighbor, his #6 key opened all #6 doors. we went to the landlord and got our locks replaced the next day.
/CSB
When the dust settled America realized it was saved by a porn star.
(Score: 3, Funny) by isostatic on Tuesday September 02 2014, @09:17AM
You're lucky you didn't get shot. God bless America.
(Score: 3, Funny) by jimshatt on Tuesday September 02 2014, @10:09AM
(Score: 0) by Anonymous Coward on Tuesday September 02 2014, @02:35AM
I got a lockout tool set off a tool truck, it included a thin key that opens gas caps, some car doors, tool boxes, some padlocks, some house door locks, etc. Not very high tech, could easily make one with a bench grinder and a thin piece of metal.
(Score: 2) by nyder on Tuesday September 02 2014, @02:41AM
Getting blank keys are easy. Lots of stores have key copying kisoks in them, that needs a store person to operate, but they leave them open, and you can palm keys easy. Knew some peeps who did that for car keys because they knew how to make their own master for many models.
(Score: 2) by LoRdTAW on Tuesday September 02 2014, @02:23PM
How about the key counter in Home Depot that is only manned when a employee is summoned by a customer. The best part is the decorative key blanks with sports teams and other colorful designs are right on the counter facing the aisle. I can walk up, grab a blank, which already has a barcode tag attached, and walk to the self checkout counter which is right next to it.
And really this isn't scary news at all. I learned how to make a tension bar and rake in shop class from my shop teacher. Hacksaw blade is used for the rake and the tension bar made from a short piece of fish tape (or wire snake) which is heat treated spring metal. All done on a bench grinder.
Also, if key blanks were next to impossible to obtain it would be trivial for a machinist to make one using a surface grinder and perhaps a slotting saw on a horizontal mill. Then a bit of work with a file to cut the ridges.
(Score: 2) by Snow on Tuesday September 02 2014, @07:26PM
I was at a walmart wanting a new key and couldn't find any service (Surprise, Surprise). I had enough time to root through the cupboards, find the instruction booklet, follow the instructions and make my own key. No one challanged me at all. I was there for probabaly 20 minutes. It's not exactly Ft. Knox.
(Score: 5, Informative) by q.kontinuum on Tuesday September 02 2014, @04:33AM
Getting a blank key for high security locks was *not* easy before. Companies selling these locks were careful to patent their key profile, to sue others creating the same blanks, and to only work together with selected, certified partners. For cheaper locks this was always simpler, but now it gets simple even for the high security locks, and that's mainly what the story is about.
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 2) by gman003 on Tuesday September 02 2014, @04:46AM
So the locks were relying on security through obscurity (make blank/used keys hard to obtain) rather than security through security (making it resistant to bump keys). Yeah, I'm not gonna waste much sympathy on them.
(Score: 2) by q.kontinuum on Tuesday September 02 2014, @05:56AM
Nor do I :-) But it wasn't even obscurity. The profile can be seen from the outside. The interesting thing about the article is that basically the potential trouble maker new all along how the key was supposed to look like, but usually the effort to build one would have been prohibitive. Now it's a child game.
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 5, Informative) by TheLink on Tuesday September 02 2014, @06:20AM
There are mechanical keys/locks systems that aren't crap: https://en.wikipedia.org/wiki/Disc_tumbler_lock [wikipedia.org]
Why not use those instead? Padlocks using this tech seem fairly common where I live.
(Score: 2) by q.kontinuum on Tuesday September 02 2014, @11:23AM
Thanks for the link. Sounds interesting.
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 1) by My Silly Name on Tuesday September 02 2014, @02:47PM
Another interesting design is the Bramah [bramah.co.uk] lock, which despite its origins in the 18th century is still pretty damn hard to pick, and is definitely resistant to crude bumping techniques.
Unfortunately, no matter how groovy the lock technology we use, there's always the thermorectal method of obtaining a key. In my case, having abandoned big cities and now living in the boonies in Tasmania, I almost never lock my front door at all.
(Score: 2) by LoRdTAW on Tuesday September 02 2014, @07:56PM
Unfortunately, no matter how groovy the lock technology we use, there's always the thermorectal method of obtaining a key. In my case, having abandoned big cities and now living in the boonies in Tasmania, I almost never lock my front door at all.
Or just kicking the door down. Or breaking a window. But if you are that worried then you buy a reinforced door: https://www.youtube.com/watch?v=2cs_b3f97VE [youtube.com]
(Score: 0) by Anonymous Coward on Wednesday September 03 2014, @07:53AM
Or just kicking the door down. Or breaking a window.
Which makes it easier to convince the insurance company to pay out in cases of theft (without technically committing fraud by breaking stuff yourself).
http://www.consumeractiongroup.co.uk/forum/showthread.php?321332-Burgled.-Claim-declined-because-of-no-proof-of-force-or-violent-entry [consumeractiongroup.co.uk].
(Score: 2) by LoRdTAW on Tuesday September 02 2014, @08:18PM
Picking is not an issue but disc key copying is actually quite easy. The MTA uses these locks in the subway and perhaps other places to lock up just about anything. I had a friend in high school who was NYC subway obsessed and his neighbor was an MTA employee. Dont ask me how but he got ahold of the disc tumbler key and the lever keys used on the various doors and compartments of the subway cars. He secretly made clay casts and hand copied them using nails and sheet metal. The disc tumbler key was made from a nail with a flat filed on its length and then grooves for the discs filed at an angle into the half. The lever tumbler keys (aka old timey skeleton keys) he already made from bent sheet metal brazed to a nail by making a clay pressing from the slot on the door. He just had to figure out the rejection notch which was surprisingly dead center square and easy to cut.
The both of us had MTA keys we would show off by opening the doors between cars and unlocking gates with the disc locks. We were young and dumb but it was quite fun. But you had to be careful so we kept mischief to a minimum as that was jail right there. We only unlocked stuff to show off and stole a disc lock to lock our bikes with. Those locks were super strong. A solid steel uni body and a thick hardened shackle. Locking was simple: turning the key 90 degrees twisted a cam that pushed two steel bearings outward into grooves on each side of the shackle. There was no push to snap the lock, you had to turn the key to lock and unlock it. Impossible to break the lock by hammer, chisel or bolt cutter. You were better of cutting the chain or what ever the chain was around unless you had a torch. Master locks are garbage next to these things.
(Score: 2) by mrchew1982 on Tuesday September 02 2014, @11:53PM
Most high security locks now use other means to overcome unauthorized copying. The one that I'm most familiar with from my day job is ASSA ABLOY; they use a secondary set of pins on the sidebar of their locks. They have also started to use pins on the top that twist and turn, as well as fancy profiles on the pin/key interfaces that require special cuts at odd angles.
It's always a race...
(Score: 5, Interesting) by malloc_free on Tuesday September 02 2014, @02:54AM
(Score: 4, Insightful) by gringer on Tuesday September 02 2014, @04:00AM
So, you want an electric lock. Great. Let's ignore cost, but have you considered the following?
Ask me about Sequencing DNA in front of Linus Torvalds [youtube.com]
(Score: 1) by malloc_free on Tuesday September 02 2014, @07:37AM
Ah, yeah I addressed most of that. I didn't get into so much detail, but I discussed the power failure thing (mains with battery backup?), emergency services are as fucked with a mechanical lock as they are with an electronic lock, the next I did not cover (I guess a standard could be devised), mains power is not really an issue (a lot of the external doors in the houses I live in have had light switches beside the door, so getting power there is already solved), batteries are not hard to replace(?), the next I did not address (although mains with battery backup would be the ideal solution), key copying could be fixed with decent security measures, and I did address the last (firmware upgrades, decent software security).
And yes, I do want an electronic lock.
(Score: 2) by wonkey_monkey on Tuesday September 02 2014, @07:57AM
The same way they do it at the moment, I'd assume.
systemd is Roko's Basilisk
(Score: 1) by anubi on Tuesday September 02 2014, @08:41AM
My feeling about mechanical locks is they are good for little more than informing someone he is not supposed to go there unless he is authorized. If someone is bound and determined to go there anyway, there simply isn't much you can do about it.
Once an individual has breached the "polite security" of a mechanical lock, its then up to covert electronic data collectors to acquire images and other evidence of him proceeding on his unauthorized foray and what he did.
The lock was only a polite way of saying "If you go any further, you will be recorded, then tracked down, detained, then asked to explain your actions in a court of law before the judge."
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 3, Interesting) by hankwang on Tuesday September 02 2014, @09:51AM
Like in every large hotel? I can think of other reasons besides the ones you mention:
Avantslash: SoylentNews for mobile [avantslash.org]
(Score: 0) by Anonymous Coward on Tuesday September 02 2014, @03:55PM
Hard keys are not really as secure as 'soft' keys (ie: proximity cards). With soft keys you can arbitrarily assign and revoke keys conveniently simply by changing a setting in a computer, you can control who has access to what doors and easily change access parameters at will, and you can audit who came into what door when (or at least what badge was used). You can also program the key reader to beep whenever someone places a card next to it which alerts those around it that someone is here and attempting to enter. With a hard key if someone duplicates it then you would have to physically change all the locks to revoke the key and who wants to do all that.
As far as the battery needing replacement you can have a battery that can be replaced from the outside. Have a dual battery system, one set of batteries from the inside and one set of batteries from the outside. If either of the batteries are working the door will open upon someone punching in their pin or using their card. If one set of batteries dies the system can beep a certain way upon someone putting in a pin or using their card to inform the person that the battery is low and needs replacing. A light indicator can indicate which set of batteries is low. This is useful because it gives time to replace one set of batteries while the other set is hopefully still good. If the inside and outside batteries are both dead and someone is locked outside they simply need to go to the store and get a standard 9 volt battery (or whatever standard batteries are sold) and replace it from the outside and then punch in their pin or use their key reader to get in. They still can't get in without their pin/key reader but they still have a backup plan in case the battery dies. The key reader can also optionally be plugged into a power source so that power can be drawn from the power source when there isn't a power outage. The inside battery can even be a rechargeable battery that automatically stays charged during times that there isn't a power outage. If there is another (back) door with a key reader and the front key reader isn't working someone can simply go to the back door and use their key reader to get in from there. Problem solved.
(Score: 1) by malloc_free on Wednesday September 03 2014, @02:30AM
Valid points. However NFC cards can't be copied that easily. Well, not the cards I have used. You can use public key encryption to prevent interception of transmitted data. However that is probably not the case for all cards.
(Score: 2) by hankwang on Wednesday September 03 2014, @04:21PM
I was thinking of an attack where one guy holds an NFC reader next to your pocket and another one an NFC card emulator next to your door. With a mobile internet connection, that could work, if the allowed latencies of NFC are not too strict.
Avantslash: SoylentNews for mobile [avantslash.org]
(Score: 1) by malloc_free on Wednesday September 03 2014, @08:41PM
With the right card and proper encryption, this should not work. The cards I have used allow for public key encryption and, using that, creation of a shared secret key.
M.
(Score: 2) by hankwang on Wednesday September 03 2014, @10:14PM
How would that prevent this from happening? It's a known problem anyway:
https://en.wikipedia.org/wiki/Relay_attack [wikipedia.org]
https://en.wikipedia.org/wiki/Near_field_communication [wikipedia.org]
Avantslash: SoylentNews for mobile [avantslash.org]
(Score: 1) by malloc_free on Thursday September 04 2014, @12:37AM
OK yeah there is little you can do about this if the system you use only requires one method of authentication - just the card itself. I see most of the solutions attempt to detect delays in transmission/relpy. So one way to fix this would be to use two-factor authentication, where a pin is required as well as the card. Then there is shoulder surfing I guess...
M.
(Score: 0) by Anonymous Coward on Tuesday September 02 2014, @03:58PM
"Why have mechanical keys not been replaced?"
As far as commercial and government buildings are concerned there are usually four basic layers of defense.
1: Physical. These include gates, fences, doors, locks, etc...
2: Burglar alarms
3: Cameras
4: Security guards (this can be a plus or a minus because you want to make sure you trust the security guards and do thorough background checks since they are often given a wide range of access and are left alone).
(Score: 5, Informative) by bradley13 on Tuesday September 02 2014, @06:35AM
According to Wikipedia Certain clicking and vibrating tools designed for bumping can also be used. These allow for rapid repetition of bumping against locks that have advertised "bump proof" features. [wikipedia.org]
When I visit the US, I am always surprised at the simple locks, with all the pins in a nice, neat line. This kind of lock has always been easy to pick, and today is simply trivial. Just as an example, a while back an acquaintance had her purse stolen, which included her keys. Locksmith comes out with a blank key, inserted it into the lock, wiggled it a bit, filed a bit, and within 2-3 minutes handed her a new, working key.
There are mechanical locks that are a lot more secure. To name one example, Kaba keys are pretty much the standard house key in Switzerland: they place the pins in multiple planes on top, bottom and sides, which makes standard lock-picking techniques nearly impossible.
Everyone is somebody else's weirdo.
(Score: 0) by Anonymous Coward on Tuesday September 02 2014, @04:33PM
Locksmiths have thousands of hours of practice. All skilled people make it look easy. What you saw was the art of impressioning. Even world class lockpickers often do not have that skill.
To form an analogy, programming is trivial. Once I saw a programmer automate a payroll process in under ten minutes. Why do we pay people to do it if it is so easy?
(Score: 0) by Anonymous Coward on Tuesday September 02 2014, @04:35PM
What you are talking about is dimple locks. Kaba makes some, but not all Kaba locks are dimple locks. Standard lockpicking techniques still apply. Some choose to use different picks for convenience, but it is not strictly necessary. See the thousands of youtube videos on the subject for details.
(Score: 2) by evilviper on Tuesday September 02 2014, @08:37AM
That's nonsense. Getting your keys professionally copied was never the only option.
If you have a blank that fits the lock, you can just file it down by hand, comparing the two keys by eye, and have a working copy in 5 minutes flat. It works if your original key was damaged, broken, etc., and a machine can't copy it, too.
Without a blank, you can still CAST a key completely from scratch... Make an impression of the key in some soft material, then fill the impression with molten lead, plastic, glue, ANYTHING really. And if you really want to do a good job, you then repeat the process again with fine sand and a hard metal like bronze.
How rude!
Hydrogen cyanide is a delicious and necessary part of the human diet.
(Score: 1) by theronb on Tuesday September 02 2014, @02:44PM
"lockpicking conference in Sneek, the Netherlands"
The hotel was already booked in Burglary, Austria.