Stories
Slash Boxes
Comments

SoylentNews is people

posted by azrael on Tuesday September 02 2014, @01:46AM   Printer-friendly
from the opening-pandora's-box dept.

One of the unintended consequences of cheap 3-D printing is that any troublemaker can duplicate a key without setting foot in a hardware store. Now Andy Greenberg reports that clever lockpickers are taking that DIY key-making trick a step further printing a "bump key" that opens even high-security locks in seconds, without seeing the original key.

A bump key resembles a normal key but can open millions of locks with a carefully practiced rap on its head with a hammer. Using software they created called Photobump, Jos Weyers and Christian Holler say it's now possible to easily bump open a wide range of locks using keys based on photographs of the locks' keyholes. As a result, all anyone needs to open many locks previously considered "unbumpable" is a bit of software, a picture of the lock's keyhole, and the keyhole's depth. "You don’t need much more to make a bump key," says Weyers. "Basically, if I can see your keyhole, there’s an app for that."

Weyers and Holler want to warn lockmakers about the possibility of 3-D printable bump keys so they can defend against it. Although Holler will discuss the technique at the Lockcon lockpicking conference in Sneek, the Netherlands, next month, he doesn't plan to release the Photobump software publicly and is working with police in his native Germany to analyze whether printed bump keys leave any forensic evidence behind.

Ikon maker Assa Abloy argues 3-D printing bump keys to its locks is an expensive, unreliable trick that doesn’t work on some locks whose keys have hidden or moving parts but Weyers argues that instead of dismissing 3-D printing or trying to keep their key profiles secret, lockmakers should produce more bump resistant locks with electronic elements or unprintable parts.

"The sky isn't falling, but the world changes and now people can make stuff," says Weyers. "Lock manufacturers know how to make a lock bump-resistant. And they had better."

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by gringer on Tuesday September 02 2014, @04:00AM

    by gringer (962) on Tuesday September 02 2014, @04:00AM (#88359)

    So, you want an electric lock. Great. Let's ignore cost, but have you considered the following?

    • In the event of power failure, should the door lock, or open?
    • How will emergency services get access to the thing behind the lock?
    • How can you ensure that the lock will still work in 20 years?
    • If the lock is mains powered, where will you put the wire (or induction coil) for the power?
    • If the lock is battery powered (including solar), how will the battery be replaced?
    • If the lock is key powered, what will the lock do when the key's battery is depleted?
    • What happens when someone discovers how to copy a key?
    • What happens when someone discovers how to unlock without a key?
    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 1) by malloc_free on Tuesday September 02 2014, @07:37AM

    by malloc_free (3034) on Tuesday September 02 2014, @07:37AM (#88400) Journal

    Ah, yeah I addressed most of that. I didn't get into so much detail, but I discussed the power failure thing (mains with battery backup?), emergency services are as fucked with a mechanical lock as they are with an electronic lock, the next I did not cover (I guess a standard could be devised), mains power is not really an issue (a lot of the external doors in the houses I live in have had light switches beside the door, so getting power there is already solved), batteries are not hard to replace(?), the next I did not address (although mains with battery backup would be the ideal solution), key copying could be fixed with decent security measures, and I did address the last (firmware upgrades, decent software security).

    And yes, I do want an electronic lock.

  • (Score: 2) by wonkey_monkey on Tuesday September 02 2014, @07:57AM

    by wonkey_monkey (279) on Tuesday September 02 2014, @07:57AM (#88403) Homepage

    How will emergency services get access to the thing behind the lock?

    The same way they do it at the moment, I'd assume.

    --
    systemd is Roko's Basilisk