A master key will unlock anything, a Master lock will secure nothing.

This should be called "When lockmakers cut corners"

@TRowland223

4 жыл бұрын

haha . . . cut . . . corners

As a locksmith and expert witness, Do Not Copy or Do Not Duplicate is an only an instruction to the holder of the key not to copy it. The exception are US Postal and US Government keys which make it unlawful to copy. State Universities may also have a State law protecting them. Then there are patent controlled keys, which the manufacturer has the option to sue anyone who replicates those keys. If the manufacturer determines a threat to the patent, they may sue - even if they just want to prove a point and drain your bank account and run up your credit cards in legal fees. Medeco is a good example of a company that has an aggressive legal position. Holding a key you copied is also potentially a legal burglary tool. I also have the side milling machine in this presentation and it’s a royal bitch to get it right. The side milled key is not held in place as well as it’s a bit sloppy. The high security locks are really tight tolerances. Literally one thousands on an inch can be the difference in a working key and not. I don’t agree it’s easy to use a lathe to copy these. The spacing is so tight that you will be spending a great deal of time. Many test keys get ruined. And I know exactly what I am doing... It’s never impossible, but really something far more for machine precision type of people who are THE most determined and willing to accept a slow and for some endlessly agonizing torment and defeat. There is a big difference between an experienced locksmith and am amateur in reality.

@kapcsford

Жыл бұрын

Very interesting!

Losing a lock is a threat model I've always found interested

Paging lockpickinglawyer and BosnianBill please pick up the pink courtesy phone.

2-man rule has two different keys too... to prevent someone from duplicating... so that is not a huge risk. 2man rule is also done via software for high security areas, like inside an HSM... where two or more people have a "password" and when all people type in their "password" it makes the master password via salting the final insert to match the encrypted master.

My favorite security system was Rand Corporation in Santa Monica in 1970. There was a guard who knew everyone and had book of individuals authorized.

Tough audience; I was applauding ;-)

This was fantastic. Really great stuff!

that titan 2 key looks exactly like my ring of newspaper rack keys. . . .

Great research and work. Thanks for a great presentation!

I made several copies of the public housing keys for my friends using Jet's commercial/AIR NS blanks [green color] for 6-pin Biaxials while I worked in my dad's hardware store. 1) Configured the copies by the Medeco machine 2) Then use an automatic machine to trim down the sides of the neck, with a monster-locking-wrench for stability They all work seamlessly, I charged $10.00 for each copy, I have no licenses of any kind for key cutting just working out of passion.

35:15 you can simply rotate all the disks as far clockwise as they will go and then get the pick that LockPickingLawyer and BosnianBill made

@thorlancaster5641

4 жыл бұрын

Good luck with that Protec2. No one has picked that lock (yet)...

@ahmadaamer6

3 жыл бұрын

Thor Lancaster kzread.info/dash/bejne/aImOmNacpsrKabg.html

excellent talk

Fantastic talk! Thank you for sharing =) Are there plans to publicly release the keyway-comparison software?

Interesting presentation. I rarely encourage an end user to buy restricted keyway locks because the lock cylinders and key blanks have a 4-6 week lead time from any given manufacturer. On top of that the owner must provide a letter of authorization for a distributor to purchase these products and it must be snail-mailed to the manufacturer (most commercial hardware manufacturers only sell to authorized distributors, not directly to end user). If a building owner needs keys in a hurry that ain't gonna happen. I'm skeptical that the average hacker will have the skills to make a restricted keyway as shown in the clip but I admire their ability to do so. Bottom line: there's faster and easier ways to breach physical security.

Never been interested in locks, but this is fascinating.

Does the AWS disc at the rear of Protec II not have any bearing?

Great presentation 😊

Medeco gets defeated. Bowley: Hold my pick set.

@huxleypig69

4 жыл бұрын

Pff, Bowley aint a patch on Medeco.

For a few months, my local Fry's Electronics had one of those automatic key machines. This one must have been configured differently, because it would duplicate ANY key. You could do electronic car fobs and restricted keys, too. It didn't ask. I had my mail key, pool key, and gate keys all duplicated (good thing, too, since I lost one of the pool keys at the pool.) The apartment complex where I was living at the time charged $50 for replacement keys. Unfortunately it was eventually changed to do only house keys. Bah. It's also how I discovered that the USPS does _NOT_ change the locks on the apartment complex's mail box. You have to pay the post office (or maybe the apartment? I remember paying at the post office, though) $25 for a mail key because they claim they have to have a new one made every time someone moves into/outof an apartment. After I had moved out, I still had the key duplicates and had forgotten about them for well over a year. I went to the apartment to drop them off, and out of curiosity I tried my mail key on my old post box. Still worked.

7:50 Machine is a Wenxing WX-22

Billy’s a big boy!

The funny thing about those USPS arrow keys is that is is a felony to even posses them.

@JGnLAU8OAWF6

4 жыл бұрын

It should be a felony to use same key on multiple locks instead.

I want that software! 9:15 Is it available for download ?

@BlackHeartScyther

4 жыл бұрын

Lookup "Key Blank Cross Reference" I found one site that gives a pdf of 190 most common for free and another site that gives access to their database of over 84k for $20/yr (4,500 pictures)

@mrfrenzy.

4 жыл бұрын

Keyline and Silca sell machines that has complete databases of key profiles inside. Just insert your key and it will show which blanks fit and how much filing needs to be done. Locksmiths have used these for decades.

There's one huge difference between hacking a software lock and a physical lock. For the former the « thief » can possibly take all the time he wants before even being noticed, whereas the later the « thief » needs to be fast. That to say if your house is harder to get into un-noticed than your neighbour you're already diminishing by a lot the odds of being robbed.

An XTS3000? Might as well be rocking an Astro Saber

what about keys with magnetic elements?

All that pointing to the screen and walking away from the mic could have been avoided with a 2 dollar laser

You know this seems like a fuck ton of work when you could probably slip the latch or do other more low tech attacks

@iraniansuperhacker4382

Жыл бұрын

that leaves visible and distinct tool marks on locks whereas this wouldnt. Its for sure a rare occurrence but sometimes its important to breech a lock without anyone being able to know because of an obvious brute force entry or less subtle marks made on pins when a lock is picked.

Well, Rob Ford got in to the Toronto City Hall...

@mgjk

3 жыл бұрын

The man knew his cracks.

This doesn't help with my combination. I've been trying to get into the box for 13 years, now

@destrierofdark_

4 жыл бұрын

Solve it algorithmically.

So basically, James Bond could still make a quick clay model of a key and still get laid! Excellent!

The Two Man Rule can be overcome with one man,two keys, and some string....

@theycallmefilip

4 жыл бұрын

Or abnormally long arms.

I believe LockPickingLawyer did a video on decoding master keys.

@Wesrl

4 жыл бұрын

Deveint has a talk about it as well

Yeah, "safe places" do exists but only in our imagination! It's only a matter of invested time to go through any security measures, either physical or cyber! The question is: to who are you standing in the way!?! Between the illegal government activities, and the "civilian" AKA not backed up by corrupt law enforcement groups the lines are very blurred!

@barongerhardt

4 жыл бұрын

Is a safe place like a safe space, because master lock makers might get triggered.

whyyyy vertical videos?!

Not talking about "black boxes" and how they work isn't very hacker-ethical, no?

@bbbbeeeaar

4 жыл бұрын

I think it’s because it was too expensive for them to get their hands on one. They mentioned the price was prohibitive. Also it’s more valuable to learn about the cheaper and easier methods they discussed.

@l0ckmanjohn

4 жыл бұрын

The version a locksmith can buy is right around $10,000 and uses proprietary software that doesn't allow for you to cut restricted keyways. They do also offer a version of software to law enforcement that supposedly does allow for restricted keyways .However i have never heard of it being made available to the public.

@fdsafdsafdsafdsafd

4 жыл бұрын

Go on then big guy, go buy one and reverse engineer it. Afterwards publish the results with your full name attached to it. We're all waiting.

A nit. The color is magenta, not pink.

Nuclear missile example, that's if the keys are the same.

@km5405

4 жыл бұрын

i seem to recall atleast the russian ones needing special alloys due to the heat the equipment generates.

@Hellsong89

4 жыл бұрын

Excellent point, does anyone have info what ever that is the case? Easy enough to fix, but again cloning key if you are one of the operators is not that difficult.

@DigitalYojimbo

4 жыл бұрын

@@Hellsong89 yes I would think the training and gaining entry would be more difficult. Not to mention that the missiles would have to be prepped ?

@AKAtheA

4 жыл бұрын

@@km5405 firstly, the russian ones need codes to arm the warhead. Not sure about the Titan II, but all newer US ones do as well. Those codes are what actually keeps the nuclear arsenal safe.

@SyphistPrime

4 жыл бұрын

For the 2 keys it would be best to get unique keys, possibly from 2 manufacturers. The government would have the type of money to spend on having a completely unique key made for such things.

These nerds brought it but why do they keep stepping away from the mic to breath?????

@theycallmefilip

4 жыл бұрын

If there's anything Chocolate Rain taught me, is to move away from the mic to breathe.

@tybrady64

4 жыл бұрын

Filip Suciu Ha! That’s got to be one of the best replies I’ve ever read! Seriously.

@blakeeverett6267

4 жыл бұрын

I’m glad someone got the reference 😂

@tybrady1935

4 жыл бұрын

@@blakeeverett6267 Ahhhhhhhhhh, ok. So you created the (chocolate rain) comment first that allowed Filip to make his excellent reply. I see! I thought Filip had the most excellent reply to some totally random message. So Filip's reply is still most excellent, but quite as excellent as I first thought. lol.

why does this guy always sound like he's asking a question when he talks

@thharrimw

4 жыл бұрын

He is Canadian

If you don’t cut the damn lock in half wtf you need a key for?

@arthurmoore9488

4 жыл бұрын

Because this talk is about when you want permanent access to a facility with hundreds of locks. Where they've spent money to have a "special" keyway unique to that facility / organization. This talk can be summed up as, if someone manages to steal at least one of those facilities locks, then they can make master keys for the entire building!

locks, security by obscurity at its finest, or it's dumbest

@daa3417

4 жыл бұрын

The latter for sure, being that security>obscurity is 100% impossible. Now the feeling of security is a completely different thing, I call that delusional thinking.

Love the canadian

i love these videos but that tactical vest is some cringy shit

Vertical filming on all their demonstrations.

Can someone give a TL;DW for this?

@arthurmoore9488

4 жыл бұрын

There are many different things here, but this is one that should stand out. If someone manages to steal at least one of a facilities locks, then they can make master keys for the entire building!

Lots of locks today combines Key + NFC-Code sent by the key. Still can be defeated by serious hackers, but if you use the same model as for car-keys it basically becomes a total bother to defeat, and the intruder will have to get hold of a legit key instead.

Its fairly easy to make aut, that these guys are from Canada, aye? Its funny how easy they get around with out saying "Like" every 3 word. Makes them sound so much smarter than their southern neighbor.

So many decent concepts but not sharing anything with the community isn't really useful and doesn't bring anything forward. Also no mention of individuals who did a lot of the work before You is pretty lame.

Jesus, there are simply too many presentations on keys. WAY too many.

@rickc2102

4 жыл бұрын

If you ignore half of them, you'll reduce your stress by 50%.

As a locksmith I’m not even going to get into how many things these guys got wrong, I don’t have the time or patience.

@pingozingo

4 жыл бұрын

Reg Rock lazy

@igmusicandflying

4 жыл бұрын

Honest question: If I am an adversary duplicate a key wrong but it works in the door I'm trying to get through, is it still wrong?

@daa3417

4 жыл бұрын

Reg Rock Ouch you sound a bit sour.

Really grasping at straws here.... just useless