Defcon Lockpickers Open Card-And-Code Government Locks In Seconds

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

_CY_

Sharpshooter
Supporting Member
Special Hen Supporter
Joined
May 11, 2009
Messages
33,848
Reaction score
6,619
Location
tulsa
ablogs_images.forbes.com_andygreenberg_files_2011_08_kabalockpick_200x300.jpg

Lockpicker Toby Bluzmanis inserts a wire into the LED readout of Kaba's E-Plex 5800 to open the lock.

To open a door fitted with the latest U.S. government-certified lock from high-end Swiss lock manufacturer Kaba, an employee must both enter a code up to eight digits long, then swipe a unique identity card coded to comply with a new standard that requires an extra layer of security, one designed to track individual staffers and make covert intrusion harder than ever.

Or, as lockpicking expert Marc Weber Tobias will show a crowd of hackers Friday, you can stick a wire in the tiny display light above the keypad and instantly render all of that “security” irrelevant.

At the Defcon security conference in Las Vegas, Tobias and his partner Toby Bluzmanis plan to demonstrate a series of simple hardware hacks that expose critical security problems in Kaba’s E-plex 5800 and its older 5000. Zurich-based Kaba markets the 5800 lock, which Bluzmmanis says can cost as much as $1,300, as the first to integrate code-based access controls with a new Department of Homeland Security standard that goes into effect next year and requires identifying credentials be used in secure facilities to control access.

In demonstrations for me and in videos they plan to show the Defcon audience, the lockpicking duo use one method called “rapping” to open the lock by simply hitting its top surface or lever handle with a mallet, compressing an internal spring that then decompresses and pushes open a latch that releases the lock. In another bypass, they insert a wire into a silicon cover for an LED light that blinks red when the user enters an invalid code. That wire can ground a contact on the circuit board behind the light that triggers a function intended to allow the door to be opened with a remote button, bypassing all its security measures.

http://blogs.forbes.com/andygreenbe...en-card-and-code-government-locks-in-seconds/

[video]http://youtu.be/6txFFS1TwSE[/video]

[video]http://youtu.be/lY_h7FxEVIc[/video]

[video]http://youtu.be/HXZ5pW31fB8[/video]
 

Latest posts

Top Bottom