| ▲ | observationist 14 hours ago |
| Locks are not security, in the sense that you're using. A sledgehammer goes right through 90% of them, or the hasps or latches secured by them. A competent lockpicking enthusiast will take two or three minutes to go through almost any of them. Someone motivated to get in with foreknowledge of the lock type can simply use a $200 camera and photograph your keyring from a couple blocks away, then 3d print all the keys on the ring and walk right in. Law enforcement can use pick guns, which will open a large majority of door locks, if they don't want to just use a battering ram for some reason. There are a ton of legitimate reasons to use lock picks, though - being able to use a pair of paperclips, or office supplies, can get you into network cabinets in a pinch, or if you lock your keys in your house or car and have a pick kit in your wallet. If a friend has an emergency and they know you can do it, it can save locksmith fees. Kids can lose keys in astonishing ways. And the hobby is fun - it's manual dexterity, skill, obscure technical knowledge, and you gain an appreciation for all the lockpicking content out there, and get to see the brazen plot devices when movies portray lockpicking in ridiculous ways. There are engineering attempts at creating unpickable locks with some awesome youtube videos, with engineering geeks creating elaborate locks and shipping them to the lockpickinglawyer or other content creators. It's also important from an educational standpoint. Knowing how secure you are is important, because assumptions can lead to tragic results. If you have a glass door, it doesn't matter if you've got a million dollar unpickable lock. If you know how trivial it is to open most padlocks, and what form factors of locks are most susceptible, you can make better decisions about securing storage units, trailers, outdoor gates, bikes, and so forth. A device like this is a novelty, not a serious security threat, and I'd argue the threshold for building it exceeds the threshold for which there are a thousand other trivially accessible ways of bypassing a given lock. There are tools similar to this device in spirit, in which you set pins for a key type manually with the key inserted, and with a little practice, will get you through a door in under a minute. Start here and enjoy!
https://www.youtube.com/channel/UCm9K6rby98W8JigLoZOh6FQ |
|
| ▲ | 05 13 hours ago | parent | next [-] |
| > use a $200 camera and photograph your keyring from a couple blocks away Rayleigh criterion: to resolve an angle of 4E-6 rad (key bitting step is 0.015inch =~0.4mm , two blocks is 2 * 200ft =~100m), you'd need a ~140mm aperture lens. Can you really buy one (with a camera no less) for $200? |
| |
| ▲ | observationist 12 hours ago | parent [-] | | Well, TIL I'm shitty at the private eye thing, lol. You'd need to get up close, then, or have really good cameras. You're not going to need .4mm precision so long as you can see the differential pattern, though. Memorizing a 5 digit number, each digit between 1-6, and you can remember any kwikset key at a glance, and so on. At most you'd need to print 10 possible solutions if you can't find an absolute difference between lowest and highest points, but most of the time the pattern will have 4-6 potential keys it could be. Anyway, locks and keys are inconveniences that keep people from casually abusing civil boundaries, is the point, and not all reasons for overcoming those are nefarious. | | |
| ▲ | 05 11 hours ago | parent [-] | | Yeah, seeing how better and cheaper cameras are sold every day I thought that it might be plausible.. and then it apparently isn't.. yet. Maybe with a cheap telescope :) A covert camera placed near the keyhole is probably a better solution anyway, because most people don't flash their keys when just walking on the street (maybe when unlocking a car, but with keyless that's becoming rare). | | |
| ▲ | deepspace 6 hours ago | parent [-] | | Used lenses from 30 years ago plus a DSLR from 15 years ago plus a suitable adapter will do the job, and may be in the price range with a bit of bargain hunting. |
|
|
|
|
| ▲ | te7447 9 hours ago | parent | prev | next [-] |
| > use a $200 camera and photograph your keyring from a couple blocks away I suppose serious defenders will need to get an EVVA MCS, if that's their threat model :-) Just don't let the really serious lockpickers near the lock with a contact microphone. https://www.evva.com/int-en/products/mechanical-locking-syst... |
|
| ▲ | Edman274 13 hours ago | parent | prev [-] |
| The thing about a sledgehammer is that if you're asleep in your house, you, your dog, your SO, or your neighbors might be startled awake by the sound of metal splitting and cracking open. Your security system might be designed to alert on something like a window being smashed. The person attempting to enter the house may be trying to enter undetected, because they know that a broken lock and/or a replaced lock will alert the people they're trying to ambush or steal from. Imagine something like industrial espionage, where a person breaks in undetected, steals an item, and then leaves. The occupant only realizes the item is gone a week later, and wonders if they could've misplaced it. In your scenario, they'd see the sledgehammered lock and immediately call the cops. I see comments like these all the time on Reddit and Hackernews. Hackers are like, "locks aren't security, a sledgehammer breaks them" and it appears to betray a mental threat model of "what if the cops want my thing" and never "what if someone wishes to do me harm while I am in my house" or "what if a criminal wants to not get caught taking my things" or "what if someone wants to lie in wait in my house", which are not risks to these commenters. They are to a lot of people though. |
| |
| ▲ | cush 13 hours ago | parent | next [-] | | > Imagine something like industrial espionage.. This isn’t the movies. 99% of the time people need their own lock picked because they lost they key | | |
| ▲ | Edman274 13 hours ago | parent [-] | | People don't buy locks so that they can lose their keys and require the lock to be picked. They buy locks to secure access to items or places. The parent I was replying to is saying that locks aren't security because a sledgehammer breaks them. I argue that a sledgehammer is only important for certain threat models. I am quite aware that most lock picking is for lost keys. However, I am describing threat models for which locks are important security. Do you understand? | | |
| ▲ | raincole 13 hours ago | parent | next [-] | | The parent you were replying to mentioned at least three things: - lock picking hobbist - snap gun - sledgehammer And you simplified their comment to "locks aren't security because a sledgehammer breaks them" then proceeded to describe threat models where a sledgehammer doesn't work in detail. It's not a very constructive discussion. | |
| ▲ | prmoustache 12 hours ago | parent | prev | next [-] | | Locks are only really here to prevent "opportunistic" theft, not fully motivated ones. You need more than that to prevent theft. They are like the first layer of an onion. | |
| ▲ | nemomarx 13 hours ago | parent | prev [-] | | Even without the sledge hammer your locks probably aren't good enough to stop a thief with a set of picks. A robot that brute forces it is more expensive and slower than any of the existing tools, so it shouldn't change your threat model. | | |
| ▲ | pixl97 12 hours ago | parent [-] | | "I broke this masterlock with a masterlock" Lock companies put out a lot of advertising to make it seem like their products work far better than they actually do. |
|
|
| |
| ▲ | observationist 12 hours ago | parent | prev | next [-] | | Locks and keys are usually more an inconvenience to prevent casual abuse of your boundaries. People who want access, nefarious or otherwise, will gain access, whether it's cops, ninja assassins, or junkies looking to strip your house of copper. Ninja assassins are low on the list of possible threats, but never zero. The biggest risk to me personally is the junkies and porch pirates, so signs and out of reach and very visible cameras have gone up to make them uncomfortable and feel too paranoid to mess with the locks. | |
| ▲ | prmoustache 12 hours ago | parent | prev | next [-] | | Opening the door, even without the key, would totally trigger my alarm (if I cared enough to activate it) at night. | |
| ▲ | pixl97 12 hours ago | parent | prev [-] | | Locks are not security. They keep honest people honest and give a few moments more work to those that are dishonest. It's a promise to society that you'll act decent. Needless to say they mean nothing to those that break promises. In almost all cases, with a lock or not, by the time you figure out the lock is broken (10 minutes or 10 days) your shit is long gone and you better have your security onion setup with multiple layers if you want the foggiest idea what happened. If you have an above average risk of having your shit stole or becoming under attack you better have a whole shit load more layers in your defense or you're screwed. | | |
| ▲ | observationist 11 hours ago | parent | next [-] | | It's a lot like turn signals - social communication that goes beyond the practical benefit. If you're using your turn signals, you're saying "I'm aware of the environment and a good participant in the game we're playing because I'm following the rules". If you don't use signals, you're telling people that you're not following the rules, and that makes you suspect in all the other social games. Kinda funny to do some people watching with that perspective, and to start to see how many assumptions are based on society being high trust - the exploitable vulnerabilities are endless, and people communicate a lot about themselves in the rules they choose to follow or break. | | |
| ▲ | pixl97 10 hours ago | parent [-] | | >do some people watching with that perspective 100%, especially while driving as you say. When teaching my daughter driving I tell her to watch for people other people breaking the law/bad driving in other ways and distance yourself from them. The probability of them doing something else stupid in the next few minutes when your in their vicinity approaches unity, and it reduces your chances of being what they hit. |
| |
| ▲ | wat10000 12 hours ago | parent | prev [-] | | Locks raise the cost of bad behavior, which makes it less likely. They can still be quite meaningful to someone who breaks those promises, if that person doesn't have the tools or time to defeat the lock, or is just plain lazy. I live in a pretty low-crime area. From time to time, residents complain about things being stolen from their cars. Every single time that I've seen, the cars have been unlocked. A thief certainly could smash a window to steal from a locked car, but the thieves around here seem to be opportunistic and won't go that far. | | |
| ▲ | pixl97 11 hours ago | parent [-] | | And a larger lock pick tool does pretty much zero in the case you listed as that is not opportunistic. Those are pretty much the open up and steal when they see an unlocked car kind of people. It does nothing for the type of criminals that work in groups and steal tires of 50 cars at once, or whatever soup de jour of automobile parts they want at that moment. | | |
| ▲ | wat10000 11 hours ago | parent [-] | | My point is, locks do more than just keep honest people honest, and they are meaningful to some people who are up to no good. I wasn't addressing picks at all. My opinion there is that it's the lock maker and lock owner's responsibility to resist picking, and the rest of us have no obligation to keep it more difficult by not making tools. |
|
|
|
|
