Toool on Romanian TV

November 13th, 2017

While doing a presentation at Def.camp conference, I learned about a ‘hack the ATM’ event. Looking at the machine, I realised the locks seemed the easiest entry point. I took out my lockpicking gear and within a minute both locks on the machine were open. The organisation later told me the rule was not to use physical access, but the Romanian TV had already picked it up, see https://www.libertatea.ro/ultima-ora/au-spart-un-bancomat-intr-un-minut-cei-mai-buni-hackeri-din-lume-sunt-zilele-aceasta-la-bucuresti-2034386.

It’s in Romanian so you’ll probably need a translator to understand it. The video itself is here (from 0’46):

To be honest: normally the bottom part has a safe lock as well, but it was not used in this case.

Toool on Dutch TV

November 13th, 2017

A while ago, we had the Dutch national TV at one of our meetings. A guy named ‘Klaas’ makes a show in which he says he can do anything. His challenge this time: to crack a safe. The show consists of three parts. In the first, Klaas meets up with Jos to learn lockpicking, only to find out it is a bit hard to do quickly. Then, he tries the brute force method, which is also not very practical. In the end, he resorts to a robo-dialler and manages to open the safe.

You can watch the video here, but the item is in Dutch (auto-translate is possible, but won’t work wonders):

LockCon 2017 aftermath

October 26th, 2017

We pulled it off: we organized yet another very succesful LockCon! The ninth already. Because the hotel we went to last year was no longer available, we went to a new location: a real castle.

Even though we had nice surroundings, great campfires and good beer, it was of course all about meeting others interested in locks! Many new friends were made, thanks to the excellent atmosphere and the small size of the conference (100 people at most, this time from at least 10 different countries).

We also held the Dutch Open competitions in lockpicking, impressioning and lever lock picking. We were helped by many companies who sponsored. We say thank you to Abus, sponsored all the impressioning locks and keys (they did a great job with well-adjusted key bittings), DOM who sponsored some locks for the picking finals and the sponsors of some great prizes: Sparrows lockpicks (money vouchers), Pacific Lock (engraved locks), Multipick (electropicks and picksets), Tokoz (locks) and EVVA (marketing materials).

LockCon prizes

The winners are: for lockpicking: Julian (1st), Decoder (2nd) and Martin (3rd). For impressioning: Jos (1st), Oli (2nd) and Manfred (3rd). For the Toool NL competition: Walter (1st), Decoder (2nd) and Jos (3rd). For lever lock picking: Tomás (1st), Julian (2nd) and Harry (3rd). Congratulations!

And, there were many talks. We have had a great number of really impressive talks over the years, but have never published any of them. LockCon provides a secure setting where people can speak openly, even about new lock designs for instance. But, this year was a little bit special. We had an invited speaker, Tim Jenkin, who, for the first time, spoke exclusively about how he, as a political prisoner in 1970s South Africa, managed to escape. You can watch the whole video online:

An extraordinary story!

Update: I just finished adding closed captions in English. You can try autotranslate to get subtitles in any language you like. It was a huge amount of work, but I feel this story is important enough to share with many people.

LockCon update

August 17th, 2017

LockCon 2017

As we already said, LockCon preparations are in full swing. October 20~22 we will gather in Baarlo, the Netherlands, in a medieval castle.

We can now tell you that one of the speakers will be Tim Jenkin. Tim was jailed for distributing ANC flyers in South Africa in the 1970s. He was caught and jailed. In jail, he and his friends learned to pick the locks in the prison. There were more than 10 that he needed to open, but in the end, he succeeded. For the first time, Tim will give a presentation about all the details of how the locks were opened. We are thrilled to have Tim!

If you haven’t registered yet, do so while it is still possible. LockCon is invite only, but every year we reserve a few places for people who are not invited. If you want to be at LockCon, but did not get an invite, send your motivation to us.

More talks

August 11th, 2017

The SHA2017 hacker conference has just ended. This is the 4-yearly conference in the Netherlands. This time, 4000 hackers were attending.

I did two talks on locks. In the first, I compare IT security related problems with problems in physical locks. You can view it here:

I also did the physical penetration testing talk again, as already discussed in the previous posting:

I was not the only one talking about locks. Huxleypig talked about Black Hat Locksmithing:

If you are interested in this sort of thing, take a look at https://media.ccc.de/c/SHA2017, where you will find all the talks.

Physical Penetration Testing

July 14th, 2017

Apart from being chairman of Toool, I regularly give lectures about lockpicking and lock security. I’ve spoken at many hacker conferences and events hosted by professional IT and security organisations. The most recent one was at the Black Hat Sessions. They taped it so you are now able to watch this presentation online (although, unfortunately, not all of the screen is visible):

LockCon 2017

July 3rd, 2017

LockCon 2017

We have started the preparations for LockCon 2017! We have a location, a date, a registration form (plenty of people have already registered) and we are looking forward to the event!

The medieval knight you see in the logo was inspired by the location, which is a 12th century castle. A nice location for three days (October 20~22) of workshops, lectures and competitions. As always, LockCon is an invite-only event. If you have been there before and want to come again, but haven’t registered, please do so now. Get the link from somebody at Toool.

More background information at LockCon 2017

Hack in the Box Amsterdam

April 18th, 2017

We regularly give lectures and workshops at conferences and for companies. Contact us if you are interested. Last week, we were at the Hack in the Box conference in Amsterdam, where we taught people how to lockpick. They even included a lockpicking challenge in the Capture the Flag competition. Here is a picture of the lock we used for that.

challenge

Showing a sliding seal padlock at a regular Toool Amsterdam meeting

March 22nd, 2017

Toool NL has biweekly meetings in Amsterdam and Eindhoven. During those, people will discuss locks, pick them and socialize. The next video gives a glimpse of such a meeting. Jos had just brought some locks over and is showing the sliding seal lock on camera.

Toool competition 2017 has started

January 11th, 2017

Every year, Toool NL has a competition that is only open to Toool NL members. A box of around 25 locks travels to all meetings where members can try to pick the locks. What makes this quite different from regular competitions, is that you can get to learn the lock. You are allowed to improve your best picking time throughout the year, figuring out what tool works best and in what order you need to set the pins.

We assembled 26 locks this year, ranging from used locks with no apparant brand name to factory new locks. The Best lock was donated by Christina, some other locks were donated by Eurokey and Locksystems in Eindhoven, thanks! Last years competition was pretty stiff, so we settled for what we believe are slightly easier locks, but time will tell if they really are.

The competition page is at https://toool.nl/competitie2017/.

The 26 locks for 2017