Most visitors of this weblog are looking for knowledge. Preferably about high security locks.

I have just found an excellent read on high security (pick-proof) locks, and the theory behind them.

You better take some time to fully read Ross Kinard’s article. I can only imagine how long it took him to write it…

And it is written in a way I like: using lots of high quality images and (patent) drawings.

I am sure you will like it …

It was all in the local news a couple of weeks ago:

Amsterdam police was using a helicopter-robot to assist in clearing squatted buildings.

In previous ‘clearings’ a manned helicopter (zulu 00) would assist to deliver detailed video (6MB) from up above.

But now they seem to use a much cheaper alternative: the air robot (video link).

A gadget I spotted two years ago at the security show in Essen (make sure to visit this years show!)

A police officer wearing special video glasses controls the device and supplies the ground troops with tactical video.

The moment I heard about it, I wondered how easy it would be to take over the remote control of this ‘air robot’.

As great minds think alike, Huub Roem of Dutch ‘Frequency Monitoring Center‘ found out they use the Multiplex ROYA Levo remote control for the air-robot.

It’s a 35 Mhz standard radio remote control (35.00 to 35.22 Mhz). Easy to purchase, easy to boost output power … and easy to jam.

The air-robot is said to costs around 35.000 euro. I wonder if they have insurance on it …

As promised, Radboud university came out with a video and a report (ENG PDF) on the Mifare hack.

I wonder how long it will take before the software is out on the market .. I know I want a copy 😉

Click the image to see how one billion (!) cards can be hacked/cloned.

Breaking news from the Dutch Ministry of internal affairs website:

Radboud university fully broke myfair classic.

“With little effort abuse is possible and cards can be cracked and copied easily.”

Below is my rough translation of their letter to inform our parliament.

Between the lines I read panic ….

March 12

Radboud University in Nijmegen (the Netherlands) had recently notified me their research group ‘Digital Security’ developed a method to easily crack and duplicate a large number of chipcards.

This concerns all (access control)cards containing the so called ‘mifare classic-chip’, used in applications that do not rely on additional security measures (like our nation wide transport card).

We guess around two million access control cards are in use in the Netherlands, worldwide we assume one billion.

In various Governmental and private sector this chiptechnoligy is in use.

Our national intelligence agency (AIVD) has, on my request, checked the method at the Radboud University, and confirmed their claim is correct and works.

I have ordered AIVD to follow up and conduct more research.

It must be taken into account as soon as details of the university research become public, the possibilities of abuse are going to be so easy that additional measures are necessary to maintain ‘the level of security’.

The new ‘governmental ID card’ (using a different technology) was supposed to be rolled out the fourth quarter of 2008. I am looking into if this can be speeded up.
I have requested AIVD to advise on security measures of the gevernmental ID card.

In the meantime government wide additional security measures will be taken.

I have requested my colleague ministers to inform the (public) sectors they are responsible for, so additional measures can be taken.

The Minister of internal affairs.
—

At 16:00 Radboud Univeristy will issue a press conference. By that time a report and video will be available on http://www.www.ru.nl/veiligheid-toegangspassen

It has been a busy week.

First being at CeBit with the CryptoPhone booth, and yesterday attending the Wendt open house party.

So this is going to be a short post …

There has been quite some speculation on who the ‘world class speaker’ is that is going to bring out a book this summer.

And who it is that is going into details about the severe shortcomings of this specific ‘unpickable high security lock’ at our Dutch Open.

Some of you guessed it right: it is Marc Tobias, and the lock company is Medeco.

For those of you who might think this is about bumping Medeco locks…. It is not.

Marc and a counterpart went deep on Medeco. Deeper than anyone (outside Medeco) ever did.

Some of their findings are already out there, but trust me when I say that the best (and most amazing) is yet to come.

The Dutch Open is not going to be a Medeco bashing event, we will just give Marc a timeslot to tell his amazing story to a critical and technical audience.

But I know already the audience will admire what they came up with…. amazing stuff.

And the call for speakers for the event is already a success. I am so happy Last years top speaker told us he will most likely do a follow up this year!

I being charged up with positive energy just thinking about the Dutch Open….

The open and relaxed atmosphere, the knowledgeable people, the world class presentations, the hands-on workshops, the flow of creative energy, the championships, the most beautiful prizes to win, the unique locks and tools people show and sell, the parties, the ‘free beer’…. and so much more….
It has become the place where the industry meets the lockpickers and vice versa.

As far as I know it is a one of a kind, non-commercial, event.

And for us it is a big challenge to organize it. Every year we manage to create a bigger and better event, and every year the quality of speakers and presentations goes up.

This year is no exception, as we will try to raise the bar again. We promise: the Dutch Open 2008 will be bigger and better then ever before.

Already, a world class speaker committed to disclose in depth details of one of the most ingenious lock hacks I have ever encountered. I was briefed last year on this attack, and I must say I never ever have seen anything like it. Pure brilliance! The implications of this ‘hack’ are severe. At best, one of the most influential lock companies will ‘only’ have its reputation shred to pieces. Worst case scenario is they will go bankrupt over it. My guess is that millions of owners of this ‘unpickable’ high security lock are going to demand an upgrade or lock replacement. This summer a book will be released covering this amazing story. I am sure it will cause quite a stir in the US. Of course this book will be available at a very high discount in Sneek.

If you want to hear the full story (including gory details), and if you want to try this opening technique yourself, you will have to attend the 2008 Dutch Open ….

Sneak preview: some images that do not make any sense now, but surely will after the presentation ….

Because of this special presentation, and because we expect lots of international visitors, we decided to add one extra day for presentations at this years event. So the event will be from Thursday evening till Sunday evening.

And this years Dutch Open will be held in October, not November or December.

The reason we selected October is to give international visitors more value for money. After all, in October the famous ‘Essen Security Show‘ is held. So why not have our international guests join us and enjoy one of the biggest physical security shows on the planet.

Because that is what the security show in Essen (7-10 October) is. Here you can learn about the latest innovations in the area of physical security. Check companies present, and check my blog posting on the security ’06 show. Can you imagine a better way to kick off the Dutch Open?

Including the security show visit, the schedule for this years Dutch Open is following:

October 6-7-8 pick up various visitors from airport and drop at local hotels or friends places.
October 8 (wednesday) 20:00-23:00 visit the regular Toool meeting in Amsterdam
October 9 (thursday) Wake up early and visit the security show in Essen. In the evening drive to Sneek.
(people not attending Essen can go directly to Sneek)
October 10 (Friday) Presentations and workshops.
October 11 (Saturday) Championships (lockpicking, impressioning, combo manipulation (?))
Champions are honored at the ‘Dutch Open party’ later that evening.
October 12 (Sunday) Final presentations and the end of the event.

And even though we already have a world class presentation, we are placing a call for papers.

Because we added an extra day, we have room for more speakers, more presentations, more hands-on workshops, more lock pick challenges and other topics.

Please do not hesitate and send us your proposal before July 20, 2008.

On August 1 we will post the full Dutch Open 2008 schedule.

So tell your boss you will take some day’s off in October, and register now ….
The number of available seats is limited to 100 … and … First-come first served!

Mail us at: dutch-open-2008@toool.nl

(To give you an idea what to expect, some links about previous Dutch Open’s: click 1 2 3 4 5 6 7 or 8)

As mentioned a couple of weeks ago, Toool visited the Dutch Ankerslot factory.

It is nice to see they have come up with some clever techniques to solve problems.

Take for instance their electro-mechanical lock. Their system uses both a mechanical protection as well as an RFID chip. As being pioneers in this area (in the Netherlands?), they encountered the problem of welding/glueing RFID elements in the head of a key.

If the glue is too aggressive, or if the temperature to weld the two parts together is too hot, the RFID element could be damaged. And then there is the risk of the head of the key splitting apart, causing the user to loose the RFID chip.

The way Ankerslot solved this is by ultrasonic welding. Two plastic elements are rubbed against each other at very high speed, causing them to become very hot for a very short period of time, on a very specific area.

This fast rubbing causes a nasty high tone squeak. But after this short burst, the parts are stuck together in a way they will never be separated again.

As always I shot some video of this process (Quicktime 7 Mb or click the above youtube clip).

And WikiPedia has the answers for people who really want to know everything about Ultrasonic welding.

I am still busy trying to get better impressioning marks using ultraviolet light.

Below is a cartoon from a Dutch magazine, and CSI also seem to be using UV for better traces. It took me a little while to figure out the joke, but I think it is very funny. I just hope you have the same sense of humor ….

An interesting article describing the struggle againts black box e-voting in the Netherlands.
Written by my good friend Rop Gonggrijp (the driving force of the ‘against e-voting campaign’ in .NL).

(Source Wired. Originally published in 2600 magazine, Winter issue – #4, 2007)

What it means to be a hacker

by Rop Gonggrijp

My most recent confrontation with what it means to be a hacker started in March of 2006, after I went to vote for the local council of Amsterdam. At the polling station, I had to use a brand-new electronic voting machine that the city was renting from a company called Sdu. In fact, Amsterdam had contracted the entire election as a turnkey service, Sdu was even training the poll-workers. This “voting machine” was in fact a computer with a touch screen running Windows. To make maters worse: inside each computer was a GPRS wireless modem that sent the election results to Sdu, which in turn told the city. I had not been blind to the problems of electronic voting before, but now I was having my face rubbed in it, and it hurt.

Perhaps I should quickly introduce myself. My name is Rop Gonggrijp and I’m a dutch national that lives in Amsterdam, The Netherlands. Some of you will know me as I have been mentioned in this magazine as well as been a regular guest on Off the Hook for almost as long as the show exists. I’m one of the main organizers for these Dutch hacker events. Between 1989 and 1993 I published Hack-Tic, a magazine not unlike 2600 except that it was written in Dutch. During the late Hack- Tic years I co-founded XS4ALL, which still is one of the larger ISPs in The Netherlands.

I guess I became part of the hacker community sometime during the early 1980s while playing with my fathers 300 baud acoustic modem, although arguably I was hacking before when I was soldering FM- transmitters together with a friend at age 12. But after reading Steven Levy’s book ‘Hackers, heroes of the computer revolution’, I knew what I was and that I was to be part of a global community, even if I could only knew a few other hackers around me.

… read the full article at Wired

Laura Balver of the Dutch program ‘Ik op TV’ visited Toool Amsterdam. Click to see Dutch clip….