Volkskrant (a Dutch newspaper) is now also providing online video clips.
They visited Toool Eindhoven and made the following video clip. Well done!

I guess I will postpone my vacation to Russia for a little while…

In the comments of the Russian lock article an interesting discussion
was taking place. People who call themselves a Russian lockpick
sportgroup, fans of locks and lock manufacturer had spicy comments
about me. They did try to invite themselves to the entire Dutch Open
weekend. I kindly told them people I never met before are not welcome
to the closed part. I guess this was one of my best decisions this
year (so far).

It took them a little while, but now they found a reason why they were
not welcome: I am on the payroll with ASSA abloy group and am nothing
more then a puppet on ASSA abloy strings. In their fantasy story they
drag in Russian thiefs, the Mafia, the KGB and even narcotic abuse.

Truth of the matter is I think they are just disappointed.
Disappointed I did not want to be the ‘independent expert’ to publicly
scrutinize the Yale lock that competes with them on the Russian
market. Personally I could not care less if it can be bumped or not.
If a company wants to hire me to publicly attack competitors locks I
kindly say no. It is just not ethical. If I was in it for the money I
would have gladly accepted, but I did not. And of course they are
disappointed they could not bluff their way into Sneek. I assume in
their area they do not hear the word NO often.

All in all it is a very sad rant. And for me they show not to be
security professionals. Professionals do not get carried away by
emotions, but act … professional. The way they personally attack me
on me being a little bit too heavy is also rather … sad.
And for the record: I do not smoke…. never did.

Coming back to being on the payroll of ASSA Abloy: I have an income
and do not need support from anyone. And I take pride not to be ‘for
sale’. If you make such claims please back them up with facts. There
simply are none because I am always very careful when it comes to
taking money from the lock industry. Even when testing locks for the
biggest and richest lock companies I rather receive a nice cut-away
lock instead of money. And all the companies I work with know that I
will not hesitate to publicly show attacks to their locks if I
discover them. Of course I will give them 3-6 months time to fix it.
But I will always publish them.

All in all a very sad attempt to damage me and my reputation. So far I
think it only works counter productive. In showing this unprofessional
attitude, and publicly complaining I do not want to be hired to test
the competitors locks as an ‘independent expert’ for them.

And the website they put up. It is weird. They seem to be in war with
the entire world. Look at the ‘independent lock fan group’ handing out
heads of pigs as trophies… brrrr …. it gives me the shivers.

I can advise everyone to at least look at this link and click around a little:
http://locksclub.nm.ru/com/new_290506en.shtm (* Mirror)

For me this is the end of this conversation. Unless there are claims I
feel are worth to comment on I will not spend time on these people
with their tinfoil hats and conspiracy theories. For me this case is
closed. I only deal with rational professionals.

(* that was fast … minutes after my postings the russian pages went down. Here is a mirror)

(** that was even faster …. site is back up again. Was it a glitch or they figured it was no use?)

US locksmiths are beginning to develop a clue. For a long time I only
found negative responses from locksmiths in regard to the bumping
problem. Just as when bumping became known in Europe and the
Netherlands: denial, shooting the messenger and spreading
disinformation were tactics deployed by locksmiths and the lock
industry. It took some TV appearances and a test by Dutch Consumer
reports to change all this. Consumers are educated now and often
request locks that can not be bumped. And we even hear stories of more
and more consumers asking specifically for drill and pull resistant
locks. People seem to learn fast, and internet is a great source to
find information. To do harm but also to protect yourself….

It is a good thing to see people in important places in the US lock
industry are beginning to see the light. Greg Mango, Editor of leading
locksmith magazine ‘The National Locksmith’ is one of them. He wrote a
very good column in TNL. I hope US locksmiths wipe the foam of their
mouth and read it carefully…

That is right. We are looking for locks to pick. Preferably locks we
are not familiar with. Let me explain …

Every year we set up a competition. It is an ongoing game, that will
last approximately one year. For this game we use a collection of 26
locks. Some of them are easy, most of them can be opened with some
practise and a few can only be picked by skilled lockpickers. The
rules are relatively simple. During Toool club evenings people can
take one of the 26 locks and try to pick it. And use a stopwatch to
keep track on how much time they need to open it. You can pick the
lock as often as you like. The idea is to keep improving your time on
it. And every time you pick that lock you are going to train yourself
in finding the shortcut, the right order in which the pins need to be
set, or what is the best raking technique to open that lock. If you
think it will be difficult to improve your time on the lock you
proceed to the next one. Or instead of moving to the next lock you can
ask other toool members how it is possible they picked that lock in 15
seconds while you can not pick it in under one minute. Our experience
is that this type of game is a real motivation for people to learn
different techniques and pay attention how other people open locks. At
the end of the evening we collect the scores. Your best time on a lock
will be entered in a database, and if you scored the best time you
will receive 10 points for that. Are you second best you will receive
9 point, third place 8 etc etc. The person who scored the most points
on all locks after one year is the winner. The rules are that simple….

 

(images of locks by Paul Boven)

  
Back to your locks …

This will be the third year we will play this game. Previously we used
mainly Dutch and European locks (Medeco being an exception). But this
year we would like to have a more international collection of locks.
So we are not only going for the euro-profile cylinders, but also
would like to see some unknown types and shapes of locks. We know
shapes are completely different in places as the US, Australia,
Scandinavia, India etc. And we would really like to see what is out
there worldwide, and if we can pick it. This is where you come in. We
want YOUR lock(s), especially if it is of a brand unknown in The
Netherlands.

Don’t get us wrong, we are not looking for impossible to pick locks,
or extreme difficult ones with magnets and transponders. We are
looking for locks that are ordinary to you and your country but are
special to us. Of course we will add some real challenges in this
competition, but the basic idea is that a novice lockpicker should
stand a chance. So we are asking you for your lock, but only if you
can pick it in under 15 minutes yourself. If you are not a lockpicker
but would like to add a lock to this competition we will gladly
consider it.

Now we know locks cost money, and so does sending metal objects trough
international mail. Unfortunately we can not offer financial
compensation to all of you. We do not have a clue how many people will
take the effort to send us a lock to begin with. To compensate you we
will honestly draw four names from the people that send us locks and
reward these lucky four them with a fabulous prize.

So I hear you think, what are these prizes?

1) A rare high security cut away lock, model Ge-Ge P-eXtra
2) an original Hope Numeber Six pickset
3) a Toool T-Shirt (size s/m/l/xl/xxl/xxl or ‘spicy babe shirt’
4) The original Tomahawk bump hammer

If these prizes do not persuade you to send in your old unused lock I
don’t know. Needless to say we will write your name and country on the
hall of fame if your lock makes it to the 26 lucky ones.

Some more details about what type of locks we are looking for: We are
looking for pin tumbler locks. So no need to send in lever locks with
‘keys with a beard’. Preferably the locks are of a size we can transport
in a box. So there is no need to send in huge ‘lock in door knob’ type
of lock. And no padlocks. It should preferably be door locks.

And it does not matter where you are from. If a Dutch or German person
has a nice lock to share we will gladly accept it and use it.
Unfortunately we will not be able to send locks back. We do not want
to be unfriendly but we simply do not have the time, organizational
structure and money to keep a close administration of all this. So see
it as a gift to Toool. And a nice chance to win some of the prizes
that are otherwise hard to come by. And if your lock makes it you can
visit the Toool competition webpage and see how well your lock is
holding up against the Dutch lockpickers. We might even shoot some video.

To give you an idea of what brands are used in the Netherlands visit
the overview of the 2005 or 2006 competition or look at the list of
popular Dutch locks in the 2006 consumer reports bump-key test.

Just send us a mail (toool@xs4all.nl) to ask if we are interested in your lock
or send it to: Toool, Linnaeusparkweg 98, 1098 EJ Amsterdam, The Netherlands.

December 31 we will make the final selection of locks….

Thanks in advance!!

An interesting discussion is taking place in the comments of the
Russian Lock posting. Or at least I find it interesting …

When Paul Crouwel showed us his (by now famous) ‘russian lock’ people
wondered what other high security locks are out there. Well … here
is one from NATO.

The source this time is German safe technician Oliver Diederichsen.
Besides being a gifted safe opener Oliver (Oli) also is a picktool
maker and lock collector. And soon he can add writer to that too. He
is almost done writing on a book on impressioning that I am looking
forward to for a long time. His collection of special safe locks is
still growing, and he drew my attention to one of his latest
purchases. It is a lock made for NATO and was used to secure
containers. Looking at the dimensions of this thing it reminds me a
little of the Chubb Manifoil combination lock Mike van der Stelt
showed us in Sneek.

Hopefully Oli will mail some more info about this NATO lock, but for
now you can look at some high-resolution images of this remarkable
high security lock yourself. And while you are at it visit his open
directory of of safe lock images. It is worth your time….

A couple of years ago we made a small video clip explaining what
CryptoPhone is and why you would need one. Just a simple video with
nice graphics and easy to understand storyboard. I was personally
involved in managing this small project and writing text and
storyboard. Keeping in mind this is made a couple of years ago I am
still happy with the result. As a matter of fact I was so proud when
it came out I even showed it during one of my lockpick presentations.

You can not believe how amazed I was when I heard somebody copied the
clip and put their own name on it. I mean, we have seen many, many
copycats and our site and ideas are copied dozens of times by now. But
Isreali company ‘gold lock’ really outdone themselves stealing borrowing
our text and ideas. Their clip is almost word by word identical to ours.
And I always believed Israeli companies are way ahead of their competition.
Well … now you know why …

Can you spot the ten differences between their video (*) and ours?

(* Update: The video is removed from the GoldLock server… here is a mirror)

I am back. Still wearing my suit I arrived yesterday at 05:30 am at
Schiphol. I went straight to a meeting point for our campaign against
voting computers. As you might know we are the cause votes have to be
manually counted in Amsterdam. With success we have fought the voting
computer out of Amsterdam, forcing the members of the polling station
to count the votes by hand. A job that can take hours and hours. But a
job we feel is very important and can not be left to a computer. To
support these people we had decided to bring each polling station in
Amsterdam a big apple pie. This is an old hacktic tradition and the
people enjoyed it! It was quite a task and 50 people spend a few hours
each to distribute the 500 apple pies throughout the Amsterdam polling stations…

The BBC wrote something about our apple pie campaign and the local
tv station AT5 joined me while distributing the pies.

http://news.bbc.co.uk/2/hi/europe/6172552.stm
http://toool.nl/taart-at5.wmv (Dutch, 19 Mb)

Tonight I will fly back to The Netherlands. November 22 is an important
day after all … election day! I am looking forward to that!

Dubai and the Gitex tradeshow are very nice. In dubai security
awareness concerning locks is very very low. On almost every door you
will find the cheapest Chinese lock money can buy. Since we are going
to set up a new Toool lockpick competition next week I decided to buy
a typical Dubai lock to add. But the low end lock quality simply was
too low. The lock would not survive two weeks of picking. Do I decided
to buy something slightly higher in the chain of ‘decent Dubai locks’,
namely a ‘GEO’ lock. According to the box made by black&decker. Still
it would seriously surprise me if toool members in the competition
will need more then one second to open it.

Bumping is relatively unknown in Dubai, and so is Toool. Still a few
people visited the CryptoPhone stand to say hi. They told me local
police forces know about bumping and picking, but there is a strict
ban on this kind of information. That is why the Toool site is blocked
from Dubai! You simply can not reach it. So I decided not to inspire
locals this time to set up a chapter of Tool in Dubai. Besides
Toool.nl quite a lot is blocked, including skype … bummer.
Fortunately there are some proxies that help me trough these difficult days…

John Loughlin of Stanton Concepts came all the way to Sneek to show us
his invention. Together with his Bob Loughlin (his dad) they have invested quite some
time and money on this lock. And now John came to Sneek. To show us
how the lock works (with prototypes), and to maybe learn more about how
we would attack a system like theirs. First of all about the lock: it
is in fact a combination lock, as one would find on a safe. But
looking at the internals of the lock it does remind of Abloy too, with
all those disks and the sidebar. Look at this video to see the lock in
action, it really is a piece of art (or click on the image below to view the video).

The nice thing about this lock is that the combination is dialed with
a robot dialer. So the person controlling the key does not necessarily
need or have the combination. The key will dial it. It is also
possible to dial the combination by hand, using a special tool.

We have given John some suggestions. From covertly trying to record
the sequence with a contact microphone, and trying to figure out the
combination by listening closely how long it takes to rotate a disc,
to using a surface sander (abrader) to make the discs turn externally
by vibration. If the sidebar is in the top of the lock, the discs
might vibrate in the right position because of gravity. The part with
the cuts is the lightest of the disc, and will rotate cut-upwards when
vibrated. These are the kind of things you want to know before going
to mass production…

(Images by Eric Schmiedl)