It is pretty exiting … the “Hack in the Box” conference is coming to Europe. And the good news is that it will be organized in my home town: Amsterdam. Over the years our friends of Toool.US always manned the lockpick village in the overseas “hack in the box’ events, but since the next one is organized in the Netherlands, the Toool.nl crew was asked to run it. Of course we accepted and are very motivated to make it a great event and a special lockpick village!. And besides the village we will also organize a two hour hands on presentation. So far Han, Jos and I volunteered to run the village but I expect more Toool members to join in.

And because of our support, members of Toool and readers of blackbag can get a nice discount on the entrance fee! Drop me a mail if you want to attend and I will make sure you will get a nice discount!

Another big thing of course is the next Hope conference in New York. Han and I will do a presentation and we will assist the other usual suspects to run the lockpick village there …

Our German friends from SSDeV decided to change the rules of the impressioning games. Instead of the fastest time on one lock, now more locks need to be opened and the person opening the most locks in the least amount of time wins. In the comments of this Hackaday post Jos explains the exact rules:

“First round everybody gets a keyed alike lock (so same amount of work) this round takes an hour. The six fastest go to the finals: during six rounds (20 min. each) all the contenders open one lock, which then gets swapped. So all finalists open the same 6 locks. The used keys are put in closed boxes so there is no way you know the key is supposed to look like.”

And with opening times of less then a minute these games are more and more looking like formula 1 pit stops. And so people are trying to come up with ideas and tools to shave off a few seconds left or right. The expert on the field of impressioning is Oliver Diederichsen. It was his research and book that really got us all started at this. And he came up with a new tool. It is a modified euro-profile cylinder that contains five sharp solid pins that will scratch the blank at the position the pins will make contact with it. Once these marks are on the blank, it is just a matter of filing them down to code 1-1-1-1-1 and start impressioning.

As Oliver is one of the most fair people I know, he shared the design and allowed others to copy it for future games. So Jord Knaap made a nice handle that contains a half euro profile with the steel pins. And the euro-profile core in Jord’s tool is interchangeable. At the back of the tool there is a small hole that will allow you to push out the cylinder and change it for another brand.

To come back to the games: they were won by good old Atrhur Meister, followed by Oliver Diederichsen and Jos Weyers. Congratulations guys. Looking forward to the impressioning games at Lockcon in a couple of months …

One of the things I am really looking forward to is spending a weekend between the good old Dutch safe techs and their visitors. These guys are organizing yet again a fabulous penetration party on June 11-12-13. These parties are the ultimate for safe technicians as they cover the latest in state of the art in safe opening. Picking, drilling, manipulation, decoding … the works. And if you are into the legal safe opening business you are invited to join in! Just send a mail to Paul Crouwel if you want to attend.

And I am currently more focused on other things then safe opening but I definitely want to try some new toys I bought at my latest trip in the US.

Hope to see the usual suspects in less then two weeks!

Well … it is clear I can’t keep my promise of posting at least once a week. So you’d better subscribe to the RSS feed or follow me on twitter.

Just got back from a small tour trough the US. Visited three lock factories, a couple of interesting companies and met lots and lots of interesting people. And all these people had things to tell and … locks to show. As you might know I am a big fan of ‘the rare russian lock’, and was in the blessed circumstance to have held three different models of these masterpieces in my hand in just one day at different locations. And I managed to shoot some images of two of them.

I will start first with a version that was unknown to me. It is a ‘combination only’, and to be honest I was in such a hurry I don’t even know how many digits the code of the lock is. What is clear is that is was used for the same purpose of the other lock I covered in this blog some time ago. The idea is that the lock goes over a keyhole and a safe or door can only be opened if the correct code is dialed first. I also like the details of the hand engraved serial numbers on the back and in the inner ring of the lock, as well as side pins that lock and unlock the lock (and the red seal paint on the screws).

The other lock was already covered here once, but here is an image of the one I saw last week. So nothing new except another key as before and serial number that is just six numbers off the one we knew before….

As I am writing this blogposting, the impressioning championships in Hamburg are in progress …. curious to hear who wins! Getting life sms’es and will edit the post once the score is known …

As always we are organizing our yearly LockCon. On the Toool website you can always read the latest news about it (http://toool.nl/LockCon)

If you are interested in attending, or want to give a presentation or lecture please let us know. The call for papers is officially open until June 10 and we still have room for interesting talks. Before the end of June we will come out with the complete program.

Here is the first information about LockCon 2010 in FAQ style ….

Q: What is LockCon?
A: LockCon is an international conference about … locks. Although we are modest people (ahum), LockCon is hosting some pretty innovative and unique presentations. (And we would like to hear from you if you have an interesting lecture you want to give). Besides these high quality presentations, there will be championships in lockpicking, impressioning and possibly (if time allows) safe combo-lock manipulation. One important issue about LockCon is that it is a place where creative energy flows and you can make friends for life (and an occasional enemy). It is the place where top lockpickers meet one another, and contacts are made between lockpickers and the lock industry. In other words: it is a unique event. To give you an idea read here about previous events.

Q: When will LockCon be held this year?
A: The weekend of October 8-9-10. This will allow international visitors to also visit the famous Security show in Essen Germany October 5-8 and come to LockCon when the show in Essen is over.

Q: Where will LockCon be held?
A: The location for this event is the StayOkay youth hostel in Sneek (Friesland) in the Netherlands (youtube video). This has been the home for many years now for LockCon and is a perfect location for an event like this.

Q: Who will attend LockCon?
A: A lot of interesting people. There will be lockpickers, safe technicians, locksmiths, 24-hour opening services, lock manufacturers, lock tool manufacturers, hackers, members of the law enforcement community, spies and an occasional beautiful girl. And a pretty big number of them will be overseas visitors.

Q: How Much is the entrance fee for LockCon?
A: The ‘full event’ price is €125 for three days. This price includes three dinners, two breakfasts, two lunches and two overnights in the hostel. It also includes drinks, beer, wine etc and a basic supply of snacks. Visitors who only visit one day will pay €65.

Q: Wow, where do I sign in?
A: Not so fast. LockCon is an ‘invitation only’ party for the locksport community. It is open for members of Toool.NL, Toool.US and SSDeV, but we reserve the right to deny people even if they are member of these organisations. If you are a member of another well respected locksport organisation there is a good chance you are welcome as well. If you are non of the above, you will need to find someone to introduce you and hope there is place left. We have set the maximum number of attendees to one hundred. For this event we have reserved ten to fifteen seats for people we never met before. If you think you have something to contribute, or just are a very enthusiast lockpicker that does not have the right connections yet, please mail us anyway. We are open to interesting people and might be able to work something out. Just give it a try, you might get lucky 🙂 Mail registration@lockcon.com to register or for more information.

Q: So what’s the exact schedule?
A:Please keep in mind that LockCon is a very dynamic event and not everybody has submitted their presentation(s) yet. What we know now is that Peter Field will give a presentation (most likely on Saturday) and there will be championships in Lockpicking, Impressioning and (if time permits) combination safe manipulation.

Below is roughly what we have in mind, but things can still change. It all depends on the number of presentations we get offered from the community.

Friday October 8

People are requested not to arrive before 13:00 and a toool.nl representative will be present at the hostel from 16:00 on to greet the guests and assign them a room. 19:00 Dinner will be served a little late because some of the attendees will be arriving from the security show in Essen. People arriving after 20:00 will not be served dinner! At 21:00 we will officially kick off with the first presentation(s).

Saturday October 9 2010

08:00-09:20 Breakfast 09:30-12:30 A presentation by Peter Field.

People who were fortunate enough to see Mr. Field’s presentation last years know his unique way of presenting things: he combines patent drawings with very detailed images. We are honored to have him as a speaker again, and are real curious what kind of exotic locking techniques he will display this time. Since Mr. Field is a member of the lock industry (Medeco), he will not discuss any opening techniques. As he told us previous years: “I am here to talk about locks. How to open them is up to you ….”. Lets see if he can break his previous record of a five hour presentation! 12:30-13:30 Lunch

13:30-15:00 Peter Field presentation part II, hopefully with some room for questions.

15:15-18:00 Impressioning championships. Most likely according to new rules. Impressioning is the fine art of opening a lock by filing a key from a blank. It is an ancient technique that still works on an amazing number of (high security) locks. Besides an old-school locksmith skill it is a technique still in use today by intelligence agencies worldwide for their blackbag operational needs. The championships speak for themselves: who will be the fastest filing a working key this year?

18:00-19:00 Dinner 20:00 More presentations

Sunday October 10 2010

08:00-09:30 Breakfast 10:30-12:30 First round of Dutch Open lockpick championships 12:30-13:30 Lunch 13:30-15:00 Follow up Dutch Open lockpick championships and finals 15:15-16:00 Award ceremony The closing ceremony and distribution of the prices for the Dutch Open lockpick championships, the impressioning championships, the safe combination-lock manipulation contest and the Toool 2010 ongoing lock competition. More updates to this schedule and other information will follow soon. Please keep checking this space for further updates.

Q: I thought I heard LockCon will be held in Turkey this year?
A: That was the idea. We were invited by the president of the Turkish chapter of the ELF to organize our event in Turkey. They even promised us some sponsoring to get the locksport community to Turkey. Unfortunately the Turkish backed out of the deal after we fulfilled our obligations, blaming the crisis for not being able to organize the funds. We know from other sources this is not the full story and it just proves that the locksmith community is not ready for this … but all it will take is just a little more time. If there ever will be a next time we will make sure to ask a big downpayment 🙂 Fortunately we have the word of one of the sponsors that he will personally take care of the promises/costs that were made.

We are highly motivated to make this the best LockCon everrrrrr ….

Times are interesting. It is busy, but mostly with things I really enjoy doing. So fear not if you did not see a posting for a little while here 🙂

Still working on my LockCon posting but in the meantime an interesting link came in I could not just let pass by. An interesting video on what seems a ‘self impressioning’ attack on the Abloy Protec lock!

I will examine it more closely over the weekend but for now just wanted to share it with you … seems very interesting and very promising! Enjoy the video!

I’ve created the Twitter account ‘barrywels’ and installed a plugin that automatically twitters whenever I post here. So now you can follow me on twitter if you want to know when I post here. If I tweet anything else, it should show up in the sidebar to the right. I’m not planning to tweet about going to the toilet or having dinner, so following me should not generate a huge amount of messages.

Times are pretty hectic so Charlotte and I decided to take off to one of Europe’s nicest cities for a relaxing weekend without the kids. When we entered our hotel room I was thrilled to see it had a chain on the inside … (see my previous post on hotel doors to read why). The chain is a weak link by itself as it was obvious if had been broken and repaired many times before. In my opinion it is not necessary to use force on the chain as it can be bypassed relatively simple.

I did improvise a little and shot a video on how to bypass the chain using nothing more then a rubber band for you. Unfortunately I did not have enough time to experiment on how to lock the chain when being on the outside as I promised Charlotte I would spend my time with her and not geek around too much. But I guess a rubber band and some dental floss could do the trick.

And for those of you who want to test their ‘keyway knowledge’: can you tell by these keyways (1 2 3 4 5 and 6) what country we visited? BTW, keyway six is a lock used by the local phone or power company. And I did notice the hotel door keyway was the same as the picture I took of the lock in a completely different country.

Next post (after my short “I am now on twitter” message) is about Lockcon. It will be held the weekend of October 8-9-10. This will allow international visitors to visit the famous large security fair in Essen.

I am reading up on the assassination of Hamas leader Mahmoud al-Mabhouh with red cones. Never ever have so many operational details come out about missions like this. Twenty years ago this would have gone on file as a ‘highly suspicious death’, but in this day and age of CCTV camera’s it did not go unnoticed. What is special this time is that a (must see) video just was released by Dubai police, and it looks like a hollywood production. The link to this blog? … since the murder took place in a hotel, I was immediately interested to read details on how they gained entry. And there still are some things unclear about it, even though this article speaks about “They entered the room using copies of keys they had somehow acquired.”

This could point to the fact a lot of electronic hotel door locks have a mechanical override. Most of the time there is a mechanical lock mounted under the handle of the door that can be opened with a master key. In some cases the lock is even hidden under a sticker or label, but in most hotels I visited there is a lock present in case the electronic lock fails (in some countries it is not legal to rely only on the electronics). I know that in some hotel locks a mechanical opening is still recorded by the electronics in the lock and will end up in the log files. To get hold of the masterkey, one could rent a room in the same hotel and simply (for an intelligence agency that is) take the mechanical lock out the door, take it apart and make the master key based on the now known pin lenght. (Or if you believe the myth, ‘they’ already have done all the fieldwork and collected the mechanical master keys to all important hotels in advance anyway …)

Another way to open some hotel doors would be to simply go under the door and grab the handle from the inside using a special tool. As you can see in this video, it is not so difficult. And the tool used to go under the door is even available in a ‘government only’ version. This version can easily been taken apart into small segments but is only sold to government agents.

And I suggest a slightly modified tool like the one on the video was used for the finishing touch of the murder. To make it look like a natural death, they locked the chain on the inside of the door …

It is all a funny coincidence as the video of the tool was just shot a couple of weeks ago when Han Fey and I did a presentation at the famous IT-Defense security congress Germany. It is a congress where we always meet lots of interesting people and always get a lot of invitations to give more presentations and/or workshops. We were originally invited to just do some hands on workshops and teach people the basic locksport/lockpicking skills, as well as a few simple opening techniques like shimming doors etc. But when some of the conference speakers missed their plane, we were asked to give an ’emergency presentation’ to fill the gap. And as we do not like to give the same presentation twice, we shot some video (using a mobile phone) on the spot late at night about the door opening tool (and how to protect yourself against it) and inserted it into a compilation of existing presentations. Originally I did not intend to release the video as it shows me opening a door, but in this case I make an exception …

And for those of you who want to know more on the inner working of hotel locks, I have blogged about it before (including a video of ‘how it is made’)….

A lot of people asked my opinion about the “Electronic Key Impressioner” that has been in the news lately. The device is not for sale yet and the only thing people have seen so far is a computer model of a device. Technical details are not out yet (as far as I know). This being a news item triggered a lot of people who are now curious if a device like this could really work, and if so, what is the technique behind it.

The automatic key impressioner reminded me on something I saw at a trade-show a couple of years ago. At the stand was a person with a some sort of ‘lock probe’ that could electronically read out the combination on some car locks. This lock probe was connected to a laptop, and after inserting the lock probe in and out of the lock a couple of times, the code of the lock was on the display of the laptop.

Curious on how this technique worked, I spend some time talking with the developer of the system. As we all know, most car locks are wafer locks. These wafers all have the same outer dimensions and the only thing that differentiates (for example) a ‘cut one’ from a ‘cut four’ is the position of the hole in the wafer. To make it a little more clear for people who are not into locks, I took wafers one, two, three and four from a car lock and stacked them on top of each other. You can clearly see a ‘stairway’ pattern if you stack them in incrementing order.

The lock probe I saw at the show used electric current to determine the position of the opening in the wafer. The idea is to put some low voltage on the body of the lock and ‘look for it’ with the contacts in the isolated tip of the lock probe. A high cut wafer will only make contact with the higher contact points in the tip, while a low cut wafer will give a reading on more contact points as the tip slides trough it. And there were a number of different probes for various lock models (variations in the spacing and position of the contact points on the tip of the key). The theory behind this may all look easy and straight forward, but it took them quite some effort to write a decent piece of software to convert the data into a key-code. The developer told me errors could be introduced if users insert the probe too quickly, and sometimes locks ‘in the field’ were so dirty/greased up that contact with the wafers was not reliable.

Of course I can only guess, but I imagine the “Electronic Key Impressioner” works on the same principle. I can’t wait to see the device in real life and be able to test it under some real world conditions. As I can imagine there is a range of wafer locks this technique does not work on. And I wonder if it can compete with some of the more sophisticated mechanical car lock decoders that are out on the market for many years now …