Interesting design. I made a lock a couple years ago that is quite similar in principle (though this design is different and has a couple nice improvements).
The interaction of engineering and "use" by the Lock Picking Lawyer (https://youtu.be/Ecy1FBdCRbQ) was fascinating - "use" here really meaning "exploiting". It's a problem many here are aware of, either by over-engineering things intended for use by non-engineers, or designing things to be used by customers when the designer isn't intimately familiar with the use. In this case it was sort of somewhere in between.
I'm currently an operator of heavy machinery in a factory making tools for the wafer industry, although my main career is in software development. I'm actively working with the tools and software used to get a better understanding of the disconnect between engineering and operations. It's been a great way to consider how to improve tools in ways that aren't just "better" from a software/engineering standpoint.
Also, holy cow. I've watched all of your videos multiple times. You are truly an inspiration. Thank you, and apologies for the fanboying.
Def want to see Enclave's under Lock Picking Lawyer! If you make a "unpickable lock" you'd def want to send it to LPL, that's like the ultimate proof of how easy/hard it is to pick. The fact that there's no video, with how approachable LPL is and accepts random locks in his PO box, can only be seen as a red flag.
Check out another prominent lock sporter, Lock Noob. He has a recent video where he examines the lock and agrees it’ll be hard to pick.
Unpickable locks aren’t that unique or rare in the community but they tend to be too complex to make it to market at a reasonable price or with the ability to withstand years of wear and tear and still work.
> The fact that there's no video, with how approachable LPL is and accepts random locks in his PO box, can only be seen as a red flag.
He says he's going to make a small number of prototypes and send them to the locksport community. It's not a "red flag", it's just very early in his design cycle.
I definitely remember seeing a design similar to this one not many weeks ago on LPL. I am looking for it now. The video on the landing page shows these little discs which can provide a false set, and a secondary mechanism that opens only when all the pins have a correct set. I am not an expert just watch a lot of LPL so don't take my word for it when I say this is the same design, this may be a completely novel design, but I'm looking for the video, it can't have been long ago...
Edit: ok, it wasn't on LPL, or a similar design at all, it was this lock and it was on Lock Noob, I found this was in my viewing history and it was just recently published, it must be the video I remember:
https://www.youtube.com/watch?v=qNHFyc1oMwU (I see this was also linked down thread)
It looks like a very good design! I'd like to see it in front of Lock Picking Lawyer too
Not only that but he manufactures and sells lock picking equipment and consults on physical security. There's nothing part time about LPL's lock picking any more.
Well, we don't know what his main job is, only that he lives in Washington DC. I would assume because of his location that he works for the US government, and that this is the reason he does not want his face on video.
whether he does it as a side job isn't really relevant, but I do think that there's a bit of a cult of personality going on here.
he's clearly a good lockpick, but even in a thread that isn't about him, he's somehow dominating conversation and gathering plaudits. I completely agree that being famous doesn't make you the ultimate arbiter of anything
Didn't know HN had so many lock experts and lawyers frequenting the site. Dozens of comments have already detected an IP violation, half the thread is recommending ways the lock can be tested or people it needs to be sent to for confirmation of the unpickable claim...
As someone who doesn't know anything about lockpicking, I feel like part of a weird minority here. What do I know but I'd assumed one would take it to a convention or competition where the best lockpickers in the world meet, not a youtuber. Something like this: https://www.wired.com/2014/12/international-competition-mast...
Sure. Not saying he's bad at lockpicking. The point is more are you an expert yourself or how do you know he's THE guy to talk to? For reference, what are the main lock picking competitions in the world and which ones has he won? Can you name them?
When I looked it up out of interest, he isn't mentioned as the world expert in actual lockpicking forums. I found a couple of other names but in any way, it makes more sense to have it tested by a group of experts than just a single person. One person may fail, but if an entire convention full of the best lockpickers can't pick your lock, that's a much better indication the lock really is unpickable.
I can't be bothered to use YT anymore with all the ads. They're basically interactive, on-demand, corporate TV monetizing other people's content and nothing more. The world needs a co-op video sharing app and a microblogging app.
The only "ads" you get will be the ones the video uploaders encode directly into the video itself. Plus you can watch using whatever playback software works best on your system, instead of the rather feature free JS player youtube provides.
This is the only way to enjoy youtube without a premium account, and even with a premium account it's still far better to use a proper player like mpv.
But it seems likely to me that YouTube will eventually start embedding the ads more inextricably into the video streams while downloaded. Especially as more people use tools like youtube-dl/yt-dlp to circumvent ads.
They'd have to vary the ad timing to get past sponsorblock, and generating a video for each viewer to do targeting. I can't imagine Google going back to content-based ads after all this time.
Using privacy front-ends makes the experience much more tolerable and completely eliminates ads. Then you can directly support your favorite creators via patreon, etc. There's invidious [0] and piped [1], with the major differentiator being that invidious doesn't require JS and piped having sponsorblock built in.
I think one problem here is that the more complicated you make a locking mechanism, the more you suffer by increasing the attack surface with other potential flaws or just the lock being physically weaker (i.e. smashable).
Kinda like how the most advanced cryptography is usually broken because someone made an error in the complexity of implementing it.
The other problem with increased complexity is that the more intricate your mechanism is, the more prone to failure due to wear or contamination it becomes. A security measure is only as good as it can remain usable. As a locksmith for working in the industry for 25 years, I've seen a lot of high security designs come and go, and the stuff that sticks is the stuff that's simple and reliable. The fundamental fact of locks and security is that people just don't pick locks much. The vast overwhelming majority of unauthorized accesses are via an acquired key or via bypass attacks on other aspects of the locking hardware than the keyed cylinder.
To put it bluntly, all these fancy pick-proof designs people are coming up with have zero real world utility and are just toys for locksport enthusiasts to play with.
EDIT: and really, I'd say all the patent discussion is moot. A patent is only useful if there's a market for your product. This product has design shortcomings that render it a non-starter for most applications, i.e. no master keying capacity, which makes it useless in any institutional setting, and a design necessity of using critical precision parts that won't handle outdoor exposure well, and a physical size that makes it incompatible with even the largest north american cylinder format. This is a product without a profitable customer base.
Yes, and with more complexity comes more ways to fail to operate properly. I foolishly almost locked myself of my condo. I had a Medeco high security cylinder on the door and the condo was on the 22 floor so it was pretty secure.
Foolishly, I had used the sturdy Medeco key to cut through some packing tape on a package. The gummy adhesive left over on the key wasn’t that noticeable and would probably not interfered with the operation of ordinary pin tumbler locks, but high security cylinders are usually made to tighter tolerances making picking more difficult. In Medeco cylinders the pins have two degrees of motion (up and down and rotation on their long axis). The sticky key likely gummed up the operation of one or more pins so that I couldn’t unlock the door.
A trip to the hardware store for some spray cleaner/lubricant finally got me inside, but for a while I was afraid that the lock would have to be drilled out (difficult because of specially hardened elements designed to thwart drilling).
I don't see any fundamental reason why this design could not be master keyed (although it would be more of a pain than with traditional lock designs).
The key spools have a narrow section at the correct position. I see no reason why they could not have multiple narrow sections. The inconvenience is that you would need to stock 10 additional spool types to allow for 2 position opening. (or 6 if key spools are symmetric), and more if you ever need three valid positions for a pin. (These numbers get worse if the system is extended to more than the 5 positions of the prototype).
I'm not sure this is actually all that much more complex, or having more critical precision parts than some of ASSA ABLOY's offerings (like Medeco). The pin-stacks being too tall for standard US cylinder sizes though does seem to be a rather substantial problem.
I assume that most people know that this is more of a hobby thing (and a cool one), but I also forget that not everyone has demolished a house with a handheld reciprocating saw.
I remember being annoyed by the end of that video with the backplate. swighton had already thought of that and machined for a backplate but it was just left out so the LPL could crack into it.
In any case, this guys design I think is a significant improvement over swighton's. swighton made it so that the key triggered the locking mechanism as you pressed it in, this guy made it so that you had to turn the key to test the locking mechanism, as well as adding a multipin stack.
You absolutely should sue them with prior art or something if they patent it. You had an amazing fairly well distributed YouTube video with this design anyway.
> Interestingly, videos don't seem to count? It must be a written description?
Wondering the same myself. Googeling for this issue turns up this power-point [1] which seems to imply on page 6 that "electronic publications, on-line databases, websites, or Internet publications" are also considered as "printed documents". But this is just a power-point so who knows which standard gets applied in practice.
I get the impression that the "printed document" language got written before digital documents and the internet were a thing.
I am not a laywer, don't know a thing about the topic, this is not legal advice etc.
The power point says "Public Use or On Sale" counts. That could be interesting, given that the lock was given to a member of the public, the Lock Picking Lawyer, for a public picking. A convenient case of having a lawyer when you need one!
The examiner is definitely allowed to consider videos but it might not be easy to submit. Video subtitles/transcript, thumbnails, and comments would definitely count though. I would just print to PDF the YouTube video with the transcript sidebar, that should be enough info for the examiners to reject any overly broad claims.
Yeah I immediately thought of your work when I saw this. The key insight is the same, even if the implementation is different. Everything you do is fascinating by the way!
Although I've seen pretty much all of your videos, I'm ashamed to say I couldn't remember your name, so I googled "Andrew Magill" expecting your face to pop up.
I loved the way the puzzle was presented in that video and loved the partial solution. It has been consuming idle brain cycles eversince.
First we should proudly make the key flat as security by obscurity is not done. We should solve the problem for real and it has to be easy to manufacture.
The real idea: put a tube around the cylinder. after rotating the cylinder by 45 deg it drags the tube along.
you have a pin in the tube with small discs on the key side. The inner cylinder can rotate freely for 45 degrees at which point it drags the tube along IF the pin is in the correct position thereby testing the correctness of the key used therein all pins simultaneously.
different keys can be had by changing the number of discs. No machining required.
Just want to say I absolutely love your channel and it's been a huge source of motivation to work on my own hardware projects in the past, I eagerly await your next video!
This could be worth fighting for. If another maker uses your work to build and share an improved lock, as you did, this guy could try suing them for that, as though the basis for their work was his, ruining the spirit of openness and stunting any resulting improvement in lock design.
It might be a struggle to prove prior art but you might have enough sway to be able to find a pro-bono lawyer, and/or publicly pressure or embarrass him into compromising. Patreon would almost certainly help with costs too.
Seriously, you have a tremendous amount of credibility in maker/engineering communities, among others. Thank you very much for doing what you do.
As others have already said, you’re a huge inspiration.
I was trying to find interviews that you’ve done to learn more about how you came To know so much, but it looks like you’ve never really done any interviews. Any reason why?
You can use a third party pre-issuance submission to ensure that the parent examiner considers your work as prior art during the application process. There’s no fee to file the first three documents you want to the examiner to consider. This will ensure he doesn’t get a patent which could be construed to block you from building your lock design.
For those that did not watch it. The lock was left to be pickable on purpose. The improvements were purposely left out so LPL could pick the lock for entertainment purposes.
This looks very similar to the design[0] by Stuff Made Here (and collaborative hardening [1] suggestions by Lock Picking Lawyer)…an excellent set of videos.
StuffaMadeHere used friction to keep pin in place between setting and testing. Here, he used many small pin to translate to a discrete combination. Quite different ! And I think more resistant to wear for a real word application.
According to the video's pinned comment thread, that lock was sent to LockPickingLayer a few months ago, who never responded. I suppose, from my cousin comment, that it's with the other locks LPL can't pick yet.
Yeah. In fairness someone did link a method that I think could my lock (and this one). Basically you attach a laser to it so you can very accurately tell how far the key turned. That gives you a way to test the pins even though you can't directly manipulate them.
On its surface, that sounds like a weird claim to make. Even if people would always advertise their ability to pick it, how would you have such an accurate count?
I am a reasonably capable lockpicker and lock collector with hundreds of locks of every mechanism I can get my hands on... and as LPL often demonstrates, the vast majority of them, particularly the move clever seeming designs, are actually easy to pick.
I have one of the Enclave lock prototypes on my desk and can confirm the machining is brilliant and I have no idea how one could approach picking this. No feedback at all for correct vs incorrect.
I plan on taking it to my local SF Toool meetup to see if any of the true experts there can come up with anything.
So looking at the lock’s YouTube video it may be susceptible to an attack where you set all the pins to their lowest, turn the key and then jolt the lock several times while continuing to turn the key.
Why not? Vibrations can travel through solid metal. You might be able to make a custom tool that sends vibrations through the core enough to cause the wafers to move up and down even if the core is turned.
The bump key hits the lower pins, which move the upper pins. This is not possible with the Enclave design.
You really cannot move the pins by vibrating the entire lock. The pins are so light that you would need tens if not hundreds of g of acceleration to overcome the spring force.
From the video it looked like it would be pretty simple to lift the tiny pin wafers into the pin decoding region if there's nothing stopping you from over-lifting.
>I have no idea how one could approach picking this
Not sure how well the lock is made but it may be possible to detect when pins 1 and 6 are in correct position - because the slider is "stiff against springing apart" at those pins, if you get what I mean. The key might turn a degree or so more if those pins are correct, which may be detectable.. That would be only 36 positions to check.
Likewise, pins 2 and 5 should produce slightly more resistance than pins 3 and 4, but the difference would not be quite as pronounced. But if the difference is detectable, then it could be a possible attack strategy.
Didn't that guy stuffmadehere make something that's very similar in concept, sent it to LPL and he still managed to open it? I think the attack angle wasn't the mechanism though.
While very cool and seemingly well-designed, this seems like a derivative of the lock developed by the YouTuber StuffMadeHere. A little strange to see someone applying for a patent for a version of someone else's design.
The principle is the same, but this design is different and better in some ways. Depending on the generality of the claims a patent may be reasonable. The Enclave design is more refined/compact, but I'm skeptical of the longevity/durability of the wedge mechanism.
The underlying principle that's common between the StuffMadeHere and Enclave designs is 1. Decouple setting the pins from testing them, and 2. Do not allow the keyway access to physically manipulate the set pins while testing them.
Interestingly this same principle is used throughout cryptography, e.g. in constant time comparison algorithms. Basically, any partial success information leak can be used to reduce the search space exponentially. And that's what single-pin picking is all about, so it's cool that this idea has (finally?) migrated to physical security.
Except this isn't a constant time comparison. You still reach the "no more turning" angle at whichever pin is incorrect first. This is more like forcing the password to be fully retyped after each failed attempt. A good feature, but not a feature which eliminates side channels which might be there.
There's still no direct way to detect which pin blocks it from opening. Maybe you could determine if the failed pin is the same as a previous attempt by listening with a stethoscope, or very finely measuring the turning angle, but you can't directly feel out which pin. So there may still be a way to reduce the search space in theory, but that attack still seems very difficult to pull off, and for the complexity it seems vastly better than previous locks.
Well, it didn't advertise itself as a "very difficult to pull off lock", or a "vastly better than previous lock". It advertised itself as an "unpickable lock". That's a very strong claim to be making. I wouldn't be satisfied with anything less than a proof that it is impossible to reduce the search space down to sub-exponential.
Building a lock which does not leak any information about what's happening inside is equivalent to building a mechanical, room temperature quantum computer. For if that information isn't leaking to the environment in some way, there is no mechanism to decohere a superposition state. Hence in principle a mechanical lock which is secure in the information theoretic sense is impossible. It is still theoretically possible to make a computationally secure lock (eg a mechanical implementation of a hash function). But there's currently no real proof that one-way functions are actually one-way. The security of such a lock is subject to a foundational guess in cryptography.
My understanding of MPEP 2126-2128[0] is that prior art published to a website can be disqualifying.
I don’t like patents, because given the world population, any idea was had by someone that didn’t have the resources to file it. Publishing a timestamped design is, I believe, one of the least expensive ways to create prior art without creating patents.
If I am not mistaken, there have been many cases where prior art was available (and in some cases quite well known within the field) but did not come to the attention of the examiner (or the examiner did not recognize its relevance), and the patent was granted anyway. In fact, there was one such case on the HN top page today.
Getting it revoked is likely harder than successfully defending against a suit. Many aggressors will fold at the "here is obvious prior art, go find someone dumber to extort" phase.
First-to-file doesn't mean what I think you think it means.
Prior art, whether from another patent or from some other source, will still establish that the applicant is not an inventor and not eligible for a patent.
First-to-file (FTT) only differs from first-to-invent (FTI) when there is an "interference". That's when two or more separate parties are simultaneously applying for patents on the same invention.
Under FTI your priority date was the date you conceived the invention if you then worked diligently toward reducing the idea to practice up until you filed your patent application. If you stopped working diligently on reducing the idea to practice and then resumed it, the date you resumed became your new priority date.
What counts as a break in working toward reduction to practice sufficient to reset your priority date? How much documentation do you need to prove you were working continuously on it from your claimed priority date?
Figuring all that out can be expensive and time consuming and often gives results that seem wrong. It's almost random whether the priority date by this method actually matches who seems to morally most deserve the patent.
FTF gives priority to whoever files first. It doesn't produce any worse outcome than FTI and saves a lot of time and money for both the patent office and applicants.
would likely depend on whether the filing date was before or after this, but yeah, this would likely invalidate any claims for the most interesting improvements over the SMH designs
Need to see the patent or published application, and in particular the claims. I've got a few patents under my belt, but I'm not a patent lawyer. Typically when prior art is found during the preparation or processing of a patent application, the inventor can either argue for why their thing is new and different, or narrow their claims to the point where what's left satisfies novelty. Now at that point, one is left wondering if their idea is still worth patenting. But that's another matter.
Even as an inventor with some experience in the patent process, I still find it hard to second guess the patent office on what they will accept or reject as prior art. The lawyers are better at it than I am.
More than once I've rushed breathlessly to the lawyers with screaming hot obvious prior art, and they say: "Meh, it's not prior art because of X, Y, and Z, nice try."
The concepts employed in the StuffMadeHere video were derived from techniques used in other pick-resistant locks. His implementation is unique, of course, but he also derived his lock from other existing techniques.
There’s a big world of lock design and research out there, and I doubt this company simply decided to rip off a YouTuber.
> and I doubt this company simply decided to rip off a YouTuber.
While you’re likely right, YouTubers are massive in terms of reach and popularity, and there are heaps of cases where companies have done exactly that…
> A little strange to see someone applying for a patent for a version of someone else's design.
Apparently it's common depending on the country you live.
Some countries have a first-to-file versus a first-to-invent patent system. And so you end up with people (often inventors or retired lawyers) who spend their days filing patents for other people's inventions. The idea being that they only need one or two of the patents in their lifetime to result in a massive payday for it be all worth it.
Even in the US, which is first to file, your patent can be invalidated by published prior art that makes it obvious. The stuff made here video is a textbook example of an invalidating piece of prior art.
I assume they are going for a design patent, which they may well get (and doesn't protect against much other than direct copies). A method patent or a utility patent is a lot harder in light of the prior art.
The problem is that the patent system tends to just approve anything that meets a certain quality threshold. And then they leave it up to the courts to adjudicate whether a patent is invalidated due to prior act.
And so rather than litigate, roll the dice and potentially strengthen the patent's standing sometimes it's easier just to negotiate a deal with them.
Yes, it costs money to get a patent invalidated based on prior art. But: an amount that even a single person who stands to actually gain from having a patent overturned should have no problem with. You're asking the USPO to spend time redoing work, literally halting any other patent work they could be doing instead. So it's not a trivial amount, but it's also hardly a prohibitive amount if you actually want a specific patent revoked.
The AIPLA Report of the Economic Survey for 2017 notes that the typical patent infringement suit with less than $1 million at stake costs on average costs more than $600,000 dollars, while the typical patent infringement suit with between $1-10 million at stake costs on average nearly $1.5 million to litigate.
I also seem to recall that the LockPickingLawyer was able to break that lock using two separate methods that I didn't see addressed in the article, so I wonder how much this person just copied StuffMadeHere..
LPL “cheated” when picking SMH’s lock but still provided valuable feedback. Both weaknesses he found are easily fixed. In one case he could walk the deadbolt back because of a precision error/oversight in SMH’s lock. The other he stuck a small shim between the door and the lock to tension the second tumbler which is not an issue with this lock and easily fixed on SMH’s lock by closing the back with a plate.
A lot of people saying this is similar/same to the lock from Stuff Made Here. Certainly both use the same concept of preventing single pin picking by separating the pin alignment and matching stages, but this does appear to be a unique design. SMH used a pushing mechanism to bind the pins in place before trialing a set of gates via rotation; this one sort of does the reverse, with pins never binding (see stack of separable wafers on each pin) put a pushing mechanism trials the combination.
This one does seem potentially more compact / compatible to existing form factors. Though it also looks like it'd be vulnerable to just torqueing it, depending on how strong that zigzag bit is. But I guess then you can just break the door.
Torqueing a lock in a way that is visible is usually not a problem for the threat model a lock is attempting to address. However, this mechanism looks like it may be vulnerable to torqueing without external signs of damage.
He's fun, but my favorite favorite ones are where they forget about inertia or magnets.
"All is fair in Love and War"? The Geneva Convention would like to have a word with you on that. And good luck keeping someone who finds out what you did for love (and if you do, then you deserve each other), but all is definitely fair in lock picking.
Magnets, mallets, plastic pens, soda cans, springs, electric toothbrushes, masking tape, string, cardboard, water, salt water, we have seen it 'all' and the world is full of items that haven't even been tried yet because those all work pretty damned well.
Ironically, that disc-detainer pick is the one thing that is not available for sale on covertinstruments. I went looking for it the other day and it's not listed at all, not even as "out of stock".
That lock pick was enormously popular and hotly anticipated, because it was designed by Lock Picking Lawyer and Bosnian Bill (two popular YouTubers) and mentioned in their videos. In fact most likely the overwhelming majority of visitors to the Sparrows website were there solely to see that lock pick and had never heard of Sparrows before.
That product description is making light of this reality. No matter what they write in the description field, it's all "blah blah blah" that most readers are going to skip over except the two crucial terms "Lock Picking Lawyer" and "Bosnian Bill." Everything else is wasted space. (And then they just threw in a couple of other random phrases for fun and to see if people were paying attention)
In any case, that's all I have for you today, if you do have any questions or comments about this please put them below if you like this video and would like to see more like it please subscribe and as always have a nice day, thank you!
I don't know if this is too slow of an attack to count, but you could build an automated lockpicking machine that would iterate over the possible pin height combinations. If a fast robotic machine could input & test one key pattern per second, it would find the correct pattern in 12.96 hours or less. One pattern per second should be quite feasible. Here's an example video that shows how robots can move very quickly while maintaining submillimeter precision: https://youtu.be/SVuOWwL410U?t=7
Exactly. And based on the test mechanism simply requiring a ~46 degree turn to fail, I think it could actually be done in ~300ms per attempt, which would make the maximum solution even lower at ~4 hours. That's of course still a lot better than a traditional mechanism, which even brute force robotic pickers can tear through rapidly, but it's far from "unpickable."
Ultimately, even lengthening the time per attempt wouldn't help save it from attack, because not only is this lock susceptible to robotics, it's easily pickable with audio analysis. Much like the traditional mechanisms that this lock hopes to replace, you only need to analyze one to build a matrix applicable to all of the locks.
It's not unpickable, and the creator doesn't claim it's unpickable, either. So the title really shouldn't include the word.
I am not sure if I would call trying all combinations "picking s lock" — wouldn't adding a couple of pins simply make that infeasible again? You could also bring all 46k key variations and try them out, and you'll open it with 23k attempts on average, but that would not make the lock pickable if I was to talk about it.
I have no clue about locks, but there's a difference between brute forcing a password and decrypting it from the hash.
> I am not sure if I would call trying all combinations "picking s lock"
Lockpicking is defined as opening a lock with an instrument other than the appropriate key. It is not defined by how many attempts it takes. Many of the most common lockpicking methods are nothing more than brute force, which are sometimes incredibly effective. They're also sometimes the opposite of effective, meaning they may take many thousands of attempts before stumbling upon success. That doesn't disqualify them from the definition of lockpicking.
> You could also bring all 46k key variations and try them out [...] but that would not make the lock pickable if I was to talk about it.
The entire point of lockpicking is that you don't need to make every key combination, and instead only need a small set of tools or a single device. The personal decision to make every key instead of using another method, doesn't mean the lock isn't pickable, it just means you spent a lot of time making keys. You could also make all of the keys for a basic $1 padlock, but that padlock is still pickable with a paperclip. It didn't become unpickable by creating the keys.
> I have no clue about locks, but there's a difference between brute forcing a password and decrypting it from the hash.
Yes, the difference is that one will definitely take longer than the other, but you don't actually know which until you've successfully completed the task. They're both still password cracking methods with the same end result. One doesn't magically stop being a cracking method just because it takes longer.
My point is that every single lock (or password) is susceptible to trying every key combination: the only protection against that is to increase the number of combinations available.
Sure, if a particular lock is more prone to brute-forcing due to its design than an average lock (eg. side channel attacks like timing attacks with passwords), one could surely qualify that as a pickable lock (or a "weak" password scheme).
So I am not saying that a brute-forceable lock is not pickable, but that those are independent since every lock is brute-forceable. Sure, devil is in the details, and what seems like brute forcing is sometimes something smarter, but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock.
Again, maybe I am totally off base with regards to terminology as used in lock picking circles, but this is how I would differentiate between different approaches.
> I am not sure if I would call trying all combinations "picking s lock" [...] that would not make the lock pickable if I was to talk about it [...] but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock. [...] So I am not saying that a brute-forceable lock is not pickable
You quite literally said it's not pickable and not even lockpicking at all, and have even reiterated as much in this new comment, so please don't pretend otherwise.
> but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock.
All of the dictionaries and an entire industry of professional locksmiths disagree with that statement. Given that you've twice admitted to having "no clue about locks," I'm not sure why you continue to insist that uninformed personal opinions are somehow factually obvious.
> Sure, if a particular lock is more prone to brute-forcing due to its design than an average lock (eg. side channel attacks like timing attacks with passwords), one could surely qualify that as a pickable lock (or a "weak" password scheme).
You keep trying to apply the concepts of digital authentication to locksmithing, but they're just not applicable in the way you're describing. The "average lock" doesn't exist, and certainly can't be used as a basis for determining the threshold of whether an entirely different lock qualifies as pickable.
As far as I can determine, your opinion boils down to believing that successfully brute-forcing a lock with only 100 possible combinations does qualify as lockpicking, but successfully brute-forcing a lock with 1,000,000 possible combinations somehow doesn't qualify as lockpicking.
I'm not sure how that position is justifiable, made worse that the lock being discussed is notably prone to brute force and within a very reasonable amount of time. So, if "weakness" is your qualification for a lock being pickable, then you're arguing against your own assertion that this lock is unpickable.
>> So I am not saying that a brute-forceable lock is not pickable
> You quite literally said it's not pickable and not even lockpicking at all
I think you have a problem with me communicating using (formal) logic.
If I say that A (lock is brute-forceable) is true, I am not making a statement on whether B (lock is pickable) is true: it could be either true or false. When I say that B is not true when A is, it means that B does not follow from A.
As an admittedly non-expert, I find it useless to consider something that's a tautology (always true, lock is bruteforceable) as a special skill (lock-picking), and I complain of the terminology. IOW, it is my personal opinion that this is a useless terminology if it's used like that.
> As far as I can determine, your opinion boils down to believing that successfully brute-forcing a lock with only 100 possible combinations does qualify as lockpicking
But I explicitly clarified my position, and you even quote that twice:
> but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock.
Which means that a lock with 100 combinations, and you try all 100 of them, you are not lock picking, but if you reduce that to trying out 50 combinations, then you are (again, I hope I don't have to highlight how this is my opinion of the terminology: I am repeatedly claiming I am no authority, but I can still have an opinion on language, along with the argument I am presenting).
I apologize if my use of somewhat general language confuses you: my background in formal maths influences the way I communicate sometimes.
> I think you have a problem with me communicating using (formal) logic.
The problem is that what you're saying is contradictory to itself. You're conveniently ignoring all of the flaws being pointed out, and instead reiterating the same argument ad nauseam, while also moving goal posts and morphing qualifiers as needed.
> but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock. Which means that a lock with 100 combinations, and you try all 100 of them, you are not lock picking, but if you reduce that to trying out 50 combinations, then you are
The fundamental concept which you keep acknowledging but refuse to accept, is that brute force is a reduction of the problem space. In fact, it's a >99% guarantee to be reduced. Whereas the other lockpicking methods with a reduced space are not actually guaranteed to defeat the lock in a shorter amount of time, if at all.
You even acknowledged in your first comment that brute-forcing a limited set will, on average, require half as many attempts. Since your qualification for being pickable is that the problem space is reduced by half, then brute-forcing meets your definition of lockpicking half of the time. At that point, it's irrefutably classifiable as lockpicking, with the understanding that other methods may be more (or less) effective.
And you're still ignoring that the entire point of the lock being discussed is that traditional lockpicking methods wouldn't work. At all. Yet, when presented with an option to defeat the lock in less than 4 hours, your reaction was to repeatedly state that it doesn't even count as lockpicking. I don't know what else to say.
> And you're still ignoring that the entire point of the lock being discussed is that traditional lockpicking methods wouldn't work.
I am not ignoring it: I was bringing a point on terminology, not on this particular lock or lock-picking methods.
You seem to be unable to accept that people tend to and do use different terminology for same things, or same terminology for different things.
> Yet, when presented with an option to defeat the lock in less than 4 hours, your reaction was to repeatedly state that it doesn't even count as lockpicking. I don't know what else to say.
You need not say anything else, because I like to consider this a design idea, rather than a lock on a non-existent doors.
What would be the effect on the time to "lockpick" exactly the same type of lock but with two more or double the number of pins (as an obvious counter measure)?
Remember that this is a proof of concept lock and there are no doors it protects, so any actual implementation should be able to easily apply obvious extensions where higher security is needed. Again, it's not about this particular lock, but if there is an obvious scalability to the design, a lockpicking method only works if it scales linearly (like with regular pins, where you only test each pin individually).
Yeah, I don't accept your terminology, and you don't accept mine (no matter how you try to stretch it how it being half on average is reducing the problem space when it's not: that's rudimentary math, and when you reduce the problem space in a smart way, it applies to each method: eg. testing individual pins, you'll find them on average in half the attempts...).
I do struggle to understand why are you so keen to convince others how your use of terminology is the only acceptable use: it's ok to agree to disagree.
> I am not ignoring it: I was bringing a point on terminology, not on this particular lock or lock-picking methods.
You declared an entirely new definition for lockpicking which is contradictory to all accepted definitions of lockpicking, and then used it to repeatedly insist that the lock being discussed isn't pickable. Your comments are public and what you said is clearly visible, so please stop creating new realities when holes are poked in the previously concocted one.
> You seem to be unable to accept that people tend to and do use different terminology for same things, or same terminology for different things. [...] I do struggle to understand why are you so keen to convince others how your use of terminology is the only acceptable use: it's ok to agree to disagree.
You appear unable to accept that there is an entire industry of locksmithing experts and 100% of them use the same terminology. You are insisting that your invented definitions based on zero locksmithing knowledge should be more relevant than the actual definitions standardized over 4,000 years by hundreds of thousands of experts.
The rest of your comment consists of even more bizarre new definitions for lockpicking and mathematics which contradict reality, and veers even further away from the actual topic being discussed. I refuse to engage with it, because you are making all of your arguments in bad faith. If you can provide any shred of evidence for any of your claims about lockpicking, logic or math, I'll happily concede. But we both know that evidence doesn't exist.
Yeah, you are convinced you read things which are nowhere written, so there is no sense in having a "debate": your refusal to engage is a really weird one, considering the length of your comments trying to pit statements from different contexts against each other.
Good job and keep at it, you'll certainly make everyone right on the internet again.
Those master cylinders are of specific dimensions, variable length and probably mass as well. I wonder if one could analyze the audio frequency spectrum, and/or mechanical impulse response, to deduce the length of the master and work out the bitting.
The fun part of audio is that there's multiple ways to do it. You can use spectrum analysis, impulse response, harmonic frequency, beamforming, triangulation and more. Some would be easier than others in this situation, but you could technically use any of them to pick this lock.
To counteract brute-forcing, how about adding a rate-limiting mechanism?
I could imagine each attempt to rotate the cylinder could partially compress a spring-loaded lever. There could be some sort of ratcheting return mechanism that allows the spring to decompress at a known rate (think a kitchen timer). Once the spring is compressed beyond a certain point (e.g. after 5 failed attempts), a mechanism locks out the cylinder until the return mechanism allows the spring to decompress back to its starting position.
If the lockout happened after 5 failed attempts, and the lockout duration was 10 minutes, an attacker could test at a maximum rate of 30 combinations per hour. It would take 64 days to check all 46,656 possible combinations, or 32 days on average to find the solution.
Sounds like an interesting way to get locked out of your house.
You would need successful uses of the key to reset the ratchet or every 5 times you opened your door it would become inoperable for 10 minutes, assuming the spring for the timer hasn't rusted or got a bit of grit in it or whatever.
I have zero knowledge about the topic and something in the video confuses me:
In the YouTube video explanation around 2:30, when individual positions (not sure if it's the correct word: talking about the different parts of the lock's inner array moving based on the position of the key/pick) are picked, why doesn't the inner mechanism at snap back to its initial state by the spring's force when key/pick is moved out of that position?
And how do they reset when lock is turned and unturned back to initial rotation state if they don't reset when individual positions are released?
The pins usually don't fit exactly (because they still need to be able to move up and down), meaning that you can turn the lock slightly even without the pins at the right positions.
If a pin is pushed up completely, and you turn the lock slightly, the pin can get stuck in the right position.
This is done with a torsion wrench, keeping torsion on the lock while trying to get the pins in the right position with picks, hooks, or rakes.
He generally only shows locks he knows how to pick. Unlocking is the payoff to the video and I don't think I've seen a single video where he didn't succeed, but if you read between the lines on his older videos, you notice him talking about the locks he recently learned to pick, locks he's never been able to pick, and so on.
He's very good, but he's not infallible. He just doesn't show his failures.
I used to be huge Abloy Protec2 fanboy until I found out that they are very litigious, which made me wonder if their locks have been picked but the results were just taken down. I think they are still great locks. If anyone is going to break into my house there are easier and faster ways than picking the lock. However, the notion of an unpickable lock requires a lot of convincing for me to accept now.
We've had theoretically-unbreakable cryptography for a long time now, particularly hash functions and encryption ciphers. There are still some weaknesses around timing attacks, and of course there's always the "wrench attack," but the algorithms themselves are as secure as we will ever need anything to be.
None of our block cipher or hash function primitives have unconditional security proofs; a lot of the reason to accept them is that the best-known attacks against the widely-used ones are very poor, even after a lot of knowledgeable people have studied them for a long time. But that doesn't logically exclude the possibility that there are unknown mathematical insights that would lead to much more effective attacks.
Often, protocols or constructions on top of these cryptographic primitives may have proofs that unconditionally reduce their security to the security of the primitives ("breaking this is at least as hard as AES", normally because "if you could break this, you could also break AES"), or in some cases proofs that do this by making only comparatively uncontroversial mathematical assumptions.
This is a good situation to be in, all things considered, and way better than the past, but it's not an ideal situation!
I'd go so far as to say that outside OTP, cryptography is always breakable.
You can always just guess keys. The aim of most secret key cryptography is to make sure there aren't much better strategies than that to break it, or if there are that the key sizes are sufficiently big it doesn't matter.
With OTP you can't guess keys, as there is a valid key for any possible message. It is unbreakable without the original key.
Is it can be opened with a key, there's nothing stopping something else emulating that key - even if resorting to brute force until the key pattern matches.
Well yea, you could blow it apart with explosives, melt it with acid, or beat the key holder with a wrench until he gave you the key. But I think the idea around "picking" is to nondestructively operate the lock without using the key it is designed for or a copy of such.
Can you make a lock that reliably detects pick attempts and renders itself temporarily or permanently inoperable? (Not that very many lock users would prefer this security vs. availability tradeoff over what they're used to, probably.)
What's the threat model? Does this lock secure a location that has no windows? Can a sledgehammer be used to open the door?
Ok, so maybe covert entry is harder. Do you care THAT much about covert entry? If you care that much about covert entry, do you also have video monitoring?
Your points are technically true but effectively vacuous, equally applicable to all possible door locks. Is there someone claiming that just because this lock is (allegedly) unpickable, it's a complete security solution, so that you felt you had to comment on the importance of other approaches to security?
Everyone interested in lock picking has considered breaking the window. I promise, you're not the first person to think of that, and it doesn't bear repeating in these kinds of conversations.
I think it has narrow applications in government high security areas and some corporate things where covert access can be a catastrophe. Also large datacenters and what not where an unknown physical compromise, while VERY difficult to achieve, could have tremendous repercussions.
In 90% of situations a bad actor will probably just use brute force. There is something to be said if this isn't bump-able/pick-able, in that at least you won't have the situation where a potential bad actor gains "covert" access, and so people think they're supposed to be there, as opposed to them kicking down the door, but the number of scenarios where that actually matters is slim.
> bump keys only requires ~30 seconds if you are lucky, this defeats that
Agreed - this is exactly the threat model that I'd be looking to block as a purchaser. Had a friend show me how to pick a cheap lock in < 30 seconds - it was laughably easy.
Thinking about larger houses with multiple appartments, which is very common in Germany, lock picking is the number one way of entering, as it reduces the risk of detection and quite fast. Beyond the ground floor, no one would try to enter through windows anyway, and there the recommendation of the police is to have locks for your windows. It seems to be very uncommon that one tries to break through the glass. Good glass is tough, breaking makes noise and then there is quite some danger of injury.
Any good lock can make quite a difference and these locks look very promising as they would defeat the typical picking.
I just want to point out that LockPickingLawyer never touches modern high security locks. (Say Abloy Protec or similar). Abloy Classic mechanism (from 1907) seems to be the the only Abloy lock he can pick (with a special tool made for the mechanism).
For some strange reason North American homes have the worst locks I have ever seen. Very little high security locks. In Finland, something like 90% of installed locks are beyond the skills of LockPickingLawyer (he could drill them of course).
If you are willing to pay little more, it's relative easy to buy a high security lock (or padlock) that is never pricked even by hobbyists.
This isn't unpickable at all, its just remarkably tedious to do so. The fundamental information leak via how far you can turn before getting stuck is still there. You've just added a mechanism that temporarily locks-in the current key-state being tested, forcing an attacker to return to the initial position before inputting the next key-state. Don't get me wrong, that is a good design feature. But what you have made is still very much in pickable via the same old established principles of lockpicking. You have simply forced the standard technique to be more clumsy and error prone to execute, perhaps requiring some unique tool to measure the subtle differences that give the key away.
I designed something like this before. Multiple shear lines with a two stage isolation-then-check is intuitive. The details matter, though, and this looks clean. I could see it manufactured.
My design tried to avoid it being possible to interact with any of the components storing the code before the pins are isolated. I did this by having two styles of pins (normal vs. T-shaped), and an insertable bar in a specially-cut slot, which checked the right combination of pins were along for the ride.
Enclave seems like a much more sensible design in terms of implementation elegance and reliability. This is even more stark compared to other even more complicated designs I have seen. Versus my concept, it also makes it possible to have more than 1 bit per slot. To be completely cautious, however, and fully obsolete those other designs, it would make sense for the top pins to be very slightly spooled along their full length, such that the cut is guaranteed never to touch the sidewall.
Multiple shear lines with a two stage isolation-then-check is intuitive. The details matter, though, and this looks clean. I could see it manufactured.
Yes. If you're willing to have a really big lock, it's much easier to make room for a two-stage mechanism where the keying info is stored before use. I'd thought about a lever lock like that, but the thing would need a huge box in or behind the door.
There's a possible vulnerability here. This thing may be susceptible to comb picking. The spring channels look to be too long. If you can push the pins up beyond their normal travel, to where the disk stack reaches the top bar, then push the rear actuating pin to operate the top bar, the lock should open.
Master Lock is known for making this basic error in lock design, as Lock Picking Lawyer has pointed out. This is a fixable design mistake. You just have to have something that prevents the pins from being pushed too far.
My design just used grooves cut into the cylinder, which the two pin types would ride at different heights, so it didn't need to be any bigger.
An insert, aka. a rectangular metal bar with cuts in it, is inserted into a slot cut down the side to define the check key.
The pins are either a standard pin, ⣿⣿, or a T-pin, ⢹⡏. The core is cut all around with a groove like ⣿⣆⣰⣿, which they ride at different heights.
If the insert is shaped like ⣿⣶⣶⣿, it blocks the T-pin, but the standard pin can ride over the top. If the insert is shaped like ⣿⣇⣸⣿, the T-pin rides through the gap, but the standard pins catch.
Again, details like depth and offsets matter, because you don't want it to be bumpable with fast or angry rotations, or for the two pin types to lock at distinguishable offsets, and you don't want it to be jammable. Boring standard fixes can deal with comb attacks.
Enclave, OTOH, does need a bigger body, but it's merely a bit taller, nothing radical, and it's very easy to manufacture. It already has inserts to prevent comb attacks.
In all the unpickable designs so far, various (potential) attacks are enabled by the ability to manipulate parts connected to each pin/disc/etc using tools held in the hand. So why not make a lock where the mechanism can't be touched at all?
For example, one that is unlocked by inserting a key consisting of only a blade and no bow (handle) fully into a slot before operating a mechanism (separate from the lock mechanism) that, in order:
1. covers the slot through which the key was inserted,
2. slides one wall of the slot aside to reveal a bank of pins that then come into contact with the bitting of the key,
3. if the key is a match, enables further operation such as movement of a deadbolt.
The mechanism is then reversed to release the key, which is ejected like a floppy disk / SIM card. Since at no point are the pins exposed to air from the outside world, it becomes impossible to actively move them or probe them for information.
I’m curious if this lock will be vulnerable to “timing” attack. If it will be possible to understand (by using some side channel) which pins prevented the lock to be turned there will be way less combinations to go through.
I was lucky to see a demo of the Million-dollar unpickable lock (with the square key) get picked live on stage at HOPE 2k3 in new york, in about 5-10min while they were giving the talk about how the company wouldn't actually reward anyone who picked it.
There is no such thing as an unpickable lock, its just a matter of time till someone finds an exploit
I’m not in any way shape or form equipped to evaluate the lock itself, but I’ve seen enough “uncrackable” security measures being cracked to know better than to believe in flawless security. So… “Unpickable”, “invulnerable”? That’s the sort of language that makes me very grumpy indeed when talking to a security professional.
Obvious derivative would be two cores inside each other. Outer core follows the inner core some ten degrees and the opportunity to test pins is gone when you tension the inner core. This might be more robust than that sliding thing. Except the "stack of thin wafers" disappears when the lock wears out.
But then, alas, the outer core could made of short rings. Rings must move in unison, and LPL can not tension them all at the same time. "Stack of wafers" not needed. (And thus I accidentally invented combination of disc lock and pin lock. The inner pin lock gives solution the outer disc lock. Patent not pending.. :-)
I do feel that selective brute forcing is going to become popular one day or another
e.g. a key with mechanical sections to actuate the pins to specific heights, plus, a very precise rotational sensor (perhaps acoustic sensors too)
but anyways, potential but easily fixable methods: a magnet with enough force to pull the slider would give tension, so just don't make it ferrous
the slider will always get super close to the front of the lock body, could be drilled, even if a stronger steel or the such, and then tension from there. Fixed by not surrounding the last pin with the slider, only needs ~1/4th of the last pin's space at most.
Probably stupid question but are keys like https://cdn.cle-serrure.fr/media/catalog/product/cache/13/im... that easy to pick ? I was under the impression that they were made this way exactly because they made the creation of tools harder (variation of widths of circles, code encoded on the small width of the key and not its big height...)
Could one make a lock that unlocks wirelessly via radio communication?
I would imagine something that gets its energy from the outside, similar to wireless charging. So the key would provide the energy.
It could be Bluetooth or some proprietary technology.
So you hold the key next to the lock and the two devices exchange some challenge response data that proves the key holds the secret key that is allowed to open the lock.
I guess that would be unpickable. Just like a locked Android/iOS phone is unpickable.
Things like this have been made, but there are challenges:
* you have to prevent replay attacks, where somebody just records a session and replays the response
* lower-power devices are usually vulnerable to side-channel attacks, for example you can limit the power supply just to threshold where it starts working, and then you can infer information about the internal state and possibly key material
If you look at practical attacks against existing key fobs, you'll see that there are a lot of things that can go wrong in the field.
Are there wired electronic keys? No wireless vulnerabilities, and no picking, either. There'd be something like opto-isolated data and a separate circuit powering the key to protect the lock electronics.
Edit: This concept is called a 'passive electronic lock'
wonder if you could pick it just enough to allow the first rotation, to the point the slider binds the pins and then just start rapping on it until they lock into place?
or instead of rapping, just a buzzer or something to vibrate the pins while holding them very lightly bound. Just because you can't pick at the pins doesn't mean you can't move them.
This is clever to break the unlocking into two phases. I’m not a serious lock picker so probably this idea is widespread.
Many years ago I imagined a lock in which the mechanical action of pushing the key all the way in would engage a lever that engaged the pins (until then they would just float and provide no information to the lock picker). Using rotation to achieve this looks simpler and more (mechanically) robust.
For safes you of course keep it locked. But provide some hidden wires to power the lock if battery died. Of course you should think about protecting electronics from something like megavolt put on those wires, but it's doable and with enough iterations all weak spots should be fixed.
The problem is that there are still mechanical bits inside electronic locks, and now you have two areas of attack: the mechanics and the electronics. And as already mentioned, they often have a mechanical lock mechanism as a backup for if the battery is dead, further increasing the attack surface. If the LPL is to be believed, a lot of electronic locks that are on the market are easier to open than Master Locks.
Why did the pins stay in place once they have been pushed into the correct position with the lockpick in the first example (for the old regular lock). I didn’t understand that and would assume that those pins fall back down once the lockpick moves to the next one?
In a hypothetical perfect lock, they would fall back down. But in real life, every lock has slight imperfections, like not all of the pins being exactly the same diameter, and not all of the pin chambers being perfectly lined up. It's these imperfections that let previous pins bind and stay up when you move on to picking other ones.
I feel like I've seen this two step design multiple times, both on YouTube (LPL, and someone else)? But also I feel like I've seen it somewhere else as well?
This seems like the same idea with a "modern" website design .
This actually might be unpickable. But the small space of keys (6^6 combinations) makes me think you could just fabricate every single key and test them one by one, if you were really determined
If you can test one key a second (which is unlikely), that's over 12 hours to try all the keys, not to mention having to lug over 800 pounds of keys to the lock in the first place. It's possible, but certainly impractical.
Yes, this is a much better idea. might be hard to make such small actuators to get the vertical pinmovement once it's inserted, maybe you could use tiny pneumatic pistons or something
Interesting from a locksport perspective. ITRW, a criminal would defeat any mechanism by just drilling it out because it's like the farm with a heavy locked gate but no fences meme.
"With a special shim made from the cap of a whiskey that Bosnian Bill and I were drinking, I managed to pick this lock in 23 seconds. In all fairness, without this specialized tool, this would have been an incredibly difficult feat..."
The best part of that video is where he notes that the hinge pins were welded "to prevent me from tapping them out and declaring victory...and he was right to do that as that's exactly what I would've done".
"You can just kick in the door" is approximately the least interesting thing you could possibly say about a new pick-resistant lock design. Sure, you could use an RFID lock, too! Or an armed guard.
Why do you dislike people making a logo and trademark out of their name? It is a very old way to identify your trade with your name. In some countries it is the default for sole proprietorship to use your name in that way.
> What’s with people making a logo and trademark using their name? That’s really sad. Can’t take designers seriously after they make a logo for themselves
Care to elaborate? If anything people not having anything to be proud of their name for (like you apparently?) are a pretty sad and depressing thing to think about.
There's an old Justice League Graphic Novel by Alan Moore (I think) I read about 20 years ago. I don't remember the plot, but I remember a scene where most of the heroes - excepting Batman - are in the Pentagon addressing some threat. J'onn J'onzz (Martian Man Hunter) notices Batman lurking in a shadow somewhere who wanted to see what was going on without interference. MMH asks him how he got in. Batman replies that it's just another lock, just a different kind of barrier to get through.
While that's fantasy of course, I find the premise of an "unpickable" lock to be inherently faulty. I acknowledge that the design makes sense in terms of be unable to pick it by nature, but I can't help but think that the correct pick hasn't been invented or the appropriate technique hasn't been discovered. At the end of the day, it's just another lock, a different kind of barrier.
I also want to say that lock picking seems mostly to have become a parlor trick, and a genuine nefarious attacker approaches the problem by going around the lock...
Just about every key lock in the world today has the same fundamental flaw. They are designed by a human being, and they test if that design can be exploited by calling it unpick-able. This flaw opens up infinite kinds of vulnerabilities.
Interesting design. I made a lock a couple years ago that is quite similar in principle (though this design is different and has a couple nice improvements).
https://youtu.be/_7vPNcnYWQ4
One of my main goals is to be an inspiration, though if it was based by my design I wish they’d credit it. Especially since they’re patenting it.
The interaction of engineering and "use" by the Lock Picking Lawyer (https://youtu.be/Ecy1FBdCRbQ) was fascinating - "use" here really meaning "exploiting". It's a problem many here are aware of, either by over-engineering things intended for use by non-engineers, or designing things to be used by customers when the designer isn't intimately familiar with the use. In this case it was sort of somewhere in between.
I'm currently an operator of heavy machinery in a factory making tools for the wafer industry, although my main career is in software development. I'm actively working with the tools and software used to get a better understanding of the disconnect between engineering and operations. It's been a great way to consider how to improve tools in ways that aren't just "better" from a software/engineering standpoint.
Also, holy cow. I've watched all of your videos multiple times. You are truly an inspiration. Thank you, and apologies for the fanboying.
Def want to see Enclave's under Lock Picking Lawyer! If you make a "unpickable lock" you'd def want to send it to LPL, that's like the ultimate proof of how easy/hard it is to pick. The fact that there's no video, with how approachable LPL is and accepts random locks in his PO box, can only be seen as a red flag.
Do it in the open, like Stuff Made Here!
Check out another prominent lock sporter, Lock Noob. He has a recent video where he examines the lock and agrees it’ll be hard to pick.
Unpickable locks aren’t that unique or rare in the community but they tend to be too complex to make it to market at a reasonable price or with the ability to withstand years of wear and tear and still work.
https://m.youtube.com/watch?v=qNHFyc1oMwU
> The fact that there's no video, with how approachable LPL is and accepts random locks in his PO box, can only be seen as a red flag.
He says he's going to make a small number of prototypes and send them to the locksport community. It's not a "red flag", it's just very early in his design cycle.
He's selling them at $250, patent pending and is sold out for 20 days ("again"), def sounds like a normal product and not a prototype.
"Please be aware that this lock is only a demonstration of the mechanism, and cannot be used to secure doors, chains, or anything else. "
It's for locksport and to play right now. There's no ready means to actually... lock something.. with it.
LPL makes few videos with locks where he can't do anything. To me it's not a red flag but more likely a signal that he hasn't found an exploit (yet).
I definitely remember seeing a design similar to this one not many weeks ago on LPL. I am looking for it now. The video on the landing page shows these little discs which can provide a false set, and a secondary mechanism that opens only when all the pins have a correct set. I am not an expert just watch a lot of LPL so don't take my word for it when I say this is the same design, this may be a completely novel design, but I'm looking for the video, it can't have been long ago...
Edit: ok, it wasn't on LPL, or a similar design at all, it was this lock and it was on Lock Noob, I found this was in my viewing history and it was just recently published, it must be the video I remember: https://www.youtube.com/watch?v=qNHFyc1oMwU (I see this was also linked down thread)
It looks like a very good design! I'd like to see it in front of Lock Picking Lawyer too
It was reviewed a month ago. https://www.youtube.com/watch?v=qNHFyc1oMwU
I think it's just too soon?
> that's like the ultimate proof of how easy/hard it is to pick
I would assume there's much better locksmiths on the planet than the most famous one on youtube who does it as a side job.
LPL is not a locksmith, he practices lockpicking as a sport. And evidently extremely good at it.
Not only that but he manufactures and sells lock picking equipment and consults on physical security. There's nothing part time about LPL's lock picking any more.
Well, we don't know what his main job is, only that he lives in Washington DC. I would assume because of his location that he works for the US government, and that this is the reason he does not want his face on video.
he’s in corporate law. contracts and such.
was* afaik his channel, shop and counseling are his main jobs now.
Has he won any tournaments? I'm not too familiar with the sport sorry.
Yes
https://www.youtube.com/watch?v=Avn7ABVHPYk
True, but it’s also probably excellent marketing if you can get your lock featured and it does well.
It is not a side job anymore. He has stopped lawyering to concentrate on security. He launched covertinstruments.com, which sells tools and training.
whether he does it as a side job isn't really relevant, but I do think that there's a bit of a cult of personality going on here.
he's clearly a good lockpick, but even in a thread that isn't about him, he's somehow dominating conversation and gathering plaudits. I completely agree that being famous doesn't make you the ultimate arbiter of anything
Didn't know HN had so many lock experts and lawyers frequenting the site. Dozens of comments have already detected an IP violation, half the thread is recommending ways the lock can be tested or people it needs to be sent to for confirmation of the unpickable claim...
As someone who doesn't know anything about lockpicking, I feel like part of a weird minority here. What do I know but I'd assumed one would take it to a convention or competition where the best lockpickers in the world meet, not a youtuber. Something like this: https://www.wired.com/2014/12/international-competition-mast...
> Didn't know HN had so many lock experts and lawyers frequenting the site.
Now you do? They're are definitely lawyers who frequent this site. And lockpicking is a common interest of computer security experts
That youtuber has won his fair share of locksport competitions.
Sure. Not saying he's bad at lockpicking. The point is more are you an expert yourself or how do you know he's THE guy to talk to? For reference, what are the main lock picking competitions in the world and which ones has he won? Can you name them?
When I looked it up out of interest, he isn't mentioned as the world expert in actual lockpicking forums. I found a couple of other names but in any way, it makes more sense to have it tested by a group of experts than just a single person. One person may fail, but if an entire convention full of the best lockpickers can't pick your lock, that's a much better indication the lock really is unpickable.
What’s wrong with taking it to a youtuber?
Got a lockpicking set from a friend, and was ... hooked ... ever since. Apparently it's pretty normal among tech / IT types.
I can't be bothered to use YT anymore with all the ads. They're basically interactive, on-demand, corporate TV monetizing other people's content and nothing more. The world needs a co-op video sharing app and a microblogging app.
Just download the videos you want to watch:
https://github.com/yt-dlp/yt-dlp
The only "ads" you get will be the ones the video uploaders encode directly into the video itself. Plus you can watch using whatever playback software works best on your system, instead of the rather feature free JS player youtube provides.
This is the only way to enjoy youtube without a premium account, and even with a premium account it's still far better to use a proper player like mpv.
But it seems likely to me that YouTube will eventually start embedding the ads more inextricably into the video streams while downloaded. Especially as more people use tools like youtube-dl/yt-dlp to circumvent ads.
They'd have to vary the ad timing to get past sponsorblock, and generating a video for each viewer to do targeting. I can't imagine Google going back to content-based ads after all this time.
https://github.com/yt-dlp/yt-dlp/#sponsorblock-options
Firefox with uBlock Origin is effective at blocking them.
You could also just pay for YouTube premium. I subscribed about a year ago and I don’t regret it.
Same here. Totally worth it.
Using privacy front-ends makes the experience much more tolerable and completely eliminates ads. Then you can directly support your favorite creators via patreon, etc. There's invidious [0] and piped [1], with the major differentiator being that invidious doesn't require JS and piped having sponsorblock built in.
[0] https://invidious.io/ [1] https://github.com/TeamPiped/Piped
Having a PiHole on your network makes it tolerable. But doesn't fix their broken recommendation system.
Pihole can't deal with YT ads because they're served from YT domains.
How so? I have a pihole and the requisite config on my ddwrt router but still get plenty of yt ads.
I use Brave to block the ads. Also, Brave has the playlist feature on iOS which is quite nice.
or just pay to avoid the ads?
For others who might not have seen it, here's what the Lockpicking Lawyer had to say about that.
He picked a lock with the same concept by swighton (Stuff Made Here), but exploited a flaw that had nothing to do with the mechanism.
https://www.youtube.com/watch?v=Ecy1FBdCRbQ
I think one problem here is that the more complicated you make a locking mechanism, the more you suffer by increasing the attack surface with other potential flaws or just the lock being physically weaker (i.e. smashable).
Kinda like how the most advanced cryptography is usually broken because someone made an error in the complexity of implementing it.
The other problem with increased complexity is that the more intricate your mechanism is, the more prone to failure due to wear or contamination it becomes. A security measure is only as good as it can remain usable. As a locksmith for working in the industry for 25 years, I've seen a lot of high security designs come and go, and the stuff that sticks is the stuff that's simple and reliable. The fundamental fact of locks and security is that people just don't pick locks much. The vast overwhelming majority of unauthorized accesses are via an acquired key or via bypass attacks on other aspects of the locking hardware than the keyed cylinder.
To put it bluntly, all these fancy pick-proof designs people are coming up with have zero real world utility and are just toys for locksport enthusiasts to play with.
EDIT: and really, I'd say all the patent discussion is moot. A patent is only useful if there's a market for your product. This product has design shortcomings that render it a non-starter for most applications, i.e. no master keying capacity, which makes it useless in any institutional setting, and a design necessity of using critical precision parts that won't handle outdoor exposure well, and a physical size that makes it incompatible with even the largest north american cylinder format. This is a product without a profitable customer base.
Yes, and with more complexity comes more ways to fail to operate properly. I foolishly almost locked myself of my condo. I had a Medeco high security cylinder on the door and the condo was on the 22 floor so it was pretty secure.
Foolishly, I had used the sturdy Medeco key to cut through some packing tape on a package. The gummy adhesive left over on the key wasn’t that noticeable and would probably not interfered with the operation of ordinary pin tumbler locks, but high security cylinders are usually made to tighter tolerances making picking more difficult. In Medeco cylinders the pins have two degrees of motion (up and down and rotation on their long axis). The sticky key likely gummed up the operation of one or more pins so that I couldn’t unlock the door.
A trip to the hardware store for some spray cleaner/lubricant finally got me inside, but for a while I was afraid that the lock would have to be drilled out (difficult because of specially hardened elements designed to thwart drilling).
It's the same with digital security. There is always a security/usability tradeoff.
Part of security is sucking up the consequences of getting locked out.
I don't see any fundamental reason why this design could not be master keyed (although it would be more of a pain than with traditional lock designs).
The key spools have a narrow section at the correct position. I see no reason why they could not have multiple narrow sections. The inconvenience is that you would need to stock 10 additional spool types to allow for 2 position opening. (or 6 if key spools are symmetric), and more if you ever need three valid positions for a pin. (These numbers get worse if the system is extended to more than the 5 positions of the prototype).
I'm not sure this is actually all that much more complex, or having more critical precision parts than some of ASSA ABLOY's offerings (like Medeco). The pin-stacks being too tall for standard US cylinder sizes though does seem to be a rather substantial problem.
As usual there's an XKCD that's relevant: https://xkcd.com/538/
I assume that most people know that this is more of a hobby thing (and a cool one), but I also forget that not everyone has demolished a house with a handheld reciprocating saw.
I remember being annoyed by the end of that video with the backplate. swighton had already thought of that and machined for a backplate but it was just left out so the LPL could crack into it.
In any case, this guys design I think is a significant improvement over swighton's. swighton made it so that the key triggered the locking mechanism as you pressed it in, this guy made it so that you had to turn the key to test the locking mechanism, as well as adding a multipin stack.
It’s so cool that you’re on HN! I’m a huge fan of your work and it helped me feel comfortable with aiming to be a generalist.
Agreed. I’m a firmware engineer and a writer for Hackaday and the Stuff Made Here videos are throughly enjoyed by both crowds.
You absolutely should sue them with prior art or something if they patent it. You had an amazing fairly well distributed YouTube video with this design anyway.
Anyone here can submit prior art during the patenting process. No suing or courts involved. You only have to care enough to make the submission.
Interestingly, videos don't seem to count? It must be a written description?
https://www.uspto.gov/web/offices/pac/mpep/s2206.html
> Interestingly, videos don't seem to count? It must be a written description?
Wondering the same myself. Googeling for this issue turns up this power-point [1] which seems to imply on page 6 that "electronic publications, on-line databases, websites, or Internet publications" are also considered as "printed documents". But this is just a power-point so who knows which standard gets applied in practice.
I get the impression that the "printed document" language got written before digital documents and the internet were a thing.
I am not a laywer, don't know a thing about the topic, this is not legal advice etc.
[1] https://www.uspto.gov/sites/default/files/documents/May%20In...
The power point says "Public Use or On Sale" counts. That could be interesting, given that the lock was given to a member of the public, the Lock Picking Lawyer, for a public picking. A convenient case of having a lawyer when you need one!
https://www.youtube.com/watch?v=Ecy1FBdCRbQ
The examiner is definitely allowed to consider videos but it might not be easy to submit. Video subtitles/transcript, thumbnails, and comments would definitely count though. I would just print to PDF the YouTube video with the transcript sidebar, that should be enough info for the examiners to reject any overly broad claims.
Samsung used 2001: space odessey as prior art for fighting iPad patents so not sure if that’s true.
Do subtitles count?
Yeah I immediately thought of your work when I saw this. The key insight is the same, even if the implementation is different. Everything you do is fascinating by the way!
I didn't know you were here on HN, though it makes absolute sense you would be.
Amazing content, your shows are some of the best YT has to offer.
Same. One of my fav content creator on YTB.
His shop is also any ME major's wet dream (and he totally earned it!).
Although I've seen pretty much all of your videos, I'm ashamed to say I couldn't remember your name, so I googled "Andrew Magill" expecting your face to pop up.
I loved the way the puzzle was presented in that video and loved the partial solution. It has been consuming idle brain cycles eversince.
First we should proudly make the key flat as security by obscurity is not done. We should solve the problem for real and it has to be easy to manufacture.
The real idea: put a tube around the cylinder. after rotating the cylinder by 45 deg it drags the tube along.
you have a pin in the tube with small discs on the key side. The inner cylinder can rotate freely for 45 degrees at which point it drags the tube along IF the pin is in the correct position thereby testing the correctness of the key used therein all pins simultaneously.different keys can be had by changing the number of discs. No machining required.
Have fun
Extra funny would be a second tube with a clock mechanism that delays a second attempt if the wrong key is used.
(Going to implement that one on all my enter password pages.)
Just want to say I absolutely love your channel and it's been a huge source of motivation to work on my own hardware projects in the past, I eagerly await your next video!
This could be worth fighting for. If another maker uses your work to build and share an improved lock, as you did, this guy could try suing them for that, as though the basis for their work was his, ruining the spirit of openness and stunting any resulting improvement in lock design.
It might be a struggle to prove prior art but you might have enough sway to be able to find a pro-bono lawyer, and/or publicly pressure or embarrass him into compromising. Patreon would almost certainly help with costs too.
Seriously, you have a tremendous amount of credibility in maker/engineering communities, among others. Thank you very much for doing what you do.
While I cannot comment on your lock video, your chainsaw CNC video has inspired me to never use a chainsaw again. Good stuff.
As others have already said, you’re a huge inspiration.
I was trying to find interviews that you’ve done to learn more about how you came To know so much, but it looks like you’ve never really done any interviews. Any reason why?
I’m not all that interested in advancing my personal prominence. This is why I originally didn’t even show myself in the videos
His page says "patent pending" near the bottom. Would your work count as prior art?
I actually thought this _was_ you under a different name.
You can use a third party pre-issuance submission to ensure that the parent examiner considers your work as prior art during the application process. There’s no fee to file the first three documents you want to the examiner to consider. This will ensure he doesn’t get a patent which could be construed to block you from building your lock design.
Is it just me, or are the improvements the ones you mentioned in your react video?
- https://www.youtube.com/watch?v=xjVS-g_ss84 - https://www.youtube.com/watch?v=8CWsA22H35Y
For those that did not watch it. The lock was left to be pickable on purpose. The improvements were purposely left out so LPL could pick the lock for entertainment purposes.
I watched your YT grow from just a few thousand to what it is now, and I've seen every video.
You are a HUGE inspiration to me, slowly growing past 55,000 subs.
Thanks for the amazing videos and inspiration!!
Your videos were my first thought uppon reading this article. Even the formulation of 'seperating input from testing' matches your video.
What is the drawing software used at e.g. 3:50 in the video? https://youtu.be/_7vPNcnYWQ4?t=230
Concepts: https://concepts.app/en/
I’d say you’ve certainly succeeded in your goal to be an inspiration. Nothing makes me want to build something awesome more than watching your videos!
I didn't expect to see you here! You are undoubtedly an inspiration, at least to me. I love your content. It makes me want to build stuff!
Could you submit your work as prior art?
Love your videos! Of course you’re on HN
This looks very similar to the design[0] by Stuff Made Here (and collaborative hardening [1] suggestions by Lock Picking Lawyer)…an excellent set of videos.
https://youtu.be/2A2NY29iQdI https://youtu.be/Ecy1FBdCRbQ
StuffaMadeHere used friction to keep pin in place between setting and testing. Here, he used many small pin to translate to a discrete combination. Quite different ! And I think more resistant to wear for a real word application.
Beat me to it. Yeah, the idea of separating the input step from the test step is something that was done in that lock as well.
Its the standard procedure for "unpickable" locks before SMH's lock too.
Yeah same idea behind my lock too:
https://youtu.be/7hUonUE1hEY
I'd guess many many people have had this same idea.
According to the video's pinned comment thread, that lock was sent to LockPickingLayer a few months ago, who never responded. I suppose, from my cousin comment, that it's with the other locks LPL can't pick yet.
Yeah. In fairness someone did link a method that I think could my lock (and this one). Basically you attach a laser to it so you can very accurately tell how far the key turned. That gives you a way to test the pins even though you can't directly manipulate them.
Very very tedious though and I never tried it.
LPL Did both the locks in video 1299: https://www.youtube.com/watch?v=Ecy1FBdCRbQ
Yours is so much simpler and more elegant. Thanks for sharing. Beautiful.
Thanks!
I quite liked your version. Seems a bit more robust but I know nothing about this space and perhaps it was just that your presentation was fascinating
It certainly seems like a simpler, cleaner design. So did LPL try to pick it? (Edit: I see you wrote elsewhere in the thread that he never replied.)
You might want to see to Stuff Made Here's comment in this very HN Post:
https://news.ycombinator.com/item?id=31880501
There’s also a lock on that channel he can’t pick - the bowley I think? It has a wild key design.
The Bowley has been picked last year.
https://youtu.be/ai5Hf-wPXFE and he mentions it's a collaboration at 4:29.
I think he has a whole box full of locks he can't pick. He usually doesn't show a lock until he has mastered picking it.
He showed the Bowley before he could pick it. Although he claims that box is locks he can't pick yet.
He can't pick the Abloy Protect2 lock. Less than 10 people in the world can pick it actually.
On its surface, that sounds like a weird claim to make. Even if people would always advertise their ability to pick it, how would you have such an accurate count?
That’s like the old ‘only three people in the world can understand general relativity’.
I am a reasonably capable lockpicker and lock collector with hundreds of locks of every mechanism I can get my hands on... and as LPL often demonstrates, the vast majority of them, particularly the move clever seeming designs, are actually easy to pick.
I have one of the Enclave lock prototypes on my desk and can confirm the machining is brilliant and I have no idea how one could approach picking this. No feedback at all for correct vs incorrect.
I plan on taking it to my local SF Toool meetup to see if any of the true experts there can come up with anything.
So looking at the lock’s YouTube video it may be susceptible to an attack where you set all the pins to their lowest, turn the key and then jolt the lock several times while continuing to turn the key.
Compressing the springs by jolting the lock (hitting it with something?) might be very hard if springs are strong and pins are light.
Especially if the lock is mounted in a door.
you're describing a bump key!
https://en.wikipedia.org/wiki/Lock_bumping
No, that won't work, because the pins cannot be bumped once the lock is partly turned.
Why not? Vibrations can travel through solid metal. You might be able to make a custom tool that sends vibrations through the core enough to cause the wafers to move up and down even if the core is turned.
The bump key hits the lower pins, which move the upper pins. This is not possible with the Enclave design.
You really cannot move the pins by vibrating the entire lock. The pins are so light that you would need tens if not hundreds of g of acceleration to overcome the spring force.
This kind of comment is why I read these sort of things: Elegant but unexpectedly simple solutions.
From the video it looked like it would be pretty simple to lift the tiny pin wafers into the pin decoding region if there's nothing stopping you from over-lifting.
>I have no idea how one could approach picking this
Not sure how well the lock is made but it may be possible to detect when pins 1 and 6 are in correct position - because the slider is "stiff against springing apart" at those pins, if you get what I mean. The key might turn a degree or so more if those pins are correct, which may be detectable.. That would be only 36 positions to check.
Likewise, pins 2 and 5 should produce slightly more resistance than pins 3 and 4, but the difference would not be quite as pronounced. But if the difference is detectable, then it could be a possible attack strategy.
Didn't that guy stuffmadehere make something that's very similar in concept, sent it to LPL and he still managed to open it? I think the attack angle wasn't the mechanism though.
would a robotic mechanism work? iterate through all the possible pin heights, turn, reset, try again. like those robotic safe crackers.
LPU unite! This is birdie, I hope your day is excellent!
Bird is da word
While very cool and seemingly well-designed, this seems like a derivative of the lock developed by the YouTuber StuffMadeHere. A little strange to see someone applying for a patent for a version of someone else's design.
The principle is the same, but this design is different and better in some ways. Depending on the generality of the claims a patent may be reasonable. The Enclave design is more refined/compact, but I'm skeptical of the longevity/durability of the wedge mechanism.
The underlying principle that's common between the StuffMadeHere and Enclave designs is 1. Decouple setting the pins from testing them, and 2. Do not allow the keyway access to physically manipulate the set pins while testing them.
Interestingly this same principle is used throughout cryptography, e.g. in constant time comparison algorithms. Basically, any partial success information leak can be used to reduce the search space exponentially. And that's what single-pin picking is all about, so it's cool that this idea has (finally?) migrated to physical security.
Except this isn't a constant time comparison. You still reach the "no more turning" angle at whichever pin is incorrect first. This is more like forcing the password to be fully retyped after each failed attempt. A good feature, but not a feature which eliminates side channels which might be there.
There's still no direct way to detect which pin blocks it from opening. Maybe you could determine if the failed pin is the same as a previous attempt by listening with a stethoscope, or very finely measuring the turning angle, but you can't directly feel out which pin. So there may still be a way to reduce the search space in theory, but that attack still seems very difficult to pull off, and for the complexity it seems vastly better than previous locks.
Well, it didn't advertise itself as a "very difficult to pull off lock", or a "vastly better than previous lock". It advertised itself as an "unpickable lock". That's a very strong claim to be making. I wouldn't be satisfied with anything less than a proof that it is impossible to reduce the search space down to sub-exponential.
Building a lock which does not leak any information about what's happening inside is equivalent to building a mechanical, room temperature quantum computer. For if that information isn't leaking to the environment in some way, there is no mechanism to decohere a superposition state. Hence in principle a mechanical lock which is secure in the information theoretic sense is impossible. It is still theoretically possible to make a computationally secure lock (eg a mechanical implementation of a hash function). But there's currently no real proof that one-way functions are actually one-way. The security of such a lock is subject to a foundational guess in cryptography.
If the core ideas are already in the public domain, it likely means that designs that bypass the enclave patent are likely.
It is even closer to the design I published a year ago: https://github.com/espadrine/lock-designs/blob/main/commitme...
I don’t see how this patent has any legs to stand on.
> don’t see how this patent has any legs to stand on.
Well USPTO did move to first-to-file under Obama.
Is there a patent filed before this one?
My understanding of MPEP 2126-2128[0] is that prior art published to a website can be disqualifying.
I don’t like patents, because given the world population, any idea was had by someone that didn’t have the resources to file it. Publishing a timestamped design is, I believe, one of the least expensive ways to create prior art without creating patents.
[0]: https://www.uspto.gov/web/offices/pac/mpep/s2128.html
If I am not mistaken, there have been many cases where prior art was available (and in some cases quite well known within the field) but did not come to the attention of the examiner (or the examiner did not recognize its relevance), and the patent was granted anyway. In fact, there was one such case on the HN top page today.
https://news.ycombinator.com/item?id=31881973
Once that happens, getting it revoked is no easy task.
Getting it revoked is likely harder than successfully defending against a suit. Many aggressors will fold at the "here is obvious prior art, go find someone dumber to extort" phase.
First-to-file doesn't mean what I think you think it means.
Prior art, whether from another patent or from some other source, will still establish that the applicant is not an inventor and not eligible for a patent.
First-to-file (FTT) only differs from first-to-invent (FTI) when there is an "interference". That's when two or more separate parties are simultaneously applying for patents on the same invention.
Under FTI your priority date was the date you conceived the invention if you then worked diligently toward reducing the idea to practice up until you filed your patent application. If you stopped working diligently on reducing the idea to practice and then resumed it, the date you resumed became your new priority date.
What counts as a break in working toward reduction to practice sufficient to reset your priority date? How much documentation do you need to prove you were working continuously on it from your claimed priority date?
Figuring all that out can be expensive and time consuming and often gives results that seem wrong. It's almost random whether the priority date by this method actually matches who seems to morally most deserve the patent.
FTF gives priority to whoever files first. It doesn't produce any worse outcome than FTI and saves a lot of time and money for both the patent office and applicants.
That is for independent simultaneous discovery right? Which is a separate matter from 'does prior art exist' I would imagine.
would likely depend on whether the filing date was before or after this, but yeah, this would likely invalidate any claims for the most interesting improvements over the SMH designs
Need to see the patent or published application, and in particular the claims. I've got a few patents under my belt, but I'm not a patent lawyer. Typically when prior art is found during the preparation or processing of a patent application, the inventor can either argue for why their thing is new and different, or narrow their claims to the point where what's left satisfies novelty. Now at that point, one is left wondering if their idea is still worth patenting. But that's another matter.
Even as an inventor with some experience in the patent process, I still find it hard to second guess the patent office on what they will accept or reject as prior art. The lawyers are better at it than I am.
More than once I've rushed breathlessly to the lawyers with screaming hot obvious prior art, and they say: "Meh, it's not prior art because of X, Y, and Z, nice try."
The concepts employed in the StuffMadeHere video were derived from techniques used in other pick-resistant locks. His implementation is unique, of course, but he also derived his lock from other existing techniques.
There’s a big world of lock design and research out there, and I doubt this company simply decided to rip off a YouTuber.
> and I doubt this company simply decided to rip off a YouTuber.
While you’re likely right, YouTubers are massive in terms of reach and popularity, and there are heaps of cases where companies have done exactly that…
> A little strange to see someone applying for a patent for a version of someone else's design.
Apparently it's common depending on the country you live.
Some countries have a first-to-file versus a first-to-invent patent system. And so you end up with people (often inventors or retired lawyers) who spend their days filing patents for other people's inventions. The idea being that they only need one or two of the patents in their lifetime to result in a massive payday for it be all worth it.
Even in the US, which is first to file, your patent can be invalidated by published prior art that makes it obvious. The stuff made here video is a textbook example of an invalidating piece of prior art.
It might invalidate aspects of the patent, but the two are different enough that certain aspects of this one are still patentable.
Bottom line, you don't always patent the whole device, sometimes just the small unique implementation details are valuable enough.
I assume they are going for a design patent, which they may well get (and doesn't protect against much other than direct copies). A method patent or a utility patent is a lot harder in light of the prior art.
The problem is that the patent system tends to just approve anything that meets a certain quality threshold. And then they leave it up to the courts to adjudicate whether a patent is invalidated due to prior act.
And so rather than litigate, roll the dice and potentially strengthen the patent's standing sometimes it's easier just to negotiate a deal with them.
and it will only cost you >$100K to invalidate
It feels like you never looked at https://www.uspto.gov/web/offices/pac/mpep/s2215.html and it might be worth giving that a quick read before pulling a number out of thin air.
Yes, it costs money to get a patent invalidated based on prior art. But: an amount that even a single person who stands to actually gain from having a patent overturned should have no problem with. You're asking the USPO to spend time redoing work, literally halting any other patent work they could be doing instead. So it's not a trivial amount, but it's also hardly a prohibitive amount if you actually want a specific patent revoked.
https://arapackelaw.com/inter-partes-review/ipr-better-inval...
The AIPLA Report of the Economic Survey for 2017 notes that the typical patent infringement suit with less than $1 million at stake costs on average costs more than $600,000 dollars, while the typical patent infringement suit with between $1-10 million at stake costs on average nearly $1.5 million to litigate.
https://blueironip.com/what-are-the-costs-to-enforce-or-defe...
Costs for IPR or Post-Grant Review (approximate mean):
Arithmetic mean isn't a useful guide for litigation. Take the $600,000 as your entry price and you are on the right track.
A little strange to see someone applying for a patent for a version of someone else's design
I'm pretty sure 95% of patent applications and 50% of granted patents are attempts to steal someone's invention out from under them.
Like Steve Jobs famously Said - something about stealing
I actually think Zaphod Beeblebrox got there earlier. As he willonhavedone by whenever he followed through.
Ironically I'm wearing one of my hitchhikers guide shirts today
I agree, it seems a little strange.
I also seem to recall that the LockPickingLawyer was able to break that lock using two separate methods that I didn't see addressed in the article, so I wonder how much this person just copied StuffMadeHere..
LPL “cheated” when picking SMH’s lock but still provided valuable feedback. Both weaknesses he found are easily fixed. In one case he could walk the deadbolt back because of a precision error/oversight in SMH’s lock. The other he stuck a small shim between the door and the lock to tension the second tumbler which is not an issue with this lock and easily fixed on SMH’s lock by closing the back with a plate.
Oh, I see.
I'm no expert but at least I understand the things LPL did a but better now.
A lot of people saying this is similar/same to the lock from Stuff Made Here. Certainly both use the same concept of preventing single pin picking by separating the pin alignment and matching stages, but this does appear to be a unique design. SMH used a pushing mechanism to bind the pins in place before trialing a set of gates via rotation; this one sort of does the reverse, with pins never binding (see stack of separable wafers on each pin) put a pushing mechanism trials the combination.
This one does seem potentially more compact / compatible to existing form factors. Though it also looks like it'd be vulnerable to just torqueing it, depending on how strong that zigzag bit is. But I guess then you can just break the door.
Torqueing a lock in a way that is visible is usually not a problem for the threat model a lock is attempting to address. However, this mechanism looks like it may be vulnerable to torqueing without external signs of damage.
I’m looking forward to sometime next month or so: “Little click on one…”
He's fun, but my favorite favorite ones are where they forget about inertia or magnets.
"All is fair in Love and War"? The Geneva Convention would like to have a word with you on that. And good luck keeping someone who finds out what you did for love (and if you do, then you deserve each other), but all is definitely fair in lock picking.
Magnets, mallets, plastic pens, soda cans, springs, electric toothbrushes, masking tape, string, cardboard, water, salt water, we have seen it 'all' and the world is full of items that haven't even been tried yet because those all work pretty damned well.
What if Andrew Magill is lockpickinglawyer!
Lol then it would be sold through his web store covertinstruments.com
along with the pick that bosnian bill and i made
Ironically, that disc-detainer pick is the one thing that is not available for sale on covertinstruments. I went looking for it the other day and it's not listed at all, not even as "out of stock".
It's actually sold by Sparrows
https://www.sparrowslockpicks.com/product_p/DISCT.htm
Ah! Thanks!
Gotta love the description:
The Community Disc pick
Blah blah blah blah Lock picking lawyer blah blah blah Bosnian Bill blah blah blah blah blah blah blah blah blah Over a year blah blah blah blah blah blah blah Pandemic blah blah blah blah blah blah blah blah so many emails blah blah blah blah blah blah blah blah blah blah blah Isolation blah blah blah blah blah blah blah blah blah blah blah blah back on carbs blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah Ties and no playoffs? Why do you even do this? blah blah Zip ties blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah Lucky Saskwatch blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah Stop touching your face still applies blah blah blah blah blah blah blah blah blah blah blah blah Black Finish blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah This is the way.
What is that referencing?
It's copy-pasted from the description on the webpage :D
I was definitely not expecting that either.
I meant, what is the webpage referencing?
That lock pick was enormously popular and hotly anticipated, because it was designed by Lock Picking Lawyer and Bosnian Bill (two popular YouTubers) and mentioned in their videos. In fact most likely the overwhelming majority of visitors to the Sparrows website were there solely to see that lock pick and had never heard of Sparrows before.
That product description is making light of this reality. No matter what they write in the description field, it's all "blah blah blah" that most readers are going to skip over except the two crucial terms "Lock Picking Lawyer" and "Bosnian Bill." Everything else is wasted space. (And then they just threw in a couple of other random phrases for fun and to see if people were paying attention)
TY! I’d been looking for this as well.
He needs to trademark that phrase. It’s so iconic of him.
A little bit of counter rotation on two...
nothing on three...
Four is binding
Binding on four!
Yup, getting something on three now
And just like that, we got this open.
Now to do it again to make sure it wasn't a fluke
In any case, that's all I have for you today, if you do have any questions or comments about this please put them below if you like this video and would like to see more like it please subscribe and as always have a nice day, thank you!
> if you do have any questions or comments about this please put them below
I find that part funny as I never saw any question in a comment answered.
And as always, have a nice day.
And we've dropped into a false set.
Ok folks…
I don't know if this is too slow of an attack to count, but you could build an automated lockpicking machine that would iterate over the possible pin height combinations. If a fast robotic machine could input & test one key pattern per second, it would find the correct pattern in 12.96 hours or less. One pattern per second should be quite feasible. Here's an example video that shows how robots can move very quickly while maintaining submillimeter precision: https://youtu.be/SVuOWwL410U?t=7
Exactly. And based on the test mechanism simply requiring a ~46 degree turn to fail, I think it could actually be done in ~300ms per attempt, which would make the maximum solution even lower at ~4 hours. That's of course still a lot better than a traditional mechanism, which even brute force robotic pickers can tear through rapidly, but it's far from "unpickable."
Ultimately, even lengthening the time per attempt wouldn't help save it from attack, because not only is this lock susceptible to robotics, it's easily pickable with audio analysis. Much like the traditional mechanisms that this lock hopes to replace, you only need to analyze one to build a matrix applicable to all of the locks.
It's not unpickable, and the creator doesn't claim it's unpickable, either. So the title really shouldn't include the word.
I am not sure if I would call trying all combinations "picking s lock" — wouldn't adding a couple of pins simply make that infeasible again? You could also bring all 46k key variations and try them out, and you'll open it with 23k attempts on average, but that would not make the lock pickable if I was to talk about it.
I have no clue about locks, but there's a difference between brute forcing a password and decrypting it from the hash.
> I am not sure if I would call trying all combinations "picking s lock"
Lockpicking is defined as opening a lock with an instrument other than the appropriate key. It is not defined by how many attempts it takes. Many of the most common lockpicking methods are nothing more than brute force, which are sometimes incredibly effective. They're also sometimes the opposite of effective, meaning they may take many thousands of attempts before stumbling upon success. That doesn't disqualify them from the definition of lockpicking.
> You could also bring all 46k key variations and try them out [...] but that would not make the lock pickable if I was to talk about it.
The entire point of lockpicking is that you don't need to make every key combination, and instead only need a small set of tools or a single device. The personal decision to make every key instead of using another method, doesn't mean the lock isn't pickable, it just means you spent a lot of time making keys. You could also make all of the keys for a basic $1 padlock, but that padlock is still pickable with a paperclip. It didn't become unpickable by creating the keys.
> I have no clue about locks, but there's a difference between brute forcing a password and decrypting it from the hash.
Yes, the difference is that one will definitely take longer than the other, but you don't actually know which until you've successfully completed the task. They're both still password cracking methods with the same end result. One doesn't magically stop being a cracking method just because it takes longer.
My point is that every single lock (or password) is susceptible to trying every key combination: the only protection against that is to increase the number of combinations available.
Sure, if a particular lock is more prone to brute-forcing due to its design than an average lock (eg. side channel attacks like timing attacks with passwords), one could surely qualify that as a pickable lock (or a "weak" password scheme).
So I am not saying that a brute-forceable lock is not pickable, but that those are independent since every lock is brute-forceable. Sure, devil is in the details, and what seems like brute forcing is sometimes something smarter, but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock.
Again, maybe I am totally off base with regards to terminology as used in lock picking circles, but this is how I would differentiate between different approaches.
> I am not sure if I would call trying all combinations "picking s lock" [...] that would not make the lock pickable if I was to talk about it [...] but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock. [...] So I am not saying that a brute-forceable lock is not pickable
You quite literally said it's not pickable and not even lockpicking at all, and have even reiterated as much in this new comment, so please don't pretend otherwise.
> but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock.
All of the dictionaries and an entire industry of professional locksmiths disagree with that statement. Given that you've twice admitted to having "no clue about locks," I'm not sure why you continue to insist that uninformed personal opinions are somehow factually obvious.
> Sure, if a particular lock is more prone to brute-forcing due to its design than an average lock (eg. side channel attacks like timing attacks with passwords), one could surely qualify that as a pickable lock (or a "weak" password scheme).
You keep trying to apply the concepts of digital authentication to locksmithing, but they're just not applicable in the way you're describing. The "average lock" doesn't exist, and certainly can't be used as a basis for determining the threshold of whether an entirely different lock qualifies as pickable.
As far as I can determine, your opinion boils down to believing that successfully brute-forcing a lock with only 100 possible combinations does qualify as lockpicking, but successfully brute-forcing a lock with 1,000,000 possible combinations somehow doesn't qualify as lockpicking.
I'm not sure how that position is justifiable, made worse that the lock being discussed is notably prone to brute force and within a very reasonable amount of time. So, if "weakness" is your qualification for a lock being pickable, then you're arguing against your own assertion that this lock is unpickable.
>> So I am not saying that a brute-forceable lock is not pickable > You quite literally said it's not pickable and not even lockpicking at all
I think you have a problem with me communicating using (formal) logic.
If I say that A (lock is brute-forceable) is true, I am not making a statement on whether B (lock is pickable) is true: it could be either true or false. When I say that B is not true when A is, it means that B does not follow from A.
As an admittedly non-expert, I find it useless to consider something that's a tautology (always true, lock is bruteforceable) as a special skill (lock-picking), and I complain of the terminology. IOW, it is my personal opinion that this is a useless terminology if it's used like that.
> As far as I can determine, your opinion boils down to believing that successfully brute-forcing a lock with only 100 possible combinations does qualify as lockpicking
But I explicitly clarified my position, and you even quote that twice:
> but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock.
Which means that a lock with 100 combinations, and you try all 100 of them, you are not lock picking, but if you reduce that to trying out 50 combinations, then you are (again, I hope I don't have to highlight how this is my opinion of the terminology: I am repeatedly claiming I am no authority, but I can still have an opinion on language, along with the argument I am presenting).
I apologize if my use of somewhat general language confuses you: my background in formal maths influences the way I communicate sometimes.
> I think you have a problem with me communicating using (formal) logic.
The problem is that what you're saying is contradictory to itself. You're conveniently ignoring all of the flaws being pointed out, and instead reiterating the same argument ad nauseam, while also moving goal posts and morphing qualifiers as needed.
> but only when you are able to reduce the problem space from the full set of combinations would I say you are picking a lock. Which means that a lock with 100 combinations, and you try all 100 of them, you are not lock picking, but if you reduce that to trying out 50 combinations, then you are
The fundamental concept which you keep acknowledging but refuse to accept, is that brute force is a reduction of the problem space. In fact, it's a >99% guarantee to be reduced. Whereas the other lockpicking methods with a reduced space are not actually guaranteed to defeat the lock in a shorter amount of time, if at all.
You even acknowledged in your first comment that brute-forcing a limited set will, on average, require half as many attempts. Since your qualification for being pickable is that the problem space is reduced by half, then brute-forcing meets your definition of lockpicking half of the time. At that point, it's irrefutably classifiable as lockpicking, with the understanding that other methods may be more (or less) effective.
And you're still ignoring that the entire point of the lock being discussed is that traditional lockpicking methods wouldn't work. At all. Yet, when presented with an option to defeat the lock in less than 4 hours, your reaction was to repeatedly state that it doesn't even count as lockpicking. I don't know what else to say.
> And you're still ignoring that the entire point of the lock being discussed is that traditional lockpicking methods wouldn't work.
I am not ignoring it: I was bringing a point on terminology, not on this particular lock or lock-picking methods.
You seem to be unable to accept that people tend to and do use different terminology for same things, or same terminology for different things.
> Yet, when presented with an option to defeat the lock in less than 4 hours, your reaction was to repeatedly state that it doesn't even count as lockpicking. I don't know what else to say.
You need not say anything else, because I like to consider this a design idea, rather than a lock on a non-existent doors.
What would be the effect on the time to "lockpick" exactly the same type of lock but with two more or double the number of pins (as an obvious counter measure)?
Remember that this is a proof of concept lock and there are no doors it protects, so any actual implementation should be able to easily apply obvious extensions where higher security is needed. Again, it's not about this particular lock, but if there is an obvious scalability to the design, a lockpicking method only works if it scales linearly (like with regular pins, where you only test each pin individually).
Yeah, I don't accept your terminology, and you don't accept mine (no matter how you try to stretch it how it being half on average is reducing the problem space when it's not: that's rudimentary math, and when you reduce the problem space in a smart way, it applies to each method: eg. testing individual pins, you'll find them on average in half the attempts...).
I do struggle to understand why are you so keen to convince others how your use of terminology is the only acceptable use: it's ok to agree to disagree.
> I am not ignoring it: I was bringing a point on terminology, not on this particular lock or lock-picking methods.
You declared an entirely new definition for lockpicking which is contradictory to all accepted definitions of lockpicking, and then used it to repeatedly insist that the lock being discussed isn't pickable. Your comments are public and what you said is clearly visible, so please stop creating new realities when holes are poked in the previously concocted one.
> You seem to be unable to accept that people tend to and do use different terminology for same things, or same terminology for different things. [...] I do struggle to understand why are you so keen to convince others how your use of terminology is the only acceptable use: it's ok to agree to disagree.
You appear unable to accept that there is an entire industry of locksmithing experts and 100% of them use the same terminology. You are insisting that your invented definitions based on zero locksmithing knowledge should be more relevant than the actual definitions standardized over 4,000 years by hundreds of thousands of experts.
The rest of your comment consists of even more bizarre new definitions for lockpicking and mathematics which contradict reality, and veers even further away from the actual topic being discussed. I refuse to engage with it, because you are making all of your arguments in bad faith. If you can provide any shred of evidence for any of your claims about lockpicking, logic or math, I'll happily concede. But we both know that evidence doesn't exist.
Yeah, you are convinced you read things which are nowhere written, so there is no sense in having a "debate": your refusal to engage is a really weird one, considering the length of your comments trying to pit statements from different contexts against each other.
Good job and keep at it, you'll certainly make everyone right on the internet again.
To brute force it, don't you need to know the alphabet used? Without a few sample keys, you won't know which heights to set to your brute force keys
You can however use other properties of the lock to avoid brute forcing it, and get more like a gradient descent:
A blank key will be scratched by pins that are set at the wrong height, and you can keep filing and scratching till it's at the right value
Those master cylinders are of specific dimensions, variable length and probably mass as well. I wonder if one could analyze the audio frequency spectrum, and/or mechanical impulse response, to deduce the length of the master and work out the bitting.
The fun part of audio is that there's multiple ways to do it. You can use spectrum analysis, impulse response, harmonic frequency, beamforming, triangulation and more. Some would be easier than others in this situation, but you could technically use any of them to pick this lock.
To counteract brute-forcing, how about adding a rate-limiting mechanism?
I could imagine each attempt to rotate the cylinder could partially compress a spring-loaded lever. There could be some sort of ratcheting return mechanism that allows the spring to decompress at a known rate (think a kitchen timer). Once the spring is compressed beyond a certain point (e.g. after 5 failed attempts), a mechanism locks out the cylinder until the return mechanism allows the spring to decompress back to its starting position.
If the lockout happened after 5 failed attempts, and the lockout duration was 10 minutes, an attacker could test at a maximum rate of 30 combinations per hour. It would take 64 days to check all 46,656 possible combinations, or 32 days on average to find the solution.
Sounds like an interesting way to get locked out of your house.
You would need successful uses of the key to reset the ratchet or every 5 times you opened your door it would become inoperable for 10 minutes, assuming the spring for the timer hasn't rusted or got a bit of grit in it or whatever.
Revised:
- Each [failed] attempt to rotate the cylinder could partially compress a spring-loaded lever.
- The return mechanism would always return if not in its resting position, not only after each 5 failures.
- Successful attempts immediately reset the spring.
I have zero knowledge about the topic and something in the video confuses me:
In the YouTube video explanation around 2:30, when individual positions (not sure if it's the correct word: talking about the different parts of the lock's inner array moving based on the position of the key/pick) are picked, why doesn't the inner mechanism at snap back to its initial state by the spring's force when key/pick is moved out of that position?
And how do they reset when lock is turned and unturned back to initial rotation state if they don't reset when individual positions are released?
(Sorry if I used a terribly wrong terminology)
The pins usually don't fit exactly (because they still need to be able to move up and down), meaning that you can turn the lock slightly even without the pins at the right positions.
If a pin is pushed up completely, and you turn the lock slightly, the pin can get stuck in the right position. This is done with a torsion wrench, keeping torsion on the lock while trying to get the pins in the right position with picks, hooks, or rakes.
>torsion wrench
engineer confirmed
Please send this to https://www.youtube.com/c/lockpickinglawyer
LockPickingLawyer has picked just about any and every single lock there is known to mankind. Would love to see him up against this!
Would make for some great content.
He generally only shows locks he knows how to pick. Unlocking is the payoff to the video and I don't think I've seen a single video where he didn't succeed, but if you read between the lines on his older videos, you notice him talking about the locks he recently learned to pick, locks he's never been able to pick, and so on.
He's very good, but he's not infallible. He just doesn't show his failures.
The only one I've seen was the Bowley lock. But yeah I sent my unpickable lock to him and he never mentioned it. :(
https://youtu.be/7hUonUE1hEY
Nice vid! You can print one of these for just 30 GBP? You know high end locks go for a lot more than that right? You could be printing money!
Yep the nice Abloy ones go for over three hundred livres Anglais.
But nobody is going to buy a single thing that the insurers haven't approved.
https://www.guardiansecuritysystems.co.uk/abloy-protec2-pl36...
Maybe partner with a firm that will get insurance approval then? Could help with distribution as well.
I don't think those high end locks are made of plastic though!
There are 3d printers which print metal right?
Upvoted you, because I think your design uses a very similar idea as the one posted by OP, but its design is more simple /elegant.
Very nice print job, wow.
As far as I know he never picked his bowley. https://youtu.be/qV8QKZNFxLw
I love how this follows the TED talk playbook:
1: “Here is a thing you are all familiar with”
2: “What if we thought about it DIFFERENTLY?”
3: “Here is the new yet intuitive way to think about it”
4: (Applause. Audience leaves with a easy-to-understand story to tell at cocktail parties)
Great work, and very cool lock.
And, like TED, there is no actual implementation in existence.
Except, a (prototype) implementation does exist - and you can buy one (or at least, you can when they're in stock)
"Please be aware that this lock is only a demonstration of the mechanism, and cannot be used to secure doors, chains, or anything else."
So, not actual implementation of a lock.
It is an implementation of the mechanism, though. It's just not a consumer-ready product yet.
Not the LockPickingLawyer (I hope he gets his hands on one soon) but here's a video review/demonstration: https://www.youtube.com/watch?v=qNHFyc1oMwU
+1. LPL has disproven the claims of many "unpickable" locks.
If computer security has taught me anything, unhackable/impenetrable claims, cyber or physical, should be met with skepticism.
I used to be huge Abloy Protec2 fanboy until I found out that they are very litigious, which made me wonder if their locks have been picked but the results were just taken down. I think they are still great locks. If anyone is going to break into my house there are easier and faster ways than picking the lock. However, the notion of an unpickable lock requires a lot of convincing for me to accept now.
The middle part is always what I tell people, yeah you locked the door but did you lock your window panes?
https://www.youtube.com/watch?v=6UZ6tcvgd9U
Kromer Protector, unpicked since the late 1800s. There are unpickable locks, you just can't afford them.
I have always said "if someone made it, someone can break it"
Nothing is unhackable/impenetrable. period.
We've had theoretically-unbreakable cryptography for a long time now, particularly hash functions and encryption ciphers. There are still some weaknesses around timing attacks, and of course there's always the "wrench attack," but the algorithms themselves are as secure as we will ever need anything to be.
None of our block cipher or hash function primitives have unconditional security proofs; a lot of the reason to accept them is that the best-known attacks against the widely-used ones are very poor, even after a lot of knowledgeable people have studied them for a long time. But that doesn't logically exclude the possibility that there are unknown mathematical insights that would lead to much more effective attacks.
Often, protocols or constructions on top of these cryptographic primitives may have proofs that unconditionally reduce their security to the security of the primitives ("breaking this is at least as hard as AES", normally because "if you could break this, you could also break AES"), or in some cases proofs that do this by making only comparatively uncontroversial mathematical assumptions.
This is a good situation to be in, all things considered, and way better than the past, but it's not an ideal situation!
Outside of OTP no encryption is “theoretically unbreakable”. They all rely on unproven assumptions.
I'd go so far as to say that outside OTP, cryptography is always breakable.
You can always just guess keys. The aim of most secret key cryptography is to make sure there aren't much better strategies than that to break it, or if there are that the key sizes are sufficiently big it doesn't matter.
With OTP you can't guess keys, as there is a valid key for any possible message. It is unbreakable without the original key.
There is no proof that hash functions exist
Darn right there.
Is it can be opened with a key, there's nothing stopping something else emulating that key - even if resorting to brute force until the key pattern matches.
Right, but just like with e.g. cryptography, you need to make it more expensive to crack than whatever it's protecting.
Well yea, you could blow it apart with explosives, melt it with acid, or beat the key holder with a wrench until he gave you the key. But I think the idea around "picking" is to nondestructively operate the lock without using the key it is designed for or a copy of such.
Can you make a lock that reliably detects pick attempts and renders itself temporarily or permanently inoperable? (Not that very many lock users would prefer this security vs. availability tradeoff over what they're used to, probably.)
What's the threat model? Does this lock secure a location that has no windows? Can a sledgehammer be used to open the door?
Ok, so maybe covert entry is harder. Do you care THAT much about covert entry? If you care that much about covert entry, do you also have video monitoring?
Security solutions need to be used in context.
Your points are technically true but effectively vacuous, equally applicable to all possible door locks. Is there someone claiming that just because this lock is (allegedly) unpickable, it's a complete security solution, so that you felt you had to comment on the importance of other approaches to security?
No, I'm saying that people have an irrational desire for an unpickable lock, perhaps not having considered their security/threat model.
Everyone interested in lock picking has considered breaking the window. I promise, you're not the first person to think of that, and it doesn't bear repeating in these kinds of conversations.
I think it has narrow applications in government high security areas and some corporate things where covert access can be a catastrophe. Also large datacenters and what not where an unknown physical compromise, while VERY difficult to achieve, could have tremendous repercussions.
In 90% of situations a bad actor will probably just use brute force. There is something to be said if this isn't bump-able/pick-able, in that at least you won't have the situation where a potential bad actor gains "covert" access, and so people think they're supposed to be there, as opposed to them kicking down the door, but the number of scenarios where that actually matters is slim.
Overt, covert, and surreptitious entry all have their uses.
Well by your own logic you shouldn’t need a secure password for anything either since you can beaten with a stick.
besides the fact that dragging a sledgehammer into the department of defense is really obvious.
And that hitting something with a sledge or smashing a window would both activate alarms, and just, be really loud regardless.
Yes, there is places without windows and with reinforced doors
Even setting that aside, impressioning attacks require only seconds at a doorway for each step in the process, this defeats that attack.
bump keys only requires ~30 seconds if you are lucky, this defeats that
And yes DoD has security cameras, most places do actually.
> bump keys only requires ~30 seconds if you are lucky, this defeats that
Agreed - this is exactly the threat model that I'd be looking to block as a purchaser. Had a friend show me how to pick a cheap lock in < 30 seconds - it was laughably easy.
Thinking about larger houses with multiple appartments, which is very common in Germany, lock picking is the number one way of entering, as it reduces the risk of detection and quite fast. Beyond the ground floor, no one would try to enter through windows anyway, and there the recommendation of the police is to have locks for your windows. It seems to be very uncommon that one tries to break through the glass. Good glass is tough, breaking makes noise and then there is quite some danger of injury. Any good lock can make quite a difference and these locks look very promising as they would defeat the typical picking.
It moves the attack from being against the lock to being against the door/frame/walls.
if it's really important, then the lock is probably never going to be enough. you probably want a vault
I just want to point out that LockPickingLawyer never touches modern high security locks. (Say Abloy Protec or similar). Abloy Classic mechanism (from 1907) seems to be the the only Abloy lock he can pick (with a special tool made for the mechanism).
For some strange reason North American homes have the worst locks I have ever seen. Very little high security locks. In Finland, something like 90% of installed locks are beyond the skills of LockPickingLawyer (he could drill them of course).
If you are willing to pay little more, it's relative easy to buy a high security lock (or padlock) that is never pricked even by hobbyists.
This isn't unpickable at all, its just remarkably tedious to do so. The fundamental information leak via how far you can turn before getting stuck is still there. You've just added a mechanism that temporarily locks-in the current key-state being tested, forcing an attacker to return to the initial position before inputting the next key-state. Don't get me wrong, that is a good design feature. But what you have made is still very much in pickable via the same old established principles of lockpicking. You have simply forced the standard technique to be more clumsy and error prone to execute, perhaps requiring some unique tool to measure the subtle differences that give the key away.
I designed something like this before. Multiple shear lines with a two stage isolation-then-check is intuitive. The details matter, though, and this looks clean. I could see it manufactured.
My design tried to avoid it being possible to interact with any of the components storing the code before the pins are isolated. I did this by having two styles of pins (normal vs. T-shaped), and an insertable bar in a specially-cut slot, which checked the right combination of pins were along for the ride.
Enclave seems like a much more sensible design in terms of implementation elegance and reliability. This is even more stark compared to other even more complicated designs I have seen. Versus my concept, it also makes it possible to have more than 1 bit per slot. To be completely cautious, however, and fully obsolete those other designs, it would make sense for the top pins to be very slightly spooled along their full length, such that the cut is guaranteed never to touch the sidewall.
Multiple shear lines with a two stage isolation-then-check is intuitive. The details matter, though, and this looks clean. I could see it manufactured.
Yes. If you're willing to have a really big lock, it's much easier to make room for a two-stage mechanism where the keying info is stored before use. I'd thought about a lever lock like that, but the thing would need a huge box in or behind the door.
There's a possible vulnerability here. This thing may be susceptible to comb picking. The spring channels look to be too long. If you can push the pins up beyond their normal travel, to where the disk stack reaches the top bar, then push the rear actuating pin to operate the top bar, the lock should open.
Master Lock is known for making this basic error in lock design, as Lock Picking Lawyer has pointed out. This is a fixable design mistake. You just have to have something that prevents the pins from being pushed too far.
My design just used grooves cut into the cylinder, which the two pin types would ride at different heights, so it didn't need to be any bigger.
An insert, aka. a rectangular metal bar with cuts in it, is inserted into a slot cut down the side to define the check key.
The pins are either a standard pin, ⣿⣿, or a T-pin, ⢹⡏. The core is cut all around with a groove like ⣿⣆⣰⣿, which they ride at different heights.
If the insert is shaped like ⣿⣶⣶⣿, it blocks the T-pin, but the standard pin can ride over the top. If the insert is shaped like ⣿⣇⣸⣿, the T-pin rides through the gap, but the standard pins catch.
Again, details like depth and offsets matter, because you don't want it to be bumpable with fast or angry rotations, or for the two pin types to lock at distinguishable offsets, and you don't want it to be jammable. Boring standard fixes can deal with comb attacks.
Enclave, OTOH, does need a bigger body, but it's merely a bit taller, nothing radical, and it's very easy to manufacture. It already has inserts to prevent comb attacks.
For the curious, my friend Jim picked this lock. https://youtu.be/hBKM5odMTds
Wow just over 2 minutes! Enclave didn't take him much longer than any other unusual lock. Congrats to him!
In all the unpickable designs so far, various (potential) attacks are enabled by the ability to manipulate parts connected to each pin/disc/etc using tools held in the hand. So why not make a lock where the mechanism can't be touched at all?
For example, one that is unlocked by inserting a key consisting of only a blade and no bow (handle) fully into a slot before operating a mechanism (separate from the lock mechanism) that, in order:
1. covers the slot through which the key was inserted,
2. slides one wall of the slot aside to reveal a bank of pins that then come into contact with the bitting of the key,
3. if the key is a match, enables further operation such as movement of a deadbolt.
The mechanism is then reversed to release the key, which is ejected like a floppy disk / SIM card. Since at no point are the pins exposed to air from the outside world, it becomes impossible to actively move them or probe them for information.
You could insert a probe instead of a keyblade.
I’m curious if this lock will be vulnerable to “timing” attack. If it will be possible to understand (by using some side channel) which pins prevented the lock to be turned there will be way less combinations to go through.
I was lucky to see a demo of the Million-dollar unpickable lock (with the square key) get picked live on stage at HOPE 2k3 in new york, in about 5-10min while they were giving the talk about how the company wouldn't actually reward anyone who picked it.
There is no such thing as an unpickable lock, its just a matter of time till someone finds an exploit
This does seem like it might be vulnerable to a comb pick attack, if you can push all those wafer stacks into the sliding bar.
The stock has overlift bars. It isn't detailed on the website but it is mentioned in the youtube video linked in another comment.
Oh. Very nice. If the wafer is the same thickness as the bar, and the springs allow enough room that should work.
I’m not in any way shape or form equipped to evaluate the lock itself, but I’ve seen enough “uncrackable” security measures being cracked to know better than to believe in flawless security. So… “Unpickable”, “invulnerable”? That’s the sort of language that makes me very grumpy indeed when talking to a security professional.
I like this 3d printed one too: https://youtu.be/7hUonUE1hEY
Similar principle - separating the input and testing phases, but uses an interesting binary ball bearing approach.
Obvious derivative would be two cores inside each other. Outer core follows the inner core some ten degrees and the opportunity to test pins is gone when you tension the inner core. This might be more robust than that sliding thing. Except the "stack of thin wafers" disappears when the lock wears out.
But then, alas, the outer core could made of short rings. Rings must move in unison, and LPL can not tension them all at the same time. "Stack of wafers" not needed. (And thus I accidentally invented combination of disc lock and pin lock. The inner pin lock gives solution the outer disc lock. Patent not pending.. :-)
I do feel that selective brute forcing is going to become popular one day or another
e.g. a key with mechanical sections to actuate the pins to specific heights, plus, a very precise rotational sensor (perhaps acoustic sensors too)
but anyways, potential but easily fixable methods: a magnet with enough force to pull the slider would give tension, so just don't make it ferrous
the slider will always get super close to the front of the lock body, could be drilled, even if a stronger steel or the such, and then tension from there. Fixed by not surrounding the last pin with the slider, only needs ~1/4th of the last pin's space at most.
Its a nice solution, very compact overall
Drilling is tamper-evident though. The big win of picking/shimming is that it is stealthy and leaves no sign of entry.
Otherwise, just "pick" it with a Ramset, sledgehammer, c4...
brute force attack in this context is probably less technical (a hammer and a cold chisel)
Probably stupid question but are keys like https://cdn.cle-serrure.fr/media/catalog/product/cache/13/im... that easy to pick ? I was under the impression that they were made this way exactly because they made the creation of tools harder (variation of widths of circles, code encoded on the small width of the key and not its big height...)
My understanding is that they are generally harder to pick, but not in any real fundamental way.
Example: https://youtu.be/verPAfwVSGg. Although he is really struggling here which is a huge win for the lock.
I see. Thanks for the link!
Could one make a lock that unlocks wirelessly via radio communication?
I would imagine something that gets its energy from the outside, similar to wireless charging. So the key would provide the energy.
It could be Bluetooth or some proprietary technology.
So you hold the key next to the lock and the two devices exchange some challenge response data that proves the key holds the secret key that is allowed to open the lock.
I guess that would be unpickable. Just like a locked Android/iOS phone is unpickable.
Would anything prevent this design?
Things like this have been made, but there are challenges:
* you have to prevent replay attacks, where somebody just records a session and replays the response
* lower-power devices are usually vulnerable to side-channel attacks, for example you can limit the power supply just to threshold where it starts working, and then you can infer information about the internal state and possibly key material
If you look at practical attacks against existing key fobs, you'll see that there are a lot of things that can go wrong in the field.
Are there wired electronic keys? No wireless vulnerabilities, and no picking, either. There'd be something like opto-isolated data and a separate circuit powering the key to protect the lock electronics.
Edit: This concept is called a 'passive electronic lock'
wonder if you could pick it just enough to allow the first rotation, to the point the slider binds the pins and then just start rapping on it until they lock into place?
or instead of rapping, just a buzzer or something to vibrate the pins while holding them very lightly bound. Just because you can't pick at the pins doesn't mean you can't move them.
This is clever to break the unlocking into two phases. I’m not a serious lock picker so probably this idea is widespread.
Many years ago I imagined a lock in which the mechanical action of pushing the key all the way in would engage a lever that engaged the pins (until then they would just float and provide no information to the lock picker). Using rotation to achieve this looks simpler and more (mechanically) robust.
This design, while interesting, is probably more vulnerable to bump keys, jigglers, vibrators, and other such attacks than a normal lock.
Interesting. Why?
More moving parts, more possibilities to create instantaneous shear spaces if you send a storm of vibrations through the system.
Nothing on 1…Click out of 2…
Not so patiently waiting on the LPL video.
> Each position in this lock has a bottom pin, five thin master pins, and a special top pin.
In case anyone else struggled with this phrasing, it means the five master pins are thin like pancakes.
I initially assumed thin like drinking straws, which was impossible to reconcile with the photo.
Why people keep using mechanical locks when electronics is cheaper and could use unbeatable encryption?
What is the failure model when the power goes? Do you fail safe (unlocked) or fail secure (locked)?
For safes you of course keep it locked. But provide some hidden wires to power the lock if battery died. Of course you should think about protecting electronics from something like megavolt put on those wires, but it's doable and with enough iterations all weak spots should be fixed.
You could put the power (battery) inside the key. Like a car key fob.
The problem is that there are still mechanical bits inside electronic locks, and now you have two areas of attack: the mechanics and the electronics. And as already mentioned, they often have a mechanical lock mechanism as a backup for if the battery is dead, further increasing the attack surface. If the LPL is to be believed, a lot of electronic locks that are on the market are easier to open than Master Locks.
https://www.youtube.com/watch?v=d-hBDjYtE1U
Why did the pins stay in place once they have been pushed into the correct position with the lockpick in the first example (for the old regular lock). I didn’t understand that and would assume that those pins fall back down once the lockpick moves to the next one?
In a hypothetical perfect lock, they would fall back down. But in real life, every lock has slight imperfections, like not all of the pins being exactly the same diameter, and not all of the pin chambers being perfectly lined up. It's these imperfections that let previous pins bind and stay up when you move on to picking other ones.
Here's another video about this lock from a month ago with a lot more comments from lock aficionados.
https://www.youtube.com/watch?v=qNHFyc1oMwU&t=716s
I feel like I've seen this two step design multiple times, both on YouTube (LPL, and someone else)? But also I feel like I've seen it somewhere else as well?
This seems like the same idea with a "modern" website design .
It's time to send a unit to the Lockpicking Lawyer: https://youtube.com/c/lockpickinglawyer
This actually might be unpickable. But the small space of keys (6^6 combinations) makes me think you could just fabricate every single key and test them one by one, if you were really determined
If you can test one key a second (which is unlikely), that's over 12 hours to try all the keys, not to mention having to lug over 800 pounds of keys to the lock in the first place. It's possible, but certainly impractical.
That would be 46656 keys. I don't think this is feasible.
You could create a single mechanically adjustable key and a device to automatically try every combination.
Yes, this is a much better idea. might be hard to make such small actuators to get the vertical pinmovement once it's inserted, maybe you could use tiny pneumatic pistons or something
It looks extensible to me? I don't see anything keeping you from making it 6x (or 36x) harder by adding one or two more pins.
Interesting from a locksport perspective. ITRW, a criminal would defeat any mechanism by just drilling it out because it's like the farm with a heavy locked gate but no fences meme.
I believe lockpicking is meant to be used to gain entry undetected instead of just gaining entry. Thus you want to limit visible damage to the device.
Can't wait to see lockpickinglawyer give this beauty a try. Especially as he doesn't shy away from practical exploits when regular tools don't work.
The gotterdammerung!
I adore how this design is approached and explained. Almost reads like a topic about software
I wonder how many seconds it will take on a certain Youtube channel..
LockPickingLawyer[1] might have something to say about "unpickable".
[1] https://www.youtube.com/c/lockpickinglawyer
"With a special shim made from the cap of a whiskey that Bosnian Bill and I were drinking, I managed to pick this lock in 23 seconds. In all fairness, without this specialized tool, this would have been an incredibly difficult feat..."
He hasn't picked a Bowley lock yet, which is designed to have a wall in front of the lock with a weird key shape. Some other people have though.
LPL was actually challenged a year ago with unpickable prototypes made by an engineering YouTuber, Stuff Made Here:
https://www.youtube.com/watch?v=Ecy1FBdCRbQ
(see also description)
The best part of that video is where he notes that the hinge pins were welded "to prevent me from tapping them out and declaring victory...and he was right to do that as that's exactly what I would've done".
I wonder if there are discussion about non linear locking.
Isn’t this just a Medeco X4?
What I have for you today …
Relevant xkcd https://xkcd.com/538/
interesting concept, how does $250 rank among costs for similar locks?
https://www.bowleylockcompany.com/store/c1/Featured_Products... comes to mind as another "unpickable" lock provider
The prices are vastly different, but the 250 is for a pre-production demo model, I'd expect the price to be halved or more upon production
"You can just kick in the door" is approximately the least interesting thing you could possibly say about a new pick-resistant lock design. Sure, you could use an RFID lock, too! Or an armed guard.
but it’s true. sword making is very interesting as well, but we don’t make swords because we have guns. live in the now
Why do you dislike people making a logo and trademark out of their name? It is a very old way to identify your trade with your name. In some countries it is the default for sole proprietorship to use your name in that way.
because branding is for companies and their products. it’s an attempt at misrepresentation
> What’s with people making a logo and trademark using their name? That’s really sad. Can’t take designers seriously after they make a logo for themselves
Care to elaborate? If anything people not having anything to be proud of their name for (like you apparently?) are a pretty sad and depressing thing to think about.
Came for the LPL comments.
There's an old Justice League Graphic Novel by Alan Moore (I think) I read about 20 years ago. I don't remember the plot, but I remember a scene where most of the heroes - excepting Batman - are in the Pentagon addressing some threat. J'onn J'onzz (Martian Man Hunter) notices Batman lurking in a shadow somewhere who wanted to see what was going on without interference. MMH asks him how he got in. Batman replies that it's just another lock, just a different kind of barrier to get through.
While that's fantasy of course, I find the premise of an "unpickable" lock to be inherently faulty. I acknowledge that the design makes sense in terms of be unable to pick it by nature, but I can't help but think that the correct pick hasn't been invented or the appropriate technique hasn't been discovered. At the end of the day, it's just another lock, a different kind of barrier.
I also want to say that lock picking seems mostly to have become a parlor trick, and a genuine nefarious attacker approaches the problem by going around the lock...
Just about every key lock in the world today has the same fundamental flaw. They are designed by a human being, and they test if that design can be exploited by calling it unpick-able. This flaw opens up infinite kinds of vulnerabilities.