New Mul-T-Lock info

[EricM]

Hey guys apparently Matt Blaze is at it again

http://crypto.com/photos/misc/mul-t-lock/

Interesting for Mul-T-Lock Check it out

Easier to pick Mul-T-Lock than before.

[David_Parker]

Holy crap.

Way to go Eric.


-Dave.

[Romstar]

Not to rain on the guys parade, but this exploit was explained to multi-lock a while ago, and they declined to do anything about it.

Their explanation was that it was not a significant threat.

Quite pointedly, my speciality was and is high security locks. This flaw, while apparently not well known in the locksmith community has been used for a while now.

Many thanks to Matt Blaze and Eric Michaud, for releasing this information to the general public, and the security community as a whole.

Romstar

[SFGOON]

Why didn't I think of that? More importantly,why didn't mul-t lock think of that?

[Romstar]

Why didn't I think of that? More importantly,why didn't mul-t lock think of that?

Because, quite simply engineers are great at figuring out how to MAKE something. They just aren't as good at figuring out how to BREAK something.

That is why some things are still around, and others are lost to time for bad design.

Romstar

[rakemaster]

Romstar,

I've never actually seen a multilock so I may be fuzzy here.

You say someone discovered this before? and multilock did nothing about it?
And then they didn't tell anyone?

I this EricM gets full credit for the discovery, since they didnt tell anyone or do anything about it. claims of "but i aready knew this" dont cut it. We discussed exactly this in my ethics class last semester.

All due respect

Rakemaster.

[SFGOON]

I've missed you on the boards lately Rom, glad you're back.

[rakemaster]

I think this quote is atthe end of the web page is really interesting.

This attack is interesting because it illustrates an ironic, and yet surprisingly common, failure mode in security engineering: the exploitation of one security subsystem to defeat another. The individual components of the pin-within-a-pin design are very well designed and Mul-T-Lock's fabrication is of very high quality. But because the inner pins interact subtly (and in unanticipated ways) with the outer pins, it can become simpler to attack this "high security" design than it would be if these features were not included in the first place.

[Romstar]

Romstar,

I've never actually seen a multilock so I may be fuzzy here.

You say someone discovered this before? and multilock did nothing about it?
And then they didn't tell anyone?

I this EricM gets full credit for the discovery, since they didnt tell anyone or do anything about it. claims of "but i aready knew this" dont cut it. We discussed exactly this in my ethics class last semester.

All due respect

Rakemaster.

What your ethics class misses is that others reap the benefits of a discovery, or design and then someone else documents the design.

The orginator of the design or discovery is forgotten because they were not the person who documented it.

One of the most interesting applications of this nonsense is the ISO 9000 certification. A process designed to document technical proceedures in such excrutiating detail that it becomes possible for a trained monkey to perform a highly technical task without ever understanding what they are doing.

Yes, I DID know this exploit. Yes others were aware of this exploit. YES Mul-T-Lock were informed of it. NO they didn't tell anyone, or do anything.

The point here is that the Mul-T-Lock was and is considered to be a high security lock, and as such I decided not to get into the mess of telling people about it because it would seem that even LP101 is getting a little strange about what is, and is NOT picking.

The other moderators in their oh so infinite wisdom decided that a video of a Medeco lock being picked should only be in the advanced section. Even though the tools and techniques in use are nothing other than what we use to pick a common Schlage deadbolt.

No, I am NOT looking for any credit for this, Eric has put the work in, and he deserves credit for that work.

I am happy that it has been released via Matt Blaze, as it absolves me completely from having to explain, or defend the release of the information.

Romstar

[Romstar]

I've missed you on the boards lately Rom, glad you're back.

I am working my rear off, and I havn't the time for a lot of long posts lately. Not to mention the recent debacle concerning some deliveries that have gone astray.

I will be back soon with a very, very nice surprise.

Romstar

[rakemaster]

No, I am NOT looking for any credit for this, Eric has put the work in, and he deserves credit for that work.

Sorry for mis understanding. Sounded like you were trying to say EricM doesnt deserve credit because you discovered it first.

Thanks for making it clear. no offense intended.

Rakemaster

PS I think EricM deserves even more credit if Multilock knew about this and decided to do nothing. Serves them right.

[Romstar]

Even if I had discovered it forst, Eric has put in a lot of independent work, and he deserves cerdit for that work.

You are correct that Mul-T-Lock should get whats coming to them, but like everything else, there will eventually be a fix or a replacement.

In any case, no offence taken.

Romstar

[EricM]

None taken Rom.

Thanks guys for your vote of support, I was really trying to decide what to do with the information I found out after constantly hacking away at the problem of finding out an exploit.

After the fact that I couldn't impression it by drilling the key and wrapping it with aluminum tape to impression the dimple lock as you normally would.

But since I wasn't listening to Barry's talk fully at H2K and HOPE I bought 3 Mul-T-Locks, 2 padlockss and 1 standard cylinder and wasted 150$.

Well after throwing a fit for buying it to show off to my brother and looking really really bad because I wasn't a good listener, I decided to do something constructive.

To say the least it took 2 solid weeks of sleeping under the table in my server room, to come up with this bypass. Oh, and believe me when I say I did a root dance when I figured it out.

[Romstar]

Eric,

If it only took you 2 weeks, and 3 locks you did way better than I did. I'm jealous.

Somewhere in my shop are the beaten, broken and battered remains of several of those locks.

Bumping is a valid technique, but what you discovered is exactly what I found after a lot more effort.

Much more akin to real picking in my opinion, and what I had been looking for.

As I said, Mul-T-Lock didn't seem to care, and if their opinion stays the same, this exploit will be useful for quite some time.

Congratulations to you. My hat's off.
Romstar

[EricM]

Interesting as you said that they didn't care, funny thing is I read on one of Mul-T-Locks website that they outfitted (if I remember correctly) 30 Brazilian Prisons I read in a press release from their website, and you know what, it really isn't that hard to do it with stuff around the jail cell.

That's one of the reasons I made it public because if you have that much time, you'd probably figure it out to begin with.