Medeco

[JK_the_CJer]

Im totally behind lp101 not falling behind the information curve, I just feel like medeco is held to a bizzarre double standard. Yes, we all know they can be picked, bumped, etc. So can all locks! Given enough time, I feel quite confident that any system could be similarly compromised. This doesn't reflect on the quality of the lock IMHO. MTL, Assa, Dom, etc can all be bumped with no prior knowledge of the bittings. Why not deadvance them?

I'm all for the locksport community pushing manufacturers to improve their product, but acting like medeco, which is our only domestic high security company, is somehow not on the same level as other systems is unfair.

Assa cannot be bumped without prior knowledge of the bitting. The prior knowledge needed is another key from the same sidebar-code distribution area and key cut to that sidebar code. Some would argue that this is not prior-knowledge, but I set the bar for what can be achieved higher than that.

Also there are locks are absolutely cannot be bumped: Bilock, Corbin Emhart, Abloy, and Assa Desmo come to mind, but there are many others.

The whole point of deadvancing Medeco was that the entire internet would be openly discussing the technical details of the attacks in Marc's book. If lp101 kept it advanced; other parts of the web (EZP for example) would draw attention away from lp101 given the celebrity status of the attacks. I don't really agree with this reasoning, but thats what it was imho.

[globallockytoo]

Perhaps its because assa abloy owns all of those brands besides bilock. They control the distribution. No way is medeco less secure than assa or mtl. Both have been proven to be easily bumped. At least with medeco you must have prior knowledge of the angles. How many locksmiths on this site ever attempt to pick a medeco in the field? Besides, medeco is leaning more and more towards electromechanical options. I'd like to see MWT write a book about this: http://www.medeco.com/products/images/L ... LowRes.jpg

Medeco doesnt need prior knowledge of the angles. But if so...then it is easily obtained....especially using JK's tool.

You can bump a Medeco with a credit card (aside from duplicating a key)

[JK_the_CJer]

Marc's method uses a combination of half-angles and bouncing the first two pin angles (readable via keyway) off Medeco's codebooks to derive the rotations

[globallockytoo]

I met a guy in Wichita Kanzas, a couple of years ago who demonstrated his Medeco bumping technique. He used a Medeco key with all angles cut into each depth....seemed to work fine on 4 different locks he demonstrated at the time. I had no reason to doubt their integrity.

[jpb06080]

I just think that medeco gets a bad rap from people, mostly just because its the most popular hs lock in the states. I still assert that weaknesses in a workshop don't necessarily amount to weaknesses in the field. Medeco is a good lock, which is something MWT says many times. I have no problem discussing medeco's weaknesses so long as it doesnt mean acting like anyone who owns a medeco isnt safe and should replace it.

[globallockytoo]

I just think that medeco gets a bad rap from people, mostly just because its the most popular hs lock in the states. I still assert that weaknesses in a workshop don't necessarily amount to weaknesses in the field. Medeco is a good lock, which is something MWT says many times. I have no problem discussing medeco's weaknesses so long as it doesnt mean acting like anyone who owns a medeco isnt safe and should replace it.

Field testing and workshop testing are certainly completely separate and different environments and should treated as such. No disagreement there. But there is only one degree of separation.

The fact remains, that workshop testing leads to field testing which ultimately breaks down the potential security of any lock in the field.

Because Medeco is so prevalent in the USA, it is also the most common HS lock attempted and therefore the workshop testing which leads to the field testing and the discovery of weaknesses is important to reveal to the marketplace to encourage responsible decision making relating to the perception of security in it's applications.

If Medeco were not the leading brand in the USA....the next leader would likely be the picked on brand.