Hacking Your Own Front Door

by Cliff

The only reason I want 2600-land to know the following is to increase your own security.  I've deliberated long and hard, and as this information is public domain anyway and is currently in use by the "bad guys," I trust you will not use it for bad purposes.

Rather, using this knowledge maliciously is wrong, stupid, and illegal in practically every country and community in the world.  Use it instead to look around your home, work, and possessions and decide what additional measures (also discussed) you wish to take.

Yale is a company that makes locks - primarily the latch-style locks, but also padlocks, etc.  Union also make locks with latch-style keys.  You may have seen some at work or on your patio doors.

In fact, latch-style key locks are everywhere.  Sometimes they're connected to mortise bolts, sometimes to padlocks, sometimes to latch locks, and all of them can be opened by an amateur in less than two seconds.  Back up, read that again.

I can open your front door in two seconds, leaving no trace, no force, then go to your neighbor and do the same again.  And again.  So fast that I don't even look suspicious.  I have a skeleton key.  I'm going to tell you how to make one.

First, the science bit... quick - to the pool table!

If you have several balls touching in a line and you fire the cue ball at one end of the line, the ball at the other end shoots away.  If you have never tried this, it is the core of at least half of all "trick-shots."  (Be a little creative and you've now got a sideshow act as well as a skeleton key - this is a good value article!)

The bit to take away is that the energy is transferred through the chain and moves the end ball.  The same principle is involved in this technique but you need to understand locks to see how this is useful.

Locks have a number of pins (around five for a house key) that are split in one of (usually nine) positions along their length which are spring-loaded to interrupt the rotation of the mechanism (see Figure 1a and Figure 1b for a simplified look).

  
Figure 1a                                                    Figure 1b

Inserting the (right!) key in the lock pushes all the pins so their splits come into line with the barrel of the mechanism, allowing it to turn.  Inserting the wrong key leaves the pins still misaligned so the lock won't turn.  A very simple mechanism but pure genius when you consider it, giving 5⁹ combinations = 59,049 different unique combinations of keys and locks for five pins with nine positions.

Alas, physics has rendered every single one of those 59,049 locks openable with one key, plus a little bump of energy.  Because of this, these skeleton keys are called "bump" keys!

As with the pool balls, if you can introduce sufficient energy to one end of the ball chain (or in this case, one half of the lock pin), the other end jumps away to absorb the energy (or, in this case, the top half of the pin jumps out the way, allowing the lock to turn).  We do this with a bump key.

A bump key is a regular key cut down to the lowest setting (see Figure 2a for a normal key [my house key, in fact] and Figure 2b [the bump key]).

  
Figure 2a                                    Figure 2b

You can do this yourself with a small file.  If it takes you more than 20 minutes, really, you're trying too hard!

Make sure you get nice smooth slopes on the bump key - otherwise you may make a key that will go into a lock but not come out again.  Very embarrassing when you have to explain to the wife/locksmith!

However, the funnily-shaped key alone will not open all doors... you need some bump too, to jump all the top parts of the pins and allow the barrel to turn.

This is the low-tech bit of the show - the back-end of a screwdriver is perfect.  In order to pass the energy to the pins, you need to insert your new key, but then pull it out with a click - this is essential.

Next, apply a small amount of torque to the key - not a huge amount, just enough (this will come with practice).

Finally, hit the top of the bump key with enough force to crack and maybe damage the insides of a hard-boiled egg.

If it's worked, you can twist the key in the direction of the torque you applied.  If not, pull the key out one click again and try once more.  If you still can't get it to work, you may be hitting too soft, have cut your key too crudely (although it's very tolerant), or be applying too much or too little torque.  Experiment a bit!

So now you have a skeleton key for every lock the key will fit.  Back up a second.

One key and 20 minutes of work just got you access to all 59,049 formations of that lock.  Blimey.  And don't imagine a $100 lock is better than a $10 one - they're all the same.  And padlocks too - if you can get a key to fit the lock (i.e., it is the right size and has the right gating), you can open every instance of that lock.  Double Blimey.

Let's consider the implications of this a second...

Say you live in a student dorm building where each room has a key on the same lock suite (same shaped keys).  Within 20 minutes of moving in, the guy next door could have a key to every room in the building, including the security office!

In a dorm building you cannot fit your own locks to the doors - you may as well leave the door open in fact.  Is that a padlock on the security barrier at the car park?  Suddenly you see it as unlocked - there to let yourself into.

So now you're hopefully informed and worried, and wondering how you can protect yourself and your property.  Good.  Knowledge is power, and now you know as much as the people who want to steal your things.

Have a look at what locks you have and what you're protecting with those locks.  There are several things you can do to improve your security:

1. Fit an electronic system with card access, retina scans, RFID reader, etc.  Expensive, but what fun!  This is the excuse you've always wanted.
2. Fit "Chubb" style locks in addition to latch locks.  They are the ones which just show a keyhole through the door on the outside.  Thieves have no way of knowing exactly what's behind the hole, so picking is harder work (inexpensive, but heavy to carry).
3. Regular bolts are a great addition once you're on the inside.
4. Get a big dog and alarms, etc. - deterrent factor!

But ultimately, if someone wants to break into your home, they will.  We can either isolate ourselves through fear into losing community, or we can really get to know our neighbors and all keep our eyes out for one another.

And as we come to know and trust our neighbors, we get to build something far more valuable than material goods are worth anyway - a feeling of security as well as a physically more secure neighborhood.

Which world do you want to live in?  You can make it happen.  You start small with your own neighbors, your own corridor, and encourage it to spread.

We can get our neighborhoods back.