[ISN] High insecurity at LockCon

From: InfoSec News <alerts_at_private>
Date: Fri, 24 Oct 2008 04:09:05 -0500 (CDT)

By Marc Weber Tobias
CNet News
October 23, 2008

Once again I made the annual trek to a little town in the northern 
Netherlands, Sneek, to meet with about 75 colleagues to discuss the 
latest security issues and bypass techniques for locks, safes, and 
access control systems. LockCon, the new name for "The Dutch Open" is 
organized by Barry Wels and Han Fey. For the past six years, they have 
put together a three-day event, replete with lock picking contests, safe 
cracking demonstrations, and briefings on new security technologies.

More importantly, the conference provides a forum for serious 
discussions and presentations about design flaws in security hardware, 
and new circumvention techniques. Barry Wels is actually a crypto expert 
for GSM phones, but is perhaps most well known in Europe for focusing 
attention on lock bumping in the Netherlands, through Toool (The Open 
Organization of Lock Pickers).

Two significant events occurred at LockConthis year.

On Friday, the director of research and development at Medeco High 
Security Locks gave a five-hour presentation on lock design. This is 
important because Medeco has finally recognized the value and 
contribution of the lock sport and professional bypass community and 
their ability to develop methods of compromise that manufacturers often 
seem incapable of determining in their own products. It is a real 
departure from the traditional approach of most lock makers, and one 
that I have supported and advocated for quite some time

The following day, a detailed four-hour presentation and workshop was 
given by my co-author (Tobias Bluzmanis) and I regarding the bypass of 
Medeco m3 and Biaxial cylinders. For those who may be unfamiliar with 
the name, Medeco has been the predominant high security lock 
manufacturer in North America for the past 40 years. It's responsible 
for protecting residences, commercial locations, and the most secure 
government facilities in the U.S. and overseas. Its lock design was 
revolutionary and very secure, until we figured out the embedded design 


Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
Received on Fri Oct 24 2008 - 02:09:05 PDT

This archive was generated by hypermail 2.2.0 : Fri Oct 24 2008 - 02:22:02 PDT