You Can Pick Every Lock!
Marc Tobias' Book - 'Open in Thirty Seconds'
What locks can be picked?
Simple answer: All of them.
People have gone to extraordinary lengths to secure things. Lock pickers have gone to extraordinary lengths to unsecure them.
I mean I’m being a bit generous with ‘picked’ as it presumes single pin picking, or some other ‘traditional’ technique. But what you can say with complete certainty is this: if you can open a lock properly, you can open a lock improperly.
The 'unpickable' Forever Lock. Which turned out to be pickable and should be renamed the 2 minutes lock.
In the time I’ve been in this game I’ve seen countless new ‘unpickable’ locks invented, the most recent being the ‘forever lock’, which debuted on You Tube one day, and had been picked, bumped and impressioned on You Tube the next.
Lock picking living legend Marc Tobias in his book ‘open in 30 seconds - cracking one of the most secure locks in America’ showed how, with persistence, knowledge, expertise and persistence, even high security locks, loaded up with security features, anti picking/bumping and other measures could be compromised - in seconds. The blurb is worth a read...
They threw the book at the Medeco Biaxial lock, but then Marc Tobias threw a different book at it and it opened.
"OPEN IN THIRTY SECONDS: Cracking One of the Most Secure Locks in America". This book examines new techniques to compromise Medeco® Biaxial® and M3 high security locks by methods of forced, covert, and surreptitious entry. It is the result of an eighteen month research project by the authors and other security experts. It has resulted in the filing of multiple patents and the ability to pick, bump, and mechanically bypass Medeco cylinders, sometimes in seconds. Medeco, for the past forty years, has been the predominant high security lock manufacturer in the United States. They protect high value targets and critical infrastructure throughout the world. Their venues include the White House, Pentagon, and the Royal Family in England, as well as hundreds of thousands of residences, businesses, hospitals, banks, government facilities, and institutions. Their locks are found in virtually every application where the highest level of quality and security is expected. The development of methods to bypass Medeco locks required the solution to many interrelated and complex problems, and may be the modern equivalent of the Enigma code machine during World War II. The process to compromise all levels of Medeco security required technical expertise, the connection of many unrelated pieces of information, and perhaps most importantly, imagination. The chronology of how Medeco security was cracked is a good story, especially if you enjoy technically-based intellectual challenges that have serious security implications in the real world.”
With so many techniques available (for non destructive entry) such as Single Pin Picking, raking, pick guns, impressioning, bumping, pick guns, bypassing etc, and with more evolving, the lock manufacturers really cannot keep up. And yet in my experience I have to say, they do not seem too bothered. I don’t want the legal wrangles of naming names but for instance I know for a fact one car company has known for years the locks used across its range of VERY POPULAR and expensive vehicles are so badly compromised they can be accessed in seconds with almost no skill or knowledge. Another car company uses locks I’ve opened with a cotton bud (a Q-tip for you across the pond)
A cotton bud - or q-tip for US readers. Either way, I can get into some of your vehicles with one, whatever you call it.
Years ago, I heard of a new 10 pin dimple lock being released. I managed to get hold of one and upon spotting a clear vulnerability, quickly ordered 5 from the company, knowing I’d have to prove my technique on at least three out of five to get any attention from the lock picking world.
Upon receiving my order, and recognizing my company name they called me on the phone, requesting that I did not publicize any entry successes until after they’d been awarded their kitemark, an outdated UK peace of mind for consumers which, if my memory serves me correctly only means the lock withstood attack for like 180 seconds, or something equally pointless. But that they were not concerned about the actual security of their lock, rather its perceived security, tells you all you need to know.
The British Standard Kitemark. Says a lock can handle a couple of minutes hassle or something equally useless.
But this isn’t to say locks are useless, unsafe, even badly designed. Quite the opposite. It’s part of the design that a compromise must be reached between ease of entry and level of security. I mean you can weld a door shut, protecting the contents for sure. But opening it again is going to be a nightmare.
So, what locks can be picked? All of them, you just need to weigh up the conflicting purpose of locks - the paradox we are dealing with: Because in short, a lock is an object with two opposing functions: to keep people out, and to let people in. That’s not easy to design.