11.13.2009

What Is Lock Bumping & Should I Care?

Bumping, also referred to as "rapping" is not new. In fact, it's been around for at least half a century! When this method is used correctly it is extremely effective in over 90% cylinder type locks. As with any other lock picking technique it requires some time and patience to master. A bump key is a key in which all the cuts are at the maximum depth. Bump keys can be cut for standard pin tumbler type locks as well as "dimple" locks.

In the 1970s, locksmiths in Denmark shared a technique for knocking on a lock cylinder while applying slight pressure to the back of the lock plug. When the pins would jump inside of the cylinder, the plug would be able to slide out freely, thus enabling the locksmith to disassemble the lock quickly. The use of a bump key was not introduced until some time later and was first recognized as a potential security problem around 2002–2003 by Klaus Noch who brought it to the attention of the German media. After further examination of the procedure, a white paper was drafted in 2005 by Barry Wels & Rop Gonggrijp of The Open Organization of Lockpickers (TOOOL) detailing the method and its applicability.


A patent exists for a lock device following the same principle as the bump key from 1926–1928. The technique then attracted more popular attention in 2005 when a Dutch television show, Nova, broadcast a story about the method. After the method received further publicity from TOOOL presentations at security conference talks, members of TOOOL and a Dutch consumer group, Dutch Consumentenbond, analyzed the capability of the method on 70 different lock models and with trained and untrained users in a 2006 study.

At the same time, Marc Tobias, an American security expert, began to talk publicly in the United States about the technique and its potential security threats. In 2006, he released two further white papers regarding the technique and its potential legal ramifications.


High-quality locks may be more vulnerable to bumping unless they employ specific countermeasures. More precise manufacturing tolerances within the cylinder make bumping easier because the mechanical tolerances of the lock are smaller, which means there is less loss of force in other directions and pins move more freely and smoothly. Locks made of hardened steel are more vulnerable because they are less prone to damage during the bumping process that might cause a cheaper lock to jam.


Locks having security pins (spool or mushroom pins, etc.)—even when combined with a regular tumbler mechanism—generally make bumping somewhat more difficult but not impossible. Electronic locks, magnetic locks, and locks using rotating disks are not vulnerable to this attack.


Because a bump key must have the same blank profile as the lock it is made to open, restricted or registered key profiles are not any safer from bumping. While the correct key blanks cannot be obtained legally without permission or registration with relevant locksmith associations, regular keys can be filed down to act as bump keys.


Locks that have trap pins that engage when a pin does not support them will jam a lock's cylinder. Another countermeasure is shallow drilling, in which one or more of the pin stacks is drilled slightly shallower than the others. If an attempt were made on a lock that has shallow drilled pin stacks, the bump key will be unable to bump the shallow drilled pins because they are too high for the bump key to engage. Many bump-resistant locks are available which can not be easily opened through the lock bumping method.

Of course you can also prevent such worries with an access solution such ISONAS' PoE PowerNet IP or SimonsVoss' Digital Locking & Access Control System.



If you have any questions, please do not hesitate to contact us here.


Creating a Keyless World with Simons-Voss

SimonsVoss has taken it upon themselves to make living and working with their system more secure, easier, more convenient and more efficient. In doing so, they've revolutionized classical mechanical locking media by applying digital technology and access control features. Their idea of a digital transponder instead of keys has been globally accepted. They've successfully and consistently turned their vision into reality with a radio-controlled, wireless locking and access control system.


SimonsVoss is the undisputed technology leader in the rapidly growing marked for digital, battery-operated locking and access control systems. More than 56,000 systems have been installed all overt the world proving that their vision has already become a reality. Below, you'll find a list of some of the most frequently asked questions about their innovative access control system.

Do I need both an RF lock and a SmartRelay for a Door?
No, the two components work independently of one another and have different tasks in the system. The RF Lock operates a mechanical latch. The SmartRelay operates a solid-state relay. As a result, you need only one of these components at a time.

Can the transmission of data over the radio link be tapped and reproduced?
The radio transmission is based on a method tested by the military. It is a constantly changing code sequence (crypto codes), which is not reproducible. Even renowned test institutes such as VdS and BSI, for example, couldn’t crack the code.

How is the system protected from attack?
The components are designed to resist mechanical, electrical and magnetic attacks.

Can I add a wireless network at a later date?
Yes, the system is designed to add a wired, wireless or virtual network at any time.

Can the lock system be expanded at a later date?
Yes the modular hardware components and the flexible lock plan software allow a modification or expansion of existing systems at a time.

Which components must be programmed?
All components, transponders and locks, must be programmed.

How can the digital locking cylinder’s battery be checked?
The status  of the battery can be displayed form the host computer through the SmartCD or wireless network.

Can the lock read HID cards?
Not yet. That technology is passive and does not transmit well through metal. However, a reader interface is being developed and other technology breakthroughs are being considered.

What happens when the battery dies?
There is a three-stage process of battery management that ensures authorized access. In all the years of operation access has never been denied due to battery failure.

Is there a mechanical override?
The deadbolt on the mortise lock can function as a mechanical override for mortise locks. The SV1C cylindrical lock does not have a mechanical override.

What certifications does the lock have?
These products are certified by the FCC not to interfere with other RF-based products. The US RF Locks have all been tested to ANSI Grade 1 standards. The locks are also approved by UL to meet the 10-C standard for fire doors under positive pressure.


Do you have a lock for a glass storefront door?
Yes. The Digital Mortise Cylinder (DMC4) can be used with the most popular aluminum storefront door locks.

How many transponders are supported by each RF lock?
Each RF Lock can support up to 8.000 transponders currently and will be upgradeable to 64,000 sometime in 2010.

What is the anticipated life of the batteries?
The batteries in the locks are certified for 150,000 cycles. The batteries in the standard transponders are certified for 1,000,000 clicks.

When using the wireless network, what is the range between the Central Node (computer) and the door?
The distance between each radio span (Central Node to Router or Lock Node or between routers) is a maximum of 150 feet. The distance is based on the RF environment and can be reduced by the surrounding materials.

What is the radio range for the signal between the Lock Node and the RF Lock?
The Lock Node must be located with 12” of the RF Lock. There is an optional external antenna for the Lock Node to extend this range up to 16 feet.

What are the environmental ratings of your locks?
The operating temperature of the SimonsVoss RF Lock is rated for -4 - +140 degrees Fahrenheit at non-condensing humidity of less than 90%.

Can the lock detect the position of the door?
SimonsVoss Technologies RF locks do not include a traditional door status switch. This capability is not significant to a standalone door with no real-time communications. When the 915 MHz wireless network is used, the Lock Node can monitor up to three input points.

What is the range between the SimonsVoss Technologies transponders and locks?
The maximum measured range is 20”. This distance is based on environmental elements such as the material of the door, the walls, and other radio products in the area.

Is it possible to use the SimonsVoss Technologies locks with an existing third-party access control system?
Yes, you can do this by using a Switching Transponder (TRA.SCHALT) which has wires that are connected in parallel to the button of the transponder. These wires are then connected to the relay terminals of the third-party access control panel. When the relay closed it activated the transponder just as if the button was pushed, opening the SimonsVoss Technologies RF lock.

Can I use third-party access control cards with SimonsVoss Technologies locks?
SimonsVoss has a reader that can read Mifare cards and use that information to send the proper user ID to the lock for the access decision. Extending this reader to other card technologies is currently in development.

11.11.2009

Company responsible for 1/3 of the world's junk email shut down.


A botnet that was once responsible for an estimated third of the world's spam has been knocked out of commission thanks to researchers from security firm FireEye.

After carefully analyzing the machinations of the massive botnet, alternately known as Mega-D and Ozdok, the FireEye employees last week launched a coordinated blitz on dozens of its command and control channels. The channels were used to send new spamming instructions to the legions of zombie machines that make up the network.

Almost immediately, the spam stopped, according to M86 Security blog. Last year, the email security firm estimated the botnet was the leading source of spam until some of its servers were disabled.

The body blow is good news to ISPs that are forced to choke on the torrent of spam sent out by the pesky botnet. But because many email servers already deployed blacklists that filtered emails sent from IP addresses known to be used by Ozdok, end users may not notice much of a change, said Jamie Tomasello, an abuse operations manager at antispam firm Cloudmark.

The takedown effort is significant because it shows that a relatively small company can defeat a for-profit network that took extraordinary measures to ensure it remained operational. Not only did Ozdok reserve a long list of domain names as command and control channels, it also used hard-coded DNS servers. When all else failed, its software was able to dynamically generate new domain names on the fly.

With head chopped off of Ozdok, more than 264,000 IP addresses were found reporting to sinkholes under FireEye's control, an indication of the massive number of zombies believed to have belonged to the botnet. FireEye researchers plan to work with the ISPs to identify the owners of the orphaned bots so their owners can clean up the mess.

FireEye researchers said the key to dismantling the giant ring was a coordinated effort that worked in multiple directions all at once so that bot herders didn't have a chance to counteract. "As it turns out, no matter how many fallback mechanisms are in place, if they aren't all implemented properly, the botnet is vulnerable," they wrote.