Defcon Hacks Defeat Card-And-Code Locks In Seconds

Sparrowvsrevolution writes "At the Defcon security conference in Las Vegas, Marc Weber Tobias and Toby Bluzmanis plan to demonstrate simple hardware hacks that expose critical security problems in Swiss lock firm Kaba's E-plex 5800 and its older 5000. Kaba markets the 5800 lock, which Bluzmmanis says can cost as much as $1,300, as the first to integrate code-based access controls with a new Department of Homeland Security standard that goes into effect next year and requires identifying credentials be used in secure facilities to control access. One attack uses a mallet to 'rap' open the lock, another opens the lock by putting a pin through the LED display light to ground a contact on the circuit board, and a third uses a wire inserted in the lock's back panel to hit a switch that resets its software."

made to government spec

[magarity]

a new Department of Homeland Security standard that goes into effect next year
 
How many places will buy them because they meet this government spec without regard to these problems? Government planning at its finest!

Re:made to government spec

[camperdave]

Seems odd to me that DHS standards specify a Swiss lock. Are there no American lock manufacturers?

Attacks too easy?

[QuasiSteve]

One attack uses a mallet to 'rap' open the lock

Isn't this pretty much an old trick, similar to 'bumping'?

another opens the lock by putting a pin through the LED display light to ground a contact on the circuit board

This one's a lot more fun as you have to know where, approximately, that contact is - but then again, why is that contact accessible?

and a third uses a wire inserted in the lock's back panel to hit a switch that resets its software."

oh for pity's sake.

The first has already been solved by lockmakers, the second is solved by making the PCB reasonably inaccessible (an individual cover plate will do) which would also deal with the third, but then the third shouldn't be a switch anyway - it should be two distinct female header points on the PCB that can be bridged only with a length of wire; this is not a crappy home wireless router that actually needs a user-accessible reset button.

Whoever designed these $1k locks, electronically and mechanically, really need to go back to the drawing board... or school.

Re:I guess all those cheesy movies/TV shows are ri

[mea_culpa]

I got locked in my self-storage lot after staying past closing time (11 PM). There were no staff to let me out and I was trapped inside with only a keypad to open the gate which happily told me the lot was closed. After inspecting the gate I saw a what amounted to a key switch on a pole high enough for someone on a fire truck to access from the outside. I followed the conduit from that key switch to an electrical box near the gate motor. This small box was secured with one flat head screw, Armed with a paperclip I removed the screw and shorted the two wires coming from the key switch and the gate opened.

I don't know if I would have thought to do that if I wasn't inspired by the movies. It sure beat camping there for the night,