*NOT HOT* - Kryptonite U-locks can be opened with a bic pen

[gspyer]

Originally posted by: InspectorGadget

Originally posted by: gspyer

Originally posted by: klaxon

Good thing I got a chain keylock.

PS: There one brand of bike locks that uses "variable resistance" springs in their pins. That one is much harder to pick, and it is probably "Bic proof". Also know that once you pick a lock, if you do it without enough finesse, it become a bitch to set all the pins right so that it can be used again. Because you are basically forcing some of the pins to warp into the sheer line. This is how you can detect if a door has been picked.

gspyer, thanks for posting that explanation of why this simple trick works.

Given that this information had been available to locksmiths for some time, any thoughts on why the mechanism wasn't improved in 12 years?

Also, you mention a brand of bike lock that uses "variable resistance" springs. Can you share the name of this lock?

Thanks

Oh I mentioned that lock as an example that the weakness of cylinder-type locks has been known for so long that manufactures actually tried to compensate for this. It believe the brand is called the Ace II which is a cylinder-mechanism Kryptonite bought and uses in *some* of its locks, I think... anyway all 7 pins have with different tensions. So Kryptonite knew about this problem for a while now. Don't quote me on that. And it still doesn't mean it pick resistant, maybe just "Bic resistant". HAH!

But, I don't recommend getting a cylinder lock at all. Just a side note, I remember a story about some children who figured out how to pick the lock of a subway power station or shed or something. They got fried, and it was on the news. And the lock they picked was a cylinder-style lock.

If you want to go cheap go for a generic "flat key" lock. (You know, the stuff that your door uses.) That is actually better than cylinder lock. It is pickable but it certainly needs some skill and experience. (For example, go try and pick you own front door.) The main weakness is that they are often made with brass, therefore they can be drilled. This is also known as the Bulgarian Method (don't ask me why). This also why cylinder locks were so attractive at first, because the pins are bigger, thus easier to make, thus they use steel and are generally considered drill proof. Also, if I remember right, the cylinder design is supposed to jam if someone does successfully drill it.

Some people on bike sites are recommending getting a Mul-T-Lock with a chain. That's basically a big ole padlock. I don't know about mechanism used to lock it.

Now Kryptonite announced they are releasing "disc-type" locks, considered "pick-proof" as far as I know (these weren't around when my dad was still working as locksmith). My limited understand of a these styles of locks is that they are like "flat key" locks except they use two different types of pins on the both the top and bottom of the chamber, unlike your car keys which is the same on the top and bottom. And the pins are not in a row, but in a random alignment. Also the pins are cone shaped which would make it hard for a pick to grab on to it, much less exert the right amounts of pressure. The keys are etched by computer. Certainly normal lockpicking tools cannot pick these locks, maybe magic ones can.

Kryptonite also announced they are going to have an upgrade plan for current owners, the details are still unknown and it seems more than likely they are trying to buy time and stave off a potential class-action lawsuit. Hey that could be a Hot Deal soon if it turns out be a free upgrade. If you can't wait for the terms of Kryptonite's "gracious offer", which will probably involve you signing something that promises not to sue them, there is one company I know of which makes disc-type bike locks already, called OnGuard. The locks costs approximatly the same as your Kryptonite ones and, as far as I know, it is also made in China.

 

[poppagene]

Originally posted by: Triggerhappy007
This probably won't work on the NY lock will it? That sucker costs $70.

from the washington post:

Flaw Makes Bike Locks Easy to Crack

By Griff Witte
Washington Post Staff Writer
Saturday, September 18, 2004; Page E01

Bicycle lock maker Kryptonite, stung by revelations that some of its locks can be pried open with nothing more than the hull of a ballpoint pen, yesterday offered to provide free upgrades to customers who purchased the vulnerable locks.

The Canton, Mass., company, a division of Ingersoll-Rand, said it would offer new locks or parts to anyone who's purchased the following models within the last two years: Evolution, KryptoLok, New York Chain, New York Noose, Evolution Disc Lock, KryptoDisco or DFS Disc Lock. Customers will receive different types of upgrades depending on what style of lock they own.

 

[Glendor]

Dam, I have three of them, and they are all older than 2002 so Krypto will not replace them

 

[0roo0roo]

eh guess mines only good for self defence now. the things a decent club heh. and yea i guess the bic would make it easier, jiggle pins and apply torque in one tool... much easier then any normal picking.

 

[Zuppa]

Originally posted by: Glendor

Dam, I have three of them, and they are all older than 2002 so Krypto will not replace them

"Consumers who have had one of the Kryptonite locks mentioned with a tubular cylinder for longer than two years will be eligible for a sizeable rebate on the upgraded products. This program will be administered through Kryptonite dealers and distributors. A distributor and dealer swap program will be rolled out through direct communication from Kryptonite to all its partners. Full details about this unprecedented program will be available on Kryptonite?s website by afternoon Eastern Standard Time, Wednesday, September 22, 2004, at www.kryptonite.com"

 

[JImmyK]

Originally posted by: gspyer

Originally posted by: klaxon

Good thing I got a chain keylock.

STOP THE MADNESS!

newsflash: all locks can be picked. locks are not magic, they are mechanic.

some kryptonites can be picked with a Bic pen body. i tried it on my locks, it didn't work - looking at the cuts on my keys, i didn't expect it to work. course, i don't chew pens so the end of my bic pen body is nice and flat - no way it is going to get the pins in the lock to line up and let the cylinder turn.

MANY PEOPLE report that the bic pen thing DOES NOT WORK on their lock. far fewer people report that it does.

picking locks is a skill that few people perform - low risk exposure. the lock still provides the same amount of risk mitigation, but because of this `news' item, risk exposure has gone up. i am not worried - i don't solely rely on a lock to mitigate risk of theft.

Just because you don't know how to do it, doesn't mean it that it does not work. IT DOES WORK. PERIOD!

This is a vulnerability in ALL (read again: ALL) cylinder lock designs. I know quite a bit about how locks work because my father was a locksmith. In fact, this vulnerability was actually published in a British magazine back in 1992. That's right, 12 ago.

Why does this work? Cylinder locks work on the principle that all the pins needs to pressed a certain amount to unlock it. When the Bic pen pushes down and you wiggle/twist it, it actually will push the pins down an number of "random" times with "random" pressure. In theory, this would not allow the bike lock to be picked, but if any of you know anything about locks and lockpicking, you would know that the pins are all imperfect. Therefore you can catch one or two if the pins in "unlocking" position called the sheer line. Once that happens, by putting force on the pins and twisting the shaft, you can keep those pins in the sheer line while forcing the other pins. This principle works for picking all mechanical locks except the pins in the normal lock is inside a very small chamber. The cylinder bike lock pins are exposed, and that is why these cylinder bike locks are so easy to pick.

Some locks are just a little harder to pick than others because of the random sheer line of the pins that are made during manufacturing. If the pins are more "alike" to each other, they are easier to pick.

There are number of other way to pick these kinds of locks. I was shown actually about how to open these locks from my retired father, not with a Bic, but with a drinking straw (the thick slurpee kind). This vulnerability is not specific to Kryponite locks, it is for every kind of cylinder lock. (Even those old AT computer keyboard locks.) And it has been known to locksmiths (and probably theives) for many years, it is just a big deal now because someone did a video to show how darn easy it is. Also, you show know that Krypontine (a company in China) does not actually make this locking mechanism, they buy it from another manufacturer, an American one (whose name slips my mind).

Anyone who tells you that this trick doesn't work simply knows nothing about locks and how they work. And his probably doing it work (try another pen). Although we should be thankful that people like, klaxon exist, because if everyone could pick this lock with ease... well you know.

PS: There one brand of bike locks that uses "variable resistance" springs in their pins. That one is much harder to pick, and it is probably "Bic proof". Also know that once you pick a lock, if you do it without enough finesse, it become a bitch to set all the pins right so that it can be used again. Because you are basically forcing some of the pins to warp into the sheer line. This is how you can detect if a door has been picked.

Haha WOW! wicked good/informative post dude

 

[toneman]

Originally posted by: gspyer

Originally posted by: klaxon

Good thing I got a chain keylock.

STOP THE MADNESS!

newsflash: all locks can be picked. locks are not magic, they are mechanic.

some kryptonites can be picked with a Bic pen body. i tried it on my locks, it didn't work - looking at the cuts on my keys, i didn't expect it to work. course, i don't chew pens so the end of my bic pen body is nice and flat - no way it is going to get the pins in the lock to line up and let the cylinder turn.

MANY PEOPLE report that the bic pen thing DOES NOT WORK on their lock. far fewer people report that it does.

picking locks is a skill that few people perform - low risk exposure. the lock still provides the same amount of risk mitigation, but because of this `news' item, risk exposure has gone up. i am not worried - i don't solely rely on a lock to mitigate risk of theft.

...Also know that once you pick a lock, if you do it without enough finesse, it become a bitch to set all the pins right so that it can be used again...

True...but then again, I would venture to say that the majority of people who pick locks for ulterior motives could care less if they can't be used again...

 

[Abhi]

Originally posted by: JImmyK

Originally posted by: gspyer

Originally posted by: klaxon

Good thing I got a chain keylock.

STOP THE MADNESS!

newsflash: all locks can be picked. locks are not magic, they are mechanic.

some kryptonites can be picked with a Bic pen body. i tried it on my locks, it didn't work - looking at the cuts on my keys, i didn't expect it to work. course, i don't chew pens so the end of my bic pen body is nice and flat - no way it is going to get the pins in the lock to line up and let the cylinder turn.

MANY PEOPLE report that the bic pen thing DOES NOT WORK on their lock. far fewer people report that it does.

picking locks is a skill that few people perform - low risk exposure. the lock still provides the same amount of risk mitigation, but because of this `news' item, risk exposure has gone up. i am not worried - i don't solely rely on a lock to mitigate risk of theft.

Just because you don't know how to do it, doesn't mean it that it does not work. IT DOES WORK. PERIOD!

This is a vulnerability in ALL (read again: ALL) cylinder lock designs. I know quite a bit about how locks work because my father was a locksmith. In fact, this vulnerability was actually published in a British magazine back in 1992. That's right, 12 ago.

Why does this work? Cylinder locks work on the principle that all the pins needs to pressed a certain amount to unlock it. When the Bic pen pushes down and you wiggle/twist it, it actually will push the pins down an number of "random" times with "random" pressure. In theory, this would not allow the bike lock to be picked, but if any of you know anything about locks and lockpicking, you would know that the pins are all imperfect. Therefore you can catch one or two if the pins in "unlocking" position called the sheer line. Once that happens, by putting force on the pins and twisting the shaft, you can keep those pins in the sheer line while forcing the other pins. This principle works for picking all mechanical locks except the pins in the normal lock is inside a very small chamber. The cylinder bike lock pins are exposed, and that is why these cylinder bike locks are so easy to pick.

Some locks are just a little harder to pick than others because of the random sheer line of the pins that are made during manufacturing. If the pins are more "alike" to each other, they are easier to pick.

There are number of other way to pick these kinds of locks. I was shown actually about how to open these locks from my retired father, not with a Bic, but with a drinking straw (the thick slurpee kind). This vulnerability is not specific to Kryponite locks, it is for every kind of cylinder lock. (Even those old AT computer keyboard locks.) And it has been known to locksmiths (and probably theives) for many years, it is just a big deal now because someone did a video to show how darn easy it is. Also, you show know that Krypontine (a company in China) does not actually make this locking mechanism, they buy it from another manufacturer, an American one (whose name slips my mind).

Anyone who tells you that this trick doesn't work simply knows nothing about locks and how they work. And his probably doing it work (try another pen). Although we should be thankful that people like, klaxon exist, because if everyone could pick this lock with ease... well you know.

PS: There one brand of bike locks that uses "variable resistance" springs in their pins. That one is much harder to pick, and it is probably "Bic proof". Also know that once you pick a lock, if you do it without enough finesse, it become a bitch to set all the pins right so that it can be used again. Because you are basically forcing some of the pins to warp into the sheer line. This is how you can detect if a door has been picked.

Haha WOW! wicked good/informative post dude