Hackers gathered in Las Vegas on Saturday showed ways to crack electronic key-card systems and deadbolt locks used at security-sensitive places including the White House and the Pentagon.
"If you can't physically protect your computer, you are screwed," said Zac Franken, a British hacker who engineered a way to outwit door locks relying on key cards.
"Most people think that computers inside buildings are secure. How many computers do you see left logged on at night?" he said.
PHOTO: AP
Franken's creation was among the real-world lock-cracking revelations made at the DefCon hackers conference, where a room is devoted to the "sport" of lock picking.
Medeco deadbolt locks relied on worldwide at embassies, banks and other tempting targets for thieves, spies or terrorists can be opened in seconds with a strip of metal and a thin screw driver, Marc Tobias of Security.org demonstrated.
"This is incredible; it's unreal," Tobias said while showing the ease with which the locks can breached.
"Medeco has one of the best designed locks in the world, but with this kind of attack it's all irrelevant," he said.
US-based Medeco is owned by ASSA ABLOY Group, a Swedish manufacturer and supplier of locks.
"This is not the only company," Tobias said. "There are lot of them; lots of deadbolts with similar weakness."
Tobias said he refuses to publish details of "defeating" the locks because they are used in places ranging from homes and banks to the White House and the Pentagon.
"This can cause a lot of trouble," he said. "They need to fix this. If you have one of these on your house or wherever you'd better be concerned."
Franken is equally protective of the simple electronics he uses in a device that can be spliced into wires connecting key card readers to computer systems that control door locks on many businesses.
"The access control system is inherently insecure," Franken said. "I just walk up, pop off a cover held on by two screws, put my device in and we're away."
Easy targets for the "physical hack," involving manipulating hardware instead of computer software, are electronic key scanner pads at doors where workers step outside for cigarette breaks, Franken said.
Once the device is spliced into place, encoded cards can be used to command it to replay the last valid entry code or have the system deny access to people with legitimate cards, he showed.
"Basically, I can now lock all the valid users out while I can still get in," Franken said. "There is no patch for this."
Tobias wants to see a "Hogwarts School for Reality," which like the school of magic made famous in the Harry Potter novels would aim to inspire children to act creatively -- in this case by applying technology to security needs on and offline.
"It's no difference breaking into a lock or a computer," he said. "If you can get past locks you get to the computers. This is the real world; we need the real world Hogwarts."
Beijing’s continued provocations in the Taiwan Strait reveal its intention to unilaterally change the “status quo” in the area, the US Department of State said on Saturday, calling for a peaceful resolution to cross-strait issues. The Coast Guard Administration (CGA) reported that four China Coast Guard patrol vessels entered restricted and prohibited waters near Kinmen County on Friday and again on Saturday. A State Department spokesperson said that Washington was aware of the incidents, and urged all parties to exercise restraint and refrain from unilaterally changing the “status quo.” “Maintaining peace and stability across the Taiwan Strait is in line with our [the
EXTENDED RANGE: Hsiung Sheng missiles, 100 of which might be deployed by the end of the year, could reach Chinese command posts and airport runways, a source said A NT$16.9 billion (US$534.93 million) project to upgrade the military’s missile defense systems would be completed this year, allowing the deployment of at least 100 long-range Hsiung Sheng missiles and providing more deterrence against China, military sources said on Saturday. Hsiung Sheng missiles are an extended-range version of the Hsiung Feng IIE (HF-2E) surface-to-surface cruise missile, and are believed to have a range of up to 1,200km, which would allow them to hit targets well inside China. They went into mass production in 2022, the sources said. The project is part of a special budget for the Ministry of National Defense aimed at
READY TO WORK: Taiwan is eager to cooperate and is hopeful that like-minded states will continue to advocate for its inclusion in regional organizations, Lai said Maintaining the “status quo” in the Taiwan Strait, and peace and stability in the Indo-Pacific region must be a top priority, president-elect William Lai (賴清德) said yesterday after meeting with a delegation of US academics. Leaders of the G7, US President Joe Biden and other international heads of state have voiced concerns about the situation in the Strait, as stability in the region is necessary for a safe, peaceful and prosperous world, Lai said. The vice president, who is to be inaugurated in May, welcomed the delegation and thanked them for their support for Taiwan and issues concerning the Strait. The international community
COOPERATION: Two crewmembers from a Chinese fishing boat that sank off Kinmen were rescued, two were found dead and another two were still missing at press time The Coast Guard Administration (CGA) was yesterday working with Chinese rescuers to find two missing crewmembers from a Chinese fishing boat that sank southwest of Kinmen County yesterday, killing two crew. The joint operation managed to rescue two of the boat’s six crewmembers, but two were already dead when they were pulled from the water, the agency said in a statement. Rescuers are still searching for two others from the Min Long Yu 61222, a boat registered in China’s Fujian Province that capsized and sank 1.03 nautical miles (1.9km) southwest of Dongding Island (東碇), it added. CGA Director-General Chou Mei-wu (周美伍) told a