Hackers gathered in Las Vegas on Saturday showed ways to crack electronic key-card systems and deadbolt locks used at security-sensitive places including the White House and the Pentagon.
"If you can't physically protect your computer, you are screwed," said Zac Franken, a British hacker who engineered a way to outwit door locks relying on key cards.
"Most people think that computers inside buildings are secure. How many computers do you see left logged on at night?" he said.
PHOTO: AP
Franken's creation was among the real-world lock-cracking revelations made at the DefCon hackers conference, where a room is devoted to the "sport" of lock picking.
Medeco deadbolt locks relied on worldwide at embassies, banks and other tempting targets for thieves, spies or terrorists can be opened in seconds with a strip of metal and a thin screw driver, Marc Tobias of Security.org demonstrated.
"This is incredible; it's unreal," Tobias said while showing the ease with which the locks can breached.
"Medeco has one of the best designed locks in the world, but with this kind of attack it's all irrelevant," he said.
US-based Medeco is owned by ASSA ABLOY Group, a Swedish manufacturer and supplier of locks.
"This is not the only company," Tobias said. "There are lot of them; lots of deadbolts with similar weakness."
Tobias said he refuses to publish details of "defeating" the locks because they are used in places ranging from homes and banks to the White House and the Pentagon.
"This can cause a lot of trouble," he said. "They need to fix this. If you have one of these on your house or wherever you'd better be concerned."
Franken is equally protective of the simple electronics he uses in a device that can be spliced into wires connecting key card readers to computer systems that control door locks on many businesses.
"The access control system is inherently insecure," Franken said. "I just walk up, pop off a cover held on by two screws, put my device in and we're away."
Easy targets for the "physical hack," involving manipulating hardware instead of computer software, are electronic key scanner pads at doors where workers step outside for cigarette breaks, Franken said.
Once the device is spliced into place, encoded cards can be used to command it to replay the last valid entry code or have the system deny access to people with legitimate cards, he showed.
"Basically, I can now lock all the valid users out while I can still get in," Franken said. "There is no patch for this."
Tobias wants to see a "Hogwarts School for Reality," which like the school of magic made famous in the Harry Potter novels would aim to inspire children to act creatively -- in this case by applying technology to security needs on and offline.
"It's no difference breaking into a lock or a computer," he said. "If you can get past locks you get to the computers. This is the real world; we need the real world Hogwarts."
CSBC Corp, Taiwan (台灣國際造船) yesterday released the first video documenting the submerged sea trials of Taiwan’s indigenous defense submarine prototype, the Hai Kun (海鯤), or Narwhal, showing underwater navigation and the launch of countermeasures. The footage shows the vessel’s first dive, steering and control system tests, and the raising and lowering of the periscope and antenna masts. It offered a rare look at the progress in the submarine’s sea acceptance tests. The Hai Kun carried out its first shallow-water diving trial late last month and has since completed four submerged tests, CSBC said. The newly released video compiles images recorded from Jan. 29 to
DETERRENCE EFFORTS: Washington and partners hope demonstrations of force would convince Beijing that military action against Taiwan would carry high costs The US is considering using HMAS Stirling in Western Australia as a forward base to strengthen its naval posture in a potential conflict with China, particularly over Taiwan, the Wall Street Journal reported on Saturday. As part of its Indo-Pacific strategy, Washington plans to deploy up to four nuclear-powered submarines at Stirling starting in 2027, providing a base near potential hot spots such as Taiwan and the South China Sea. The move also aims to enhance military integration with Pacific allies under the Australia-UK-US trilateral security partnership, the report said. Currently, US submarines operate from Guam, but the island could
RESTRAINTS: Should China’s actions pose any threat to Taiwan’s security, economic or social systems, China would be excluded from major financial institutions, the bill says The US House of Representatives on Monday passed the PROTECT Taiwan Act, which states that Washington would exclude China from participating in major global financial organizations if its actions directly threaten Taiwan’s security. The bill, proposed by Republican Representative Frank Lucas, passed with 395 votes in favor and two against. It stipulates that if China’s actions pose any threat to Taiwan’s security, economic or social systems, the US would, “to the maximum extent practicable,” exclude Beijing from international financial institutions, including the G20, the Bank for International Settlements and the Financial Stability Board. The bill makes it clear that China must be prepared
Taiwanese trade negotiators told Washington that Taipei would not relocate 40 percent of its semiconductor production to the US, and that its most advanced technologies would remain in the nation, Vice Premier Cheng Li-chiun (鄭麗君) said on Sunday. “I told the US side very clearly — that’s impossible,” Cheng, who led the negotiation team, said in an interview that aired on Sunday night on Chinese Television System. Cheng was referring to remarks last month by US Secretary of Commerce Howard Lutnick, in which he said his goal was to bring 40 percent of Taiwan’s chip supply chain to the US Taiwan’s almost
RSS