Tuesday, March 30, 2010

Security Maxims: Feynman's Maxim

From Security Maxims
http://www.ne.anl.gov/capabilities/vat/seals/maxims.html

Feynman’s Maxim: An organization will fear and despise loyal vulnerability assessors and others who point out vulnerabilities or suggest security changes more than malicious adversaries.
Comment: An entertaining example of this common phenomenon can be found in “Surely You are Joking, Mr. Feynman!”, published by W.W. Norton, 1997. During the Manhattan Project, when physicist Richard Feynman pointed out physical security vulnerabilities, he was banned from the facility, rather than having the vulnerability dealt with (which would have been easy). [sic]

Many years ago, I read this book. Richard Feynman had a great analytical mind and was able to find methods to open the locked filing cabinets when he worked on the Manhattan Project at Los Alamos. They started as padlocks on rods and moved up to Mosler combination locks. (I should be clear about this. Sometimes he found bypass methods to take papers out of locked cabinets without opening the lock at all. Same difference really.) He used a remarkable set of problem solving skills often playing the people as much as the hardware.  Often it was a bit of both as he found he could quickly discover a partial combination from a lock when visiting a co-worker while the safe lock was opened. 

At one point he explains to a Colonel how he opened one highly classified safe and the order was given to not let Mr Feynman near your safe. The military guy did not take the advice from Feynman on how to eliminate this as a vulnerability for all people.

Read the book if you want some practical ideas on 'safe cracking'.  It is also one of the book which brought me into the trade.


--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Sunday, March 28, 2010

Cell Phones and Driving.

OK. Yes. I have made driving mistakes while talking on mine.

I have also seen other drivers make terrible mistakes.

With rare exceptions, I have stopped talking while driving and you should to. I also think the time is coming when the insurance companies will see this as such a risk they will pull coverage if you have a collision while talking. (I think this will go ahead faster than waiting for either of our levels of government to act. Government regulation would be more balanced and transparent but I do not see it happening like that.)

Saturday, March 27, 2010

Shocking Safe Lock


While thinking of my last post, I thought of this one. Some days the ideas just flow.


For many businesses which use the safe to hold rolls of coin and floats, the number of openings per day wear out the standard group 2 dial safe lock. And worse, from a security point of view the staff see it as a hassle to keep redialing the lock and so leave the safe open or only locked by turning above the drop but then it is really not locked at all. A common and valid way to overcome this is to move to a digital safe lock where the the staff can open as fast as dialing a phone and once the door is closed it relocks automatically. The higher level of compliance generates better security overall.

Which brings me to my story of the safe in question which was recently converted from a dial lock to a LaGard digital as seen here. About a week later, a manager phoned to say the new lock was giving staff shocks when they operated the safe. In our shop, we reminded them it holds two 9 V batteries in parallel. The most juice this can give is 9 V and people would barely feel that if at all. Beside, a short would make it so the lock would not work and since the lock still works it is not our lock. Seemed to settle this for a bit.

A few days later, the store manager was back. While she did not think it was the lock either but that is all which was new, she would risk the cost of a service call to find out for sure. I was put in my job box.

I arrive and do nice introductions. The manager shows me the container and I test the lock. Works -- no surprise. Look behind at batteries and wires. Boring. She explains it does not always happen. As chance would have it, an assistant manager comes into the office as I start asking if there are any special situations which make the shocks happen more often. She does not know of any. He does.

"If you are holding onto the door frame, it usually happens." I should have been thinking better at this moment. I put my hand on the portion of the door frame where he was pointing which had the paint worn off. I touched the face of the lock. Nothing. (Wait for it.) I touched the body of the safe. YIKES!! It was REAL and it was not 9 volts. I can not recall if I metered the voltage but I really did not have to do that to KNOW it was not a 9 volt source.

I then looked at the back of the safe and saw two different power chords going behind it into a small space of maybe 3/4 inch or 2 cm. Since I know most plug-ins extend more than this, I knew the power was from those. This safe would have been just over 1000 lbs or 450 kg and moved easily out from the wall with a crow bar, wedges and rollers. Once out about a foot, I could see the damage. It had crushed both plugs into the receptacle which it had also smashed in. I pulled both plugs out after putting on some rubber gloves. Both plugs were clearing folded but on one I could see a tiny shiny copper surface.

For those outside the trade, safes do move back. The door is always a significant percentage of the weight and slams the safe back a tiny amount each time the door is closed. This movement adds up since there is nothing to bring the safe away from the wall. If you install the safe ahead of an electrical outlet and ideally you would not, you then place a solid spacer to prevent exactly what happened here. In this case, I sold the store a chunk of wood and wrote on it to leave behind the safe. I also explained these two appliance plugs are no longer safe to use and the plug-in needs works too. Since I am not an electrician, I leave it to them to get those items repaired.

It was a strange call but it all worked out to solve the problem and I had billable time. I think they were luck this was not found with a fire. Also, I have told this little tale at parties and now on the net. Seems electrocuting yourself is good for a laugh.


--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Midnight Shift is Always the Last to Know

So it was 3:30 am or some other time at night when I was ASLEEP and the phone rang. As I regained consciousness, I was told the story from a manager at a fast food place which stays open 24/7 of her safe which would not open. It seems our company moved it for renovation on Friday morning and now she can not open it. I had heard nothing of this move but that is unremarkable with the volume of work we have in our shop. The evening shift had opened it but now she can not. She knows she is using the right combination on a LaGard digital safe lock. This seems plausible since when she is done entering the code she reports a double beep as usual and she is not getting lock out delays.

For those in the technical end, you know where this is going. In my stupor I could think of a few ways a safe could lock up from a move. You could drop a bigger safe than I expect this place to have and break the glass relock plate. It would lock up good and fast. Also, with a smaller box, it may be badly out of level and twist to bind the door but again you will see that in door-run and rocking at the install. (The staff member we usually have do safe moves has way more experience than I and is very good at such details. He would NOT miss this.) However, it was all I could think of so asked her over the phone if the door had some play. She confirmed you could move the door in and out but a very small amount and it was 'about the same as yesterday'. Hmmm ... what is the problem??

I explained the midnight rates compared to the weekend day rates and also explained I did not know how a move could generate this problem. I also explained that if it were from the move it would be a no charge job but if not the restaurant would be charged. It is only fair to fully disclose and let the client decide. Given this and my wish to go back to bed, we agreed I would arrive there between 8 and 8:30 in the morning to see this safe. She agreed to a free coffee either way.

A different manager phoned a few hours later and said the safe was now open. I never did find out what the problem was earlier but suspect it was the operators. I hope in my slurry state I invited him to call again if the problem came back. (I was going to call this a PEAKs error meaning Problem Exists Above Keyboard but looked it up and it is not as common as I thought. Thinkers on design point out often the problem is the machine does not give good information to the user it is expecting some action and when you give it input it does not expect since you can not know what input the machine is expecting, it is not valid to call it human error.)

But now to get a bit more serious. If you can think of ANY way a safe move could generate a lock out, please toss it to me by email or as a comment.


And yet this call brought me back to a call years ago when I was newer to safes. It was well after midnight and they needed a safe open and had the codes. This is a high security place and each staff member keeps many safe codes all in small books which are closely held. This safe would not open for their known combinations. Given it was a dial safe I did the thinks I knew then. Basically, you test for various mechanical failures and carefully feel for changes in the dialing behaviour in terms of sound and feel. I did the set I knew. I did them again. And again. I had the staff check the codes with other staff who knew the same codes by phoning other poor sods in their sleep. We received confirmation the combination was right and yet it did not open. We contacted a manager and were approved to drill the next morning.

I went home and slept some. I went to the shop and loaded up tools where I was joined by a more experienced technician. We phoned to see if now was a good time and spoke to a different supervisor than was on duty at midnight. The safe was open and he knew nothing of my visit at 3 am. The combinations were changed during the evening shift and were not passed on. Well, that explains why the locks felt like they were in good condition.

It is true that the midnight shift is the last to know.


--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Thursday, March 25, 2010

Inclusive Language and the WWW

You will notice I seldom refer to a locksmith as 'he' or 'him' since I know some women in the trade. I want my writing to speak to all and find I can do that without much effort and usually readers will not even notice it is gender neutral.

Likewise, I have written before on the Web and know it is World Wide. I will try to give measurements in imperial and metric. This is a bit tougher as most of the locks we deal with are given in specifications using thousandths of an inch or just 'thou' commonly.

I also know I will be read by many who do not speak English as a first language. This means some of my casual language, while funny here, is confusing in other places. I want to have fun but if you do not know what I mean, feel free to write a comment saying just that.

In fact, on any of these points, feel free to toss a message and I will edit a post if you convince me there is a problem.

Its called "Key Attitude."

When a customer today laughed at this term, I knew it was a good item for the blog. Key attitude.

Lets start with a question. Have you ever had a lock you could unlock with your key but somebody else could not? You knew exactly how to hold the key ... how much to lift it ... how much to pull it back ... how hard to turn it ... how to comb your hair just right. You would insert the key and do a little dance with the key and you could get it to work every time. Good for you but that is NOT how a lock should work.

The engineering design is that a key should be inserted fully into a lock and you can let go of it. The springs in the lock and gravity will find a neutral place of rest for the key. Then you turn it without pulling it out or lifting it or tipping it. That is the ideal and lets put that in our rear-view mirror right now.

When you have to hold a key in some special way, it is called key attitude and it can arise for several reasons. Often the regular user of the lock has lived with a little of it for years as the key and lock wore out together so has learned the exact attitude for that key and lock. When that person passes the key to me, I find it almost impossible to work the lock. (I only hope I am entertaining as I struggle to get this key to work.)

Perhaps I should get more technical. A key fits into a lock in a keyway and the keyway always has to be a bit larger than the key. Some keys fit very exactly into the space given and really do not wiggle inside the lock more than a few thousandths of an inch. Generally these are new cylinders of the top grades of lock. As you look at more worn locks or less machined locks, the key has more air around it when in the lock and you can move the key up, down and sideways.

I guess I should say what exactly holds the key in place. Well, that depends on the lock. For the deadbolt in a house, the key should rest on the bottom of the keyway and the grooves on the side of the key should have matching ridges inside the lock to fit into them but not lift the key off the bottom of the keyway.* If the key is double sided like many cars, then usually you have springs from half the cuts pushing the key up and the other half pushing the key down. All you need to do is put 20 other keys, a cell phone, a collection of charms, a name tag and a small flashlight on your ring of keys and it will weigh enough to pull that double sided key out of the centre of the lock.

Since the fit of the key in the keyway is never exact, what attitudes are possible? Often you can lift the whole key if all the cuts on the key are too low. Also, the copy of the key can be tipped in either direction and sometimes to get it to work, you rock the tip of the key up and keep the shoulder area all the way down. Alternately, you can lift at the shoulder and keep the tip fully down. Am I done??

No. Keys are often duplicated with the blank not aligned correctly left to right in the machine. If the original is out of place, the cuts on the new key are too close to the shoulder and by the time you fully insert that key, the cuts have not yet reached where they should to operate. This key is taken back for a refund. More commonly, the copy is away from the shoulder when duplicated and this key will work if you pull it just a bit out of the lock. "Just a bit" is a precise way of saying guess and test.

And there can be one more problem but it is quite rare. When you wear a lock out, the keyway goes wide and the key can rotate slightly INSIDE the keyway before you start to turn the lock. For some keys, this rotates the cuts on the key blade out from under the pins and the pins move down and lock up the cylinder. This only happens in one direction or the other. However, if it happen when you turn the key clockwise and that is the direction which unlocks this lock, then it may seem like the key is wrong.**

(I will leave it as a homework exercise to find a solution to unlock such a lock without damage. Just had to say that. Old habits and all.)

Well, maybe this explains why it takes time to try out all the possible holding positions of a key before you find the exact key attitude to unlock it just once.

The job site which made me think of the topic was working with some safety deposit box locks. The client had keys labelled as working. One would work infrequently but a few others could not get the boxes to open at all. Safety deposit locks are not forgiving a poorly cut key and usually do not get high usage. If the key is wrong you hit a wall. I took the keys and tried a variety of attitudes with each until I had the boxes open. (Still faster and cheaper than drilling the door or destroying the lock which are the next options.) Once back in the shop, you can see where to correct the key by seeing what the internal parts are doing as you turn this key.

Do I like key attitude? Sure, it makes the job fun. Should you? A little is fine but do not make a copy of that key or you are likely to get a worse key which takes even more playing each time to open the lock. Also, most of the time poor key attitude is wearing out your lock faster than a correctly cut key. The key is generally a few dollars and can be replaced as needed without tools. The lock takes more time, money and skills to replace. Replace the key to preserve the lock seems good advice.



* I should get a prize for dodging the jargon of the trade. The grooves on the sides of keys are called millings and the shape of the hole used as a keyway is called the broaching.

** In a career as a locksmith, you will be given keys by ernest and honest customers who confidently tell you this is THE key for that lock. Later you open the lock to see the pins and it is not even close. This raises some customer service points I will discuss in some other post.


--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Wednesday, March 24, 2010

Backset problems.

This is a Weiser Powerbolt installed on a pre-existing door preparation. Since the installer had the main bore with a 2 3/4 backset and did not seem to know how to change the backset of the bolt, the bolt face was recessed in. I was replacing the hardware and it proved a minor problem.

But since a picture is worth 1000 words ...



If you are doing this at home, read the instructions in the box. This bolt can easily be made to fit in a 2 3/4 backset installation.


--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

"Locks only keep out honest people" 3T's

If I had a dollar for every time I have heard that line!

This may be true with something like a wooden desk drawer, but I have seen good quality burglary safe hacked and smashed for possibly hours and they were still locked up good. The right locks will keep out even a thief.

When something is locked up and you want the container opened, you really have three elements which contribute to defeating the lock. Often they are diagrammed in a triangle since you can trade a little bit of one for a bit of one of the others. There are real limits to how much you can do such trading.

Tools

The tools you need to get past a lock depends on the lock and the rest of the box. For a simple desk drawer you can use a simple pick to open the lock without damage or a big pry bar to wreck the desk. They would be about the same time but locksmith would choose the first and thieves the second.

In contrast, you could think you are going to open an Underwriter Rated Jewel Vault. It will be so heavy, most tow trucks can not even drag it. The tools to get it open need plug-in power and you need several such tools. You need various drill bits and grinder wheels. (And not one of the tools can be used without setting off the alarm package inside! More on this later.)

Time

More complicated locks take more time. I can pick some locks reliably in under a minute. Others I look at and think I can pick this in about 5 minutes. There are also locks I look at and think about destroying it to get inside since I know picking will not work. Everything you open takes time. For the trade, it is valuable since you will charge the client for your labour so the obligation is to use it well. For a thief, it is in VERY short supply since sooner or later somebody will show up. In a business which does not have an alarm system, the time limit is when the morning staff arrive. With an alarm it is some estimate of when the police will arrive. Locks which take me longer to get past also take the crooks longer too. Criminals have the advantage they can break stuff if it speeds the opening. I have the advantage in the third element below.

Techniques

All the things you learn of how to use tools, how the lock works and how the door or box is constructed come into play here. The more training you have to provide options when needed to open something the better. I am constantly learning but so are the criminals. However, I can learn from other locksmiths and security professionals much easier. Also, big institutions like banks and prisons trade security information formally and completely. We have all heard of inmates teaching others how to break in but mostly they learn 'smash and grab' techniques.


So the three words today are Tools, Time and Techniques. If my tools are not perfect, I can just take a bit more time. If I do not know the best techniques, I will be forced to use lesser tools and take more time. Some trade-offs can be made but if you ever find yourself facing a heavy gauge steel door with a good thru-bolted exit device mounted exit only and all you have is a single screwdriver, it really does not matter how long you take. You will not get that door open.

Oh yes, alarms. We have to remind people at home and in businesses alarms do not stop break ins except if they deter the attempt. That is why you need the little signs on all doors and windows. However, even if the alarm does not stop a break in, it limits the time on site looking for valuables. (Plus some horns are so loud and painful, they seems to disrupt thoughts too and certainly limit vocal communication between people.)


I realize I have said all this about the locksmith and the burglar. However, the tools/time/technique triangle also applies to the handyman and amongst tradesmen. A certified locksmith has the tools and techniques to open desks, doors, safes, cars, and other containers reasonably fast without unneeded damage. I do not have the same assurance for some of the people who just "do some locksmith work on the side."



--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Monday, March 22, 2010

Cars have locks?

Quick note here. I do not work on automobiles and have not done so for so long that anything I might say, might not be right. While a big part of the trade, I have to leave this to others. (If you think you are qualified, feel free to get in touch and you could be a guest writer.)

You do hear people ask why they do not lock cars up better if a 'bent bit of wire' can open them. The answer is safety and cost. In a collision, we need to have the glass in vehicles break away as a way to lessen skull damage. I know that people still get head injuries but if the glass was as solid as concrete, they would be much worse. Well, since all glass breaks the same with a sharp metal tool or a rock, a thief can get your iPod or camera quickly. Since that is the case, the car companies have generally created door locks to act as tamper seals and keep 'snoops' out of the vehicle body. They are mounting in a single layer or sheet metal and that fails about as easily as the glass. To keep the vehicle from being moved, they have invested in better locks and technology inside the steering column where it can be protected better and where electronics can interact with the vehicle control computer.

Oh ... getting back to the 'bit of bent wire' comment. There was a time 30-40 years ago when 2 or 3 tools would open any vehicle. That time is long past. The kits are not up to 40 tools and while you see only one tool, the locksmith only took that one out since the rest are for other makes and models. It is often easy and it is often not as easy as it looks.

--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Classes of Key Blanks

Whenever we in the trade talk to a commercial customer, we ask what level of keying they want. Often we can make a reasonably good guess knowing the nature of the business and what is locked up. Such conversations often turn into descriptions of different levels of security for key systems. With that, I thought I should explain the classes of key blanks out there.

Open Stock Keys
These are key blanks anybody may buy. Locksmith have them but any retail hardware store can buy them as can property managers. I want to break this group into four smaller sets.

'Common as dirt'
Everybody has these. Everybody. Why not? Everybody had a lock which uses them. Here in western Canada, Weiser has the majority of the household market. I would guess over 90% of homes use this key. You can identify it with the name Weiser on the side, the letters WR5 or WR3 on the side. The other common house keys are KW1 and SC1. (All the cute keys with puppies or symbols or sports teams or a billion other things printed onto them are one of these three keyways.) In my opinion, they are too common since there are mathematically less keys than there are houses in even a small city.

'Readily available'
In this group of keys, the hardware stores still stock them but the wage staff may have to look twice to realize it. The blanks are common but not in the top 3. Examples of these would be the Yale Y1, Schlage SC7, Corbin CO88 and Sargent LA. I would say under 100 blanks make this group.

'Locksmith stock'
Always fun to have a person walk into the shop and ask if we cut keys. Behind us on the wall are a few thousand 'common' blanks. Some are older and some are just rare. I would give names for some but if you are not in the trade, it would be just so many strange codes. Ahhh ... why not. Remember the Sargent LA mentioned about? Well, I was only talking of the 6 pin version as readily available. There are also 5 pin and 7 pin versions. But wait ... that's not all. Sargent had a family of key blank which start with L such as LB, LC, LE, LF, LG, LJ, LK, AND LL. Confused yet? They also make a family which starts with R which has just as many keys. However, to be clear a locksmith would not stock ALL of these but will have the knowledge and reference books to know they exist. Many of those belong in the next category.

'Hen's Tooth'
These are the blanks which are open stock but are so rare they might as well be the teeth of a chicken. You will phone every wholesaler you know trying to find them and are happy when you can get a bag of 10 in 6 weeks. They are never cheap. Your customer may have only wanted 2 but you price them to recover the cost for all the blanks on just those keys because until this same person comes back, you will just be dusting the others. An example in this group are the DOM sectional cabinet locks which are found in European import furniture. We see them with 2 rare keyways and 28 'hen's teeth' keyways.


Restricted Keys
These are key blanks which are only available within the trade and are controlled to various degrees.

'Contractually Restricted'
These blanks are only sold to locksmith shops once they make a commitment to follow some rules. While there are variations in the terms, this usually means you will not sell uncut blanks, you will stamp the cut keys so everybody knows where they came from and you will not duplicate keys from another shop even if you have the blank. (If you are found to be cutting the keys from some other shop, your supply of that blank may be cut off.) This is security by contract and anybody who breaks it risks only civil penalties.
Many of these blanks will have a brand name printed but nothing else. They have keyway part numbers but not that the end user can see. These keys are not high security and the locks they work in are not high security.

'Patent Controlled'
If a key interacts with a lock in some special mechanical way, then a utility patent can be granted and only that company can make and distribute the blanks. These are the high security keys and locks. The downside is that patents run out and then the security starts to decay since others may make the blanks. However, until that time each company can control the blanks and limits them in various ways. Most commonly each locksmith shop will have a keyway but that same keyway may repeat in some other location perhaps a few thousand miles away. They tend to be very wary of saying how many keyways they have in production but seeing some of the other brands it will be well over 100. Additionally, they will not tell you who else uses your keyway or how close they are. If you pay enough money, you can get an exclusive keyway.

These keys are almost always marked 'Do Not Copy' or 'Do Not Duplicate'. While nice, it matters little. Only the shop which has that blank can mechanically copy it. However, the risk is much higher than for the simply contract controlled keys. The maker will pull the right to cut any of those keys and for many shops this will quickly dry up the cash flow for the business. (Locksmiths also live on 'reputation capital' and of you betray trust, it hurts the business fast and bad.)

Does the manufacturer have to supply to the locksmith shops? No. Some keys are factory controlled. You order keys directly from the factory and so the cost is higher and the supply line slower. However, the control is better if you are willing to pay the price. When you become the warden of a prison you will get to order keys using this process. I know not of any other type of place using this class of keys but there may be a few. (A variant of this is when you buy rights to a keyway from the maker and then direct the factory to ship the blanks to a locksmith shop of your choice. You own the blanks but the shop does the cutting.)

---
A few last thoughts should be said on automobiles. Everything above can be said about automobiles for those which do NOT have transponders in the blank. Once the transponder is in use, the key is more like an access card for a building. This means all the physical keys for your vehicle are the same but the digital code used by each key is different.


--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Saturday, March 20, 2010

Using Google News ... Toddler trapped in lolly machine

I love Google News. It does find the best stuff!

Having done a search for the word 'locksmith', the search is repeated once a week and I am sent results by email. In a quick scan, most have the word 'locksmith' in some incidental fashion but some are a bit better. This made me smile. From the picture it was just a matter of picking a tubular but not really clear. Either way, I would tell about this call the next morning over coffee! I am sure the locksmith involved laughs at it too.



Toddler trapped in lolly machine after climbing in for sweets


An Australian toddler was so determined to help himself to sweets from a lolly machine that he climbed through the tiny dispensing hatch, ending up imprisoned inside four walls of glass.

Cohen Stone, 2, climbed inside the claw grabber machine in an Italian restaurant, where his mother, Kyra, 24, had brought him to celebrate a friend's birthday.

Kyra, from Perth, in Western Australia, said: "I had been playing with him in the children's area but took my eye off him for two minutes as the food arrived at our table.

"When I turned back, he was inside the machine. My first thought was "Oh my God."

"I just couldn't believe what he had done in that space of time. He was there one minute, inside it the next, like a magician's trick.

She added: "The hole was tiny. I have no idea how he did it. That's when I started to panic. I didn't know how I was going to get him out."

A local locksmith was called to Siena's restaurant to free the little boy, who was released 45 minutes later.

Mrs Stone said she had trouble convincing her husband the story was true.

"I phoned my husband Calan but he thought I was joking. He kept asking me to repeat what I was saying. It was only that I was so upset that he realised I was not having him on," she said.

She added: "I took the video of him when he was calm and after I knew we were able to get him out.

"I'm glad I took photos now - even though I was panicking at the time. No one believes me until they see the video and it will make a great story."

Siena's has now removed the machine from the restaurant and has given the Stone family a £30 voucher.

Friday, March 19, 2010

"Tricks of the Trade"

I hate this phrase. I have been told my hatred for it is irrational but perhaps you can join me in banishing this from the language forever. I am not overly optimistic.

"Tricks of the Trade" seem to fall into two groups. The first are those which are simply things every professional who knows his or her craft should know. They are not tricks. They are skills and job expectations.

An example of this might be to read the depths of the cuts from a sample key using calipers and then reading a cut table to find the closest standard factory cuts before pinning a cylinder. You could just take a LAB pin kit with pins in increments of 0.005 and visually drop in pins to get to level on the plug. (If you are not a locksmith, this will mean little to you. Sorry.) You could. However, you were given a sample key from a group of keys already in circulation. It could be high or it could be low or it could be some of both. (Ponder that, a key can be some of both.) When this lock is installed, some of the other users may have keys which are higher or lower. You do not know. If you find the factory standard, that is the key which was used to copy all those others and it will be workable or at least that is the best odds. Should you later cut a key by code, you KNOW it will work.

To look beyond your own nose, here is a different example. I saw a panic exit device installed by a contractor and while well done the construction marks were visible in places beyond the bar on this steel door. They were very visible in black felt pen. No painter who has to work on this door later wants to deal with that. Pencil is covered in one coat but the felt lifts up and can be seen through the paint. It is not a trick of the trade to use pencil, it is good practice since nobody wants you to make the work harder for the next person.

There! Two quick examples of knowledge you should know just as part of your trade. I could go on. I have four years of trade classes and years of work to find examples.

Now for the other kind of 'trick of the trade'. It is usually some action which is trying to save time or materials. It is a short-cut which produces inferior work and sometimes the person doing this knows it and sometimes not.

Self-tapping metal screws. Certainly quick to install but when they are not provided with a fire-rated exit device, the rating is toasted if you substitute the fasteners. Is that the end of the problem? No. Self-tapping screws do not have the hold of tapped in bolts. If an exit device is not fire-rated due to being on an exterior door, then it has a vital security role and for it to work well, the screws must hold onto the door as best you can. Self-tagging screws are weak when installed and some of the thread gets chewed away every time you need to pull the hardware for routine work like changing the keying on the lock.

Do not get me wrong, there are places for them. Also, they do come in various grades and specification. Used appropriately would be on parts with no relative rotation or shifting shear. In my opinion, they work fine for holding a push plate or a sweep.

Another 'trick of the trade' which bothers me is making a key fit better by filing the top of a plug and/or reaming out the chambers. (We have all seen it.) Again, it has its place in rare occasions where a single later of keying is in place and probably always will be. Places which are keyed but really have low security standards for this door like the front of some apartment building. When you are there late at night since the worn out SC1 mortise cylinder had started to have the pins rotate and jam rather than lift you have no choice but to supply a new cylinder with new pins. However, it is an open stock key and you know there are, at least, two keys per suite and you can not test most of them. If you are strict and find the factory code you know you will orphan many of those keys and make no end of problems for the building management. (If they understood the problem and wanted high security, they would never have had an open stock key.) So you file the plug and drop in pins 5 thou short. The shorter pins allow for high cut keys and the flattened plug allows for low cut keys. Some keys may be so extreme they still will not work, but most will.

The next step in a decision like this is to inform the management. You have softened the keying up so most of the tenant keys will work. If any one key fails later, it is not the locksmiths problem. It is not a call back. I check they have a supply of working keys to just quickly substitute keys which do not work. Again, these last customer service points are what separates a professional doing good service from somebody just going fast. You served the customer needs but also provided information about the loss of security.

Feel free to disagree with my examples but tell me why. Is there some other description of a 'trick of the trade' which you do not think this covers?

--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Thursday, March 18, 2010

Security Maxims -- A must read.

I was sent to this while listening to the Security Now podcast about computer security. (It is available off iTunes or you can go to grc.com for more information.) I was struck by how much jive there was between computer system security and the physical security I deal with daily. The Security Maxims were written by an analyst for the US Department of Energy looking at nuclear power facilities. Upon reading, they have relevance and I hope to illustrate some of them later with some examples.  A link to this list is on the side.

As a teaser, here is one.
Gossip Maxim: People and organizations can’t keep secrets.

Think about that a bit the next time you are changing the combination on a safe and the staff find the new dialing hard since the old code has been in use for over 5 years.

--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Tuesday, March 16, 2010

Silly Exercise in Master Keying Desks

I have been looking back at notes from jobs I have done years ago and this post derives from that job. It was an office with file cabinets using IN8 keying which in these parts is most all of them. Some technician had set this up before me. I just had to add one more cabinet to one of the changes. While not a robust solution to the problem it was kind of neat to see.

First the background on this keying system. They are five wafer locks with each wafer being one of three possible sizes, namely 1, 3, or 5. When you move to the keys, you can use the powers of 3 to get the number of key combinations. The MACS (Maximum Allowable Cut Separation) is 4 which allows a 1 and 5 to be adjacent. The only 'rule' which strikes out key codes is the 'flats'. You can not use the key 11111 or 33333 or 55555.

So how many keys are allowed? 3^5 - 3 = 243 - 3 = 240

In practice, you should exclude the pullout codes too. These are code which step down or stay flat on successive cuts from the shoulder. After a bit of wear on the key and the lock, the key may pull out in any position whether the lock is relocked or not. The list is a bit long, but it would include such key cuts as 11335 or 13355 or 11115. The flats above are also pullouts. If you write out the full list you should get away from the computer more! However, be that as it may there are 21 pullout keys which should not be cut.

This leaves 222 good practical keys.

Now to master key with just this simple system. (While I wrote notes on this trick when I saw it, I did not record the real key codes. So I get to invent some here.)

The Master Key is A with cuts 31135.
There are two simple change keys.
A1 is 35135
A2 is 31535

The cabinets locks have a wafer dropped out which I will show with an X.
Cabinet 1 has wafers 3X135. This allows both the master and A1 keys to work. The keys share 4 cuts and in the space which is different there is no wafer at all.
Cabinet 2 has wafers 31X35. This allows both the master and A2 keys to work. The keys share 4 different cuts than above and again in the space where they differ there is no wafer. If you insert key A1, it will not turn due to having a 5 cut in the second position when the lock has a number 1 wafer.

Cool huh? Not really. This decreases the security of the lock by decreasing the number of wafers in the lock. (This is a bit minor from a picking point of view as I can pick this group of lock in under a minute in most cases.) Also, of the 222 keys above, 3 of them will open one of these cabinets. One is the master key, the second is the change key in use and there exists a third key which will also open it up. This is trivial in this situation really.

How far can I push this?
There is a 6 wafer version of cabinet locks and you could drop out one wafer at a time. This could be charted as follows with the wafers given in brackets after each key.

Master A is 131353
A1 is 331353 (X31353)
A2 is 151353 (1X1353)
A3 is 135353 (13X353)
A4 is 131553 (131X53)
A5 is 131513 (1313X3)
A6 is 131351 (13135X)

Gosh, was that tough to type! Imagine writing code tables by hand all day!

Can we push this further? As I show it here, it looks like you can give unique keys to only as many locks as there are wafers in the lock or cuts on the key. The mathematics gets more messy, but you can drop out half the wafers at any time and cycle through all the possibilities and generate more keys.

This is pushed even further in one line of high security lock you may never have seen. It is factory controlled and used in places like prisons. By using a system very similar to this, they can set up a master key with over 1 000 000 keys under it. (I was just now trying to find the actual numbers on the web and could not. I may update this post if I find it.)


--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Sunday, March 14, 2010

Just a 'normal' lock

When I hear somebody say they want just a normal lock, I have to put that in a context they can not. Firstly, I need to know if it is a home or business and if they want it on a door or something else.

I guess I should deal with the homeowner first. They mean normal as in common and that means an entrance set. It has a key to open it from the outside and the inside knob is always active. Also, on the inside is a button or some other method to lock the outside knob. These are the door knobs which allow people to lock themselves out of the house when...
... take your pick here cuz we heard them all ...
(a) walking the dog
(b) getting the post
(c) going to the corner store
(d) hanging out laundry
(e) or any number of other minor chores.

We know by normal the homeowner probably means common and does not mean good. Mostly these locks do not meet the fire exit standards for commercial locations since the inside knob is often locked when the outside knob is locked and a two stage process is needed to unlock it. Also, the lock sits within the outside knob connected to the door by a spindle of about 3/4 of an inch. These 'normal locks' fail when hit with a hammer or grabbed with a pipe wrench. (Since the latch is so weak, the door is often forced leaving the knob alone. Thieves are sometimes efficient.)

This gets us the lock function as we say in the trade call it. It does not say what style it is and for that you need to see it. There are just too many to do a match any other way if that is valued by the customer.

Increasingly, new houses here have deadbolts over passage sets. A passage set is just a knob used to hold the door closed in the wind and the security function is given solely to the deadbolt. Given a chance, this is the way to go. Additionally, get a lever set to do this. If you place your hand on most knobs you can easily hit the weatherstripping. We learn to hold our fingers in and after a while habituate that as a coping mechanism. Get a lever. As soon as you get any arthritis in your hands you will be happy you did.

If somebody wants a normal lock for a file cabinet, you have to see it. If somebody wants a normal lock for a desk, you have to see it. A normal lock is not so normal after all.

I guess I should say about businesses. The fronts of stores have common locks too. They are almost always Adams Rite MS bolts or latch locks or import clones of these since they fit in the same holes in the doors. Also, these locks are in three common sizes and are not interchangeable so you have to see the door to know which size. (A bad after hours call is when you have a failed lock of a non-standard size. The kinds which you know are not even in the warehouses in town tomorrow and certainly not in your truck tonight.) The actual cylinder which goes into a storefront is a bit easier to know. If you talk to the customer and it is a glass door with an aluminum frame, the cylinder is a mortise cylinder and they are generally interchangeable. Common here means SC1 or SC4 ... a Schlage or clone. This is basic or standard security but is fine for many applications.

Late again. I hope I have said something insightful.

--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Thursday, March 11, 2010

Nod to the Camera in my Phone

At one time, I bought a camera just for my van. Based on the advice of a reputable store it was a simple point and shoot 35mm with a simple flash. It was the workhorse for real estate agents. And in keeping with that, I stocked it with fast film of 8 frames to the roll. If I did a safe job or needed to document anything else, I could grab some shots and have the film off and developed by the next day without wasting too much film. Also, it could sit in the van, get cold and still work -- something digital cameras do not do well mostly due to the batteries. I am unsure if I will ever use it again and they no longer stock the 8 exposure film where I was buying it.

Since then, cell phones have included cameras and the picture quality is mostly acceptable. With practice you can document most difficult hardware and since I always carry it, it is handy and stays warm enough to always work. At this time, I have a Motorola i580 phone with a 1.3 megapixel camera. Full resolution pictures are 1280 by 1024 pixels and run just under 100 KB depending on content. Even better, the photos are moved to a microSD card and can be moved off to any computer with any reader and the holder for the micro card which makes it fit into a standard SD slot. You can also email them off the phone but the handshake is unreliable and you sometimes get 3 or 4 of the same item at the far end since the phone was not told by the server that the server had the whole attachment. I have mostly stopped doing this. (I never was given a price per photo when I did email them back to the shop. I hope it did not cut into my Christmas bonus!)

Why take pictures you ask? Just do the work!!!
Sometimes they are critical to document what the door looked like when you arrived when all the client booked was a simple key change. Other times, you need hardware to match what is there. Of course, you have to leave the lock on the door since it needs to secure now. It amazes me companies will make glossy advertising and slick web sites for expensive hardware and not label it with a brand or model somewhere. Here is a nice example. The client is taking over the rest of the floor and wants the same looking hardware in the new doors. I was sent to see it before ordering. No name at all. I know from experience it is probably European. You draw a sketch and take a photo. The next day it is the shop managers problem.


Its not art. LOL.
Its a tool to help me do my job.


Perhaps another day I will pick up on some sketching techniques.

--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Wednesday, March 10, 2010

Don't say 'Break in'. We 'open up'.

In the trade, we do not break into cars or houses or safes. We open them up. They were locked and now they are open. Ideally we do no damage but as the locks get better some damage is required to happen. As a professional, you limit that to parts which are available and can be replaced readily. (This can vary from $20 for some simple storefront cylinder to over a thousand for a sophisticated safe lock. It is very relative.) Of course, the time to pick a lock or the time to drill or bypass some other way is all billable. You try to limit the clients bill and so parts cost has to be balanced against time on the job.

The criminals who do break in, break anything to get in. Windows, frames, handles, hinges. They are not gonna repair it. Then I get the 2 am phone calls. For them, speed to get in and out is paramount. Damage is unimportant.

--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

Tuesday, March 9, 2010

What is a good lock for my house? Part 1

This is why I hate some cocktail parties. If you 'confess' to being a locksmith you get asked by well meaning people that question in various wordings. The problem is there is no easy answer.

I guess I should start with a simple one. Every door on your house should have a deadbolt with a 1 inch bolt throw. This means if you open the door and extend the bolt it should extend 1 inch or 2.5 cm out of the door. Locking knobsets do not count for home security any more and possibly never did. Deadbolts count in part because that is what your insurance agent asks for door locks.

What gets more complex and yet just as much a problem is what door you have to lock up. I have put a deadbolt into a door in a 1928 house. The wood AT the edge was GREAT. However, set into the middle of the door were floating panels. They allowed for expansion and contraction in heat and humidity. The problem is they were clearly an 1/8 of an inch thick or about 3 mm. You could punch through them much like glass. Is that door more secure now? It does meet the insurance company requirement.

Directly beside the deadbolt is the strike or hole which the bolt moves into when the door is closed. This is a metal square screwed into the frame. And sometimes it is more screwed and sometimes it is you who is getting screwed. Let me explain. At the top end, the strike is held into a metal frame filled with concrete. However most houses have wooden doors and frames and the strike you see is held by wood screws. Some have 4 screws with two long ones going into the wood frame of the house and two smaller screws just holding the strike flat. (Door frames are made of soft woods so they can be fit into position during construction and they take paint nicely. Door frames are usually less than one inch or 2.5 cm thick with a small air gap before you encounter the wood frame of the house.) At the worst, the strike is held by two small wood screws which only grab the soft door frame. I have seen new construction where this little plate was with the locks should they be installed in metal frames. However, the developer wanted to move fast and these go on FAST. So the people who bought the condo had a good look on a good door but a weak strike. (They would have thrown out the good strike which came with the deadbolts.)

Another day, windows!


--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/

First post ... the introduction.

This post marks the launch of yet another blog about locksmiths and locksmithing. I hope it can be of help to a few different groups of people. I hope to make it clear at the top of each item to whom I am speaking. Some items will be directed at the occasional retail consumer of locksmith services. Others will be of more value to big commercial property managers or institutional clients. Yet others will be written toward other locksmiths be they apprentices or 'veterans'. I have even found a few topics which speak to other trades and governmental regulatory bodies.

It must be said that I am NOT writing with opinions of my employers. While I am proud to work for this company I shall not be naming it. Also, I belong to several trade organizations and while I may mention them, I am not a spokesman for them either. I just hope that a year after publishing any one item here, I still agree with it.

I guess the summary is that I am a middle aged male with some insights and enough ego to commit it to paper. I hold a Bachelor of Education in Secondary Physical Science and Mathematics from the University of Alberta in 1987. While teaching, I was also the Chief Judge for the Edmonton Regional Science Fair for several years and the Chief Judge for the Canada-Wide Science Fair in 1999. I am also a Certified Journeyman Locksmith from the Red Deer College programme in 2006. I wish to continue to learn. Join me in this quest.