Flutterby™! : Lockpicking hobby backlash

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

Lockpicking hobby backlash

2008-07-21 16:21:43.647564+00 by Dan Lyke 2 comments

Locksmiths feel threatened by hobbyist lock pickers:

"This is a skill that can do a lot of harm," says Paul Bentley, president of the Association of Ontario Locksmiths. "That's why we kind of protect it."

Yeah, because security through obscurity and suppressing information about exploits works so well. Sounds to me like there's an industry afraid of being exposed as snake oil salesmen. Via.

[ related topics: Cryptography ]

comments in ascending chronological order (reverse):

#Comment Re: made: 2008-07-21 16:40:59.389013+00 by: JT

This is where hobby pickers can brush up against the Criminal Code. Under federal law, anyone caught carrying a "break-in instrument" and an intent to use it could receive 10 years in jail.

I'd imagine proving intent in Canada is just as hard as it is proving it in El Estados Unidos. I've always been a fan of open-source projects because of a few things, first and foremost is peer review, a handful of people to thousands of people can look through your code and tell you what's great and what they would have done different. In the end, the code seems to be better and stronger for it. The other reason, and I'm sure meuon can vouch for this, is that I can break code in amazing ways that make no sense to the people who actually write it, which lets a huge testbed of people play with something, break it, then say how they broke it.

Applying this to locksmithing, it seems that keeping trade secrets in some cases could be very important, however, in the case of Medeco, once your secrets are out and your flaws are shown, denying they exist and plugging your ears while singing "la-la-la-la" may not be the proper way to deal with the problem.

#Comment Re: made: 2008-07-22 01:00:51.445288+00 by: mvandewettering

I bet that most people here have heard of or read the work of Matt Blaze, but hist on the off chance that you haven't...

http://www.crypto.com/papers/ has a bunch of his papers. He's taught little "mini courses" on lock picking and safe cracking at hackers, using the techniques and such discussed in his academic papers. His recent work includes helping in the security review of California electronic voting machines. Good stuff.