That's right because the secret squirrels on this group treat public domain information which is commercially available to anyone who is willing to pay for it as some sort of national secret I will look up any and all codes posted to alt.locksmithing so that the general public for whom it is not economical to buy code software or books has the same information the delusional secret squirrels somehow think only they are entitled to. If I have the code in my software programs I will post the key blanks and depth and spacing info for the cuts or in the case of combo padlock codes the combo from the locks serial number. Just post your code requests to alt.locksmithing and I will post back on them within a couple days.
Disclaimer: CODED LOCKS ARE NOT SECURE. They should not be used for any application requiring true security. In the case of coded locks as with many other things the lock and locksmith industry has put THEIR CONVENIENCE above YOUR SECURITY. This information is provided as a public service. The requestor is solely responsible for how they use the information provided.
All I can say is this is a lawsuit waiting to happen.
GM got sued big time for giving out codes to unauthorized individual who then used them to steal cars. Lots of them. A whole bunch of Escalades were included.
If it were me, I would not do this. Think you can hide behind an anonymous name? Think again. When the government wants to find someone, they have amazing abilities. Personally, I could care less what you do.
Do you really think the only reason for not giving out code info is only money? Get real. Most real locksmiths are concerned about the liability as much as the money. I would NEVER post specific code info on an open forum. Give out space and depths specs? Yes. A combination from a code? Never.
"Dennis" snipped-for-privacy@hotmail.com wrote in message news: snipped-for-privacy@i42g2000cwa.googlegroups.com...
And who decided to keep codes to start with? GM. There may well be a lawsuit but the likely target is going to be the lock maker who had the brilliant ID to code their locks. The codes poster is probably a judgement proof kid who suing would be a waste of time. Compare his assets to master lock etc assets and the likely target of the lawsuit is pretty obvious. Lawyers always look for the deep pockets.
The govt doesn't have anything to do with civil lawsuits and there is no law against further disseminating information which is and has always been public domain. That puts the expense of locating whoever it is on the palintiff and considering the nature of the internet that expense can be considerable. What if he's not even in the US? This notion that public domain information, like code information, is somehow confidential or secret is nuts anyway.
Personally, I could care less
The point that you all seem to miss and the point that it looks to me that the guy is trying to make is that there is no security in coded locks to begin with. Any pretense at security was destroyed the minute codes were created in the public domain. And ANY information not protected in keeping with DOD standards for classified information will almost always become public domain. This is also the issue that all the people here consistently fail to address. Code books and programs are sold weekly on yahoo auctions and ebay. I still get promos from a locksmith supply company for code software, code machines, safe drilling rigs etc and the only thing I ever bought from them was a change key for a 3330 Lagard lock over a year ago. It's very clear anybody can buy code information. Even if they couldn't and code information was only sold to bonafide locksmiths the only way to ensure that locksmiths themselves can be trusted with code information is to make sure every locksmith in America passes a background check on a regular basis. That doesn't currently happen. The only thing he's doing is giving the information for free and taking money out of the equation. The fact that most people here will stick their heads in the sand in perpetuity to avoid addressing is that there is absolutely no good reason for code information to exist. It's nothing but a convenience for people who need to make keys for locks. There is no way to have a code out there in a database somewhere and say that the lock the code relates to is secure in any sense of the word. It's just a fantasy.
The reaction of locksmiths was pretty much the same when Matt Blaze wrote his paper on masterkeying vulnerabilities and disclosed that with most masterkey systems in use today a masterkey can easily be made based on one lock in the system. That paper can be found here:
formatting link
Locksmiths promptly freaked out and blamed Blaze. But Blaze didn't create the vulnerability. The locksmithing industry did. Virtually everyone outside the locksmithing establishment and in academia immediately sided with Blaze. This guy isn't creating a vulnerability either. The vulnerability is that the codes exist in the first place. The locksmith industry could address this problem with a public awareness campaign and make a lot of money replacing coded and other insecure locks but I predict they will continue to burry their heads in the sand instead.
Low security locks still give a measure of security. Without the internet and a-holes like found here most people wouldn't know where to find this information. We as locksmiths are well aware of all security vulnerabilities. Why would you try to help or exasserbate these vulnerabilities? Even with your code information, good locksmiths like Dennis and I will not make a key by code for a customer without some proof that this lock is in their posession. The question is, why, this is the best thing you have to do with your time?
Agreed: If you have a need for higher security, don't use a coded lock. But, for a pickup canopy or file cabinet they will work just fine. Codes were put there for the benefit of the CUSTOMER, making it easier for THEM to replace THEIR keys when lost. You are helping their neighbor get their keys. I guess, just because you can, and you think thats cool. Whatever.
again, we are well aware of vulnerabilities. Many times these are what allow us to do our job when called upon. Without pulbic knowledge of these there is not a problem. There is no reason to publish this information other than self gratification. High security lock are very expensive, especially to outfit an entire dorm. whether it is master pins, screw location, lock construction, or whatever it's vulnerability, it is still better than no lock. And, it would be even better without a-holes teaching others it's vulnerabilities (for no good reason.)
What part of the fact that code information is ALREADY PUBLIC do you not understand? I'm not a locksmith and yet I had no trouble getting code programs. None. I didn't have to say I was a locksmith and I didn't have to agree to keep the info confidential. I don't have any problem getting updates either and I got one of my programs from one of the largest suppliers in your industry. As far as the government, the govt probably doesn't give a damn because you won't find a code stamped on the front of any red label etc containers. If the government does anything it will probably be to decide that publishing code information in the first place is moronic and outlaw the practice which would be fine with me because it would force your industry to improve it's crappy security practices. Christ knows you will never do it on your own because without codes locksmiths would have to actually learn to sight read, impression, or god forbid take a lock apart to make a key instead of doing it the lazy way, from a code. The govt might go one step further and decide that all locksmiths have to actually pass a yearly background check and proficiency testing in which case your industry would really scream because I'll bet a large percentage of you couldn't pass it. .
Finally somebody that gets it. Obviously not a freaking locksmith.
Bull shit. Anyone with criminal intent which are the only people who will pose a problem will buy this info from the same damn sources you do because there are no restrictions on it. There are no restrictions on it because the lock and locksmithing industries are greedy and want to sell as many copies as they can. Additioanlly in most places there are few if any restrictions on who can be a locksmith so what good would restricting sale to locksmiths do anyway?
No you aren't. 3 out of 4 locksmiths are nothing but lock mechanics. They aren't security professionals. A security professional understands that as soon as something like code information is commercially available the information has been compromised forever. The only way around it is to either rekey the locks or obliterate the codes so they can no longer be associated with the lock in question. Most locksmiths can't even figure out something that freaking basic.
To drive your idiot industry to good security practices since years of flawed designs and systems have proven you will never do it on your own.
Even with your code information, good locksmiths like
LOL You have few locks including the so called high security locks that can't easily be bypassed. Medco? LMAO I can beat that in most applications by lifting the pins out of the way and drilling through the back of the lock and throwing the boltwork. A couple minutes. Tops. Most of your other so called "high security" locks have similar flaws. Codes are only one of your industries failings. I see somebody else has already beaten me to pointing out some of the more obvious others and asking for answers in other threads. He's just wasting his time though. Your industry is so delusional you won't even acknowledge a problem. The problem is always with the people who point out the flaws according to most of you so called professionals. Here's an idea: FIX THE FUCKING FLAWS and then you won't have to worry about people pointing them out.
Their neighbor can already get their keys. He can buy the same info you do and I did, and if he wants to steal their stuff he will because there is no way to keep commercially available information secret. Any real security professional (as opposed to a mere locksmith) knows that.
More delusional security by obscurity bullshit. You're just scamming the public to sell them an insecure product without their knowledge which is no different than any other fraud. That's not real security it's just BS wannabe security. You can't keep the flaws secret and even if you could how would you really ever know? Again a REAL security professional recognizes this immediately.
There is no reason to publish this
I didn't publish it. I bought it from the LOCKSMITH INDUSTRY which published it. Saying I published it is like saying somebody who quotes from freaking Macbeth "published" Macbeth. "Shakespere who?" "That god damn smart ass whothehellknowswho guy (or girl) said it so he/she musta wrote Macbeth."
High security lock are very
And most of them are a joke anyway.
whether it is master
No it isn't because people with no lock would know that they had no security and would take other steps. People with 90% of your industries locks have no security and just don't know it so they take no other steps.
And, it would be even
One more time: FIX THE FUCKING VULNERABILITIES then you won't have to worry about people like me because there won't be anything for me to expose.
If your industry had any security ethics you wouldn't cover up flaw after flaw after flaw after flaw and you wouldn't have to bitch and whine about people discussing what you cover up.
"soslock" snipped-for-privacy@soslock.com wrote in message news: snipped-for-privacy@m73g2000cwd.googlegroups.com...
No they give the illusion of it.
Without the
That makes it much worse. If you are aware of them you have a responsibility to fix them.
Why would you try to help or exasserbate these
I don't know what you are talking about. I haven't exasserbated anything. I don't have any code information nor have I posted any code information. That said it isn't up to everyone who notices a vulnerability to help your industry keep it hush hush.
Again I'm not helping anybody get anything. Nor should I, or anyone else, be able to be of much help in that regard if the lock manufacturers and locksmiths did their jobs properly. Real security is based on sound, tested, designs, not on keeping a myriad of design flaws a big secret.
Then, again, you should fix them.
Many times these are what
Now this is funny. Imagine if Microsoft or some other company that makes say server OS software or for that matter desktop PC software like windows were to leave all kinds of little backdoors in their code, like maybe, username:BillGates Password:billgatessureiscool, that allowed them full access, and those backdoors were to become public and be exploited as lock weaknesses are all the time. Now Bill Gates calls a press conference and says: "Well we like those backdoors, they help us do our job, and we're just going to leave them in there". Microsoft stock would plummet. Now I'm not saying windows is especially secure but at least MS for the most part fixes the exploit of the week when it becomes known. With locks you don't need an exploit of the week because the lock industry hasn't fixed problems that are half a century or more old. Ensuring computer security is really very difficult because of the complexity of modern computer systems and because of the nature of the attacks. Some kid on another continent can carry out thousands of seperate attempts to access a system or many systems in an hour all from relative safety. In order to compromise a physical security device you have to get up close and personal and take a real risk.
Without pulbic knowledge of
This is absurd and shows a complete lack of logical thought or understanding of security in general. How do you know if there's public knowledge? What if there isn't 'public' knowledge but just widespread professional criminal knowledge? Is that better? Why are locksmiths any more trustworthy than the general public? Some undergo licensing but many don't some probably undergo background checks but many don't. As a gun owner I undergo a background check every time I buy a gun from an FFL holder, which is at least once a year, based on that I submit that I am a lesser security risk than any locksmith that has not had to undergo a criminal background check.
There is no reason to publish this
I don't see where self gratification comes in. The poster freely admits that they simply bought the information and are disseminating it. I don't see anything especially clever about that other than that information compiled by your own industry is being used, pretty effectively, to provide an example of why SBO, which is clearly the darling of your trade, doesn't work. You're complaining about it but you can't stop it so someone you have no control over is rendering SBO at least with regard to lock codes essentially useless. Their motives are irrelevant. The relevant thing is that 1. They clearly have code information. 2. They will clearly provide it to anyone who wants it. 3. You can't stop them from doing it. 4. Your industry obviously failed, miserably, to control the information it compiled.
High security lock are very
Yet virtually every hotel and motel in america has gone electronic. Those may well have flaws I don't know about, and experience has certainly taught that we wouldn't find out about those flaws from the lock industry, but virtually every hotel and motel in the US also has a deadlock that provides another layer of security. On the subject of dorms college students have always been notorious for being quite clever at producing illicit master keys. College campuses would make an ideal real world testing laboratory for the security of high security physical security devices as well as electronic access control. The lock industry should give hefty discounts with that in mind, that is if they really care about the security of their products.
whether it is master
Cost etc are really just excuses. The only reason there is now such an expense involved in replacing flawed locks and lock systems is because the lock manufacturers and locksmiths used flawed devices and systems for so long, increasing the number in use by millions over what it would have been if flaws had been fixed as they became evident. Now the problem your industry created becomes the excuse for leaving things as they are??? Sorry but that is not logical. That's the same badly flawed thinking your industry has used from the beginning and it's responsible for the problems that exist now. So the 'solution' of locksmiths and manufacturers is to keep putting more flawed locks on the market?????? I think you are going to find before long that flaws in physical security devices, the public has assumed were secure, are going to be made more and more public and there is going to be a backlash. The trial lawyers will realize there is a lot of money to be made and locksmiths and lock manufacturers, who after all are supposed to be the experts, are going to find juries very unsympathetic when they see a demonstration of how the lock they have on their own front doors can be popped open in seconds. They are going to want to know 1. Why they were sold such a blatantly insecure product and 2. Why, if the industry was going to sell them such junk, it's weaknesses weren't disclosed to them. The industry, for it's part, is going to have no good answers.
Well, if you're still providing this service after all this self rightous hoo ha I would really appreciate these two chrysler codes m1987 & m1995. My laptop with codesource conked out and I don't have six hundred extra dollars right now. Thanks
Number f****ng 1 it isn't my "hoo ha" ya quoted and I'm the one with the info you want.
Number 2 babbling insults at or about the person you are requesting a free service from isn't very f****ng bright. If not for that incredible attack of stupidity you would have the information right now. Moron.
I would really appreciate these two chrysler codes
My laptop with codesource conked out and I don't have
For that code series the doors and trunk should have cuts 2-8. If you decode one of those cylinders you can progression space 1 in the ignition in no time. Where did you get the code? Is it stamped on the lock?
PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.