1. Home
  2. 🔒 Lockmithing and Lockpicking Discussions
  3. Why are most masterkey systems still totally insecure?

Why are most masterkey systems still totally insecure?

Some time ago a computer scientist named Matt Blaze wrote a rather informative article on some rather serious flaws in common masterkeying systems. Specificaly the flaw described by Blaze enables a relatively unskilled person to make a masterkey for the system in question based on nothing more than unrestricted access to one lock in the system. e.g. a tenant in an apartment complex making a master key for the complex from nothing more than the master keyed lock on his own door and posession of hie own key.

The Matt Blaze paper can be found linked to here:

formatting link
The question for the locksmiths is:

Why are these masterkey systems not only still in use but more of them being implemented every day when they are fatally flawed? Do you not have an ethical obligation to your customers? Why should you not be liable in civil court when systems you install which are known to be insecure are compromised?

Reply to
Tim Mathews
Loading thread data ...

This is an obvious flaw. I figuared most of this out on my own before I read this article. Anyone who works with masterkey systems could figuare this out. Its not the easiest thing in the world for an inexperienced criminal, but with time can be learned. I recommed to more and more people to go with digital security to eliminate the mechanical aspect of security, but so many millions of places still employ pin tumbler locks who require different levels of security access. It becomes more the responsibility of workers, co-workers, security personnel to keep an eye on their location. Maybe this wasn't the way it was originally supposed to be, but welcome to

Reply to
Erik

It may have been somewhat obscure for a while but it certainly isn't now.

I recommed to more and more people

The problem is still that such an insecure method was implemented to begin with.

It becomes more the responsibility of

That's because the flaw should have been fixed decades ago. If it had been millions of locks would not be effected now.

As far as liability goes, if a MK system is done right, then someone

That isn't the method Blaze describes.

As soon as an individual starts to investigate, impression a lock, open

Why not? Their job is to keep people out. People are sued for incompetence and negligence all the time. If as a locksmith you install a system which is known to be not only flawed but seriously flawed that is negligence.

That is however why locksmiths are bonded because you

Reply to
Tim Mathews

How many locksmiths DO GET to install a system new? I know of none around me for 40 miles..and that covers 50 'smiths.. When the building is built- they already get the locks from the hardware supplier. and no keying chart usually.. I got an existing 165 door building and NO pinning chart.. thats the norm.

--Shiva--

Reply to
me

^What a mess. And to add, if you are speaking of the BEST system itself, it is not usually sold to independent Locksmiths.BEST sells their systems and equipment to END USERS. Now that said, I will state that a rep from the BEST company told me of a Locksmith who did sell some BEST products.

goma.

Reply to
goma865

It all comes down to money. The customer is the one that decides how much security they want. When hotel and motel guest security was being compromised by loose key control they spent the bucks and went to disposable card keys that would not work after a guest had checked out, and maid keys could be disabled if lost with a few simple strokes of the keyboard.

Reply to
Roger Shoaf

sure, some small jobs its more cost effective.. college to my east lost a great grand master key to a 7 pin Best supplied building.. $16,000 for new cores and keys to replace every lock in the building..plus air freight.

--Shiva--

Reply to
me

PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.