Lockpicking - by Deviant Ollam
slides
resources
videos
picks & gear
availability
games
press
bio
Lockpicking - by Deviant Ollam
slides
resources
videos
picks & gear
availability
games
press
bio
Videos of Presentations & Advisories
 |
Distinguishing
Picks This was the first time i ever presented my "Distinguishing Picks" presentation in English. While seen earlier at ekoparty, i was looking forward to showing an updated version of this talk to US audiences, and there was no better or more American a venue than the first DerbyCon in the heart of Kentucky. Bourbon was involved. |
 |
Safe
to Armed in Seconds: A Study of Epic Fails of Popular Gun Safes This talk is an in-depth evaluation of some of the most popular small firearm lockboxes in-use today. Some rely on mechanical locks, others on biometric locks, and some offer a combination of both. But overall, they tend to fail miserably in the face of any dedicated attacker. Your favorite gun lockbox might be preventing your toddler from having an accidental discharge, but it's probably not at all likely to repel a criminal or even perhaps a curious teenager. Means of both attacking as well as improving upon the lockboxes you already may own are demonstrated, and audience members were invited to participate in all sorts of attacks... live and on stage. |
 |
Here's
to Fail Officially this was the latest incarnation of my "Ten Things You Need to Know About Lockpicking" talk, but at the end i threw a change-up and tried making some more big-think points for all the high-level types in the room. It's important to remember that all security is doomed to fail eventually, and it's simply a matter of how well your defenses can Resist, Recognize, and React to threats that makes all the difference. |
 |
How
Secure are Electronic Locks Babak and i filled in at the last minute when one the speakers at DeepSec canceled. They had been expecting a talk about electronic locks, and we did our best to put a talk together with little prep time in order to show the attendees the state of most research and attacks regarding electro-mechanical locks on the market today. |
 |
Why
Physical Security Matters In November of 2010 i had the terrific opportunity to address a large room of government folk at the GovCERT conference in Holland. Individuals from TOOOL.nl were there with me, demonstrating various lock attacks and running a great Lockpick Village to give the attendees some hands-on fun! Big thanks to Jos Weyers for his incredible on-stage impressioning attack and also to Barry Wels and Han Fey for running the hands-on area with me each day! |
 |
The
Four Types of Locks I gave my "Four Types of Locks" presentation to the Fed and Suits was up North in Canada in the hopes of getting decision-makers in our neighbor to the North to think critically about physical security and infrastructure protection. |
 |
The
Four Types of Locks It had been years since my last visit to Ann Arbor and i was very pleased to return. The folk at the SUMIT conference thought that the inclusion of some Physical Security content made a great addition to the other talks about policy, cyberwar, and the cloud. |
 |
Distinguishing
Picks Perhaps my favorite conference in South America, ekoparty is always a great time. This year i tried a new topic, a discussion about the wide array of tools on the market, how to best categorize them, and how we might work together to name them consistently. NOTE - this talk was presented in Spanish. |
 |
Master
brand Anti-Shim Padlocks Lately, the Master Lock company has been adding shim-resistant features to the retaining latch inside of their combination dial padlocks. While this does indeed make the process of shimming much harder, it is not impossible. This video shows how the new features work and how to try to bypass them. For proper security, your best bet is still some manner of double-ball mechanism. |
 |
The
Search for the Perfect Handcuff Key Did you know that although there is a “standard” size and shape for basic handcuff keys, every manufacturer has variations, special features, and sizing issues that make creating a single, universal key quite difficult? In our talk, we explain how to create this type of "ultimate" key that opens all major brands of handcuff, both in the United States and elsewhere around the world. We have the math, we have the means, and we demonstrate to everyone how to obtain the best handcuff key they might ever own! |
 |
Hacking
Hotel Locks This was the replacement talk that Babak and i put together at the last minute when Barry and Han could not attend the HOPE conference in 2010. Everyone was very kind to us and we had a lot of fun sharing some of our Dutch friends' material as well as some new interesting content of our own. |
 |
Wicked
Cool Shit About Handcuffs This
is the first version of TOOOL's biggest and best handcuff talk, given
by Dr. Tran, Dave P, and Deviant Ollam at CarolinaCon 2010. In it we demonstrate
a number of fun handcuff escape tricks, explain weaknesses in various
models of restraints, and showcase the new TOOOL "Universal Cuff
Key" while offering detailed instruction for the attendees on how
they can fabricate one... |
 |
Kwikset
Smart Series Smasher Tool People like valanx have already done a pretty thorough job of demonstrating how vulnerable to attack is Kwikset's latest design... the "smart series" door lock. However, an attack about which i recently learned is one which simply crushes the plastic "re-keying" internals... it's destructive, unsophisticated, and outside the scope of what i do with TOOOL and the sport-picking community. It also is much more effective on early generations of this lock... Kwikset has revised things and uses harder materials in newer models. Still, the implications are pretty staggering, and i felt it prudent to describe and demonstrate the issue, given that the attack tool is commercially-available. |
 |
Schlage
Primus Bump Key Attack Everyone thought it couldn't be done. Most authorities and references you care to consult on the matter actually recommend Primus locks to protect you from bumping. Hell, even i would mention them all the time in my presentations. Well, as it turns out, you can bump a Schlage Primus lock. In addition to being a terrific (and fun) proof of concept, we were able to determine a terrific way of preventing nearly all conventional bump key attacks... and that is with the use of new anti-bump pins being developed by ilco. (secondary link here) |
 |
Better
Uses for Your Basement than a Meth Lab At NotACon 6, Shane Lawson of the FOOOLS gave a terrific and entertaining presentation focused on inspiring people to use the simple and inexpensive things around them in order to create tools, projects, and fascinating results on a hacker's shoestring budget. I also did a segment on "lockpick alchemy" in which i explained how to take inexpensive picks made of cheap spring steel and heat treat them in order to yield tools of higher quality as well as greater durability and stiffness. |
 |
Kwikset
Smart Key Decoder Shane Lawson, an expert in many fields of security technology and one of our fellow lockpicking enthusiasts in the sportpicker/hobbyist community, was inspired by my Gringo Warrior setup to inspect the newest design of the Kwikset brand of locks. What he discovered was astounding... practically none of us could believe him when he said how simple their "security" mechanism was and how it operated. This is a talk that he prepared to show us just how easily the new Kwikset Smart Series locks can be compromised. |
 |
Handcuff
WTF Babak and I wanted to say thanks again to the MetaLab crew for such a great time while we were in town for DeepSec. I had rolled footage of our talk about handcuffs and even shot some great clips of people picking and bypassing such restraints after we had finished our presentation. I edited everything together into a pretty sweet little video. The talk runs about 20 minutes or so and the 5 to 6 minutes of hands-on footage at the end is, if i do say so, pretty fucking spectacular. It really captures the mood and style of people at the MetaLab. Thank you all, we'll see you again soon! (secondary link here) |
 |
DEFCON
Lockpick Village This is some footage of the various lessons, contests, obstacle courses, and other fun activities that we had going on in the Lockpick Village at DEFCON. The staff gave us a double-skybox and damn if we weren't packed full of people for the whole weekend. It's really wonderful to see everyone come out to have a fun and educational time! |
 |
Military
Padlocks Han Fey shows off some of the finer specimens in his collection of high security locks by demonstrating the ins and outs of the locks that secure tanks, munitions, and other materiel. |
 |
Paper
Padlock Shims Many of you have seen footage and instructions concerning my famous "beer can padlock shim"... but how many of you have ever tried shimming with other materials? I've successfully used items like plastic drink cups, and as this video will show... even paper can work if the lock is of significantly cheap construction. |
 |
Gringo
Warrior Closing Ceremony This was the prize ceremony for the very first version ever of Gringo Warrior which made an appearance at ShmooCon Four in 2008. We had a lot of good participation and it was tremendously fun to do this. I'm so pleased with how well this game was received and what it has grown to become. |
 |
The
Latest on Bump Keying This was a talk i put together in order to summarize the latest news on the issue of bump keying, which was getting a lot of attention in the popular press at the time. Hoping to dispel some rumors and also let people know of the fixes that were being implemented by a number of manufacturers, this was a short talk but one that i enjoyed. There was also quite an enjoyable plug at the end for the first ever appearance of Gringo Warrior. |
 |
Lockpicking
Workshop This was a talk that datagram put together (mostly using my slides and animations) in order to showcase how relatively insecure the majority of locks in circulation are. He discussed both picking and bumping as well as methods of achieving better security than what you'd typically find with off-the-shelf solutions. |
 |
HOPE
Lockpick Village For all those who've never attended a con where TOOOL has set up a public area, this is what goes down at a Lockpick Village. While this wasn't quite as kickin' as what we tend to do at DEFCON (see the other Village video linked on this page) it's still always a fun and educational experience at HOPE. |
 |
Exploits
for Mechanical Locks Barry wells gives a presentation at Hope Number Six about the insecurity of mechanical locks. Marc Tobias is also on hand to discuss the latest attacks which he has developed, totally shattering the notion of "high security" from Medeco. |
 |
Lockpicking,
Safecracking, & More For the first time on the same stage together at ShmooCon, renderman and i give a funny and informative presentation about lockpicking using much of my traditional material as well as a whole load of new content that my favorite Canadian demonstrates. In addition to his all-around general badassery, renderman even opened up a locked safe on stage... one that he had never seen before and was simply given by an audience member. That took fucking balls. |
 |
Lockpicking
& Physical Security My first major con presentation. Technically, i gave my first talk ever at ShmooCon earlier in the year, but it was in the super early morning slot on Sunday and only about 50 to 100 people attended that short session. This talk at DC13 ran for over three hours and was one of my best times ever on a stage. I covered more material in this presentation than you'll see in any other video. Nowadays, much of this content is only discussed in my private training sessions which cost a some serious money to attend. |
 |
What
The Bump One of the first presentations to address the issue of bump keying, Barry & Han give a wonderful summary of this exploit and the many ways in which it can be attempted as well as mitigated. |
 |
Physical
Security - The Good, the Bad, and the Ugly A terrific presentation at CCC by Barry & Mark, two of the world's best and also most intelligent security testers, this talk covers loads of content concerning how to keep unauthorized people out of your facilities. |
 |
Lockpicking
& Physical Security This is the talk that started it all for so many people. A packed room, a popular con, and a wonderful multimedia setup made for one of the most talked-about events that hacker cons had seen in a while. While lockpicking had always been an aspect of the hacker culture, this talk (in my opinion) is what really thrust it into the forefront for a whole new generation of folk. |
 |
Lockpicking One of the first popular and talked-about lockpicking presentations of which i am aware, this was a great addition to the H2K schedule... and it was, possibly, the first time that our friends from across the pond came to the US and totally blew the doors off of a room with their wonderful and informative presentation style. |
