Not trying to be a dick here, but for all of us that aren't responsible for institutional access control (frequent key changes, master systems) the lock is not the weak link in your physical security and you're wasting effort and money worrying about it.
If you are concerned about physical security, check door frames, windows, and thresholds (especially when lever locks are used). Crime doesn't happen because people pick locks.
You need to check walls too...
I live in a third world country, security is very important, my house got people jumping inside at least 7 or 8 times, that we know... maybe it was more and we failed to notice.
One year, while my family was out in a christmas trip, they decided to use the opportunity to actually get inside the house.
The thing is, beside tall walls, dogs, electric, spears and razorwire, we also had solid brick walls, steel window frames with grates, steel windows, and all doors to the outside were two doors in the same frame, the internal one made of solid wood, and external one made of steel, frames also made of steel.
The thieves instead just made a gigantic hole in our wall, until it was big enough to use power tools or something, then they destroyed the frame around the door locks (all our external-facing doors, both wood and steel, have 3 locks).
So, the weakpoint was bad quality bricks, we alter tested and found out our bricks were so shitty that hitting them with a crowbar made them mostly instantly crumble, the guys probably did zero effort to destroy our wall, probably if they had the time it would been easier to make a door-shaped hole in our wall instead of cutting the steel frame.
Kind of makes sense - in my area, it's somewhat popular to install steel doors in apartments to dissuade breaking&entering by drug addicts; and apparently for local firefighters standard practice for breaching such doors when neccessary is to simply go through the wall next to the door, as it's not that hard, only noisy.
The thieves instead just made a gigantic hole in our wall
Perhaps you're aware of Rhizome Manoeuvre. It's common in urban warfare to make holes in walls. Doors and windows are too often booby trapped.
My dad had this happen to a place he worked at in the 80s in the Bronx. The thieves drove a stolen car through the wall and took everything. Down to copper wire and pipes.
You need to upgrade to obsidian blocks.
My security strategy for our home is simple: Motion detectors and a bunch of huge freaking sirens. If someone enters when the system is on, the sirens will go off so loud that it is physically difficult to stay in the house. And of course thieves will need to worry about neighbors being alerted to the noise.
(It also sends out SMSes, but I rely completely on it running off intruders well before they get to steal anything or anyone has to intervene.)
your neighbors hate you
where do you live??
Depends on the crime, yes, B&E's aren't generally done by people picking locks. But someone sneaking in, planting something or making a copy of something and sneaking out is a little harder to detect since generally there is little obvious forensic evidence of lock picking and generally police just chalk it up to you must have forgot to lock your doors when such crimes are investigated.
IOW, there is no hard data to say either way. If you're protecting some one from stealing your TV or your concerned with smash and grabs, then yes, locks aren't generally your weak point, all though they can be. If you're worried about someone planting a RAT device in your network closet, or key logger on someone's PC, undetected, then yes, it's a concern.
In the situation you describe video surveillance, not a fancier lock, is the answer.
Depends on if you want them to abort the operation or have evidence they performed it.
My personal favorites are the offices that require some sort of card/keypad/technical approval to go through in one direction, but have a motion sensor to unlock it going the other way. I've gotten past these with a manilla folder (push through, it unfolds and triggers), and I've been told (untested by me) that motion sensors rely on bouncing an infrared beam, so they can be triggered by anything that makes a temperature change, such as a can of compressed air.
Relevant XKCD: https://xkcd.com/538/
obligatory 33s video: https://www.youtube.com/watch?v=z9GbUCQhIfA
Dave from trustedsec/Derbycon opens a sensor locked door (it led to a staff area) at the hotel marriott with a nicotine vaporizor
I'm a little late to your reply. I agree with you in general that locks aren't the be-all/end-all in security. But, I don't feel your statement is completely correct.
I can think of two reasons to have a good lock.
1. Not all insurance will cover theft unless there's evidence of a break-in.  This was a problem with the bump keys where no evidence of a break in was left, other than maybe some scratches on the face of the lock itself.
2. Padlocks, often including bike locks, can often be shimmed or raked easily. It's one thing to carry around a pair of large bolt cutters in downtown manhattan, it's another to carry a little shim in your pocket.
"And a burglar that breaks in with a bump key shows no visible sign of forced entry, but further examination from an expert can determine if the pins were manipulated. Insurance companies may still be resistant in paying on a claim, even with a forensic locksmiths findings."
Just go to the website (lock-lab.com).
Even though this site is focused on locks and lock picking, the "home security" sections gives information that goes well beyond locks.
Strike plates are supposedly a good ROI
With long lags that penetrate through the frame & multiple studs.
Yes, picking is a small percent, but failing to use the lock on a door or window is the number one way entry is gained ; point being if people locked doors, the numbers would likely be much higher given most burglars use one of the external doors at some point during a burglary.
I'm sure it's like a lot of security where attackers aren't necessarily after anyone in particular but will just go down the line until they find a soft target. I've been robbed a couple of times (long time ago). One time they did force open a (probably cheap) sliding door. But the other time a windows was ajar.
These days I'm enjoying viewing the lock lab you tube channel. It's a pretty insightful guide into what makes a good lock, and the style of locks to avoid if you truly want security.
Ditto. Back then my parent often locked the room with the computer so that I could 'focus' on my study instead. And this guide helped my learning about pascal, C and then x86 assembly (when my father got so frustrated he took out the HDD and I have to run MenuetOS instead).
I think the section about Zen and Analytic thinking helps shaped my way of thinking. Before that I just charged blindly into problems, only to get stuck somewhere. But after reading the guide, I often stop for a while, thinking 'why doesn't this work?' and try to figure out how, back gathering all the evidences and make a mental model of it in my brain. Interestingly it is quite useful for programming too.
Same here. I can still pick a lock to this day. Very basic ones and never unlawfully but it helped at least in two cases in my life (lawful, again). Lockpicking is the epitome of how the deep knowledge of a technology (that is usually a black box for the average user) can grant you control over it. Great memories.
Heh, yes, I remember this book passing in floppies at school as some super secret document that only the most trusted guys could obtain.
I remember stumbling on this when I was 12 or 13 and thinking it was super secret knowledge that only locksmiths and spies could obtain.
It was a silly thing, really - but it did fuel my interest in picking apart how things work in a more detailed fashion.
It's been transcribed automatically to HTML from a PDF document which was typeset using LaTeX. The original document does not contain these errors:
The errors are an artifact of the lossy process which goes from the actual text content, to semantic LaTeX source, to PDF (designed for print reproduction, not content portability), and back to HTML. This last step might even be using OCR.
But the errors may be present even without invoking OCR - I often find that I can't copy text from a PDF generated by my professors' TeX toolchains because the various ligatures, kerning, and other subtle effects that Tex produces from letter to letter mangle the paste buffer. Also, while the default font (Computer Modern) looks fantastic and very professional when rendered correctly, and looks even better with TeX typesetting adjustments, many PDFs are generated with bitmap fonts and then rendered on systems which attempt to perform or remove anti-aliasing, DPI scaling, smoothing, and other effects. You can see some of this in the above document.
hm... although weird, it seems more likely to me that the errors were produced by humans retyping the document. Since c doesn't look like v, but c is right next to v on the keyboard. Other examples of people misspelling "-ice" as "-ive": https://youtu.be/ZtIVWWpZRJQ?t=51 And the example in another comment of pick -> pikc is also more indicative of a human typo rather than OCR. Dunno why they'd retype the document though...
PDF is a terminal format, so this isn't really avoidable in all cases.
If you want HTML, usually much better off to use latex->html tooling.
If you have the source, it's obviously better to use `hlatex`.
But PDF is only intended to be a terminal format. In the real world, though, it's very common for the 'terminal format' - whether a binary executable or a PDF - to be the only format available.
It would be very useful if the toolchains used to produce PDFs - whether `latex`->`dvips`->`ps2pdf` or `pdflatex`, or any of the other possibilities in the extremely complicated TeX ecosystem - did a better job of maintaining the semantic and raw-text content of the source.
I would happily increase the size of all my PDFs by a couple percent if it meant I could better extract the contents in the future. I do realize that when you multiply this few percent by many gigabytes of PDFs on archive sites and across many uploads and downloads, it becomes more important, but I would assert that it increases the value of those PDFs by more than it costs.
I wonder if you could include the latex source as an unreferenced stream in the pdf document. If there was a standard around this, we could have tools to convert compatible pdf documents into whatever format easily.
Libreoffice can do this so I guess Latex would be able to do that too.
EDIT: Possibly from the photocopy of this LaTeX document?
The big secret of lock picking is that it's easy. Anyone can learn how to pikc locks.
The text is probably the output from an OCR program that was run on a printed copy of the test, and the user didn't scan the output for the inevitable errors that these programs produce.
It looks to be retyped (badly), not OCRd. The PDF has none of these errors, which are not the sort made by OCR.
The only way to learn how to recignize and exploit the defects in a lock is to practive. This means practiving many times on the saem lock as well as practiving on many different locks.
Some context: http://web.mit.edu/afs/sipb/project/www/stock-answers/lockpi...
This should have been the OP link. So much easier to read.
Well, just incase someone wants to actual PDF: http://www.lysator.liu.se/mit-guide/MITLockGuide.pdf
Stay away from anything that says Master on it and absolutely stay away from combination locks, both the dial and the wheel style. You want a lock that uses ball bearings in the shackle, not the spring loaded latch type (you can easily tell which is used if you unlock the lock and inspect the inside of the shackle; if you see perfectly circular notches on the inside of the shackle then that lock uses ball bearings. If you see a straight edge in the cutout of the latch, you're dealing with a spring mechanism).
The American Lock 5300 is a nice choice for this application (yes, it is made by Master but it has some redeeming qualities). It is shrouded so it cannot be easily shimmed and it comes with a 5 pin replaceable cylinder. The keyway on mine is relatively paracentric (many steep angles and warding that makes it harder to pick) which is nice. If you are super paranoid you can re-pin the core or swap it with a new one, preferably something with 6 pins.
The best feature of this lock is that it looks more secure than its neighbors and it cannot be easily shimmed or opened with a kinetic attack. If I were popping gym locker locks I'd go kinetic on spring mechanism locks since they are the easiest to open quickly with no special tools. I wouldn't want to be caught with a rake or a bump key so those methods are probably not your biggest concern. You want the thief to look at your lock and think, shit, this one isn't worth the effort, move on the next. Like you said, you bought sub-par locks and they were simply forced open. A 5300 or similar isn't going to give it up that easily, which makes you less of a target.
If you really want a stronger lock I presume the main limitation is that, in my experience, there's a maximum thickness the locker design will allow for the lock. As such it's generally trivial to break the lock with a bolt cutter.
I think that's actually a feature, the gym owners want to be able to open the lockers if a member loses their keys or simply locks one of the lockers and then never comes back.
So I think you should simply consider going to a better gym? Seriously, that sounds pretty terrible, I've never had any issues in any gym I've been to and I'm not exactly paranoid either (sometimes I'd forget my lock and leave my stuff unlocked and never had any problem).
>there's a maximum thickness the locker design will allow for the lock
Depending on how the locker works, you might have luck with something that protects the shackle a bit better, even if the shackle is still relatively thin in diameter. Like one of the disc style padlocks.
Use the most commonly used lock on the outside of the locker. You don't want your locker to stand out. Shrouded padlocks are more secure, but they also tell potential thieves that your locker may actually be worth breaking into. In any case, the gym management often restricts your choice, because they need to be able to cut locks off.
I'd save the serious security for the inside of the locker. Get a locking hard case designed for handguns, with a cable lock slot built in, and use a cable lock to secure it to the inside of the locker. Put your valuables in it and pile your clothes on top.
Consider changing to a gym that has separate locker and changing areas, so that cameras can be used to detect locker break-ins and catch the culprits. The individual padlock is, at best, a delaying tactic, which is useless if someone has unlimited time in which to break security. If someone is in my locker room popping locks with a shim, I want someone to notice that and detain them, or at least identify them from the video footage.
Someone capable of cutting a padlock can definitely cut a cable lock, so I'm not sure who you're going to deter this way. You will, however, increase your loss if they take your gun case.
I think it's a fallacy that using a better lock makes you a bigger target. In a gym, thieves are looking for the same thing in every locker: money and jewelry. A better lock doesn't indicate that the Hope diamond is inside. It indicates that it's going to be harder to steal the $50 from the wallet inside.
I guess the idea of a cable lock here is to use it so that it attaches the bottom or backside of the hard case to the inside of the locker, so that the cable lock is only accessible from inside the hard case. This is, after all, how safes are attached to floors and/or walls.
Then, the thief would have to destroy either the hard case, or the whole locker. That would be slow and noisy. It's not impossible but deters intruders who will simply perform a cost-benefit analysis and move on (but will surely destroy your clothes in revenge).
Couldn't the thief simply pull up on your gun case and cut the cable through the gap created? There's no way you're going to get the cable tight enough by hand than a thief can't move the case a bit (safes generally use bolts, which don't have this problem). Maybe if it's secured to the back wall it will be awkward enough to maneuver the cutters that the thief gives up?
> but will surely destroy your clothes in revenge
In revenge for what? Interesting psychology.
Indeed. But it seems to be what burglars often do: if they are frustrated by security, they do some vandalism.
If you make the lock too strong, the thief just cuts the hinges of the locker. It doesn't take much for your lock to not be the weak link in the security chain.
The unattended security measures are only there to delay a criminal long enough for a human to take action.
Are you smarter than a dumb hunk of metal? Yes, you are. So is a thief that is stupid by human standards. The only reasonable counter to a human criminal is another human. The lock is productivity multiplier capital for that human. If there is no security guard, there is nothing there to multiply, and the lock and locker are only increasing the security you provide for your own stuff. Do you really want to check up on your locker between every set? It would be annoying, but you could do it. You wouldn't be able to do a long cardio workout, though.
As such, time spent shopping for a stronger lock is probably not as useful as time spent yelling at the gym management to stop the locker room thefts. They need a guard to make sure no one is popping locks in the locker rooms. Until they have one, what's going to stop someone from going in with a rotary tool and a stolen staff shirt or handyman outfit, telling the customers that they have to occasionally cut locks off when people abandon their lockers? A customer would only have reason to challenge that ruse if the thief were cutting off their own lock, but a real employee would know that the thief was not a genuine employee or contractor authorized to do that to anybody's lock.
If locker room thefts are a general problem, you have to hire a person. If the gym won't do it, individual customers could, at greater overall cost.
But really, that's not necessary. Just don't keep valuable items in a gym locker. Leave them at home, put them in the trunk of your car, or have a trusted human hold them. Keeping your valuables in a gym locker is like parking your car on the street in Detroit. Sure, it is theoretically possible that your security measures are sufficient, but you are placing your property at much higher risk to begin with.
None of what you just said indicates that a better lock will make you a bigger target.
I think you're also drastically overestimating the resolve of locker thieves. No one's cutting locker hinges or dressing as a handyman as an excuse to bring in a rotary tool. It's not a bank heist. Locker thieves are casual thieves. I would imagine that the most common attack mode is to just shim cheap locks open. If thieves did begin destroying lockers, the gym would probably actually do something.
And obviously, yes, a guard is the ideal solution. I don't think I've ever been to a gym that did this, though. It's not worth it to them.
The thieves break into the most commonly-used locks. FWIW there are hacks for most locks on Youtube!
There's nothing inside the locker to which to attach a hard case, which would undoubtedly be stolen.
Can't change gyms w/o losing $$ - have a two-year plan. Been going there for years. BTW all gyms have this problem - it isn't uncommon.
I _have_ considered abandoning the gym and going to a body-weight exercise plan + walking/running. I'd get more sun/rain/sleet/sunny days.
I'm sure if you made a (perhaps public) fuss about their lack of security in the locker rooms, they'd be willing to cancel with no penalties.
You could probably also argue that such a failure constitutes a violation of their end of the agreement, depending on the wording.
Don't be a doormat, dude.
edit: n/m, topic covered already.
Why not leave valuables in your(locked) car?
Is that a sarcastic joke?
Cars are obvious targets for burgling. At least over here, insurance companies won't pay anything if you leave it in the car and it gets burgled.
Cars are probably broken into less than gym lockers. A locked door on a car is typically sufficient deterrent, as the thief will just prowl for an unlocked one. A lock on a gym locker is apparently not enough deterrent.
Over here in Europe, car burglaries are common, and often insurance covers burglary to a locker (as locker is meant for safe storage) but not burglary to a car (as a car is not).
The top of the line in padlocks is the Sargent & Greenleaf 951 padlock, which is about $1300. DoD uses these on weapons storage. Resists grinders, saws, liquid nitrogen, etc.
Here's an amusing overview of available padlocks, starting with crap Master Locks and moving upward. The ones that are hard to force or cut have large-diameter shackles, which probably won't fit a gym locker.
Funny, I don't think it was that model, but I think it was a S&G lock we used (2 or 3 of them actually) on radioactive source containers back in the oilfield.
The ABUS 83 series. Depending in size, the can be keyed to match your house key, do you'll also have one less key to carry.
Don't change locks, change gyms. Work out where thieves don't. You might even tell your gym that's why you're switching.
Medeco and ASSA have a good reputation. Master locks are notorious for being easy to open simply by whacking once with a normal hammer.
Neither are really known for their padlocks, and they're both pretty hard to find at retail - at least in North America.
for a reasonable priced lock (~$20) - I'd suggest American (probably the 1105) or one of Abus' mid level locks. Either are available on Amazon.
For "it'll be easier to pry the door off the locker than break the lock" level locks (~$100) - I'd suggest Abloy (330 or 340) or Mul-T-Lock.
These are harder to find locally - https://securitysnobs.com/ seems to get recomended on the lockpicking reddit if you want an online vendor.
Abloy's "Protec 2" lock design is one of the more well regarded out there- I'm not aware of any credible public claims to have picked it, and short of an angle grinder you won't be getting through the larger padlocks.
Trivia - the lock industry is very heavily consolidated behind the scenes, with several companies owning most of the major brands: "Assa Abloy" owns, besides the two companies in the name, Medeco, Yale, Mul-T-Lock, Fichet, and HID - who make the most common RFID security cards. Master Lock owns American Locks.
your car trunk maybe?
While we're on the topic of locks, can anyone recommend a good gym locker lock that isn't easily broken/hacked?
I've had MasterLock key locks, brass, steel plate, and combination locks and mini-key locks. All have been broken into and money & goods stolen. No cutters were used, they simply forced the locks.
I now carry everything with me currently and don't use a locker, which is a PITA.
I have a transparent lock in my desk, great fun for people to try opening and teaches about how secure standard locks actually are.
I think this book is a little past the shits and giggles horizon. I do own a copy of it. It's amazing how detailed Tobias is. He is still doing work today. Follow his YouTube channel. https://www.youtube.com/user/mwtobias
For anyone remotely interested in locks for shits and giggles, I highly recommend Tobias as reference for your personal library...and purchase every type of lock you can get your hands on for practice.
Inexpensive indeed. When I was in high school I made my own lock picking set. For the tension wrench I used a nail I bent into shape and hammered the end flat until it would fit most locks. I then made a set of picks in different shapes from thick paper clips that I then hammered flat so they would hold their shape.
I used to practice on my dad's file cabinet and the crappy lock they made us use for our lockers in gym class. They were so incredibly easy to pick, I wonder if it had anything to do with stuff going missing even from locked lockers?
I also made my own, but used street sweeper bristles. They are a nice springy steel and about the same thickness as commercial lock picks. They are also made of a soft enough metal that they can be easily shaped using common needle files.
I made mine from hacksaw blades. That required annealing the steel, then re-hardening and tempering it. A small butane torch provided plenty of heat since the steel is so thin.
It can be a great way to build patience, and it's almost meditative I find.
very cool, I remember reading this in 96/97. It is a real fun and inexpensive hobby and a fun challenge.
Anyone interested in this would do well to check out a TOOOL chapter in their area.
 - https://en.wikipedia.org/wiki/The_Open_Organisation_Of_Lockp...
For anyone interested in practicing these skills or learning more about physical security. https://ozlockcon.com is happening in Australia in June this year.
Also disclaimer I own this company. I think it's awesome that tech people gravitate toward locks so much. It really is an interesting trade that somewhat maps to programming. At least in the sense of requiring lots of concentration and the ability to push through struggle and learning curves. I will say also once you get good at picking locks it's very satisfying to be able to get into anything.
Anyone in Atlanta that needs a good locksmith give Open Sesame a call. https://www.atlantacarlocksmith.com
I think this was one of the first things I found on the web back in ~1994. Super cool. I managed to pick a couple of locks in my apartment and haven't had the need to do it since then. Cool to know about though.
off-topic: I can't help but click to his Home Page link: http://www.blurofinsanity.com/homeofinsanity02.html#Anchor-2...
I don't see bumping ;)
I don't know why I still let my connections exit in the U.K., or live here really.
One of the reasons I left years ago. One of the best moves in my life.
Where did you go?
My country is run by an insane toddler with a trust fund. The U.K. looks pretty good.
Look north. Our guy's trust fund is much smaller. In fact, so is he. But id still put money on the little guy winning the cage match. The toddler looks like a slow-motion cardiac event.
In all seriousness, the canadian government has been very hands off in recent years re censorship. Our ISPs are still evil, but nowhere near comcast evil.
I think it'd be abuse to pit most 70 year olds in here: https://www.youtube.com/watch?v=fYlWiZMhaLE
Does the insane toddler censor the internet for you?
Thank you for the reminder that yes, it can get worse.
International migration is not a trivial task so I hope the grandparent gets an answer!
It's not in-expensive either so plan carefully.
First to Cyprus, now to Spain.
Error should have been a 451, not a 503.
To save readers a Googling, that's the error code for "Unavailable For Legal Reasons".
A multi-ISP web blocking look-up tool, with a reporting page if you feel it is incorrectly blocked.
Giffgaff redirects me to a page telling me I need to be 18. As it happens the domain's own home page says exactly the same thing.
Not blocked for me and I'm in London right now.
Works fine on my phone in the UK. Depends on your provider.
Don't worry, when I was 15 I was lock picking my school's lock because I wanted places to be alone.
All they say is pages of trivia, and make no sense given how fucking stupid what they say is.
Just need some privacy, and lock picking will come without need for education to you.
No problem for me on BT.
> This link is censored in the U.K.
By your ISPs, not by all of them. This link isn't blocked by eg TalkTalk.
> the porn filter
There is not "a porn filter". Each ISP has their own filters which are optional for the customer. Change your settings and stop spreading fud.
By at least two ISPs (out of two I checked), but there are sites that track this.
And this block has no opt-out, while the "porn filter" one requires you to be over 18, so how would you call it?
Also because the political rethoric around it is quite precisely "protect the children"...
Sounds like you are saying there is one, but you can opt out.
Not blocked on BT (infinity), O2 or Vodaphone here.
Works fine for me on Three, Virgin, and BT.
This link being censored is good enough reason to pack your bags and move?
What would be your ideal destination if you decided to move? What country caters to all your specific needs?
I'm in the uk can read it fine
Works fine for me on Three. /r/quityourbullshit
This link is censored in the U.K.
EE says something about it being locked, while Three sends you to a page with 503 in the URL, and this text:
Sorry, there is a slight technical glitch.
Please reboot your device to reconnect to the services.
Sorry for the inconvenience.
Once every 3 years is ok:
We detached this subthread from https://news.ycombinator.com/item?id=13916783 and marked it off-topic.
I'm sure you could come up with a more charitable response than that.
Bullshit. I'm on three and it is much cheaper than whatever your on.
:) there you go
It's also working here on both my Sky home connection and GiffGaff (O2 MVNO) mobile.
Bullshit. I'm on Three and the link works fine.
Please don't post unsubstantive comments about divisive topics. Those are bad and provoke worse.
We detached this subthread from https://news.ycombinator.com/item?id=13916968 and marked it off-topic.
> where you could read what you wanted online
we've had internet censorship in various forms for a while
> go where you wanted in Europe
oh goodness it's so hard to apply for a visa
> to soon this isolated island with silly censorship and a silly government ridiculed by everybody except Trump and Putin
Isolated because we left the EU? I don't think you understand anything about the brexit situation at all. We're far from isolated - believe it or not, the "drift into the atlantic" rhetoric was just hyperbole, not an actual geological shift.
Wow. So quickly you went from a free, influential society where you could read what you wanted online and go where you wanted in Europe to soon this isolated island with silly censorship and a silly government ridiculed by everybody except Trump and Putin.
This is actually a summary of the original document http://www.sparknotes.com/poetry/rapeofthelock/characters.ht...