Security design and security defeat techniques have met, but it seems like a win for both sides of the security line.
Last month, I noted an interesting thing happening on YouTube. Another engineering YouTuber had created what he hoped was an unpickable lock. At the time, I mentioned how this was a great analogue example of a healthy relationship between those that build security systems and those that try and fiddle and attempt to defeat a security system – especially given that feedback is given to the engineer in question. This is because everyone wins because stronger security is created as a result.
The original video from last month contained a lot of details about how the lock worked and why he thought, in theory, it would make it, at minimum, much harder to break into without the key. For those curious, that video can be found here or in the embed below:
Towards the end of the video, he mentioned that three copies were sent out. One to the Lock Picking lawyer. Another was sent to the original lock picker that he worked with to test out his theories. A third was sent to the lock picking community, Lock Pickers United, so the rest of the lock picking community could take a crack at this lock.
As it turns out, it would be the rest of the lock picking community that would be the ones to defeat the lock. A user by the name of Georgia Jim would ultimately announce that he managed to pick the lock. He posted a video of it on YouTube which you can also see in the embed below:
On the surface, this sounds like a loss for the engineer that built the lock in the first place, but it actually looks like a win for both sides. First of all, Georgia Jim said that he spent four and a half to five hours pouring over the detailed schematics he was sent that explains how the lock works in great detail. What’s more, when you actually watch the video, you could tell just how much effort went into the actual pick itself. He spent thirteen minutes trying to execute his plan to pick the lock, and for a highly skilled lock pick (or “lock nerd” as he referred to himself), that is definitely a long time – especially when you factor in the ideal lighting and setting that he was working in.
When he successfully picked the lock, you could tell that he was both in a celebratory mood and relieved he managed to pick it in the first place. If anything, that is a testament to how tough it was to pick that lock even for a highly skilled lock picker. He said after picking the lock, “that made my day”. He then noted how he had been bored of picking lately as the locks on the market are generally too easy to pick and, as a result, it was a very welcome challenge.
As he was showcasing some of the internal workings, he noted how the tension needed is “really hard” and because he had to spend so many hours studying the lock with all the detailed schematics, he called the lock “very well done”. He described the lock as “a beast”.
In subsequent talk with the community, he mentioned how the lock required 10 pounds of force for the necessary tension. He noted how the feedback from the law was awful. Further, without the detailed schematics, he said it would probably require a month just to figure out what is going on in the lock.
In a practical sense, if this lock was out in the wild, the chances of a lock picker on the streets having that level of skill is rather low. What’s more, whoever would be theoretically picking a lock like that in the wild wouldn’t necessarily have the schematics of the internal working and may not even have that ideal lighting to boot. As some have noted, this could very easily be classified as a high security lock. So, while not pick proof by the technical definition, this could very easily be a high enough deterrent for most would-be thieves – at least as far as the lock is concerned.
The best part about this is that the lock picker in question offered feedback as to how he thinks the lock’s security features could be improved. This highlights that healthy security relationship that is productive and can improve on the security of something.
What’s more, there is apparently a growing list of people who are trying to get their hands on this lock which indicates that there is definitely interest in the lock picking community especially given the novelty this lock seems to be providing the community. To put it another way, the community got a fancy new toy to play with.
Another reason that the lock is garnering praise is the fact that this lock was designed and created by a single person working on his work bench. He doesn’t exactly have all the latest and greatest machines and 3D printers at his disposal to make his creations come to life as he had to use third party services to manufacture the parts to assemble it. As one user noted, he managed to outdo a whole team of engineers at a major lock manufacturing outfit in terms of security.
For those who are curious, you can check out my write up of the Stuff Made Here vs. Lock Picking Lawyer of 2021 here.
All in all, a really cool story about security. Others might be able to offer additional feedback within the sport lock picking community as well, so, no doubt there might be other interesting things to find in the design that could contribute to an improved design. Works By Design has indicated that he wanted to make a further improved version of his lock. So, it’s unlikely this will be the last time the lock picking community will be graced with a fancy new challenge to play around with.