How The Lock Industry Put Its Head In The Sand, Rather Than Deal With Vulnerabilities To Locks
from the bump,-bump-away dept
We’ve discussed in the past how locksmiths are apparently upset that geeks online have revealed that lockpicking is really easy, but it’s not just the locksmiths. It’s the lock makers themselves. Wired has a fascinating article about one of the world’s most well known lock picker, who makes it a practice to publicly expose how vulnerable certain locks are. Not so long ago, he and a colleague figured out how to quickly open Medeco locks, which many had considered to be the most secure locks of all — and are used all over the world in gov’t high security buildings. So how has Medeco responded? Basically by trying to ignore the guy… then to insult him and then to discount what he clearly has done. It’s just like software companies who try to deny software vulnerabilities, except that it’s much easier to patch some software that to patch a vulnerable lock. While many in the lock world are apparently pissed off at this guy, Marc Weber Tobias, they should be happy that he’s making sure the locks are really secure. Because, you can pretty much be assured that he’s not the only one doing all of this — but the others who are figuring it out aren’t talking about it, but are using the knowledge to their own advantage.