Sunday, October 11, 2009

The Zen of Lock Picking

Some friends asked us to feed their cat. I couldn't find they key they left us, so in desperation I pulled out my lock picks and managed to pick the lock after about half an hour of trying. I was quite proud of myself, especially since I haven't tried picking a lock in years. I felt very 007.

Why, you might wonder, would I have that particular skill, much less a simple set of lock picks? Well, the theology of it the task of lock picking appeals to me--the notion that no barrier is insurmountable if one is willing to a little knowledge and lot of patience. I took up the hobby of lock hacking when I was in Seminary. I bought a simple set of picks and practiced on a spare lock I found. When other people in seminary would knit, I would take out my lock and start picking. At first it would take me an hour or more to pick the lock. Later I got it down to 15 minutes as I learned the weaknesses of that particular lock.

One of the nice things about picking locks is that it doesn't do any damage to the lock. It simply manipulates the mechanical mechanism of the lock in a way that that takes advantage of the inherent weaknesses of the lock design. Obviously, using a set of lock picks for a criminal purpose is illegal, but owning a set of lock picks is not (with a few exceptions, like the UK). The movies make it look like all one needs to is stick a piece of wire in a lock and wiggle it around, in truth lock picking takes a lot of time unless one is extremely skillful or uses a gadget like an electric lock pick. That's why criminals will likely simply break the door or a window rather than bother picking a lock.

Each lock is a puzzle--cracking that puzzle with diligent effort is very satisfying. So how's it done? To begin with, understand that pin-and-tumbler locks all have the same basic structure, a internal cylinder in a tube that pulls the bolt when it is rotated. A series of two-part pins prevents that rotation, unless a key in the lock pushes the pins into an alignment. The diagram ought to give a sense of what I mean.
Ideally, if one tries to turn the "plug" without the pins being aligned, all the pins would bind against the hull of the lock with equal force. The the world isn't perfect, and neither is any lock. Tiny manufacturing defects cause the pins to bind in a sequential order. To pick the lock, one applies gentle torque to the lock and then manually sets each individual pin until it releases and the next pin binds.

The trick is that the subtle amounts of pressure needed on the torque wrench versus the pick requires a lot of practice to detect. Further, many locks have features designed to make all of this more difficult. So in real life, picking a lock requires the ability to "see" the inside of the lock. You have to sort of imagine the unseen reality of the lock. See what I mean about the "theology of lock picking"?

There is a lot more to know. if you are curious, check out the MIT Lockingpicking Guide, which is considered a classic in hacker culture. It covers most of what you need to know to get started. In truth it takes ALOT of practice to be able to actual pick a lock. If someone wants to compromise a door there are far easier ways to do it. In fact, police and locksmiths are more likely to use an automatic lock picking tool of some kind.

Anyway, one of those things that's fun to know!


