

The International Competition Where Master Lock-Pickers Do Battle - nsajko
http://www.wired.com/2014/12/international-competition-master-lock-pickers-battle/

======
jjoonathan
Quick piece of advice for anyone looking to get started: DO NOT TRAIN USING
PAPERCLIPS. The first thing you should do is buy yourself a real set of picks.

When the MIT lockpicking guide started me down this road I thought "I'll teach
myself to pick using paperclips and then I'll be REALLY GOOD when I get to the
point of using actual picks." Turns out that I'm not alone; most people I've
encountered "in the wild" with a casual interest in picking thought exactly
the same thing. None of us were able to make significant progress towards
reliably picking anything tougher than a wafer lock using paperclips. I don't
know anyone who managed to "get good" using paperclips; everyone I know who
did eventually "get good" did so by learning using proper tools and _then_
moving to paperclips (if that's something they were interested in).

In hindsight, it's obvious why this is the case: learning to pick requires
learning to understand and interpret subtle and unfamiliar kinds of mechanical
feedback. There's enough "noise" to make this a difficult process even if you
do have proper tools. Using paperclips adds a few more layers of noise
(paperclips bend, they have weird shapes with bumps in them, etc) and the
simultaneous combination of paperclip "noise" with the usual mechanical
"noise" is much more difficult to decipher than the sum of the difficulty that
you would get from deciphering each noise source individually and then
synthesizing that knowledge (i.e. what you would encounter if you trained
yourself on proper picks and then moved to paperclips).

Also: there aren't many hobbies/skills that you can effectively practice while
watching TV, but picking is one of them. If TV is already a sunk cost, you get
a bunch of picking practice time "for free" :)

~~~
thret
How do you buy a real set without a license, aren't they illegal almost
everywhere?

OTOH you can make a decent set from scratch. I've always wanted a professional
set though.

~~~
evilduck
DX.com will mail them to you no questions asked. Ive ordered several sets for
myself and as gifts.

They aren't super illegal, but they are classified as burglars tools in most
places (misdemeanors). I'm not a lawyer nor is this legal advice, but crowbars
can be burglars tools too, most things are about context. Unless you get
caught breaking into something while in possession of lockpicks, you probably
won't have a problem in any other situation (plus many cops are largely
ignorant of odd niche laws like these, since most burglaries are more of the
opportunistic smash and grab type).

Also, from the hobbyist at-home perspective the chance of encountering any
legal problem is almost nil.

~~~
thret
Done, thank you. Shipping is even free to Australia.

------
Someone
2014 version was in September. See
[https://toool.nl/LockCon](https://toool.nl/LockCon) and
[https://blackbag.toool.nl/?p=2485](https://blackbag.toool.nl/?p=2485) for a
report.

------
jmartinpetersen
I always found lock picking fascinating, but I've never gotten around to
actually trying. I'm guessing I also sleep better at night in ignorance.

Silly meta question: the story was published in 2005 but appears online now.
Does that merit a (2005) in the title?

~~~
kbenson
Similarly, I've also always been fascinated by lock picking but have never
tried, but long ago I tied physical security and network security together in
my mind, and it's been a very long time since I felt any network was truly
secure.

It's fairly accepted (IMHO) that network security doesn't make it so people
can't access your networks/systems, just that it puts enough hurdles in place
that it deters the unmotivated and enough detection in place so you get
notified shortly after the intrusion, hopefully before damage can be done.

Walls, doors, locks and alarms serve the same purpose for physical security.
You'll want more or less of each depending on your circumstances.

P.S. The other end of the spectrum applies as well, where people have undo
faith that their networks are secure, and looking at the reality of it would
probably not help them sleep any better.

