
The App I Used to Break Into My Neighbor’s Home - rmason
http://www.wired.com/2014/07/keyme-let-me-break-in/
======
x1798DE
I feel like this is a complete misunderstanding of the threat model here. Keys
are not "like passwords", because to use a key you need to physically go up to
someone's door, whereas with a password, you can generally do so from a
computer terminal anywhere in the world, potentially using anonymizing
proxies.

If anyone in the world could anonymously try and open my doors and, if they
succeeded, could steal my valuables, _locks would have been found insecure a
long time ago_.

Yes, the author here doesn't know how to use lockpicks or a crowbar to break
into a house. The author also has presumably never tried to steal something
from a house. Houses are generally just secure enough that the casual passer-
by can't easily get into them, but not secure enough that if you really wanted
to you couldn't get in. Most people who pick locks will tell you that picking
locks is not a particularly good way to break into a house to steal things
because breaking into a house is _easy_ when you don't mind destroying
someone's property. If you're a criminal you don't need anything more
sophisticated than a crowbar (and even then you might just walk around until
you find a door that's not locked at all).

So sure, maybe this makes one particular attack marginally easier (not really
all that much easier than it was before), but illicit key duplication is still
not the weakest part of your physical security by a long shot, so I don't
think there's anything to worry about.

~~~
hox
You seem to only care about theft. What about restricting access to those who
have other reasons to break into someone's property? Spurned lovers,
coworkers, friends you can't really trust... The kind of people who would
actually have access to take photographs of your keys to begin with?

~~~
x1798DE
This only adds the ability to copy keys with momentary access to your keys.
Anyone with sustained access to your keys can just take them down to the
hardware store, so this doesn't really change the "spurned lovers" equation.

I don't see why the other people would want to break into my house if they
weren't interested in stealing my things or hurting me (and if they are just
breaking in to like, hang out in my house, that's a bit weird but not really
something to lose any sleep over). If they do that habitually, I think they'd
find breaking into the house _without_ using a credit card to buy a copy of my
key is quicker and less risky than using KeyMe. I am not particularly worried
about the extremely rare threat model of being my non-criminal friend or
coworker's first break-in, where they decide opportunistically to break into
my house because I left my keys somewhere and they know they can easily make a
copy of them at a kiosk.

------
readme
"Parking valets suddenly require a ludicrous level of trust"

They always have. It was always possible to take a blank key and just copy it
with a file. You could use a softer material to expedite the process and then
copy it again later...

Which is why, most cars come with a __valet parking key __that only turns the
ignition, and doesn 't open your trunk. You're not supposed to hand the valet
your entire keyring. That's ludicrous (although a lot of people do this)

Though with the availability of this app we're going to see a lot more crime
committed this way.

~~~
superuser2
1) The trunk can be opened without a key from the drivers seat of most every
car, no?

2) The value of contents of my trunk is rarely within two orders of magnitude
of the value of my car.

~~~
brewdad
My Honda has a lockout that disables the lever used to open the trunk from the
driver's seat. Of course, many cars have a fold down rear seat (mine doesn't)
meaning any valet that really wants to check out your trunk will still be able
to.

~~~
moron4hire
My 15 year old Honda has locks on all of those things, that you cannot unlock
with the valet key. There is a lock on the trunk lever, a lock on the shelf in
the back window for the seats, and a lock inside the armrest cubby in the back
for the fold-down cup-holder stowaway door thinger.

------
SixSigma
Killer escaped prison after being issued picture of master key to all locks.

A former prison officer said the design of the master key - which could open
every lock in Berrimah jail in Darwin - was printed on the front of the
prisoners' information handbook.

[http://www.news.com.au/national/killer-escaped-prison-
after-...](http://www.news.com.au/national/killer-escaped-prison-after-being-
issued-picture-of-master-key-to-all-locks/story-fncynjr2-1226629878591)

------
Mithaldu
To spare people time reading:

It's KeyMe, a service that lets people make copies of keys from a vending
machine, using photographs of keys. He got the photos because his neighbor let
him handle the keys.

No particular high-tech involved. (Even though he claims they're 3d-printed in
the vending machine, i suspect they're simply cut from a raw.)

~~~
USAnum1
Minor nitpick: The author indicated that custom styled and mailed keys were 3d
printed, and the kiosks cut the keys from a blank. (end of 4th paragraph)

Otherwise an accurate and brief summary. The article is relatively short and
worth the read, though.

------
catshirt
for those playing along at home, the app he used to break into his neighbor's
home is called "my neighbor gave me a key to their home".

if we are willing to call this a "break in" then the app is not the operative
concept, it's the social engineering that enabled the guy to give you the
fucking key.

might as well have written about the shoes you used to break in with.

~~~
aragot
The article also says:

\- The app makes it in 30s,

\- "Do Not Reproduce" keys can be reproduced,

\- Lock nerds can reproduce keys from a 60-feet picture.

All 3 imply a change of the possibilities and thus, newsworthy.

~~~
catshirt
> The app makes it in 30s

it says he "spent about 30 seconds in the stairwell scanning his keys". the
app doesn't "make" anything in 30 seconds.

> "Do Not Reproduce" keys can be reproduced

"do not reproduce" does not mean "can not reproduce".

> Lock nerds can reproduce keys from a 60-feet picture.

i read "One group of researchers ... could reproduce keys photographed from
nearly 200 feet away and at an angle." this is without the app. which is more
to my point.

moving on, if the person trusts you enough to give you a key, you don't need
it.

------
ufmace
I think that this article, and many of the comments, show a misunderstanding
of what robbing houses is really all about. Not that I've done it, but it
seems pretty obvious when you think about it from the robber's perspective.

Anything to do with locks is not really relevant to robbery, since virtually
none of the houses in the world have good enough security to resist anyone
even moderately determined and willing to break things. Why bother with some
elaborate charade to copy keys when a crowbar, or usually a boot, will get you
into any house?

What is actually relevant is information about the house and what's in it.
First, information about whether there is anything stealable in there - stuff
that's easy to transport out and can be sold in a grey market for a good price
without being easy to track back to the thief. Most houses don't have a lot of
stuff like this, and there's probably a pretty stiff haircut on the price you
can get when moving stolen goods through fences. I'm guessing that you'd want
trustworthy information that there's stuff you can take and move for at least
$1,000 or so to make it worth your risk to break into a specific house.

You'd also want solid information about who can be expected to be at the
house, and when. Any chance at a confrontation is going to add a lot of risk.

Threats like the valet copying your keys don't really make any sense. Yeah, he
has the keys, and information that could lead to an address, like registration
and license plate. But he doesn't know anything about what's in the house or
who's there. Why should he care that, after going through a complex and risky
process to get a copy of the keys and the address, he has slightly easier
access to a house of unknown quality?

Worry instead about people who have access to that information. Repairmen,
exterminators, maids, anybody who has a legitimate reason to go around your
house. And be wary of letting untrusted people know when your house might be
empty for an extended amount of time.

------
mschuster91
There's a minor inconsistency with car keys.

In contrast to "stupid" ordinary house locks, which are not powered, car keys
these days incorporate RFID chips so that the key at least cannot be used to
steal the car. Granted, you can still empty it, but at least better than
losing the car altogether.

~~~
balls187
I think the OP was implying that valets could photograph the house keys, then
later go and rob the home of the car owner.

A locked door to a home is rarely a deterrent for a determined thief.

I mean, heck, the valet could just as easily steal the garagedoor codes from a
garage door opener, right?

~~~
codeka
Except, how would the valet know where you live?

~~~
tzs
He'd get your address from the car's registration documents, which will
typically be in the glove box or clipped to one of the visors.

~~~
grajaganDev
Or he could possibly check the GPS location list for 'Home' or the GPS trace
if this data is stored.

------
Sami_Lehtinen
So what if there's an app? Copying keys has been done for centuries and it's
trivial. I forgot my personal storage locker key once at home when working at
one metal company. It didn't take too long to call my dad, as details about
the key, and creating a working copy. It was a Abloy Classic key, so it was
trivial to copy of it from bolt using lathe and a bandsaw. With some key types
you might also need a drill. All this work can be done bit slower using plain
hand tools, you don't need even electric power for copying keys. And the lathe
was only needed, because I naturally didn't have a right 'blank'. Copying keys
has been always trivial if you have access to key you want to copy. I guess
it's now ok to confess that I also had a teachers set of keys at school. Of
course a copied set. One teacher borrowed me their keys once, and that's it.
And this was 20 years ago and before copying the keys needed for personal
locker at work.

------
Istof
Apparently 95% of USA home locks use SC1 or KW1 keys... and OpenSCAD files can
be downloaded to easily generate a 3D model of any key configuration using a
statement like this for example: sc1([3,3,1,7,2]);
[http://www.thingiverse.com/thing:8925/#files](http://www.thingiverse.com/thing:8925/#files)
... then send it to your 3D printer

------
edward
News story in 2006:

Jail keys changed after TV lapse

All the locks and keys at Feltham Young Offenders' Institution have had to be
replaced after security was compromised during a media visit last week.

[http://news.bbc.co.uk/1/hi/england/london/5145026.stm](http://news.bbc.co.uk/1/hi/england/london/5145026.stm)

------
_up
What happens if the "Key" DB gets hacked and stolen? Is the company required
to buy everyone new locks?

------
muaddirac
Only tangentially related, but: It would be interesting to consider
physical(ish) methods of federated authorization.

Hand the valet a key fob that you've enabled for use within a 1 mile radius
and two car starts?

~~~
lliwta
> and two car starts?

That's a great way to have your dinner interrupted or end up waiting forever
for your car.

------
celias
DEF CON 18 - Schuyler Towne & datagram - Attack the Key, Own the Lock

[http://www.youtube.com/watch?v=_ctWJAdeHPU](http://www.youtube.com/watch?v=_ctWJAdeHPU)

~~~
contingencies
Oh, it's that guy from the kickstarter I backed four years ago that still
hasn't delivered.

[https://www.kickstarter.com/projects/schuyler/lockpicks-
by-o...](https://www.kickstarter.com/projects/schuyler/lockpicks-by-open-
locksport)

~~~
kalleboo
The dude is suffering from a major depression and is about to go on
medication, give him a break. Anyone who invests in a kickstarter must
understand there's just one guy behind a lot of them and there's a massive
risk they'll fail to deliver.

And Jason Scott is on the case to get things righted, you can't get a much
more trustworthy caretaker than that...

[https://www.kickstarter.com/projects/schuyler/lockpicks-
by-o...](https://www.kickstarter.com/projects/schuyler/lockpicks-by-open-
locksport/posts/903690)

~~~
contingencies
Why yes, in the latest episode of the soap opera it seems both of them conform
to the "Ever feel not perfect? Ask your doctor about..." American
pharmaceutical stereotype. It has been almost worth it backing just to read
the excuses. Almost, but not. Funny how in traditional societies people just
go get some exercise or something and don't need chemical crutches with lists
of side-effects scarier than the original so-called symptoms. Having lived in
a few countries, to me it's clear: US mental health issues are partly socio-
psychosomatic. Warm fuzzies and all that, but four years is a long time.

~~~
kalleboo
This is not the time or the place for this discussion so I'll _try_ to keep it
brief and non-argumentative.

As a non-American, I agree the U.S. is way overmedicated.

That said, some people still _do_ need medication. If you read the post you'll
see the guy himself has avoided the medication until now due to a bad episode
of being misdiagnosed and medicated as a child. He has literal first-hand
experience of what you're complaining about.

I'm in Japan now, and this place is the exact opposite. Mental illness
"doesn't exist" and half the medications prescribed in the US are illegal
here. And hey, 3 train jumpers a day. "Hey pussy, pull yourself up by your
bootstraps" doesn't work either.

------
pbreit
Nice link-bait on the headline but for most people the only thing preventing
an intruder is a very thin piece of glass.

Also, does KeyMe, et al, really not email/notify you when a dupe is made?

~~~
octatone2
They don't know who a key belongs to, they trust that you are the owner of
said key when you upload it.

~~~
pbreit
Oh, right, silly me.

------
jqm
Wasn't something like this already being done in the pre-iPad era with bars of
soap or wax?

If you loose possession of your keys for a time someone can copy them. Did
someone not know this?

------
taksintik
This is why I use 2 factor on my front door.. Mainly fingerprint backed by a
code or key. Noting is 100% safe..but I prefer ease of use in making a
decision.

~~~
GrinningFool
If you're trying to prevent a burglar, it's overkill. They'll just use a
crowbar.

~~~
nthj
Does the fact that a burglar used a crowbar vs. entered silently via a copied
key play into how easy it is to deal with your homeowners insurance provider?
(Genuinely curious, and couldn't find anything via a brief Google search.)

------
throwaway_1
I know people who made keys from photos in high school (I attended boarding
school, there was a lot of free time). It is not hard to do, even without
KeyMe.

------
opendais
Yep. And this is why I have an easy way to separate my car keys from the rest
of my keys. I don't hand anyone my house keys, ever.

------
superuser2
Like magnetic stripe credit cards, keys need to die. The security model is
broken for the same reason - anyone who handles or even looks at the token has
free reign on whatever is protected by the secret. The secret should instead
remain encapsulated, used only to sign encrypted, replay-attack-proof
authorizations.

It's 2014. Smart cards need to be everywhere. Even my college dorm had
contactless smart card authentication.

Keys still have a place for manual override in outages, but that should be
rare and set off alarms.

~~~
brewdad
I agree about the smart cards. My college had chipped id cards (like modern
non-USA credit cards) in 1992!

I just stayed at a hotel in New York with smart card locks. It was so nice to
be able to just hold my wallet against the door rather than pull the card out
of my wallet and try to remember which way the magstripe goes, etc.

The reader on the elevator was placed low enough that I just needed to stand
within a few inches of it to "unlock" my floor.

~~~
dublinben
Do keep in mind that hotel doors are anything but secure, regardless of the
kind of lock. It doesn't even take a sophisticated exploit to unlock the door,
just a simple metal gadget.

[http://shop.riftrecon.com/products/under-the-door-
tool](http://shop.riftrecon.com/products/under-the-door-tool)

------
PeterWhittaker
With apologies to all, everyone is missing the point, including the author.

Spoiler/tl;dr summary of this comment: Soon you will be able to generate a key
while standing at the lock, scanning it with the laser scanner built into your
mobile device, generating the key with a hand-held 3D printer you bought at
the convenience store on the corner.

OK, longer version.

A number of comments dismiss the security threat as not particularly
meaningful (give someone your keys, give them an opportunity to mess you up)
and they are correct insofar as this very specific threat is concerned. It
really is very similar to the traditional "give someone your credit card, they
can mess you up" threat.

But think about that threat for a moment: The reality of that threat led to
chip-and-pin cards, to CCVs, and to PCI compliance.

That threat was also greatly magnified by the move from the pen-and-paper
world to the world of online shopping - and we've had to adjust our threat
mitigation strategies appropriately.

The point of the article isn't actually for example that valets require great
trust. The author actually misses the real point while describing it quite
clearly: It has always been possible to do this, it's just orders of magnitude
easier, and cheaper, to do it today, because of the blend of off-the-shelf
widely available low-tech technology. That's the point of mentioning KeyMe: It
is so easy to build the bits to do this threat that there are reliable
commercial services that make money from low-cost apps and unattended kiosks.

And it is going to get much, much, much, much worse, very, very, very soon.

Very soon now you will be able to buy a pocket or at worst back-pack size
multifunction replication device, that is, a 3D printer with a scanner built-
in, or perhaps a 3D printer that uses your mobile device as a scanner.

With that device, you will be able to duplicate the keys on the way up the
stairs.

And soon you will be able to use a commercial hand-held 3D printer with a
commercial hand-held laser scanner to generate a key by scanning the lock.

That's just the beginning of tomorrow's threat model.

EDIT: Added a missing word above, and the following thought....

We assess attackers based on motivation and resourcefulness: a motivated,
resourceful attacker is always a worry. The key duplication threat used to
require a motivated attacker capable to acquiring resources, e.g., the
prisoner, who would duplicate a key slowly and laboriously, using low-tech
tools. This is a very motivated attacker.

Existing and emerging technologies make the resources widely available and
lower the motivation bar dramatically. The key duplication scenario will soon
be populated by the equivalent of script kiddies who will perform the threat
just because they can, just because it's that easy.

That's the point of the article. That's the threat model we face going
forward.

~~~
x1798DE
It is very _very_ unlikely that you'll be able to duplicate keys using any
kind of laser scanning technology, that's just not how they work. You could
probably get the appropriate shape of the keyway, but you wouldn't be able to
decode the lock without being able to image through metal, which is simply not
going to be a technology built into phones any time soon.

I still find it an unlikely threat model, but I would admit that in the
unlikely event that a technology allowing you to enter a door just by scanning
it and printing up a key were invented and integrated into mobile phones or
something else people are carrying around _anyway_ , then that might actually
overtake "crowbar"/"breaking the window" as the lowest-cost lowest-risk way of
breaking into someone's home. And even then, probably it wouldn't affect all
that many people. Plus you'd just have to modify lock technology slightly to
fix the problem.

~~~
PeterWhittaker
You got me wondering about other ways to scan, such as sonically. I'll bet
that right now any kind of sonic scan would be crude and rough - but how long
before signal processing can be cleaned up to make it good enough to
guesstimate the lengths of the pin segments?

Especially if the scan included analyzing against known lock types? This is
the sort of problem for which the Internet is ideal: An optical scan to narrow
down lock makers and models, load custom signal processing configurations for
those likely locks, perform a sonic scan of the lock and collect reflections,
distortions, etc., and use the custom config to ease the decoding: Wah-la! A
picture of the inside of the lock, with pin segment lengths.

Then print 5-10 likely keys on the spot.

Picking a lock requires a suspicious body posture and special tools.

Scanning a lock this way just requires you be close enough to the door.
Checking your messages? Patting your pockets to make sure you have everything?
Leaning your bag against the door on your knee to make sure you have
everything? Many plausible scenarios for staying close enough long enough, and
the tools are COTS, common.

Or maybe I "deliver" a "package" to your door, lean it against the door (UPS
and others do this all the time), and the top of the package contains the
scanning tools. I come back later (seconds, minutes?) after realizing I've
made a mistake and take the package back.

The more I think about it, the more I cannot help but wonder if the physical
lock of the future will not need a proof-of-authorization mechanism to vet the
keyholder - at which point we eliminate the keyhole entirely and move to
direct identification of authorized entrants.

And then of course watch for 0-day vulnerabilities in THAT technology.

