Review: Practical Lock Picking

Practical Lock Picking

Deviant Ollam. Published by Syngress (ISBN: 978-1-59749-611-7). Price: $34.95, 230pgs, paperback.

Picking locks and hacking have gone hand-in-hand right from the earliest days. Back in those heady years at MIT, when the term ‘hacking’ carried only positive connotations, lock picking was seen as part and parcel of the inquisitive nature that drove hackers.

Today, lock picking presentations and demonstrations are a common feature of hacker conferences, such as Defcon and ShmooCon. Indeed, one of the more popular presenters at such events is the author of this book, Deviant Ollam.

There are numerous lock picking books around. What’s interesting about this one is that it’s from a publisher - Syngress - that specialises in computer books. The clue to the reason for this is in the subtitle: “A physical penetration tester’s training guide”. Ollam’s assertion is that this book is needed because penetration testing is on the rise (true) and that customers for these services are increasingly demanding full-on tests that include testing of the physical security of their premises.

Hmm. I’m a bit less convinced of that. What I hear from pen-testers is that firms say they want a full test but really only want a vulnerability scan so they can tick their compliance boxes.

But let’s not quibble, because the truth is that it’s a damn good excuse for publishing a fine book on a subject dear to the heart of real hackers.

Why you want to pick locks is up to you. Hackers do it because they don’t like barriers. Ollam’s assumption is that you have no evil intent, and so he (thankfully) wastes little time on ethics lectures, other than explaining the lock picker’s credo that you should desist from picking locks you do not own, or on which you rely.

The bulk of the book focuses on pin tumbler locks, for the very good reason that these represent about 90% of the locks you’re likely to want to pick. Wafer locks are dealt with too, although when it comes to technique Ollam is understandably at a loss here. The most common way of dealing with these is the technique of raking, which is easy to do and hard to describe.

Tubular, cruciform and dimple locks are all covered fairly briefly, although this is fair enough. The principles of how these locks are picked are the same as for standard pin tumbler versions. There’s no coverage of lever locks, however. I wonder if this displays a slight US bias - something Ollam is generally at great pains to avoid through most of the book. There’s also only the most fundamental nod to automative locks. Ollam mentions that jiggler keys are a popular tool for picking double-sided wafer locks used for car ignitions. I don’t know if that’s another bit of US bias, but certainly most recent European cars come with more complex locks.

The real strength of this publication is in its illustrations. The numerous diagrams and photographs make both the principles and techniques crystal clear. In fact, Ollam is so good at explaining the subject that you’ll keep wanting to put the book down - to go and pick a lock. I was only about half-way through chapter one by the time I’d raked open our office filing cabinets.

The book also comes with a DVD with animated versions of the illustrations and a number of entertaining videos, some of them featuring Ollam at conferences.

Because this book is focused on lock picking (and not locksmithing), and because it is intended to be a practical guide for pen-testers, there’s no waste or padding here. Ollam provides just the background information you need to understand how locks work, what you need to do, why it’s sometimes easy (because lock manufacturers need to make their products mass-producable and attractively priced) and why it’s sometimes difficult (because they have invented some cunning countermeasures).

So, buy some tools off the Internet (it’s scarily easy) and by the time you’ve finished this book you will be popping open locks all over the place. Of course, this is just a beginning. There are tougher and more complex locks out there and a great deal more to learn both about lock technology and ways to deafeat it. This is very much a beginner’s book. But as such, it’s hard to beat.

Practical Lock Picking is available from Amazon.co.uk and Amazon.com.

UPDATE (06/10/2011): Deviant Ollam tells me that he didn’t cover lever locks because they’re something of an advanced topic, which makes sense. Maybe they could be the subject of his next book!

Tags: lock picking book review