Editor-in-Chief’s Note: Please join us in welcoming back former Navy SEAL and current Director of Training at Center Mass Group, Chris Sajnog as a contributor on ITS Tactical.
As a retired Navy SEAL and Director of Training at Center Mass Group, I’ve been around firearms for most of my life. During that time I’ve seen lots of “new” shooting techniques come and go; some good and some not so good. One thing that’s never changed, is what it takes to be a great gunfighter, hands on training.
First off, this isn’t a post about what the cause of the explosions were yesterday that rocked Boston, or a “here’s what should have happened” armchair quarterback analysis. I wasn’t there and neither were the majority of the people that will read this.
What I can say is that if I were running the Boston Marathon, I would not have been prepared, regardless. I’ve run a marathon before and I didn’t carry anything other than some energy gel packets. This is exactly why I personally carry both a Pocket Trauma Kit and a firearm though. It’s not for me, it’s for you.
That’s how I feel about daily carry items. If everyone had this same perspective, of looking out for your fellow Americans and hoping you’ll be there when they need you, the world would be a better place. Continue reading
There are numerous reports of explosions at the finish line of the Boston Marathon. We aren’t speculating on what is going on but our thoughts and prayers go out to those affected.
If you are in Boston, keep an eye on each other and stay safe. Here’s what you can do to help:
Photo credit Dan Lampariello
You may have read Bryan’s latest article on smoke detectors and recently replaced yours, but do you have a plan for what to do when they go off? Smoke detectors may work in different ways, but their primary goal is to alert those nearby that something has changed in the air, be it gas, smoke or carbon dioxide.
It’s important to know the difference in the sound of your smoke detectors, due to the fact that it changes how a person needs to react to save themselves and their family.
This may sound like a silly question, but it’s important that we all get on the same page. Smoke is the hot unburned gases that are visible to the naked eye. This is what sets off the alarm and can cause you to frantically fan the unit when you burn something on the stove. The problem isn’t necessarily the smoke, but the number of other undetectable elements that are released when a fire breaks out.
Smoke and most other bad gasses, will first rise in a fire and then bank back down off the ceiling. This is why being close to the floor is best. Because the smoke will rise, the air closest to the floor will be safer and you’ll have a greater chance to escape. Smoke inhalation is actually the leading cause of death in most home fires.
In addition to producing smoke, fire can incapacitate or kill by reducing oxygen levels, either by consuming the oxygen, or by displacing it with other gases. Heat is also a respiratory hazard, as superheated gases burn the respiratory tract. When the air is hot enough, one breath can kill.
Now that you know the true definition of what smoke is and how it acts, what should you do when you hear the smoke detector go off?
These photos are meant to illustrate that even though the fire lasted for only 15 minutes, there is a clear line where the smoke was and where it wasn’t throughout various parts of the home.
If you’re sleeping and the alarm goes off, DO NOT SIT UP IN BED. Roll to the floor first, before getting your bearings and assessing the situation. The reason you wouldn’t want to sit up in bed, is that you could be lifting your head right into smoke and hot gases. Most people found dead in house fires are found in bed because they’ve sat up, inhaled a big dose of bad air and died.
Once you’re on the floor, where you go depends on the condition of the room you’re in. Is it really hot and full of smoke? If so, find the closest exit and get out. The term “exit” means any way possible of getting your body outside of the home as rapidly as possible. If your door is closed, remember to feel the doorknob with the back of your hand. If it’s warm or hot, find another way out.
Lets say it’s not just you in the home, but your family is there too. Again, focus on the conditions in the room you start off in. If they’re bad, get out now and work from the outside in to help your family. If conditions are clear, stay as low as possible and move to the rooms they’re in and then to the closest exit immediately.
Advocating the closest exit is due to the fact that people are creatures of habit. If the family always goes in and out of the front door then that’s where they’ll try and go, but this obviously isn’t always the best way. Whether the closest exit is through a bathroom window or down and out through the basement, keep an eye out for the best option.
The Fire Department looks at windows as doors and that they can be used to enter and exit a building in roughly the same manner. This being said, you may get cut trying to use a window, or break a bone jumping from a second story window, but cuts and breaks are much easier to fix then lungs exposed to hot gases or burns to the body.
In the event a family member is trapped inside and the rest of you are safely outside, this is the first thing that Firefighters need to know when showing up to the scene. Things to tell them would be the family member’s name, age, sex and what room they may possibly be in. This information can help reduce the search time to find loved ones.
Having a solid escape plan can help with nearly every situation described above and even with the aftermath of recovering from a tragedy. Taking the time to sit down with your family and discuss what to do when the alarms go off, as well as primary and secondary exits, is a very import conversation to have.
Prompt your kids to get creative and draw out a map that they hang in their room. They’ll pass it everyday and hopefully see it from time to time. Quiz your family at dinner and ensure everyone is on the same page with what to do in the event of a fire.
Along with the basic items we use on a daily basis, such as a driver’s license, credit card/s, car keys and cell phone, there are also other items that will be especially important after a house fire. These include copies of your Homeowner’s/Renter’s Insurance Policy, Birth Certificates, titles or deeds, computer backups, spare clothing, etc.
These are all items that can be copied and/or stored somewhere other than your home so they’re available if needed. If you store these items in a fire-proof safe, keep in mind that most safes are only designed to be in a heated environment for so long. When the Firefighters arrive, you can inform them of the safe location or items you need saved, which will help them help you.
Some simple items can be stored in a shed, neighbor’s house or with a family member that lives nearby. These would be things such as a change of clothes for everyone in the family (remember to keep sizes up to date), important phone numbers, backup ID, credit cards and any daily prescriptions that a family member requires.
Each family’s list will be different, as well as what and how much will be stored. In the short time it takes for a house to burn everything inside, a little prior planning can mean all the difference in starting over.
Editor-in-Chief’s Note: Please join us in welcoming PJ Packard as a contributor on ITS Tactical. PJ is a Florida Firefighter, Paramedic and TSAR. He’s been involved in emergency services for over 10 years and loves hunting and the outdoors. We’re also proud to have him as a Life Member at ITS!
You may be asking yourself why someone would want to fold the stock to the side on an AR-15, which is a reasonable question and one I asked myself. Before SHOT Show this year, I’d never seen a product that could take a standard AR fixed stock (adjustable or not) and allow it to fold to the side.
I had the opportunity to meet up with the guys from Law Tactical at SHOT, where they were able to tell me a little bit about the Law Tactical Folding Stock Adapter. The first thing I thought was that you’re not going to be able to fire the gun with the stock folded, knowing full well the AR’s order of operations.
Removing the buffer, action spring and receiver extension by folding the stock to the side, won’t allow the firearm to cycle properly. While optimistic of the adapter’s role on the AR, I also saw the immediate advantage to facilitate more options for storage and concealment. Continue reading
The ability to speak a second language is becoming an increasingly important skill-set. There are many ways to learn a language, from the not-so-good (software-based), to the best (immersion). This article should be used as a starting point to develop your skills in the Spanish language, but should not be your only resource. Interaction with native speakers, television, movies, radio shows and constant practice, should all be part of the learning process.
I don’t have a degree in Spanish or teaching, but I served as a Spanish Instructor at the U.S. Border Patrol Academy for four years and I’ll share with you the methods I learned and practiced at the time. My job as an Instructor was to prepare agents so they could conduct field interviews and interrogations in Spanish. Based on my experience over the past sixteen years, I believe adults are just as capable of leaning a new language as kids, but unlike adults, kids don’t worry about making mistakes or the perception of ridicule.
In this first lesson, which I call The Holy Grail, we’ll focus on pronunciation, which relies heavily on proper pronunciation of the vowels in Spanish. I’ve met people with many years of Spanish education who still can’t nail down the vowels. Practice the sounds and you’ll be able to properly pronounce any Spanish word.
Good news: Unlike English, the sound of the vowels in Spanish never changes; ever. It doesn’t matter where they fall in a word.
The Y (yeh), while not technically a vowel, can be used as a vowel, and sounds like the Spanish I. When used as a consonant it sounds like the y in “yes”.
The Spanish alphabet includes the Ñ, which sounds like the ny in “canyon”. The letters C and H are used together in Spanish much like the Ch in “chug”.
There are also two letters in Spanish that double up to give them a different sound:
Diphthongs are a combination of vowels in one syllable. The strong vowels are A, E, and O, while I and U are weak vowels. Diphthongs are formed by a strong vowel followed by a weak vowel, a weak vowel followed by a strong vowel, or two weak vowels.
The principles of dividing words into syllables are:
Words ending in a vowel or “N” or “S” receive the stress of the voice regularly on the next to last syllable.
Examples:
Words ending in a consonant other than “N” or “S” receive the stress of the voice regularly on the last syllable.
Examples:
Words stressed contrary to the aforementioned rules bear the written accent over the vowel of the syllable to be stressed.
Examples:
Certain words bear the written accent to distinguish them from other words spelled similarly and pronounced similarly, but having an entirely different meaning.
Examples:
The written accent is used to distinguish the exclamatory or interrogatory from the relative use of pronouns and adverbs.
Examples:
The written accent over a weak vowel breaks up a strong/weak or weak/strong diphthong and results in two separate syllables.
Punctuation is the same in both English and Spanish with the following exceptions:
The following abbreviations are capitalized.
The next article will focus on parts of speech, adjectives, conjunctions and interjections, before moving to the Spanish sentence. Now go watch some Mexican soap operas (the visuals help), question your Spanish-speaking friends and start practicing. The best way to learn a new language is to dive into it until it becomes an effective tool in your tool bag.
¡Hasta luego!
Editor-in-Chief’s Note: You can also check out the Border Book in the ITS Store, if you’re interested in a field guide that focuses on the Spanish you’ll need to know to protect yourself and teaches English speakers to clearly communicate with uneducated or educated Spanish speakers.
In the video below, we show you a torture test performed on the Princeton Tec Charge MPLS Helmet Light. Check out the results for yourself!
Ask yourself this question “If a major catastrophe happened tomorrow, would I be ready?” I know in all honesty my answer would have to be no, which is a very scary scenario for me.
I do my best to budget, plan and to continue to fill my supply closet with food and water, but we all know in our current economic state that it’s becoming increasingly difficult to find the funds to build up our supplies for “The End of the World as We Know It,” or whatever term you’d like to use.
I’m sure there are many people out there who are like me, doing their best to build up their supplies so their family will be safe, but feel they’re not where they need to be to survive. What can we do to remedy this? I don’t want to go into debt so that I can have a fully stocked supply closet. I’ve personally put a lot of thought into this very situation. “What would I do if things went bad tomorrow?” “How long could I last on what I have?” “What would I do if I started to run out before things got better?” These are some of the questions I have spent countless hours thinking about. Continue reading
This is the final article of the Inside Red Team Operations series, which is a walk through the Red Team process of planning, preparing and executing a security vulnerability assessment and penetration test; bad-guys style.
Part 1 examined the elements and techniques necessary for planning the operation while Part 2 showed how information gathered during recon is used to implement the plan. This article uses the previous elements to show how the plan comes together.
Alright, we are ready. If you remember from the previous post, we were setting up a fake bird watching conference and expo. We bought the domain and built a basic website that provides information about the “expo.” We also have a C2 (command and control) server ready to receive any transmissions that our backdoors might send if we can install it on the target’s network. Now we just need a viable exploit.
Digging through all of the data we collected during our recon was a slow process, but it enabled us to discover several instances where IT personnel asked about specific versions of Windows, IIS and other applications. It’s a good start, but not enough. It’s time to start putting our social engineering skill to the test. We need to know what kind of operating system (OS) the Vice President or at least the majority of the users run so we can choose the perfect exploit.
I prefer redundancy so I’ll try an email approach and a direct approach via the phone.
First we craft our initial email to the VP of Marketing describing the conference and why we would like him to attend as a keynote speaker. We need to make this as convincing and official sounding as possible. Since we bought the domain for the conference we can create a convincing email address with a @conferencename.com in it. In the email we also point to “more information” on our website and we add snippets of comments from other “famous” bird watchers stating why the conference would be a success.
Before sending off this initial email, we need to write in a little bit of “code magic” to our website. It’s possible to retrieve the OS information through a code running in JavaScript. This code will be executed at the client side; the web browser running on the VP of Marketing computer or at least by his assistant. The code will then pass the information to another piece of code that is hidden from the user.
Now, the page we point to on the link is just a white page. There’s nothing on it other than a hidden use of the JavaScript code. Why? We are making sure that when we call and ask if they checked the website for more info, they would answer that the page was blank. We can then sound confused and ask what browser and OS are they running so we can “fix the page”… It’s all intentional.
Once all of this is ready, we can then send the email and one of two things will happen next:
1.) The VP or his assistant will open the email and go to the website. In this case we should have the OS and the browser information they used logged on our data dump.
or
2.) They don’t care and they will simply delete the email.
If the first scenario happens, we are good to go and we can choose to verify by calling them as a “follow up” to the email. This is optional, but I like to do it. Like I said, redundancy. If the second scenario happens, then we have no choice but to call them. In this case we need to be very careful as to not spook them. We want to sound friendly and convince them that this conference is going to be great and that it would be a privilege to have the VP as a keynote speaker.
So, the assistant opened the email and browsed to our website. We discover that she is running an old version of Windows XP without the latest service packs. It doesn’t surprise me. Now we can call and introduce ourselves. Another team member in the meantime is preparing the backdoor we want to install and the “weaponized” PDF that will make this happen. We call and of course she mentions that the webpage is blank. We can ask her what OS she is running and what browser is she using and tell her right there to try again. Of course we uploaded the actual page now so she can see it.
If we are lucky and she is friendly (shows interest) we can point her to the PDF we want the VP to read. This PDF “has useful information for the keynote speakers”. The PDF is a specially crafted document that will attempt to exploit one of two vulnerabilities found in the version of Internet Explorer that the assistant is running. Once this is exploited, the code will attempt to download the actual backdoor from our C2 server.
We can learn two things here: if the backdoor is downloaded successfully we then know that we can connect to the C2 server without any problems and that the security software on that computer didn’t detect us.
Of course, if the backdoor wasn’t successfully downloaded, it could be due to several reasons. The main two being that the exploit didn’t work or we were blocked and couldn’t connect to the C2 server.
Up to this point we were not sure whether we would need a physical penetration of the target. So, I’m going to divide the post in two now: what would happen if the backdoor was installed and what would happened if a physical entry is needed.
The weaponized PDF worked and now we have an initial entry into the target. We are now sitting inside the assistant’s computer. It’s tempting to start scanning for other computers connected to the same network, but we need to remember we wish to remain hidden and not be discovered. Our target is the VP of Marketing. Our focus should be him.
The backdoor we installed allows us to send other binaries that can help us recon the computer and eventually jump into the VP’s machine.
The first thing we do is install another, different, backdoor. This is done for redundancy and persistence. If the first one is discovered, we want to have another way in already in place. The second thing we do is to check the assistant’s email files. If she answered the VP’s email, she has access to his account. Maybe we don’t even need to access his computer to collect sensitive corporate information.
If we do need to jump on the VP’s computer, there are several things we can test. We can scan the network for the system names and see if we can spot this particular computer. This approach is usually noisy and can set off various alarms so it should be the last resort. If you do decide to go this way, create a very noisy piece of malware that will give IT and security something to chase after. While they are on the false trail, I’ll do a more silent scan of the actual network. Deception is key.
What I would start with is listing the shares on the Assistant’s computer. Maybe she is copying files to and from the VP’s computer. I would also check the list of past connections and the user names on her computer to see if maybe they are sharing the same computer. I could also send an email from her account to the VP’s and see if we can get the IP address from the email.
Moving inside the network is a delicate task. In our case we have a target, but what if we didn’t and we just want to find a possible target?
We are a red team, we need to think like an attacker. What are you after? Data? A specific computer or server? A specific person? Total disruption of the network? Once you know your target or what you want to achieve, make a plan. Create a diagram of what you know and what your next 4-5 moves will be. Create contingency moves for each one, you never know. It’s a useful thing to have when a good sysadmin or security guy on the other side discovered you and is trying to block you.
Modern networks, even in small to medium organizations, can have a lot of complexity and security features built in. Plan a stealthy recon and send a noisier bot somewhere else. Depending on how much time you have try to move slowly. Do not set off any alarms. Add each potentially good system you find to an overall map of the network as you know it. Record their names, IP address, OS, apps running, etc. The idea is to have as much information in front of you on the whiteboard as possible, then plan the next phase: where to go and what to extract. Plan the egress routes and the protocols you’ll use to extract the information. In our case, we can setup a good backdoor with a connection to the C2 server but sometimes extracting the information is not as easy. You should get different servers ready to receive the data (encrypted of course since it’s property of your customer). Have fallback servers as well; Mr. Murphy is always present.
Once you are done with the planning, execute. Again, stealth is key here. Unless you were specifically hired to test the reaction of the organization’s quick reaction teams, you should try to be as quiet as sign language. Move slowly and copy information in small bits. If you have a 2GB file you need to extract, partition it into smaller chunks and extract them using different protocols.
When you are done with the execution, vanish. Clean any backdoors and other tools you might have left on the network. This is done not only to avoid being detected, but if there is an actual bad guy in the network you don’t want to aid them with tools or backdoors. Do not erase logs. These are great educational tools for the security guys at the organization and they can learn forensics through them.
So, back to our target, the VP. Searching for a share or a connection didn’t return any leads. We can however send an email to the VP with the link to our website where the JavaScript code can grab his IP and other information. Using the Assistant’s email address we send him an email saying that she thinks the keynote invitation is a great opportunity and he should check out the website. This works. We now have the IP address for the VP’s computer.
By using a small port scanner (using a custom low-signature port scanner we wrote and uploaded via the backdoor) we discover that the standard Windows administrative shares are enabled. These are the classic C$, D$, ADMIN$, etc. These shares will allow you to browse the computer’s files remotely by doing a simple \\IP_ADDRESS\C$ (it’ll display the contents of the C:\ drive). In some cases these shares require login credentials, which are relatively easy to get by “sniffing” the network or grabbing them out of the domain controller (this is a subject for a whole different post…). So, we move into our target and after a quick search we find his documents. We compress them, partition the file into smaller chucks and began the slow and methodical process of data egress.
An offline analysis of the documents reveals that we now have a copy of the corporate marketing plan for the next 5 years.
Mission successful.
Sometimes a digital-only penetration is not possible. Ultimately we would still like to get those valuable documents but we can’t find a way in through the exploitation of digital vulnerabilities. This is when the physical recon we did in the early stages of the project comes in handy.
There are two types of physical penetrations: covert and overt. In a covert infil you find a way to breach the physical security of the perimeter and enter the premises without anyone knowing you were there. An overt infil, on the other hand, is one where you enter the building in plain sight, go through security and pretend to have a reason to be there. I’ll focus on the overt case because usually these are the most fun.
We first need to come up with a plausible backstory. Just as before, believability is paramount.
The company uses Software X to run its servers. X is a very expensive piece of software that requires a very specific license. It is known that big companies try to save money by acquiring one license and reusing it on more than one server (illegal). One scenario I found that often works is the guise that I am there to check their licenses. How can we do this?
Based on experience, security guards and receptionists at the main entrance of the company are often bored and tired, so a well placed call a day or two ahead of the operation will give us a good way to get in. We call and we can say something like: “Hi, my name is John Doe, I’m with Software X. We are currently performing our quarterly license test and we’ll be sending Mr. Some Name tomorrow to check yours.” Now, in some cases the security guards will transfer this call to an IT engineer or manager in charge of the servers. These people can challenge this by saying that they would talk to their Software X account representative and that’ll be the end of it. If you really did your homework you would have called Software X and asked to talk to the person in charge of this account, so you would know his name. You can tell the IT person that “Mr Account Manager Name” is up to speed and he would be calling him soon to let him know about the license check.
Most times, the security guards will eventually let the IT person know, but in a way so out there that the IT person would go something like: “OK, let me know when he is here.”
Now, I usually use a name I can back up with an ID. Either my real name so I can show them my drivers license, or one that I can have a fake license made. I also like to have an ID card with the logo of the company I’m supposedly working for, together with my name, picture and other little pieces of false info. You can find pictures of badges by searching for them online. It doesn’t have to be perfect, but it has to be good enough to make the guard believe you indeed are an employee of Software X.
This way, when we arrive in the building the next day, they are expecting us. We need to be dressed properly, suit and tie, etc. Go to the guard, give them your name and the drivers license and fake Software X ID card. Tell them you are here to check the license. Chances are you will be told to wait for the IT person to show you in. When that person arrives, introduce yourself, show them your ID card or give him a fake business card. You can mention “Mr Account Manager Name” and share that he sends his regards. Make it sound official.
If you are lucky you will be let into one of the server rooms. If you get to this point you are done. It would take little work to get to the good stuff from there.
If this first deception didn’t pan out as planned, there are other methods of overt infil you can attempt. Again, dressing up and playing the part is key. You need to arrive first thing in the morning, when everyone gets in. Try to find the smaller entrances, one that would get less attention by the security guard and just walk right in pretending to be on the phone. Hang a fake ID card on your pocket with the rear of the ID facing outwards. If someone is looking at you, they will see a badge and most likely won’t bother you (since you are also “on the phone”).
Once inside, you need to do a little recon and find those servers. Depending on what intel you gathered from your initial recon, you may actually have a pretty good idea of the servers location.
At this point I like to talk to the cleaning people if I can find them. I become very friendly with them, speaking in their own language if I can, talking about sports or other things you might notice on their cleaning carts, clothing (logo hat, uniform or t-shirt, etc) and other stuff. Once you have that conversation going, you could steer it towards something you want to know, like: “Wow, this is a huge building. How do you manage to take care of it by yourself?” He would reply: “Oh there’s a whole group of us that clean here.” Then you can go: “I bet they have the biggest computer rooms!” He at this point is your friend and chances are he would answer something like”: “Yeah, the room on the 3rd floor has 200 computers! It takes the whole floor.” Bingo, you have the info you were looking for.
It’s not always that easy, but you get the idea.
Physical penetration can be dangerous, especially on companies where the guards are authorized to use lethal force to stop an intruder. I’ve been there and have almost gotten shot a few times.
Anyway, this is in my opinion the most fun part of the project, however it should be your last resort. Training often and hard is the key. Go out and play safely.
Editor-in-Chief’s Note: U. Fridman is a senior information security consultant that specializes in detection of information security threats and response to security incidents. His background includes extensive experience in red team activities and management, information warfare, counter cyber-terrorism, industrial espionage, forensics analysis and other security services.
One of my personal goals for 2012 was to learn tubular lock picking and become proficient enough to share my knowledge with everyone here on ITS Tactical. It took me a few more months than I would have liked, but today I’ll be walking you through how to pick tubular locks.
Tubular locks are commonly found on small gun safes, vending machines, computer locks, etc. In fact, what prompted me to get into tubular lock picking, other than for Locksport purposes, was when my son lost his key to a small handgun safe he was using for his Airsoft pistol.
Commonly thought to be more secure and more resistant to picking than standard pin and tumbler locks, I’ve found that with the help of a tubular lock pick, they’re much easier and faster to pick.
If you’re familiar with past discussions we’ve had on ITS, you’ll hopefully know what I mean when I refer to pin and tumbler locks, the kind you commonly find on your front door. Tubular locks are very similar to pin and tumbler locks and are actually a tubular pin-tumbler lock. Also known as Ace locks, axial pin-tumbler locks and radial locks.
All the features of a standard pin-tumbler lock are still there, just configured in a circular pattern rather than inline as standard pin-tumbler lock is. In fact, while the purpose of this post is to explain tubular lock picks, specifically built for picking tubular locks, they can also be picked with common single-pin picking. Only with a lot more effort.
As you’ll notice in the photo of the tubular lock pick trainer above, you have the spring, key pins (red) and driver pins (gold). This is also represented in the diagrams below as (red) key pins and (blue) driver pins.
Each complete pin stack is pushed with help from it’s spring towards the front of the lock. This binds the shear line and prevents the plug from turning (colored yellow in the diagrams.) The difference with a tubular key and a standard key is that instead of the cuts of a key, a tubular key has half-cylinder indentations with map to the height of the pin stack. It also means that duplicating a tubular key requires different machinery.
The top center of the interior of a tubular key features a raised protrusion that aligns the key in it’s proper configuration to map to each pin-tumbler stack. When the key is inserted, those mapped heights align, causing the shear line to separate and allow the plug to turn from the outer shell (green in the diagram below.)
Standard configurations for tubular lock picks are 7 pin, 8 pin and the less common 10 pin. Some tubular locks are even six pins and while I haven’t personally tried it, the 7 pin tubular lock pick should work on the 6 pin lock. I suspect this is the case, as I’ve used an 8 pin tubular lock pick to pick “some” 7 pin tubular locks.
The parts of a tubular lock pick include independent needles that correspond with each independent pin stack. These needles are held under tension with the use of the rotating collar.
Below the needles, but before the handle, there’s a washer that facilitates resetting the tubular lock pick. This brings us to the first step in using a tubular lock pick.
Now comes the amazing part. With the collar tightened down, you now hold a key in your hand that will open the tubular lock over and over again. With a tubular lock decoder you can actually measure the height of each pin as is corresponds in a clockwise pattern around the tubular lock pick. With that “code” you can have a locksmith create a duplicate key. That, or you can take your now decrypted tubular lock pick to a locksmith and have them reproduce a key.
It’s actually scary how easy it is to not only open tubular locks, but to continue to open them over and over again. To me, these are less secure than household pin and tumbler locks, due to the ease of creating a new key. There are of course ways of impressioning a key blank on a standard pin-tumbler lock, but take much more effort than the tubular lock pick does.
There’s even more to tubular locks that I’ll save for a future discussion, but if you’re interested in jumping ahead, google how to pick a tubular lock with a ballpoint pen.
As always, our goal with providing locking picking information is to continually break down the illusion of security you may depend on to keep your family and personal effects safe. Through gaining more knowledge of this skill-set, you can make more informed decisions when it comes to protecting your valuables.
Remember, locks and security in general is only to buy you time. They’re there to keep honest people honest.
Shop the ITS Store for exclusive merchandise, equipment and hard to find tactical gear.
