 The best kind of doors are the doors you have to explain. Welcome, welcome to another episode of Unhinged where door hardware nerds get together and we knock and slam on different doorfills. We learn, we laugh and sometimes we even cry, but we laugh to keep ourselves from crying because some of these doorfills are atrocious. Is that even a word now, atrocious? Today we do have a very special guest, Bryce Self. Welcome to the channel, welcome to the show. We're excited to have you on here and share your unique insight. Why don't you hop on and say hello, tell us a little bit about yourself and how you got into the industry. Thanks for having me. I don't know why you guys decided to have me on. Number one, after Gary, who's just got a ton of knowledge and just been doing this for quite some time, so following him up is gonna be very difficult. And then also is like my claim in how I get into a lot of buildings is actually not through door hardware. And I probably don't even know 50% of the terminology of like door hardware to begin with. I do a lot of social engineering. Like I love the people stuff. My dad was a sales guy, he's always been a sales guy. And I just kind of got that from him and selling somebody on something. And then you go into the military and you learn some cool stuff and kind of how to manipulate and deceive people. And then you kind of fine tune it there. So I just kind of went in that direction. But yeah, I'm glad to be here. So yeah, I'm Bryce Self. So I started a company called Fortified Solutions where I do basically physical penetration testing and wireless penetration testing. Basically I physically break into people's buildings whether it's through social engineering methods, lock picking, stealing people's badges, cloning badges, what have you. And then also hacking people's wireless access points to basically find all the vulnerabilities I can and then advise them on how they can fix those. I got asked a question I think on another podcast was like, hey, how did you get into this? Like were you kind of a nefarious kid? And I was like, no, I don't think so. And then I was like kind of thinking about it. I was like, yeah, man, I actually broke into a lot of places and I'm not trying to like self incriminate but you know, you're just kids, right? I mean, you get into like the public school, the public pool and all this other stuff. And you know, I'd always like to play in the woods and you know, play army man and all that stuff. So I think a lot of this like being outside, you know, talking to people, getting into places, I think it really came from that. But like I said, I joined the Navy over a decade ago and I ended up joining their computer hacker pipeline, I guess. So I didn't know what a CPU was. So I went the cyber route and they were like, oh man, it's this really cool job and you'll get paid and you'll get ranked quicker. And I was like, cool, sign me up. I wanna get out the house. I was actually waiting tables at the time going to community college, couldn't afford the book but I could afford the class. And then obviously they're like, hey, homework on page 70 and I didn't have a page 70. So I ended up dropping out. And so I was like, all right, I gotta do something. So I joined the Navy and did that. I wanted to be a Navy CO man. I wanted to be American and do all that cool stuff. And I did get to do some really cool stuff. A lot of stuff what they do as well, like training and whatnot, but I got turned down cause my eyesight was bad. So I ended up doing the cyber stuff, which was really cool and obviously how I got here. So I basically went the cyber path. I did my A school, if you will, where I just kind of learned the basics of computer network operations, attack, defense, exploitation, that kind of thing. And then you come out of that and you realize that you don't know anything at all. Especially when you go against your peers, you're like, oh, I know everything about computers. And they're like, no, you don't. And you're like, yeah, I don't. So from there, you can go a couple of different directions I guess in the pipeline. I think a lot has changed now since I've been in. So this could be old information, but basically you can go like the crazy Uber hacker route and take it much further. You can go kind of a support route and help those guys out. And then you can kind of go a unique direction and go the tactical route, if you will. And so that's kind of the direction I went in the tactical route. And that's where a lot of that, let's just say social engineering, lock manipulation, picking that kind of stuff really came in and then obviously meshing the two together with the cyber and the physical stuff. Counter surveillance, that kind of stuff really plays into the physical pentest stuff. I didn't know that's what it was at the time, if you will, until I basically got out the Navy and I hit a buddy up. It was one of my mentors in the Navy. I said, hey, can you just look at my resume? He was doing cyber stuff at the time. He was like, well, I'll actually give you a job because we need you to come down here and do some stuff. So I went private and did that for a little bit and then we had some clients asking for physical pentests and I was like, well, I know how to do all that stuff. So yeah, let's give it a whirl. And then here we are, 100% success rate and broken to federal banks and skyscrapers and downtown New York, Chicago. The one in Puerto Rico was cool. That is amazing. They should have like a movie after your story there. I hope not. There'd be a lot of disappointed people. So Bryce, I've got kind of a nerdy question to ask you. You know where the door hardware nerds, what is one of the most door hardware nerdiest things you've done? And I know you manipulate with locks or you penetrate locks. That's only a small aspect of what you actually do, but like, do you have like a story that pops to mind of like, what's the nerdiest thing you've done? So I hit this federal bank twice in two different years, both cool stories. But the first one was, I was just able to kind of sneak past the front desk. I'd say sneak past as we dressed up as employees. We hit them on a night where the local NFL team had a home game. So that way everyone either be watching at home or they would be at the game. Yeah, exactly, right? So trying to minimize the amount of people, they would probably put either the non football fan as the security person or the lowest cost resource, maybe. Or the security guy is like this on his phone, right? Like he's watching the game, right? 100%. The second time actually we did it, the front desk person was actually sleeping when we came up to him. But this first time she was pretty vigilant and came prepared though. Trying to go past her and we're just kind of talking as if it's like this emergency, we go up to the turnstiles, mind you, we don't have a badge that works. So we go through and she's like, hey, excuse me. And then I'm like, oh, sorry. And then we show her these fake badges that we made from the pictures of employee badges that we saw. And it was good enough where she sees it and she goes, oh, okay, you're good. And then we go past and set off all these alarms. She's like, no, it's fine, you're good. And I was like, okay, great. And then from there, we were able to basically pick the lock, you get off the elevator on every single floor and then you have the place where you have to badge in. So able to basically bypass those. I think I did the rec sensor, do the compressed air right to get past, maybe you're slipped a latch or something regardless. Able to get on there onto that floor. And then I say this the nerdiest thing because it's the most impactful thing for the most part that I've come across. So get onto that floor. And then I see basically this terminal, this computer for all of our non-cyber people that's sitting by itself at this desk, mind you, the rest of them are inside cubicles and everything, this one's just like right here. So I'm like, what's going on with this? Go up through it, shake the mouse. I'd noticed the password's already on the screen, on the sticky note, but you know, jiggle the mouse and it's unlocked. Mind you, this is a federal bank and it says put in your account and routing information. And then here's how much you can transfer over. And it had a ton of commas in there. And it says just transfer however much you want. So I literally could have just put in my bank information right there and just sent over millions. And then my wife's like, well, why? I don't understand, why didn't she do it? I'm like, do you really want me in jail? I don't like, she asked me all the time. She tells all of her friends, it's like, oh, he's really good at getting into places and getting access to money, but he never takes anything. I'm like, how bad do you want me out of here? She was like, you're the worst thief ever. I'd be fine, you'd be in jail, but I'd be fine. I'd be set, right? Exactly. That's some pretty nerdy things, right? I feel like there's a lot of hardware nerds that know a lot about hardware and then they get into picking locks and then under the door tool and there's the X centers and they find these little bypasses and they get into that world. And then there's social engineering which is like a whole nother level because you have to have all that knowledge and then the personality to be able to pull it off as well because like if that lady didn't trust you you wouldn't have gotten to those doors. Yeah, no, exactly. And then even then, so I talk about this a lot in my talks and training is so we call it cover for action and cover for status. This is for all my door hardware nerds that don't know anything about this stuff. So basically you have cover for action, cover for status. Your cover for status is why you are actually going to the place that's the overall reason you're there. So my cover for status at that time was we were employees. So obviously you have to dress like an employee. You have to carry things that an employee would carry have responses to challenges, you know, hey, who are you? Your name might have to be on a list. Does your ID match the name that you say that might be on, you know, that kind of thing, right? So you have to make sure all that's good. But then not only that is like you said is when you get to that door and then you start manipulating the hardware and you start trying to pick it or bypass it however you want to. At that time, you have to have a cover for action. You have to have a reason for the action that you're doing meaning if someone comes up to you and challenges you and say, hey, you're an employee but you're messing with the store, what's going on? You either have to think about it really quick or think about it beforehand. So yeah, it's always fun. For sure. Well, Bryce, it's a pleasure to have you on the show. I'm excited to get your insight on these next three doorfills and loved hearing a little bit more about your story and some of the nerdiest things you've done. That's great. Mia, do you wanna hop on and say hello? I think you've got the say hi, right? Yeah, hello. Welcome to another episode. It's been so long since we filmed one of these. I think like September was the last time we actually filmed because we were so far ahead in filming. Benji and I haven't been hanging out that much virtually. So yeah, welcome to today. Bryce, we're excited. I love it, me too. So for those who don't know how Unhinge works, I will share my screen with a door hardware fail. We will knock and slam, we'll react, we'll throw out any helpful tips to it and then we'll give it a knocking score. One being it's not too knocking bad, but I get why it's a door fail. 10 being pretty knocking bad, like this needs to be addressed. Let's get someone in there to take care of it. Whether it's security, accessibility, life safety, there's a lot that has to do with door hardware. But because we've got Bryce on here, I specifically tailored these doorfills towards more like if I was looking at it from a pen testing side of the industry. So hopefully we'll have some fun and we'll go from there. Any questions? You ready, Bryce? As ready as I'll ever be, okay? It looks open already. And then I see the sign obviously, it says don't keep it propped open. Oh yeah, I see it down there. Yep, it's propped open. Perfect, love it. You can see the sunlight coming through. Yeah, I guess on my end, I saw the light on the bottom, right? And but then as you kind of go to the right, it kind of looks like it's the rest of the frame, if that makes sense. Like it kind of blends in with the rest of the frame. So it almost looked like someone kicked in the bottom part. I've come across a couple of these. That makes your job real easy, right? Very easy. It's actually the funniest thing is like when I'm training new guys, is I'll come over to them and sometimes we'll spread out. They'll go to a door, you know, go to the door or whatever. And I'll say, hey man, how's it going over there? It's like, dude, I just can't get it. And I'll go over there and I'll be like, well, did you check to see if it was open? And they're like, what? And I just open the door and they're like, oh my gosh. I'm like, all right, you know, it's like always just checked to make sure it's open. So yeah, with these, it makes it super easy. Yeah, I mean, if I was trying to break into a place, like one of the first doors I would look to is one of the back doors, like, you know, where maybe there's a person that smokes and they leave the door propped open or usually there's a big rock or something out there that they use to like, so they can get back in. If you hang out there long enough, you're going to find an opportunity to get into the building, at least in life. Yeah, no, you bring up a great point. So like, I will attack smokers. So, you know, again, back to cover for action, cover for status. Don't try to pose as a smoker if you've never smoked. Because, you know, smokers can tell, right? They can tell when you're a brand new smoker or, you know, whatever. So, yeah, you're absolutely right. So, you know, trying to go there, trying to kind of tailgate in with the smoker, smokers will prop it open and, you know, a way that they aren't supposed to, you know, you ask the company is like, hey, are they supposed to go out this back door? It's like, no, they're actually not supposed to, but they end up doing it and we can't, you know, all that stuff. But, you know, hey, it makes my job easier. One thing I will do in something, I guess the hardware nerds should look out for is I have strong magnets that are circular with the hole through it, right, like a washer. And so I'd take a couple of those and I can't remember who I got this from. I think it was my buddy Matt at 7X. Anyway, so you take a gear tie, one of the flexible ones, right? They're kind of longer and you feed it through that stack of magnets and then you basically twist that up so you can have it on your backpack really easily accessible. And when you're going by like that smoker door in the back, if it's a metal frame, you can just stick that magnet to there. And so the gear ties will be hanging over the top of the door. And basically whenever someone opens the door at that point, whenever it closes, that gear tie is going to get in the way of it. So it's a very quick and easy way. You can just pass it real quick, slap it up there, keep moving. And then whenever someone leaves, that thing will be propped open. You just wait kind of close to be able to slip back in. So it's my own little special prop. I know people use pencils a lot. Maybe even Gary brought up the pencil thing, so. Yeah, I never thought about using a strong magnet and a gear tie, but that makes a lot of sense. It's just kind of dynamic and it'll allow the door to open and then whenever it tries to close, it catches it. So, yeah. If you look a little closer, it looks like there's an electric strike in here as well, which I know is a love-hate relationship with people because if a door is not adjusted perfectly and installed just right, if it doesn't have the right faceplate on it, right, then it's so simple to slip that auxiliary latch, right, that dead latch into the strike and then you can use your little tool that you invented to open up the door, right? Like it's so simple to anyone with a screwdriver or credit card could potentially open up your door in that case. There's also that. I got in trouble one time at a different federal bank. Got into their server room through that method. I basically slipped past it and then they said I broke their door, which I didn't. I just slipped it and they just had to reset it. But a lot of times with those doors, I will check for dead latch to see if it is actuated or not. And then it's a quick way to just basically tell us, like, oh, okay, I can't get in that way, really quick triage, I guess. But one thing to mention is like you said, it's like, I'll tell this with the newer guys is if you kind of shake that door, sometimes it can screw you up, but obviously look at it first, but you can maybe shake that door, push it or pull it to get it seated all the way through. So then that way you can slip it, because maybe it is seated, right? But you just need that little push to get it back to where it was. I can't remember. I feel like I pulled it one time and then it actuated it. And then I was like, oh no, and I screwed myself out of getting into that door. Like you were buying the first time, but then you? Yeah, you get into a building and you start looking for doors like this. And then obviously, trying to make sure people don't see you. And if they do see you, and what are you going to say? And every single action that you take, every single door got to have a reason. So especially if you don't do this enough, you start getting tunnel vision where you just start focusing on the one thing. Oh, I got to get into this one door. I got to pick this like whatever it is. And then, yeah, sometimes you'll end up kind of screwing yourself. So don't get tunnel vision. But in this case, you wouldn't need any of that because it's propped open, right? Yeah, I would just kick it right open. Real confident. Just to boot right through. No, I would. Yeah, I would definitely, definitely go on this. Especially if he says, don't keep it propped open. This is a door that piques my interest. I think I told a client one time, I know you said obscurity is not security, but I think I told a client one time because they had their rooms, it was like server room one or two or whatever. I was like, hey, just change it. Like just change it, like make it something like water closet or something. I don't know. Just like make it something. Cause it was like server room three. And I was like, oh, okay. Yeah. I'll just take it off. You know, I don't know. You're basically just putting a big target on that door, right? Yeah, take this sign off. Make sure no one props open doors. Like make it a policy, reward people for if something's propped open, reward people for taking the prop out. You know, anything, anything to incentivize people. I should start a collection of the number of wedges that I've stolen over the years. Or just like, I see a fire door propped open and I'll just punt that wedge, like as far as I can. Like good luck finding it, right? Yeah, you just have a wall of props. That would be great. We'll call it the wall of shame. Yeah, there's something there. Okay. Mia, what do you think about this? Or what are your thoughts? Yeah. I mean, if we're going to look at it in the traditional sense, nothing's really wrong here, right? But that's not, if we're looking at it from a attack sense, then obviously this is an ongoing problem that they have because there's a sign on the door. Like they need to find another solution for this. It can't be tied into a sophisticated EAC because otherwise they would be getting a door prop alarm or they're ignoring it, which is like a whole other problem. From a traditional like hardware installation, everything looks fine, but something's wrong with the security system that they have going on. Yeah. I feel like this is more of like a training opportunity or whoever keeps on propping the store. Someone needs to really talk to them about that. Yeah. Check the cameras. Okay, so knocking score. I don't know if this is breaking any life safety codes or anything like that, but what do you think, Bryce? If you're going to give this a knocking score on security. And Tim being the worst, right? Yeah. I'm very analytical when it comes to this stuff. Traditionally, someone would be like, oh, it's a tin because it's already open and you can just push it open. And I get that. But let's say it wasn't propped open, right? So, you know, I think in the sense that it's open, sure, let's go tin. But then if it wasn't open, that's where I kind of like would back it down. Maybe an eight or a seven just depending, because I don't know if an under the door tool would work on this one because it looks pretty tight at least on the other side. So maybe you can't get anything through, but maybe you can, right? So that would obviously increase that score. And then like you said, with the dead latch being able to slip that. So I'm going to give it a strong eight. That's a good number. I just want to make sure I want to make sure I'm tuned in right. And I would agree with you, like obviously a propped open door is defeating all security with it, right? So like in a sense that that's a 10 right there. But the fact that if we took that out of the picture, I'm with you like they have actually have weather stripping on the bottom, which helps prevent attacks from underneath. Obviously, there's other ways to attack this door with the electric strike. But I mean, it's an exterior door with an electric strike that's exposed. I still think there's some vulnerabilities there. So I'm with you. I'll give it an eight as well. Do I feel like being controversial today or not? We don't know what's in this building, right? So like when Gary was on and we saw that there was a wedding venue with a key in the door, they're probably not going to get state secrets at a wedding venue. So we don't like, we don't know what we're protecting here, but it really is a catastrophic failure of their building security. Easy to correct, but as it stands, it's a 10. Yeah, yeah. Even, you know, physical pin testers, I'm sure you guys probably write reports as far as how severe things are and what needs to be fixed. And that's, you know, how we do it is everyone's a little bit different, but as long as it gets the point across to get someone's, you know, feelers up and say, hey, all right, this is an issue. We need to fix it. Okay, so eight, eight and 10. Pretty knocking bad. Pretty knocking bad. Pretty knocking bad. Thank you for sticking with us for another episode of Unhinged. Our doors are always open, partially because they're unhinged.