 All right, we've got here, security.org, and it's about insecurity engineering. Let's give them a big hand. Thank you. It's good to be here again for year number six. This is Matt Fiddler, Tobias Bluse-Manus, for you that don't know us. We're going to talk today about locks and insecurity and some real problems. In years past, we've talked about high security locks as opposed to conventional consumer level cylinders. So this year, we thought we'd take a broad cross section of different kinds of locks, talk about them, design problems, and what the issues are, and run five videotapes showing how easily they can be opened. And we'd like really to pay attention because at the end, we'd like you to vote on the dumbest lock design ever. This is sort of like American lock idol. And so we really want to know that, and we want some feedback if we have time as to what y'all think about the insecurity engineering that's gone into a lot of these products. And I might also note three of the five are imports, two from China, one from Finland, and then two are made in America. So we'll proceed. So lock design, mechanical versus security engineering. We want to draw that distinction. All of the engineers at lock companies around the world are pretty good at making things work mechanically. But most of them really don't understand the concept of security engineering and making things not only work properly, but making them secure. So again, at prior DEFCON presentations, we've really focused on mechanical locks, high security locks, and now we're into the electronic and electromechanical locking systems. So we've looked at vulnerabilities in all of these kinds of cylinders that have resulted from defective or deficient engineering in our view. There's also, as we've talked about many years in the past, the standards. And y'all need to understand, and we're not going to dwell on them today, but underwriters laboratories and builders hardware manufacturers association is responsible for developing standards in America for security systems, locks, safes, ATMs. And so everything in this country and everywhere in the world, as you know, runs by standards. And so if the standards don't cover real world attacks, then there's a real problem, and there's a disconnect, and the consumers are ultimately at risk. And so basically everybody understands how to open certain locks, but they don't understand why they can be open. So in security engineering, it's an intersection of mechanical and security engineering. You have to have both, or you can't make a secure product. And the real problem in our view is there's a real false sense of security by consumers, by business, even by some government agencies that don't have a testing program. They don't understand that a lot of these locks really aren't designed properly and can be opened and circumvented either by covert entry, forced entry, or violation of key control in seconds by very simple techniques. The other problem is there's a lot of misrepresentations either knowingly or not by a number of lock manufacturers with regard to the security of their products. And this is really a problem in the industry. A lot of them, frankly, use the standards as their cover to say, well, our locks meet the standards. The problem is the standards don't cover a lot of issues or they're not interpreted to cover, especially, for example, bumping, which we'll talk about later as far as what the industry has done since this has been public for the last five years. They have made changes. And so this is what we're going to talk about today and specific design failures in five different kinds of locks. Matt? So we have the Quickset Smart Key, which is right up here. And again, remember, you're going to vote on what is the, hello, can you hear me now? Much better. All right, so we got the Quickset Smart Key, which is right up here. We have the Kaba Instinct, which is The middle one. The middle one. Right here, next to, the big safe over here is the AMSEC ES 1014, the iLock. Toby, if you want to hold up the iLock. Well, the iLock is very small, but there it is. This is really, really, really a clever lock that we'll talk about. It's developed in Finland. There's no batteries. It's an electromechanical lock, but there's no batteries in the lock. There's no batteries in the key. And so the real important thing in that issue to remember is clever does not mean it's secure. And neither patents. Patents don't mean it's secure. Clever doesn't mean it's secure. Awards don't mean it's secure. As we've repeatedly shown at DEFCON and other venues, again, there's a real disconnect in engineering. And I should also note that Toby, to my right, is a 25-year working locksmith in Miami. We all work together on analyzing locks and high-security systems for a number of clients. And so Toby's got unique field experience in both Venezuela and America in day-to-day servicing and lockouts and bypass. So the last lock over here is the BioLock333. And so each of them was examined for security exposures and vulnerabilities. And we'll review that coming up with the videos. Yeah, the BioLock333. That's one of our special pet projects. This is a fingerprint lock, and we'll talk about it. This is a brilliant design. So locks are the first line of defense. Usually the first security barrier, often the only security layer. And usually locks are measured by standards, whether they're secure or not. But what if the problem is that they're not rated? What if the bypass technique isn't covered by the standards? And how do you know that the locks you put on your residence, your business, your computer server room, how do you really know whether they're secure or not? And frankly, what does the term security mean? Now we think that manufacturers have a special responsibility when they're making locks. They're not making toasters. They're making locks to protect you, your lives, your assets, and your family. And so they have a unique responsibility for competence. And a lot of the lock manufacturers have not adequately displayed that in our view. And the five locks that you're going to see videos on today clearly have not demonstrated the level of competence that I think everybody expects when they go out and buy a lock. And we're going to ask you if you would buy these locks after you see the video. So again, it's mechanical engineering to make them work, but it's security engineering to make them secure. The implied representations, and of course, it gets into, I'm also a lawyer. So the issue with security is liability. And if something fails and somebody gets hurt, somebody's liable. So the lock manufacturers, all of them, are representing that we are the experts and we understand our products, we understand security, and they're making representations in their packaging and their web advertising, in their kiosks, that these locks are secure. Amsec, which is a great company that makes this little electronic safe for the consumer, about $100, they're calling it a safe. And this is a very, very good company. They've been around a long time. They're very reputable. This is an import, as we'll point out. It's not secure. And so they're selling it as a safe rather than a box with a lock on it. And that's honestly what it really is. It's a box with a lock. And a lot of the manufacturers will tell you we meet or exceed the standards. Well, that's great until the standards don't cover what the problem is. And when we can open locks with wires, with shock, vibration, with bumping, with magnetism, with radio frequency energy, it's a real problem because most of it's not covered in the standards. Matt? And paper clips, ballpoint pens, aluminum foil. Let's not forget the ballpoint pens. And a host of other bypass techniques. Right. So expertise is required in lock design. Mechanical engineering, security engineering, minimum industry standards require a level of knowledge. And security engineering specifically requires an understanding of all these bypass techniques. And if you don't have that, you can't make a lock that's secure. So engineering failures, the results and consequences. Insecure products often very easily bypassed as we're going to show today. Use the standards to measure when they do not address the relevant issues. The products, all of these products look great. The problem is none of them are. They all really look secure. And especially the imports from the Orient, they figured out how to make Chrome one micron thick look really great until you take it home. And then it doesn't work so well. The problem is the consumers, you guys, you don't understand this a lot of times. And you believe what the manufacturers of their advertising represent. So cost and appearance versus quality and security. Do you get what you pay for? $2 locks are $2 locks. And quality costs money. Quality equals tolerance and materials. And some of the cylinders that we've dealt with, $2 to manufacture the cylinders that are being sold for $20, $30, $40. The problem is there's still a $2 lock. And that doesn't equal security. As we noted, clever designs, frankly, may reduce security, not increase it. There are lots of really neat locks out there. And a lot of them are indeed secure. But there are a lot of very clever locks that aren't secure at all. So security grades versus security ratings. Matt, why don't you talk about this for a minute? So we talked about security standards a couple years back in ANTS, CBHMA, and UL437, specifically with regards to the medical locks. The security grades, as we'll talk about with the Quickset Smart Key, it's a grade one lock. So as you look at the packaging, you're in the store, you're in Home Depot or Lowe's, and you're about to purchase this lock, you're looking at the package that depicts a product that's grade one security. They present a pictorial that shows grade one security as the highest level of security you can buy in Lowe's or Home Depot. So that's the concern. That's the concern for you as a consumer. So because grade one security, OK, if you call, for example, Quickset, my favorite, and you ask them, what does grade one security mean? They say, well, it's the highest grade of security you can get. Yeah, but what does that mean? Well, it's the highest grade of security you can get. And so you can't cut through it. The only way to open these locks is to drill them off the door, break the door, or break the door frame. We've been told repeatedly that that's the only way to open these locks. Well, we had to mention also, specifically on the Quickset smart key, that this design is peak resistant and bump resistant. So the manufacturer tell us that since you cannot pick open this lock and bump open this lock, the only way that this lock can be opened will be drilling, taking it off the door. There's another distinction. We did a series of reports last year. There's a real misunderstanding between deadbolt security and cylinder security. Now there's a BHMA rating, 156.5, that covers these issues. The problem is if you have a lock, if you have a deadbolt that's really secure, but the lock isn't, the deadbolt's meaningless. Other than if you crash through the door, because the lock controls the deadbolt. And so one of the issues is nobody understands what the ratings mean at the consumer level. And again, this year, rather than high security locks, we targeted the consumer level locks because it is becoming a problem, especially with the imports. And one of the rules that you really need to remember, and we stress this every year we lecture, the key never unlocks the lock. The key unlocks or actuates the mechanism that allows you to unlock the lock. So the relevance of this is, if you can get directly to the mechanism, you don't need the key. And in many cases, which is called mechanical bypass, in many cases that's exactly what we're doing. You're gonna look at what we did today and shake your head and say, how do they sell this stuff? Okay, lock manufacturers cannot open their own locks. This is really a true statement. They meet the standards, but they're not secure. The engineers don't think outside of the box. One of the things that you learn at DEF CON if you attend enough lectures is to think outside the box. And frankly, more and more lock manufacturers and locksmiths are beginning to attend DEF CON because they finally got the message after attacking us for years that everybody here is just their criminals and that's it. They finally figured out that there's highly relevant information and highly skilled individuals here. And so it can really, the interaction can really help the industry. Okay, so five examples of insecurity engineering. Conventional equivalent to a pin tumbler lock, which is the quick set, an electromechanical lock, which is the iLock ILOQ from Finland. It is a very, very, very popular lock. And I said, won a lot of awards. A biometric fingerprint lock, which has been popular in America, made by Biolock, the 333, an electronic RFID based lock, which is made by Kaba InSync. Actually a very clever lock and the ones we tested, very deficient. Consumer and a consumer electronic safe. Now obviously this isn't a high security safe, it's $100 safe. The fact is it's called a safe and a lot of consumers believe that it offers a pretty good level of security. So all of these locks appear secure and none of them are, not in our view. This year we focused on what the problems are with representative samples. And frankly, there's hundreds of bypass tools that are out there and techniques to open lots of locks. So we're gonna analyze each lock now for you, how it works, why it's deficient or defective, the bypass vulnerabilities, statements made by the manufacturers and the methodology of how we opened it. So let's take the first one. Matt, you wanna talk about this? Right, so this is the quick set smart key lock. It was introduced, go on to the next slide. It's introduced in 2007. The cylinder does cost about $2 to manufacture. It is a clever design leveraging sliders versus pins, so it is bump resistant, bump proof potentially. It is very difficult to pick as you apply tension to the cylinder, turning to pick, you actually bind each of those sliders. So it's very difficult to pick. People pick them, but it is very difficult. There are a host of security vulnerabilities last year or the year before. Locksport gentlemen devised a tool to decode this. There's a bunch of other tools on the market to bypass this lock. Millions and millions of these are sold and they're extremely popular. Again, if you go into Lowe's or Home Depot, this is what you're gonna see. You're gonna see the quick set smart key. And the reason is it's re-keyable within about 15 seconds. Yeah, it's a very clever design. It's a modification of two prior designs. The quick set didn't come up with it on their own. They actually modified two previously patented locks starting in 1978. We have to say also they have patents on that cylinder too. Yeah, yeah, you have to talk to the microphone. They do have patents on this design. So, but we're gonna demonstrate and we always talk about patents don't mean security. So we're gonna stretch this again. This lock is a patented design. It means it's clever, but it doesn't mean it really is a secure design. Yeah, reprogrammability for the consumer is a very neat idea and several manufacturers actually have come out with reprogrammable locks. The problem is there's always a trade-off. A pin tumbler lock is the most secure mechanical type of device. And when you start altering that design and using little tiny sliders as you'll see, they're not pin tumblers and they're not as physically secure. Now, these manufacturers can tell you whatever they want but the proof is how you open them in 30 seconds or less. And frankly, we did it as we'll show you with a screwdriver, a small vice grip and a piece of a key blank. But there's also a professional tool out there that can do it in a few seconds. The way that we measure our results is by time, tools and training. Little time, few tools, little training. There is a problem. And I have to also comment, after Jenna Lynn of DEF CON fame in 2006 and 2007 bumped open the quick set, they flew me out to the factory to brief me on Smart Key before it was released to the public. And at that point, they didn't even know what lock bumping was. They had read about it on the internet and said we never even heard of it before. So Smart Key frankly wasn't designed to frustrate bumping, it does. It's frankly in my view, it is essentially a bump proof lock. But it's got lots of other problems including maintenance problems. So they're advertising. ANSI grade one deadbolt for the ultimate insecurity. So here your home in seconds with Smart Key. This is from the packaging. This is where you can read if you go to Lowes on deep learning hardware store. This is what you're gonna read from the packaging. This is what you buy. This is what physically you see in the packaging and you compare one lock to the other one. This is what you see. So one of the things we'd like you to answer when we're done with this is if you knew now before you bought the lock that these locks could be opened in this way, would you buy them? So the grade one security, we're actually filing a challenge with BHMA for the quick set grade one certification based on two grounds. They've passed the certification but we don't think they qualify. So we're gonna challenge it. And we met with BHMA a couple of weeks ago. They watched the video and we're not real thrilled about the issue. It's BHMA which is Builders Hardware Manufacturers Association. It's a cooperative trade group with all the lock manufacturers. And so they have a lot of standards including the real high security standard in the United States. We've been working with them for three years in meetings to get them to upgrade and change the language and some of the standards to fix some of this. So in the case of the quick set smart key there's commercial tools available. They're easy to compromise with simple implements with rapid entry. Tiny sliders open relatively easily and quickly. So here's what the inside of the lock looks like and we're gonna post this online. Wyatt also did a long story this morning. This is basically the internal mechanism of the smart key. And basically the critical issue is at the bottom which is a slider that's blown up. And these sliders, the way they reprogram the lock there's a little gear as I've blown up in the photograph and these sliders move vertically so that when you insert a new key to program a different combination the little gears mesh in a different relationship. It's a very clever design but we don't think it's secure. We don't think it's reliable and there's a lot of problems with it that we're reading about on the internet. So here's a macro of the slider against one of the pins to show how the two integrate together. And again, this is the critical component in this lock. These are tiny little sliders. There's five of them. This is the security in essence of this lock. A sidebar meshes into the little gate on top. If the sidebar doesn't go in obviously the lock can't open. Here's the problem. Normal slider on the left, warped slider on the right. We took these macro photographs after we opened the lock with the screwdriver, a three and a half inch blade screwdriver, six inch vice grip and some torque. This is a deadbolt. Anything wrong with this picture? Well, also it's distinctive on the smart key. You can see that small opening window on the side of the cylinder. That's where you insert the tool for re-keying this lock. It's very easy to re-key very fast. But you're gonna see how we're bypassing this lock very easily. Okay, so here's the video. This is what we did, the full videos on our website and on Wired, but this is the abbreviated video. Let's reprogram the lock. So working key. We're gonna use the smart key reset tool or learning tool. Push it in, remove one key, the other one, the lock is re-key. This key works, the old key doesn't work anymore. That's how easy you can re-key the smart key cylinders. Change one key for another one. Lock the door. Now we're gonna bypass this lock. We're gonna use a piece of blank. Put it into the lock. We're having a screwdriver with these small bites. We just have to apply tension and it'll be all right. And this lock is compromised. Now, can this plug now be returned to home position? Watch this, the door is locked. The door is still open, but there's no evidence of entry at this point. We can lock it, hopefully. So now, there absolutely is no evidence of entry. Only is that the key won't work. But the key won't work because the key is blocked. Also included on the packaging by Kwikset is a statement, all you need is a screwdriver. We don't know whether that's a disclaimer by the manufacturer that they're aware of this bypass technique, or that statement relates to installation of these locks. Either way, it is essentially a very true statement. So that's our packaging. So it's important to note, and I heard some of you've commented, this is a destructive entry. In this scenario, leveraging the screwdriver, the blank, just a normal Kw1 blank inserted into it, torquing it and opening and ultimately relocking the lock is destructive. There are tools on the market that allow you to remove the insertion of that blank and actually a valid key will still work on that with the production tool. And I think we have to notice also that you won't be able to do this with a regular paint on the lock. Which is, sorry? Oh yeah, they told Wired we'd have to see the video. Now the problem with that is customer service has told us that they're aware of the tools for several months and investigating. How long does this take to investigate? The tool is basically in a screwdriver with a blade and a T-handle so you can... Yeah, you just apply torque. We just did it with simple tools rather than a 90 dollar locksmith tool. That's exactly right. So again, we go to the basics. How much tool time and training you need to open this lock? And back to the standards, the standards mandate 300 pounds of torque. Yeah, 300 foot pounds. So how many of you would buy this lock if you knew about this? We have a couple of them outside. We can buy it right now. Yeah, okay. Lock number two is the iLock. Taking security to a new level. That's their quote. As I said, this is a very, very clever lock. It really is very sophisticated. Basically, this lock costs over $200. It's very popular not only in Finland, but in Scandinavia. It's an electromechanical design, but there's no battery in either the key or the lock. How do they do this? They use the motor in the lock to generate electricity, to charge a capacitor, to wake up the processor, to authenticate the key, and then they change the function of that lock back to a motor to spin a little gear in order to the tip of the key to unlock the lock. It's very, very clever. It's also really flawed. Well, first of all, you're gonna say, well, is that a lock? It really is a cylinder. This is a type of cylinder used in Europe, okay? So we're not used to see this type of cylinder here in the States. Although we are seeing more of them. Yeah. Now, the way that this work is that cylinder can be attached to a hardware, okay, by two screws on the back. As we mentioned, this is an electromechanical cylinder. So replacing a mechanical cylinder for this electromechanical cylinder, you have instant access control system. You don't have to run wires. You can get Audi trials from this lock. So it's very fast, very efficient, efficient way to get an access control system. This is one of their internal diagrams. And all the keys, you have to understand, all the mechanical keys in this system are identical. You can buy them off the shelf in Finland or wherever their dealers are. The difference is each key is electronically coded differently, and then all the keys can be programmed into the lock. So you set the lock once. Here's the vulnerability. You can set this lock once by either modifying the key or the lock. Once you do that, there's no audit trail. And anybody can open the lock, including with a screwdriver. Here's the problem. Normal key in green, modified key, about a 32nd inch of metal filed off the tip in the red circle. Once that key is modified, now, this is an internal attack. Once the key is modified, any key will open this lock once that modified key is used. It's a big problem. The other problem is the external attack. This is called Insecurity Engineering 101. I spoke with a senior representative from Ilock yesterday afternoon in Finland for 45 minutes. Three in the morning. At three in the morning, his time. Needless to say, he was really happy about the conversation. But he also, after telling Wired that this is stupid, and that was their quote this morning, why not just leave the window open? That was their argument, rather than attacking the key or the lock. Good argument. So finally, when I got done with this fellow at Ilock, he basically confirmed all the vulnerability, says, well, we fixed all those. When can we get new samples? Couple months, they'll be available. So it's a very responsible company. They're working on it. But my problem is, once you bypass the electronic credentials, the Egyptian pin tumbler lock from 4,000 years ago was frankly more secure. This lock, the Ilock has one small pin that is their entire security. Once you bypass their credentials, which we'll demonstrate in the video. So we showed the Egyptian lock. There's the Ilock key. There's an Egyptian key. So, let's run the video. We've identified four operating states for this lock. And this cutaway is a standard cylinder. It has not been modified to defeat its security. So in the first instance, in stage one, the key is inserted into the lock. This is what we call a charging and wake-up stage, which includes authentication of the credentials and the key. The second stage is a function change which takes the motor from generating current to run the processor to spinning the motor in order to turn a primary gear in order to set the mechanical system so that as the key travels through the keyway, it lifts up a little nylon pin, as can be seen, which actually lifts a metal pin, which allows the cam to turn by the action of the key. So this is stage three. In stage four, which we call a mechanical reset, the key is removed and the entire system will mechanically reset back to idle state. You see the little lever drops? That's the actuating charging lever. And so now this lock is back to its normal locked state. So what we're seeing here is a valid credentialed key with a modified tip. So the lock is set, it is not mechanically reset so that any key or even a screwdriver can be used to lift that little nylon pin, which lifts the metal locking pin to allow the cam to turn. This is a serious security vulnerability in our view in this cylinder. In this sequence, we're gonna demonstrate the external attack on this iLock cylinder. This attack, we believe, is more serious. It requires a slight modification that can be conducted externally while the lock is mounted in the door to the actuating lever. And once that's modified, the lock is set by the use of any authenticated key. Once an authenticated key is inserted and removed in this lock, as in proper use, this lock can be operated by a simulated key, an authenticated key, a non-authenticated key, a simulated blank, or even a screwdriver. So we'll demonstrate, here's a simulated brass key that opens this lock. And again, a screwdriver can be used to lift that little nylon pin, which will, in turn, lift the metal pin that moves out of the gate of the locking cam and allows it to turn. So, again, it's a very, very clever design, but as you can see, they never ever contemplated this really simple attack. Okay, lock number three, Kaba in sync. It's an RFID-based lock with a plastic key that looks like a key. It's very clever. There's a lot of them around. They're used on military bases, churches, lots of apartment complexes. So, Matt? I was just gonna say, a couple years back, we presented a bypass for the code locks, the CL5000. It's a very similar attack that you're gonna see here. Okay, so, again, this has wide application, both in the military and civilian sector. Kaba's a really good company. They ought to know better than this. Here's how this lock works. There's a locking cam that has to be withdrawn electrically, and then the key mechanically turns the cam, okay? So, the in-sync meets the paper clip. This is the SAP lock in-sync deadbolt. It's an electronic lock. Self-contained, very operated. It uses a small RFID tag that is used on like a regular key to unlock the deadbolt. We're gonna now use the wire to unlock the deadbolt. There's a piece of wire from the USB port. We can also lock it back. They forgot about the tolerances around the USB port. So, you stick a wire into the lock, you open it. End of story. The next example, brilliant, isn't it? Remember, you gotta vote. Yeah. Okay, the next example is the Amsec, ES-1014 consumer safe in quotes. Really clever design. Nice lock, okay? It's consumer level, about a hundred bucks, electronic keypad. Amsec doesn't make it. They import it from China, okay? And they told me in customer service, they don't test them either. Amsec, Amsec really, really knows better. So, here's the problem. There's a reset button, the way this works, okay? But the reset, oh, you're all laughing. What? Yeah, the reset button, it's locked in the safe. Okay, so what would be the problem? Oh, the problem is a slim gem fashioned from a hanging file folder. The metal in the hanging file folder. This is really, really brilliant, okay? And here's the problem. Here's the photograph of the slim gem in the video you're gonna see. Once you tap the reset button, you key in a new combination, you open the safe. Okay? Now we're going to show how to bypass the security of this container with a piece of metal that's used for hanging file folders. We're going to take that piece of metal, just like a slim gem for opening a car. We're going to insert it at the top of the door. We're gonna flip it around and we're gonna press the reset button. We're going to reprogram a new combination in the keypad and we're going to open safe. We just have to reach for the reset, that's it. And the safe is over. Okay, I think the worst part on this one is once you set a new combination, you're gonna let the owner of the safe locked out. He won't be able to open the safe. Well, unless he has a file folder. Well. This is so incompetent design, it's unbelievable. But here's number five. This is the best, perhaps. You guys are gonna have to vote. The BioLock 333. And by the way, the company in New York that's selling a lot of these, Brickhouse Security, we've dealt with them for a long time. They're a very large surveillance equipment vendor for law enforcement in the United States and for corporate. They carried these locks until last week. They're issuing a press release on Monday and putting up a blog post that's saying first of all, the company wouldn't respond to them. They're returning all the locks and protecting all their customers. And they would urge all the other vendors in the country to do the same thing. So. Oh no, no, I think the company's running. Not Brickhouse, but the folks that are selling this. So watch this, Toby. Describe the lock really quickly so we don't run out of time. Well, the lock, when I saw this lock, I really thought that the lock, it really looks great. We have the lock right here. If you guys want to take a look at it, the packaging of this lock is amazing. It's a do-it-yourself project, basically. Notice it's not easy to install. Very convenient because it uses fingerprint as a key. Yeah, when I called customer service and says, what's the security of the lock? They said. The fingerprint. Oh, it's a fingerprint. It's a fingerprint lock. Okay, $200 for this lock. They're selling a lot of them. The problem is they never met a paperclip. Yeah, they have a, behind the cover, you have a bypass cylinder, which is what we call dimple key. So even if you see the key, you say, well, this key is not easy to replicate. You feel very comfortable. You can program up to 99 fingerprints. Very convenient. You know, you don't have to carry keys as a self-contained unit with the barriers inside. Even has a remote control. So you can open the door with a remote control from the inside. Okay, watch this. This is a demonstration of the Biolock Model 333 fingerprint reader lock. This is a biometric lock import to the United States. It's being sold by a number of different companies. Ostensibly is secure. We did not analyze the fingerprint reader or its security or design. However, we did look at the mechanics. This fingerprint lock has a bypass cylinder. It's a dimple lock. And there's a magnetically closed cover to allow access with a key. The lock is packaged quite nicely. The lock can be programmed with one or more master fingers. And those master keys, so to speak, will then be used to authorize individual users. Let's go ahead and demonstrate how this lock works in normal mode. And then we'll demonstrate the insecurity engineering of this lock. The lock is woken up. The reader illuminates. Blue light comes on indicating an authorized fingerprint. And the lever handle can be turned to withdraw the bolt. And then the system resets as you heard. And now the lock is in its locked state. The bypass cylinder works in the same way. If for some reason the fingerprint reader doesn't work. The problem with this lock design is so elementary that, frankly, it defies belief. All that is needed to open this lock is a paper clip. The paper clip is inserted into the keyway. The lock is open. And we'll do a macro shot of that for what you see. OK. So what lessons have we learned? Again, cleverness does not equal security. Locks require both mechanical and security engineering. Patents do not guarantee security, nor do the standards. Very quickly, an industry update. The industry is paying attention. A lot of manufacturers now are making anti-bumps hardware. And they're also very seriously looking at their electromechanical locks. So we'd be glad to visit with everybody afterwards in the, I guess, another room. If you have any questions, we hope you enjoyed it this year. OK, what lock wins? The dumbest. The fingerprint lock. OK. OK? Thank you. Thanks a lot, guys.