Engadget has a long, fabulous post about popping Medeco locks with a simple screwdriver; these locks have been long held as one of the best, most advanced and secure deadbolt locks in the world — they have an estimated 70% share of the market, and supply the White House. As per a demonstration by the (admittedly kickass) 12-year-old Jennalynn at Defcon, the locks can be defeated in under one minute with a screwdriver. Supposedly video of *that* technique is being kept under wraps — but here’s a great video of Jennalynn doing a hammer demo. Snip:
This method of attack can be carried out with extremely simple and inexpensive tools and requires very little skill, just like bumping. In certain instances this method of bypass can even be simpler than a bumping attack on a conventional cylinder.
This video shows the result of bypass of internal components with a simple screwdriver. (The demonstration has been edited so as not to disclose the precise techniques that are employed to allow the deadbolt mechanism to be bypassed. Shown is a standard six-inch screwdriver that is inserted into the keyway of a Medeco m3 high security cylinder, which can be used to easily retract the deadbolt.)
This is not the only security vulnerability that we have documented in Medeco high security locks. At Defcon, Jenna Lynn, now twelve years old, was able to bump open the Medeco Biaxial three different times. You will recall that this young lady bumped the Kwikset and other locks last year at Defcon 14. She told me that she wanted to “maintain her reputation.” She certainly has! An upcoming series of articles will continue our analysis of security issues regarding bumping, picking, and other forms of compromise for Medeco cylinders.
Notes: A detailed analysis is available together with a video demonstration that clearly shows the method of bypass, but this publication has been restricted to locksmiths and the professional security community because of the simplicity of the technique and the potential security ramifications that could result from a public disclosure of the exact method. If you have security responsibility you may contact the author for access to the restricted document.