Interview with a Lockpick
Robert Morris: Am I right in presuming that lockpicking, like most precise skills, requires a good deal of practice?
Lockpicker: Yup! Personally, when I was first picking, I just picked constantly. It wasn't so much about making it harder, it was just that I bought a couple hundred locks right off the bat and would strap padlocks across my chest on my messenger bag strap and pick while I walked. Pick while I was at the bar. Pick at work. Pick while taking people through the tomb. Picked everywhere. Eventually I got better, but it wasn't a decided jump up, just incremental. You learn a lot just pulling shit apart and putting it back together again.
RM: Sure at first, but now?
LP: I had to retrain myself a while back which I think is the closest I can give you to what you're looking for.
RM: But nothing now that you’ve retrained?
LP: So… When I was retraining I literally locked all of my rakes away in a safe deposit box and had only hooks to work with. I needed to relearn completely what I was doing. So, I would grab a bunch of locks, arrange them in a tackle box, and pick through them. I gave myself 5 minutes per lock and tried to cycle through each lock twice in a night. If I could open the lock both times, I retired it.
RM: I suppose what I was asking was are there levels of ever more sophisticated locks that you work through to refine and strengthen your skills? Or are there avenues through which you could expand them?
LP: Not for what I do, no. I'm a speed picker, not a high security picker. The high sec guys are more in the vein of what you're looking for; difficult bittings, security pins, etc. are what I work with and it's why I did my box system. Because I would weed out all the easy stuff quickly then keep facing myself with the harder locks – the ones I could only get once or couldn't get at all – and keep topping the box off every night so that eventually all I had in the box were hard locks and each night I would be able to retire a few of those until I had made it through everything.
RM: What disinclines you from trying your hand at higher security locks?
LP: Impatience. I love knowing how higher security locks work, I love researching locks of the 19th century, I love illustrating various attacks, but I've never had much interest in opening safes or high security locks.
RM: You say impatience, does that mean their sophistication makes the process too involved?
LP: It's not so much that. I mean, I love how complex they are, it's more just their difficulty, as lame as that sounds. It's a whole different world picking high security stuff. I can think my way through some of it, but even great high security pickers, the first time they approach a locking concept are going to require hours, if not days, to pop their first one. I get really excited by their discoveries, but have never had that sort of patience
RM: You mentioned "attacks" in a term very similar to how some people describe chess maneuvers. When you read about or see some of these higher-level guys' discoveries would you equate it to how chess adepts examine problems in magazines?
LP: I think that's completely fair, especially when the complexity is such that it requires the creation of new tools. So, certain locks, if they aren't based on a simple pin tumbler design, require esoteric tools to attack them. Often, the attacker has to come up with these just by deconstructing what the lock is trying to do, and either interfere in that process or bypass that process the creativity of that, of understanding the "opponent" that completely, certainly lends itself to some rich metaphors.
RM: Do you think you'll attempt to advance to that level sometime in the future or is speed picking your set lot?
LP: I actually do a lot outside of speed picking, but the high sec stuff has just never held my interest for long enough. That said? I do get curious. I have friends who insist to me that once I open my first safe I will not be able to stop safecracking which is exactly how it happened with my first lock. I was completely consumed by it as soon as I opened my first so, I figured if the day comes that I open an ASSA Twin, or some S&G Safe I'll dive deep into that. Right now I'm pursuing the history of locks and lockpicking and lockpicking as sport, forensics too. And trying to collect different non-standard methods of attacks for some talks I'm giving. So, I'm not actively going after the high sec stuff, but I'm sure if I took enough time to open one I'd lose another year opening as many as I could.
RM: The history of this endeavor is intriguing. How do antique locks compare to modern ones? Are the approaches essentially the same or are there differences?
LP: Well, the cool thing is that most of the mechanical tech we use today can be found pre-20th century. So, I've been doing a lot of patent diving to find exactly when things came into being. Before the 1850s the pin tumbler lock basically didn't exist, however it did exist, in a simpler form, as far back as 2000 BCE.
RM: Well, all those traps in Indiana Jones had to come from somewhere.
LP: [laughter] So, it's a big question. Modern locks are the result of mass production! Back in the day locksmiths actually made locks. Now, they just service them. The transition was mass production. Locks weren't a common, everyone-has-them sort of thing until, again, the 1800s with Bramah.
RM: Is there a venue for replica locks from antiquity?
LP: Well… Let's talk security by obscurity. So, the reason locks were safe way back when was that each one really was a puzzle in a much more literal sense than they are now. The locksmith knew how the lock functioned and gave a key to the owner that would bypass all of his clever tricks. Sometimes they would even put false keyways on locks to throw people off, all sorts of things.
RM: Like puzzle boxes.
LP: Exactly. But, along with efficiency and affordability, mass production brought with it a big problem. Now everyone know how everyone else’s lock worked. You could literally take your lock apart and know how your neighbor's lock worked. Once you understood the concept you could learn to attack it. Attack your own lock sucessfully and you can attack your neighbor’s. In fact, much of the interesting innovation of the 1800s came from one manufacturer picking another's lock then realizing they could pick their own, too. So, you have this whole disclosure debate: do we try to keep secrets when everyone can find this out for themselves? Do we fully disclose everything? Responsibly disclose? Etc., etc. A lot of what I deal with, actually, are methods of responsible disclosure. But interestingly, you drop a lock no one has seen in a hundred years on something important, it turns out that security by obscurity actually has it's place. An immediate example is bike locks. You know how, in the last 5 years or so, bike lock keys have changed from normal keys to little metal posts with evenly spaced gashes taken out of 2 sides? They are operating disc detainer locks and they are operating really crappy ones at that. However, because disc detainer locks are all but unseen in America they are great security! People ask me about them and I usually say that they should get another 5 years before they've become too popular to ignore and we start seeing cheap tools to pick and bypass them flood into America. But for now, and for a while, they are going to be awesome locks even though if you brought one to Finland they would be able to pop it immediately. Obscurity, in specific instances, can be genuinely secure and dropping an old lock into a modern context could be secure.
RM: So there’s a real cultural divide going on here.
LP: It's funny. As international as everything has become – as global – locks really do remain very regionalized. Pin tumbler locks that we use are not the king of every country. Lever locks are still in huge use in the UK, disc detainers in Finland & Scandinavian countries in general, magnetic locks and crazy high security wafer locks in Asia, whereas we typically only get low sec wafers here. There's a lot out there and it's not always as accessible as so many other things have become.
Interview was conducted over a series of entries in an IRC.