Kensington MicroSaver lock defeated with a penny

Kensington MicroSaver lock defeated with a penny

Summary: As a fan of both Numismatics and Macs I found a recent article in 2600–The Hacker Quarterly most troubling. "A Penny For Your Laptop" (Autumn 2007 issue, page 19) by Atom Smasher demonstrates a very simple vulnerability in the Kensington Micro-Saver Notebook Lock.

SHARE:

Kensington MicroSaver lock defeated with a pennyAs a fan of both Numismatics and Macs I found a recent article in 2600–The Hacker Quarterly most troubling. "A Penny For Your Laptop" (Autumn 2007 issue, page 19) by Atom Smasher demonstrates a very simple vulnerability in the Kensington Micro-Saver Notebook Lock. Apparently it can be unlocked very simply, quickly, and without destroying the lock or computer by using a coin to add tension, and spinning the dials until they stick.

The scariest part of the article comes near the end:

People are creatures of habit, and in most cases the four digit combination used on the lock will probably be the same PIN as the owner's bank card, voice mail, luggage locks, etc. In many situations just learning the PIN may be more valuable than the laptop.

Um, how many of us are guilty of that one?

I used to use Kensington Micro-Saver locks frequently (mostly at trade shows where I was exhibiting) but haven't used one in quite a while. I'd be interested in hearing from you if you've tried it, or if you have a link to a video showing it in action.

The article is clearly written, informative, and he even suggests a solution to the problem. You'll have to trudge on over to Borders to get a copy of the latest issue of 2600 though, it's not available online.

Update: YouTube videos are available showing a MicroSaver lock being opened with a piece of paper, and an empty toilet paper roll. Kind of reminds me of that hack to open a Kryponite bike lock with a Bic pen.

Topics: Banking, Hardware, Laptops, Mobility

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • In my experience ...

    ... they're all rubbish and will only keep your stuff safe if you're surrounded by honest people. I had the chance to play with one in a store a while back and the assistant was amazed by how insecure they were :-)
    Adrian Kingsley-Hughes
  • Bad link for the toilet paper video

    Incorrect: http://www.youtube.com/watch?v/xNvkXfop8bA

    Correct: http://www.youtube.com/watch?v=xNvkXfop8bA
    MGP2
    • link fixed...

      ...thanks. J
      Jason D. O'Grady
  • Eeek!

    Boy am I glad that I haven't used one of those locks, much less set one of my PINs as the unlock number. Hope people change their locks to something less personal quick!

    - John Musbach
    John Musbach
  • Same Password on all sites

    Or, how many of you use the same password on your online banking system that you use on the dinky little web sites that are run by a guy in his pajamas in Russia who then goes fishing with your passwords?
    DaveMorris
    • Moving data is secure, isn't it?

      I keep all my passwords on the back of a sticky that I put in a new place every week. Are you saying that's not secure?

      ;-)
      muzhik
  • RE: Kensington MicroSaver lock defeated with a penny

    Use the password "guest".
    The cylinder locks can be made to be more difficult to defeat but like most mass produced products manufactures have gotten sloppy so they can now be easily defeated with common objects. I have a older Kensington lock and I tried all of those methods and it still doesn't open on older lock. However with an bolt cutter you can cut the cable on any cable lock so if a determined thief can steal an laptop with any type of lock.
    The most secure laptop is the one that is not seen by the thief.
    phatkat