So this guy shows you the mathematical relation between the 3 numbers in the combination of your Masterlock: http://www.nogged.com/viewvideo.php?videoID=88
My question is - why isn’t it just 3 random numbers? Why is there any mathematical relation at all? Would that be safer?
I’d have had my big bolt cutter out about 10 seconds into that little combinatorial wank-fest.
Safer? Probably. Cheaper? Almost certainly not. Those locks are what? A few bucks at the most. Masterlock traded off security for cost. My WAG is that they simply have three standard gears/sprockets, and change the combination by changing the position of those gears. They could manufacture more sprockets to eliminate this relationship, but more sprockets means smaller economies of scale, which means increased cost. Masterlock traded security for cost, though I’d say this is still a pretty involved process to defeat a 3-4 dollar lock.
How helpful.
Nonetheless, it is amazing that there is a system and that someone took the time to figure it out. Unfortunately, it makes it easier for bored kids with an interest in B&E to get into other kids’ lockers.
I’ve said it before and I’ll say it again. No lock is safe.
I have a Master lock that I’ve had since high school. I hate to throw out a perfectly good lock, even if the replacement cost is like three bucks. It just seems wasteful. So I’ve kept the lock through the years in the hope that I’ll remember the combination. I contacted Master Lock once, and they said I could take the lock to any locksmith and he would have a book or something that would tell him the combination. So I tried that. The locksmith said he’d never heard of such a thing. I’d like to try the technique in the video to see if I can unlock my lock. Too bad my lock is up at the house.
I’m more interested in whether Masterlock and/or someone who has their lock picked have a lawsuit against the guy for disseminating the information. Right, he made a disclaimer. In my book, merely an admission that the information could be misused. Only I can’t put my finger on the tort.
You guys are actually fallin’ for this?
Do you have some reason to believe that it’s not true?
Not to burst your bubble or anything, but this ‘trick’ has been known about in the lock hacker community for at least 15 years (probably much longer). The relationship is due to the way the tumblers or dials work, and the slop permitted. (Master combination locks allow at least one number in each direction, and the cheaper locks may allow two.) Explaining why this is in words is complicated, but if you cut open a combination lock it becomes very clear. The mechanism is really quite simple, and involves lining up notches in the disks to allow a cam to rotate. The three dial cable locks you see for bicycles are even worse; you can pick those things by feel in seconds, as an ex-girlfriend found out when she left her bike in front of a grocery store for a few minutes. (On the other hand, the Mosler safes we have at work are very precise and can’t be picked by feel, although if you get one open and remove the backplate you can ‘feel’ what the combination is even without looking, similar to that described by Richard Feynman.)
The short and long of it is, don’t depend on combination padlocks to protect your stuff. Keyed locks are considerably more secure, if only because they require tools to bypass, and some (Master is well-noted for this) have tight tolerances which can make them challenging to pick.
Stranger
What law has he violated? He’s not giving away proprietary information; he hasn’t even reverse-engineered the design. He’s merely displaying an empirically-determined method for bypassing the lock.
Try it for yourself. It’s not magic.
Stranger
This kind of problem doesn’t exist just for Masterlocks. Richard Feynman has a chapter in one of his books, I think it is Surely You’re Joking, Mr Feynman, about how he broke into the filing cabinet that held all the sercrets for the nuclear bomb and a bunch of other desks at Los Alamos with similar style locks. His method was different, he couldn’t pull on the lock to get numbers that were close unless the filing cabinet was open*. I don’t remember the exact details but I believe that Feynman could break any of this type lock in a couple hours at the outside with the median time being something like 60 minutes. He describes the process pretty well in the book. IIRC, the locks generally work if you are within 1 number on each side. For eample if the first number is 7, then a 6 or an 8 should work. That cuts down the number of possiblities, you can use 2 for 1,2,3, 5 for 4,5,6, etc. From there, he found a way to set the first number and just test the second two numbers. It is a neat little scheme, I’ve been wanting to try it just for kicks but have never had the time.
If you are looking for security these things are not what you want to get.
Slee
*Feynman would fiddle with the locks on filing cabinets that people left open while talking to them. He was actually picking up the combination but it apparently appeared to everyone that he was just twirling the lock.
Oh, it’s not magic? Thanks. Do you know for a fact that this particular technique works, or are you just stating that the combination to locks can be figured out?
Interesting…
I got bored in college, so one day I bought myself three Master locks and figured them out. The method is different than this guy’s, in that I can reliably find the second number on all but the rustiest of Master locks, in a matter of seconds, none of this combinatorial BS. The third number is trivial, since once you get the second number, you can just try opening the lock on every number around the dial (you don’t need to reset the lock to try all the third-number combinations). So, basically, once you know the middle number, you only have 18 combinations you have to try (I go by twos).
Don’t trust Master combo locks to keep anything safe. If I can figure out with some spare time and a few combo locks, I’m sure anyone can.
Yes, Mr. Snarky, this technique works, a fact you can verify by picking up any Master combination lock and trying it. If you’d read back into the thread, you’d see that I indicated that this technique has been around for at least 15 years (likely more), and the any security by obscurity has long been obliviated by knowledge of this.
I’m afraid I’m not familiar with ** pulykamell**'s technique on Master, though I’ll note that there is another brand of combination lock in which the first and second number (rather than the third) with a few trials. (The arrangement of the discs is different, but even less secure than the Master design.) Frankly, in most applications that a combo lock is used it’s actually easier to either attack the hasp or use a padlock shim than even to use the method described above.
Stranger
The odd thing is, of all the Internet info I’ve searched on this, I’ve never found anybody describe my method, and none of the Internet methods I’ve found ever worked on any of the Master padlocks I’ve picked, so who knows? Some sites claim the first number is the easiest to figure out on a Master lock and the second is the hardest. I find it exactly the opposite. I know of no reliable way to determine the first number.
But, yes, the inelegant and quick solution is the shim, and that magnitudes easier than fiddling with the dials. I still say hacking the combo is sexier.
Master told you the truth. Those books are available to parties with a reason to have them, which would be locksmiths and schools. Take the lock physically in to a decent locksmith, and they should be able to help you. Someone stopping in to ask me the combo for serial# 12345 lock is going to get blown off, too. 
I respond to your condescending It’s not magic., and I’m snarky? Whatever.
Yeah, I caught that, thanks again. Just making sure you were talking about this specific technique. The whole business about having five numbers without remainders, and all of them ending with the same number but one, and that number not only gives you the third number, but dividing four into that has something to do with getting the first number, reeks of bullshit to me.
I did take the lock to the locksmith. Not one of those parking lot kiosks, but an actual brick-and-mortar shop. The locksmith said he hadn’t heard of such a thing.
Here is one “by feel” method. Not work safe site so no links. Google “How to Pick Master Combination Locks”
Hah! I noticed the mathematical relationship between the numbers on my master locks ages ago, back in high school (I had about three of them, and noticed that all three combinations fell into a pattern). Big deal.