Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

No you could bump with standard keys. They were just difficult to ascertain the necessary key stock and/or mill the proper stock.

Again I'll state, "This doesn't fundamentally change the attack vector, all it does is put a hurdle in-front of it."

One that is now easier to circumvent, true. But one that was circumventable in the past with the correct resources.



"with the correct resources." Yes, the story here is about resources. Now they're not nearly as much of a hurdle, as you say.


Well, except for this line:

"As a result, all anyone needs to open many locks previously considered “unbumpable” ..."

You are implying that this has made the impossible, possible. I think that may be valarauca's point of contention.


That is my point. Key locks have this fundamental design flaw. The difficulty of exploiting this flaw differs from lock to lock, yet the flaw still exists. Its inherited from the fundamental design of the lock.

When the flaw becomes easier to exploit its isn't so much news, it was bound to happen anyways, I mean your just wrapping iron bandages around a flaw and causing it fixed. This happens in software security all the time. The flaw still exists, just we added an abstraction above the flaw, that makes the flaw harder to exploit.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: