From Lockwiki
Revision as of 16:52, 15 January 2009 by Datagram (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

I'd like to remove 'intended authentication, usually a key or combination' because this is irrelevant in context (lockpicking too does not need either). Bypass is unique because it is an attack against non-cylinder portions of the lock, namely actuator or bolt (While it is right to include latch I don't think it is necessary; makes it a bit wordy). We also have "a bypass occurs" a few too many times, and the ending is a bit wordy if we include surreptitious (eventually I'd like to have the NDE page like to covert/s.e anyways...). Here's my proposed change:

"A bypass occurs when a lock is compromised without affecting the integrity of the lock cylinder. Generally, the bolt or actuator are targetted, though in some methods a knob or handle on the rear of a door is manipulated to allow entry. Bypass takes many forms, and can be either non-destructive or destructive depending on the techniques used."

-dg, 01.12.09

Well in my opinion the term "bypass" can loosely be defined as any method to unlock a lock, I suppose even including the key. I would consider lockpicking a form of bypass, for example. When I am unlocking someone's house for them, and I pick the lock, I am bypassing that lock.

The technical definition, one that I'd like to follow at lockwiki to avoid confusion is that any method to unlock a lock is known as a "compromise." Attacks against the cylinder are lockpicking. Attacks against non-cylinder lock components or surrounding area are bypass, named so because you are bypassing the security offered by the cylinder itself. Decoding is an attack against internal components, but does not necessarily open the lock or produce a key, only tell you the proper alignment of components. Impressioning is essentially a combination of decoding and lockpicking with the distinction of producing a working key. Some techniques are a gray area (e.g. tryout keys), but are still technically attacks against the cylinder and are thus classified as lockpicking. Most of these classifications aren't applied to destructive techniques (drilling isn't "lockpicking," of course), but some are blanket terms that involve destructive methods. For the sake of simplicity and clarity we can ignore these cases.

-dg, 01.13.09

My understanding of the term bypass, as accepted by the Lock Industry Standards and Training and the Associated Locksmiths of America, is that a bypass is any method which unlocks a lock.

"by-pass tool n. a device that neutralizes the security of a locking device, or its application hardware, often taking advantage of a design weakness"

This can include picking. Is there perhaps another standard for which I am not aware?

Your definition is correct, but your are mis-interpreting it. The key word is "neutralize," which means that the security of the cylinder is null and void. During lockpicking, the cylinder's security is your obstacle. In bypass it is not, because you are neutralizing/bypassing it altogether. If you reference the methods section, you'll see the definition matches up quite nicely in terms of noting that it is usually a design flaw of the lock (actuator) or application hardware (bolt/latch) that are targetting in bypass.

-dg, 01.13.09

I read it as a bypass "neutralizes the security of a locking device," meaning the device no longer provides the security which is intended. The device being the lock on the door, or padlock, etc.

Again, that is correct, but you are not understanding the difference. For some supporting info, search LP101 for "bypass." Almost all threads you'll see involve non-lockpicking/impressioning/decoding methods. In fact, full discussion of bypasses are limited to the advanced section only, because of the difference. You can also look at and for bypass tools (they have their own section). You'll see that they are mostly actuator/bolt attacking tools, including some destructive tools.
-dg, 01.14.09

I understand the difference that you are saying, I guess I just disagree with it. I think most trading locksmiths in the industry would agree with me in that lockpicking is a type of bypass. I would consider all of the following bypasses:
Hand picking
Use of a comb pick
Foil Impressioning
Using a pick gun
Shim decoding
Masterkey system reverse engineering
Sigh reading wafers/pin colors
Tryout Keys

As well as...
Padlock Shimming
Actuator/Bolt manipulators

As these are all methods which compromise the security of a locking device. Perhaps for the sake of this page we can include a not that says bypasses excluding those which manipulate the cylinder itself?

Sure, I will add a note to the summary.
-dg, 01.15.09