Log in

No account? Create an account
brad's life [entries|archive|friends|userinfo]
Brad Fitzpatrick

[ website | bradfitz.com ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

kryptonite locks [Sep. 18th, 2004|10:40 pm]
Brad Fitzpatrick

I have two Kryptonite bike locks. The more expensive of the two (this guy) I bought just out of frustration when my last bike got stolen, but it's so damn heavy that I hardly ever use it.

I think it was evan that said bike_weight + lock_weight = constant.

Anyway, that expensive lock is vulnerable to the Bic-pen exploit. That's right, you can open it with a pen. I tested it myself... not too hard, once I figured out which way to turn the thing.

So I guess starting the 22nd Kryptonite will offer some exchange program, if any of you guys care, or have been living under a rock for the past week and missed boingboing, slashdot, etc....

[User Picture]From: iamjosh
2004-09-18 10:44 pm (UTC)
I figured that's what kinda lock u had..
(Reply) (Thread)
[User Picture]From: supersat
2004-09-18 11:04 pm (UTC)
That story even made the top of the front page on the Seattle Times (or maybe the PI).
(Reply) (Thread)
[User Picture]From: scsi
2004-09-18 11:30 pm (UTC)
Beka lost the key to her kryptonite lock.. Guess I gotta find a Bic pen now. :)
(Reply) (Thread)
[User Picture]From: brad
2004-09-18 11:46 pm (UTC)
Note that if you open it with a pen, you can't lock it back again with the key.... you have to lock it again with the pen.

At least however I did it.
(Reply) (Parent) (Thread)
[User Picture]From: agreg
2004-09-19 08:04 am (UTC)

PR people...

From http://www.boston.com/business/technology/articles/2004/09/16/cyclists_bike_locks_easy_prey_for_thieves?mode=PF:

"Asked about the complaints, a Kensington spokeswoman sent a statement that "Any lock can be defeated by a trained thief or lock picker with modified tools.""

It's a shame we're not talking about "trained theives" or "modified tools"...
(Reply) (Thread)
[User Picture]From: scosol
2004-09-19 11:36 am (UTC)

Re: PR people...

i think it's kinda funny that people all seem to blame kryptonite for this-
i don't think it was *they* who designed/manufactured that actual cylindrical-pin lock mechanism (cant remember wtf its actual name is) - it's been around for a long time.
certainly if this bic-pen exploit was known at the time, they wouldn't have used it-
would you blame dell for the fact that the server they shipped you had a version of apache on it that 2 months later was found to have a remote-root exploit? no

(Reply) (Parent) (Thread)
From: dan_erat
2004-09-19 09:04 am (UTC)
I just dug out the receipt for my relatively cheap ($40) Kryptonite U-lock. It's dated 20021004, so I guess I just hit the tail end for getting a free replacement (which will probably be susceptible to PaperMate pens).
(Reply) (Thread)
From: dan_erat
2004-09-19 09:29 am (UTC)
Reading the press release here just pisses me off more.

"Unprecedented Offer Intended to Address the Needs of Loyal Consumers"

I guess I just hoped for a slightly more conciliatory tone from a company who screwed up this badly. I really don't think they're going to be able to milk any positive PR out of this. If they replaced all of the affected locks I'd retain some respect for them as a company that wants to do the right thing, but I'd still never buy another one of their locks.
(Reply) (Thread)
[User Picture]From: mcfnord
2004-09-19 12:06 pm (UTC)
In New York, the NY Chain is the only option. And yeah, it was a massive, unmanageable weight.
(Reply) (Thread)