[Cryptography] But it's encrypted so it must be OK

[Jerry Leichter]

> Ray, not trying to be an a****** but you're 100% wrong. There are more locks with better technology now than ever before and this is just simply increasing. Some of it's because of better and cheaper machining, 3D printing or as it's known additive manufacturing, some of it is because of better technology... It is actually increasing or doubling every few years.
But you have the "sides" backwards.  There are better *locks* but not (particularly) better *attacks against locks."

A lock from 50 years ago isn't as good as a modern lock, so you might have reason to want the new lock; but the weaknesses and attacks against the older lock were there and known 50 years ago as well.  It's likely true that - given Youtube - the knowledge of how to attack that 50-year-old lock is more widespread than it was; though it's not clear that the population of skill lock-pickers *who are actually in it for criminal reasons* is much larger.  Most people who watch the Youtube videos are just curious, and never practice what they "learn."  You can *watch* every video The Lock Picking Lawyer has ever made, but unless you get yourself a set of tools and sample locks and start practicing, you're not going to get anywhere on a lock "in anger."  And of those who do practice and learn, the vast majority are hackers who at most want to be able to play games.

Picking physical locks (mainly) remains a learned skill.  Breaking older encryption algorithms is just a matter of downloading the right software and running it.

Taking another angle:  Actually, the security of many common locks these days is *worse* than it used to be.  Everyone wants push buttons and electronics (for easy re-programmability) and most common implementations are more concerned about *looking* secure than actually *being* secure.  I actually demonstrated this in the mid-1970's, at a university computer center that was set up the old way:  Glass room esthetic.  There were three doors into the glass room, using traditional key locks.  Then someone sold them on the latest electronic locks.  Actually, there wasn't budget to wire up all three doors, so they did two of them and left the third alone, thus getting the strength of the weaker system.

Anyway, the locks were activate from a box outside the door.  Inside the box were 5 rocker switches, labeled from 0-9 based on the two directions you could rock the switches.  A bit of thought was put into this as the box had a cover that leaned over your hand as you activated the switches, hindering direct observation.  I bet that I could figure out the combination.  After a bit of thought, I went in early one day, got a used blackboard eraser - remember those? - and blew chalk dust on the switches.  I then waited for someone to use the lock.  A quick look after they went into the room revealed the 4 digits of the combination.  Of course I didn't know the order, but at most 24 tries would reveal that.  And in fact I could do better:  While the cover made it impossible to see the actually switches being hit, you could determine whether the hand was pushing up or down on the switches.

You *can* get physical locks that are quite secure.  They are typically combination locks, not keyed locks, and are complex and expensive - think bank vaults at the extreme.  No one picks these things outside of movies.  And very few people have the need for such a high degree of security.

                                                        -- Jerry