[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Keynote Videos Now Available for Download

Day 1 Keynote: Bruce Schneier - Schneier on Security
Day 2 Keynote: Jeremiah Grossman - Hacks Happen

Marc Weber Tobias (Investigative Attorney and Security Specialist)

Filed under: Main Page — Administrator @ 10:30 pm

Presentation Title: How We Cracked Their Codes: A Case Study in Compromising the Most Popular High Security Lock in America - Medeco m3 and Biaxial
Presentation Details:

In the United States and Europe three primary standards organizations rate cylinders for their ability to withstand forced and covert attack and certify these locks as suitable for high security installations. Yet are the standards actually what they represent and can security professionals rely upon these certifications to protect their high value commercial or government facilities?

Many high security lock manufacturers claim that their cylinders will be impervious to covert methods of entry including picking, bumping, and decoding and that they offer high levels of key control, effectively preventing the illegal or unauthorized duplication of their keys. In this presentation, Marc Weber Tobias offers a detailed analysis of how the Medeco lock; of one of the most respected manufacturers in the United States and Europe was compromised by a methodical analysis of its physical characteristics and their code data base. These cylinders are utilized to protect the most secure areas of commerce and government, not only in America but also in many other countries but can be bypassed, often in seconds. The problem was accentuated at Defcon 15 last summer when a twelve year old girl bumped open a Medeco high security cylinder in seconds. Marc will address the many vulnerabilities that Medeco and other cylinders have with regard to different covert methods of attack.

About Marc

Marc Weber Tobias is an investigative attorney and security specialist living in Sioux Falls, South Dakota. He represents and consults with lock manufacturers, government agencies and corporations in the U.S. and overseas regarding the design and bypass of locks and security systems. He has authored five police textbooks, including Locks, Safes, and Security, which is recognized as the primary reference for law enforcement and security professionals worldwide. The second edition, a 1400 page two-volume work, is utilized by criminal investigators, crime labs, locksmiths and those responsible for physical security. A ten-volume multimedia edition of his book is also available online. His website is security.org, Marc is a member of a number of professional security organizations, including the American Society of Industrial Security (ASIS), Association of Firearms and Tool Marks Examiners (AFTE), American Polygraph Association (APA) and American Association of Police Polygraphists (AAPP).

Marc was Chief of the Organized Crime Unit, Office of Attorney General in the State of South Dakota, and as such directed many criminal investigations. He also worked special investigations for the Office of Governor, State of South Dakota for sixteen years, and was responsible for conducting internal inquiries for the executive branch of government
and for the state prison system.

Marc has lectured extensively in the United States and Europe on physical security and certain aspects of criminal investigations and interrogation technique. He holds several patents involving the bypass of locks and security systems. Marc contributes a column to engadget.com and has been featured in many publications as well as radio and television stories around the world.

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Event Partner



Supported & Endorsed By

UAE Telecommunications Regulatory Authority (TRA)

Malaysian Communications and Multimedia Commission (MCMC)

Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors

Titanium Sponsor (Post Conference Reception)


Gold Sponsors


Microsoft Corporation

Official Media Partner (Magazine)

Network Middle East

Arabian Computer News

ITP Business

Official Airline Partner

Emirates Airlines

Our Speakers are Supported By

Bellua Asia Pacific

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations


ISECOM - Insititue for Security and Open Methodologies

ISACA Malaysia

IT Underground

X-Focus China

Zone-H Defacement Mirror

Xatrix Security

Special Interest Group in Security & Information InteGrity Singapore