Vaultek stands behind our customers and products 100%. We are aware of the exploit, and shortly after the release of this video (February 2020) we put in place effective solutions to address Lifepod's programming function. We sent free upgrade kits to existing customers, and all LifePods produced and shipping since then have been upgraded with new firmware to disable the program button when locked. We're listening and will make every effort to continually improve our products. Any additional inquiries can be directed to our support team for more information.
Great of you to fix the issue, just remember as a company it's your responsibility to make sure mistakes like this do not happen as it's a potentially deadly mistake. But good on you for responding and taking quick action you have my full respect.
All we have to do is go to the ozone layer of our atmosphere and run the lock against our hair. This will cause the mechanism to have a chemical reaction that paired with the static of our hair will make the lock open
Until finally it can only be opened by Indiana Jones in a temple at a certain time of day shining the sun on it through a rare and expensive crystal on a stick.
@@DocRorshack Hope LPL posts another video opening it again with the "fix" installed. If one can get a fork in that far, a sturdy pry tool should pop it right open. If nothing else, it could knock off the "plastic bit adhered over the button". What a joke.
@@shteebo Vaultek changed the firmware on all current stock after this video was made making the program button not work when the case is locked the cover was the only solution for products already in use.
People just need to start hiring this guy for their lock companies and tell him to break into the lock and show us what needs to be fixed. Screw “Professional Lock Pick Tested” I want “Lockpickinglawyer Tested”
Lock companies want to sell illusion of security. That illusion doesn't cost much to produce if its made of thin steel and cheaply produced. People are more sensative to price than anything else. Cheaper things will allways sell more than expensive things. Lock companies are incentivised to make cheap locks.
Physical security is always just a matter of time and force. No physical security is ever going to be resilient to the ultimately equipped and determined attacker. But is the security measure good enough that overcoming it takes too much time and/or force to be worthwhile to expected attackers? If so, it's a good physical security measure. In that sense, a paper envelope is almost always an adequate physical security measure to protect the information inside. Very little time and effort to attack, but the contents very likely have virtually no value to anyone but the intended recipient. What LPL does is show up physical security that falls short of its requirements. A small Master Lock on an expensive bike is probably worse physical security than a paper envelope. Given how important it is to guard firearms, gun safes should be held at a much higher standard.
That really has to hurt, when you're the one responsible for that. They seem to have put some thought into it by even making it possible to disable the mechanical override, but then they were defeated by such an easy to avoid error.
It looks like the lock can't check whether the lid is closed or not. That wouldn't matter much if the button was actually inaccessible from the outside, but there we are. A way to fix that in software would be to require the current code when the reset button is pushed before allowing to punch in a new code.
If it were quality you could not open it enough to stick a fork in... I mean a little bit of overlap and a bit tighter tolerances and you could not access that button when closed.
@@etherealicer Quality and cheap enough for most people just don't fit. The cheaper solution is those clasps. Unfortunately they can be opened without unlocking it. Also the reality of it being a 4 digit lock with only 4 possible numbers for each means its pretty vulnerable to a brute force attack regardless. Only 256 possible combinations which someone could go through in about 20 minutes if they really wanted in.
@@ykhenessey3924 you're probably thinking that each digit counts as 10, which is false, since you only have 4 combinations per input. Since you're only allowed 4 inputs, the total combinations is 256. If they required 6 inputs (as in a 6 digit pin), then it would go up slightly to 4^6, which is 4096. If they had 8 combinations per input, even with the same 4 inputs, you'd get 8^4, which is also 4096. I personally wouldn't trust such a thing even without the fork exploit. It might prevent a child from unlocking it easily, but probably wouldn't stop anyone that wants to take what's inside.
Yes and no, i mean, I'd see it more as constructive criticism in just this case. Compared how he can burn a whole lock company. it's just one flaw, when he compliments at the same time about the other items.
One minute you're safe in your vault waiting for the bombs to stop falling, the next minute you can vaguely hear someone outside the enormous rotating door going "1 is binding... got a good click on 2..."
The same joke on every video. Don’t get me wrong it’s still funny all 14 hundred some times, just it’s literally every video. Not the same viewer but….
@@junoperberry I think they meant there's a joke comment on every video where the punchline is "1 is binding 2 is something etc." Admittedly this was one of the better ones
thing is the vaults were built to code. The problem was that a corrupt government for retarted reasons wanted to run social experiments many of which were cruel and pointless when they should have been focusing on saving as many lives as practically possible
@Seth Organ My favorite LPL line was from when he picked a lock with a Christmas ornament: "I could have probably opened this lock with a stale Dorito."
I'm just imagining a board meeting at Vaultek discussing this fault: "Ok, the LifePod has passed our test stage. I don't think there is any way the average consumer will be able to open this safe" _"but what if they have a fork?"_
@@afnDavid What kind of stupid statement is that? people aren't going to buy a product they know is faulty so the company will make less money. Their interest is obviously in making money so they will obviously want to fix it. All they would have to do is a simple update on whatever kind of controller they are using for the lock that says if its locked then disable reprogramming switch
@@Johnof1000Suns ^this make me laugh thinking about a comment in The Outer World video where the suggested swapping "It's not the best choice, it's SpacerChoice" and "Aunt cleo, Better than nature" with "Bethesda, it just works" and "EA sport, it's in the cash" 😂
This is why I REALLY want him to do some recommendations!! Though I DO remember a video of how for under $5 you can take tools for those quicklock locks for door locks and make them very difficult to pick. Seriously, I would LOVE to see him go "Now here's how to make your home and valuables are ACTUALLY safe...." Instead of just going "Look at how laughably easy this is!" or "Look at how easy this is if you have the right tools!"
You mustn't have watched many LPL videos to think that. He doesn't need to take the piss. Still waiting for him to open something with a banana though.
Can you imagine working hard to develop a new product and then you see it on a thumbnail of LPL. "Oh noo, nonononooo", you give it a chance and look at the title "picked with a fork".. fuuuuck that must be tough
There's something amazingly mind-boggling about safes that have such fundamental flaws, and the way you point it out by using a fork of all things, is just brilliant. I hope the people who designed the safe watches this and learn a good lesson about what not to do in the future.
They did. They replied with a software fix. This won't allow the reset button to do anything when the case is locked. Now I'm sure there's gonna be a way to bypass that as well if someone really wants to find a way.
@@ratataran But what about the key lock that's next to it that disables the physical lock? That looks kinda like it's hardware-based. Granted, you'd still have to pick the lock after disabling it.
I've recently been recommended a lot of gun locks from LPL in my recommendations (ironic that I don't even own a gun), and I love seeing the comparision between this particular video and the others: The others always emphasize on being a bad design and terrible flaws (wafer, magnets or both), and yet this one is loaded with high security features and only a single, careless flaw, not to mention it could have a quick fix by putting on a lid, the maker even took the video as constructive criticism. It's great
@@lilpeach101 True because I don't think most people would give a second thought to making sure their firmware was up to date on a product like this. It shouldn't have to be.
That would only be possible if there is already a sensor that detects if it is locked or not. And if they were smart enough to install that sensor, why would they not have used it?
Wouldn't work without a switch/sensor to detect if the lid has opened, the software in these thing will power a solenoid for a brief period and expecting you to open the case while the solenoid is retracted, after that it will just go back to sleep, it doesn't know if the lid has been re-closed or not
Working in product development myself,this kind of highlighting of possible design flaws is amazingly helpful. You're doing the locking industry a big favour with your videos.
Even if they did, they would have done nothing about it. The chances that nobody in the whole development and production chain did not realize this are slim, yet nobody cared or if did, the company didn't care. It takes a viral video these days to get things done, unfortunately. And I must say the LPL is doing far more good with these videos.
Gun safes like this are more about preventing immediate access than they are about preventing access "no matter what" like a large safe you would bolt to your floor. The latter is something you'd have in your home to ensure no unauthorized access can occur like children. Travel safes like this are more for your car/truck in order to prevent it from being used/seen before you get to it
If he never showed this video no one trying to break into it would know that unless they had one to learn this exploit. It has to already be open to find that out about its reprogram button
I want to see TLPL do a series on these sort of boxes & locks called "tested by tantruming toddler" to see just how secure these safes are at keeping children out
The real question: "Is this just a software issue?" If I were on the board of directors for this company I would have this fixed and a pre-production revision in the mail to LPL within 24 hours, with a few hundred dollars cash inside a locked box and a nice note challenging him to try again. If the microcontroller inside has a reliable method of detecting that the system is locked and closed, then it will be very easy to disable the button when the box is closed. If this is done, and the barrel lock can be disabled digitally, the only potential way to open a box after forgetting the code will be either destructive, or waiting on the battery to discharge assuming someone was smart enough to create a battery discharge threshold that relinquishes control to the mechanical lock before shutting down from low power. The circuit that takes control might be some kind of latching relay that only requires power to change states, (or maybe not, as that has it's own magnetic attack vulnerabilities). If a relay like circuit is not flipped due to low battery life, I think the only way left to get inside is destructive. -Jake
I think you buried the lede. The real question is: "Is there a microswitch to detect if the lid is open?" It might be easy to explain how to and update software, but without knowing if the lid is open the only options are engineering some fix, and sending it to each safe owner.
It’s certainly more economical to frame this as a software issue, but the introduction of more complexity (even if it’s as slight as checking that the device is actually open) may actually provide a new attack vector or a new point of failure. For instance, we might be able to trick the microcontroller into thinking that the safe is open, and then we can push the button.
I would disable EVERYTHING. Run out of battery? Too bad. No port, no nothing. Now you have to cut it open. You want secure, there you go. If you're not responsible Enough to check the battery every couple of months, you're not responsible enough to have a firearm.
I bought one of these for my new Camaro since I have to secure my weapon before I go into my work place. This is ten times more secure than the standard glove box and the cable is attached to the bottom of my passenger seat so I can slide it under and out of sight.
So, much like a top shelf, the only protection this gives, is that my children cant be bothered going to the kitchen for an easily accessible tool to access it.
@@ExplosionChimp This dilemma has been explained many times before. Both children and thieves have more time than you do to figure out schemes and flaws in security devices; and will eventually exploit them. With, or without your knowledge. These videos and the many like it serve as a defense for the average Joe unknowingly buying faulty products. Unto which criminals and curious children make short work of regardless if there is a "tutorial" or not.
Even without the fork exploit, this safe is pretty easy to open. There are 256 possible password conbinations, you could try out all of them relatively quickly.
That stuck out to me too, especially unsuitable around kids. It does apparently prevent pin entry for 4 minutes after 6 incorrect entries, but on average it would take 128(half the total number of possible codes) attempts = 128/6 = 21 sets of attempts = 84 minutes total waiting + time to enter codes. Of course there's a very reasonable chance it could take many less attempts. ie: it wouldn't matter much to kids or anyone else who spends a long time overall with access to the safes location. Apparently you can optionally set the code up to 8 numbers, which would immensely increase the number of possible combinations, but it seems likely most people wouldn't bother. More buttons would be much better, a 2nd row of 4 buttons would mean 4096 possible combinations even for a 4 digit combination. Portable safes seem to be asking for trouble anyway though.
One of the most fascinating things about this channel to me is the fluidity / dexterity with which this guy does everything. I know he probably has to do multiple takes often like anyone else, but even the way he puts in a code like “1234” is just slightly abnormally smooth and satisfying to watch
Just seen my first ad at the start of a LPL, good on you! They may only be 2 minute clips but I binge watch all of them and if any UA-cam deserves ad rev it's you!
The programmers actually thought of this (being able to reprogram the code *while* it's locked) and quickly wrote a patch. Sadly the manufacturer got the code's wrong fork
For some people, common cutlery was the first tool used to gain entry to local (home) restricted areas (e.g., parent's bedroom, sister's diary) that have tempted their curiosity for to long. That which is hidden becomes that which is most curious and, as a result, we spend a great deal of time and effort trying get at that which we have been denied.
When I got locked out of my house back in high school, I’d actually hide a fork around the yard to open the door. It only worked when both locks weren’t on the door.
Even though this is a very simple tool to get into this safe, you would need prior knowledge of this very specific issue to pull it off, and if you are breaking into a tiny gun safe like this, I doubt you would be the most intelligent person around. Even considering this, the company fixed this issue which is very admirable.
I am waiting for the "so today we have a safe that is fireproof, waterproof, crushproof, pickproof, and bombproof. Unfortunately the designers created a major error while designing it and I will pick it with a pair of chopsticks."
Someday, I hope to hear you say, “After all these years, I found one I can’t pick!!” This safe should be un-pickable, especially if it holds guns. Once the firmware knows the safe is locked, it should disable the combination change button. Simple to do that change in firmware. Or have another switch hidden when the lid is closed to disable the change combination change switch. Great video!! Thanks!!
Look up the naughty bucket videos. He beats a number of them, but apparently some win out. I think the ability to reset the code without the combination is for when the mechanical backup isn't disabled. Say you forget your combination because you lost about it in your garage, but kept the key. You can open it up and reset the code. This can still be fixed if you have it know if the lock is open or not, regardless of how it was openned.
I wanted to leave a comment just like this, but then had this realization: The key backup makes a firmware "am I locked?" check impossible. It's more than a valid assumption to make that, given they had to resort to this, the locking mechanism has no sensors to tell if it's engaged. And so if the lock was open using the key backup, the firmware would still believe the lock is engaged - and prevent you from using the password reset feature.
@@cardboardbox_tech It doesn't. Just some simple "wires" and a nand gate will sot that out. If they don't built it that way, that it is entirely their fault. There are so many possibilities. However a simple piece of plastic on the lid, that goes over the button when it's closed, would have probably been the simplest way to secure it.
I glued a thin metal plate over the button just now, and I can't press the button from the outsite. It's a serious flaw, but for those who already have it, just place any rigid metal plate over the button. I thought about just removing the plastic button itself; but I'll explore that later. For now, the metal plate works. I may add a tiny hole to the plate so I can at least access the button with a needle.
LPL, you are a total savage genius. Companies should consult with you, before they role out any product. Issues like you demonstrated here would be reconciled right away during the R&D process. Good work!
Elementary school child who only gets to use sporks: “Well at least it can only be picked with a specialty tool that most people don’t have access too. “
A scenario the other way around is more likely the case because Sporks have gone out of production and are quite expensive to purchase now as a result. A math teacher I had was going to use some for some reason for a class but fond out that is is unreasonable to try to aquire them.
@@maplemeep This is standard practice on products that allow rekeying, recoding, or s change of password. You need the working key or code to change to a new one. A locksmith will use some other exploit, or just brute force the code to open it.
That's because you can only reset to a new combination once you've already successfully opened it with the old one or the key - at least that was their plan.
Its still easier to buy a gun. 256 combination takes in the worst case still some time. If someone think he needs a weapon that is ready to fire i dont want to enter a very long code. With force you can open anything takes just a bit more time. Best way remove the bolt carrier and store it in an diffrent place.
@@RC2225 an hour and a half of work attempts that guarantee an open lock, or equivalent hours of work to afford a firearm? A runescape player can fletch over 20,000 longbows every day without a good reason, but what about a determined thief?
LockPickingLawyer: Finds and exposes a critical flaw on a top product, alerting the manufacturer to immediately upgrade firmware saving them millions. Vaultek: Good looking out bro, we left you a comment on UA-cam n gave you a like. I guess we're even now right?
@@ketherga so why they do that? Company should have some ethics , they should reward him or at least recognise through a formal thank They could have lost million in law suit
There were quite a few requests to use a fork in the comments from some of the other ones lately. I take this as a good sign that LPL is at least browsing comments.
I think that it's a good way to bring in a bit more variety. Also, it's cool to see what can be done without tools. Sometimes it's a little difficult to believe that they're that bad, since it's a highly skilled picker using tools designed to pick locks. This way, it seems a little more reasonable, and it really drives the point home.
I glued a thin metal plate over the button just now, and I can't press the button from the outsite. So there you go. It's a serious flaw, but for those who already have it, just place any rigid metal plate over the button. I thought about just removing the plastic button itself; but I'll explore that later. For now, the metal plate works. I may add a tiny hole to the plate so I can at least access the button with a needle.
![[1463] Better Than Most: Vaultek VS20 Gun Safe](http://i.ytimg.com/vi/7ArvsOvBBLw/mqdefault.jpg)
![[1463] Better Than Most: Vaultek VS20 Gun Safe](/img/tr.png)
![[1422] Did I Cheat On This Challenge? (Tamper-Sealed Abus)](/img/n.gif)
Vaultek stands behind our customers and products 100%. We are aware of the exploit, and shortly after the release of this video (February 2020) we put in place effective solutions to address Lifepod's programming function. We sent free upgrade kits to existing customers, and all LifePods produced and shipping since then have been upgraded with new firmware to disable the program button when locked. We're listening and will make every effort to continually improve our products. Any additional inquiries can be directed to our support team for more information.
I accidentally ended up on this video, 5 hours after the manufacturer responded.
that's crazy this just showed up
He opened it with a fork tho lmao
Great of you to fix the issue, just remember as a company it's your responsibility to make sure mistakes like this do not happen as it's a potentially deadly mistake. But good on you for responding and taking quick action you have my full respect.
@@THEJPR Yeah, wotttt. What's the chances.
Imaging being a lock company manager, and see LPL uploaded a video, the thumbnail is your company's product and a fork
Sweat time
Horror story
You sigh in relief. He had to use a fork! You've made one of the greatest locks of all time.
@@IAm18PercentCarbon ....you’re joking right?
That's pretty cringe :'(
LockPickingLawyer: The manufacturers made a rookie mistake, creating a lock on the same plane of existence as me.
Underrated comment
Question, is there a lock LPL hasn't open?
@@carbonwolf1087 LPL has opened every lock, he just hasn't recorded videos for them yet.
@@DoubtlessCar0 lol fair enough
LOL
“Unfortunately this can be defeated by 3 molecules of oxygen and a strand of hair
😂
ok
All we have to do is go to the ozone layer of our atmosphere and run the lock against our hair. This will cause the mechanism to have a chemical reaction that paired with the static of our hair will make the lock open
So...u need ozone for that? Cuz that's 03.
Ah crap don't worry guys i accepted I'm crinj
@@treatoplease3479 o3*
He’s getting closer and closer to being able to sneeze at a lock and it opens
I think many fingerprint scanners could be fooled with a good sneeze.
One day he will be powerful enough to open locks by gently slapping them
Metlyze you mean ‘snapping’ 😉
I feel like it's just a matter of him not having looked hard enough for a Chinese lock that allows this to happen
@@metlyze7124 Davie504
VaulTek: fixed
LPL: here's how you get into it using just a spoon...
Jonathan Boler best Comment 😂😂😂
😂😂😂😂
@Pseudo X Vaultek:fixed
LPL:here's now you open it using a cat
VaulTek- fixed
LPL- here's how to open it with a box of rocks
Until finally it can only be opened by Indiana Jones in a temple at a certain time of day shining the sun on it through a rare and expensive crystal on a stick.
I just got the email from Vaultek. They are sending out an attachment that will block the button. Well Done, Vaultek! and Thank you LPL!
What was that attachment? Can you post a photo?
@@champ315 I can not post a picture... Don't think I can in a comment. It is a plastic bit with a door that adheres over the button.
@@DocRorshack That's ok. thanks.
@@DocRorshack Hope LPL posts another video opening it again with the "fix" installed. If one can get a fork in that far, a sturdy pry tool should pop it right open. If nothing else, it could knock off the "plastic bit adhered over the button". What a joke.
@@shteebo Vaultek changed the firmware on all current stock after this video was made making the program button not work when the case is locked the cover was the only solution for products already in use.
People just need to start hiring this guy for their lock companies and tell him to break into the lock and show us what needs to be fixed. Screw “Professional Lock Pick Tested” I want “Lockpickinglawyer Tested”
Agree and Very good point
Lock companies want to sell illusion of security.
That illusion doesn't cost much to produce if its made of thin steel and cheaply produced.
People are more sensative to price than anything else. Cheaper things will allways sell more than expensive things.
Lock companies are incentivised to make cheap locks.
The problem isn't they dont know its that they dont care
They can say it's professionally tested by a locksmith.. They don't have to say how quickstep broke into it lol...
Locks only keep out the honest folk.
finds a design flaw
*looking around his house
“what’s the dumbest object i can break this lock with ?”
Bruh
@@Dougy take your useless "Bruh" comment elsewhere.
its about as useful as master lock.
@@darkshadowsx5949 Bruh
@@darkshadowsx5949 bruh
@@darkshadowsx5949 bruh
The day I see LPL pick a lock with a banana I'll just give up on physical security
Frozen bananas are quite solid, and could probably open some of the more poorly made padlocks with a little "percussive maintenance"...
This needs to happen lmao
I think that could be a good April Fools' video.
Bump key + frozen banana mallet = LPL's breakfast
Physical security is always just a matter of time and force. No physical security is ever going to be resilient to the ultimately equipped and determined attacker. But is the security measure good enough that overcoming it takes too much time and/or force to be worthwhile to expected attackers? If so, it's a good physical security measure.
In that sense, a paper envelope is almost always an adequate physical security measure to protect the information inside. Very little time and effort to attack, but the contents very likely have virtually no value to anyone but the intended recipient.
What LPL does is show up physical security that falls short of its requirements. A small Master Lock on an expensive bike is probably worse physical security than a paper envelope. Given how important it is to guard firearms, gun safes should be held at a much higher standard.
The real facepalm moment is that the safe even lets you reprogram the ELECTRONIC code when it’s LOCKED 🤦🏻♂️.
good catch
That really has to hurt, when you're the one responsible for that. They seem to have put some thought into it by even making it possible to disable the mechanical override, but then they were defeated by such an easy to avoid error.
thats my main issue
what kind of program lets you reprogram the code while locked
It looks like the lock can't check whether the lid is closed or not. That wouldn't matter much if the button was actually inaccessible from the outside, but there we are.
A way to fix that in software would be to require the current code when the reset button is pushed before allowing to punch in a new code.
SteelSkin667 good point, but I would say that’s also maybe a design flaw...
These guys took the “g” out of gunsafe.
underrated
gunderrated
@@ZartaxtheWise lol true
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaah
i get it
Lol nice!
Vaultek: Let's make a quality portable gun safe that is very difficult to get into with illegitimate means.
LPL: So I got this fork...
If it were quality you could not open it enough to stick a fork in... I mean a little bit of overlap and a bit tighter tolerances and you could not access that button when closed.
@@etherealicer Quality and cheap enough for most people just don't fit. The cheaper solution is those clasps. Unfortunately they can be opened without unlocking it. Also the reality of it being a 4 digit lock with only 4 possible numbers for each means its pretty vulnerable to a brute force attack regardless. Only 256 possible combinations which someone could go through in about 20 minutes if they really wanted in.
@@alexsis1778 arent there 5555 possible combinations tho?
@@ykhenessey3924 nope, 4^4 = 256
@@ykhenessey3924 you're probably thinking that each digit counts as 10, which is false, since you only have 4 combinations per input. Since you're only allowed 4 inputs, the total combinations is 256. If they required 6 inputs (as in a 6 digit pin), then it would go up slightly to 4^6, which is 4096. If they had 8 combinations per input, even with the same 4 inputs, you'd get 8^4, which is also 4096. I personally wouldn't trust such a thing even without the fork exploit. It might prevent a child from unlocking it easily, but probably wouldn't stop anyone that wants to take what's inside.
Imagine hearing the words rookie mistake about your lock from LPL it's gotta hurt
yeah, even i felt bad for them :))
Like a fork to the heart
Yes and no, i mean, I'd see it more as constructive criticism in just this case. Compared how he can burn a whole lock company. it's just one flaw, when he compliments at the same time about the other items.
Jenkins!!!!! You're fired!
Not everyone is sensitive.
One minute you're safe in your vault waiting for the bombs to stop falling, the next minute you can vaguely hear someone outside the enormous rotating door going "1 is binding... got a good click on 2..."
Heh/
The same joke on every video. Don’t get me wrong it’s still funny all 14 hundred some times, just it’s literally every video. Not the same viewer but….
@@evelbill1439 thats called tradition
@@evelbill1439 people make jokes about fallout on all of his videos?
@@junoperberry I think they meant there's a joke comment on every video where the punchline is "1 is binding 2 is something etc."
Admittedly this was one of the better ones
I remember when VaultTec built locks capable of withstanding a direct nuclear strike. How the mighty have fallen.
That was by 2077. These are their early days of building locks to keep people trapped in experiments.
Was looking for this reference
To be entirely fair even one of the vaults didnt quite close all the way...
@@Gr3nadgr3gory that was on purpose though....
@@prestonsamson3674 at least that's the official story and they're sticking to it!
"I'm going to use a standard fork in 5/32" to provide reset button pressure..."
"First I'll get this fork that Bosnian Bill and I made..."
Every day we get closer to the Fallout universe, including Vault-tec making vaults that aren't always up to code
thing is the vaults were built to code. The problem was that a corrupt government for retarted reasons wanted to run social experiments many of which were cruel and pointless when they should have been focusing on saving as many lives as practically possible
@@RocketHarry865 It wasn't government, was Vaultek themselves.
I was about to say haha
Should stick to nuclear bunkers and not gun safes lol
@@calculator1841 The government was involved. The Enclave part of it, anyways.
2:10 “in any case” man, that’s deep
@Seth Organ My favorite LPL line was from when he picked a lock with a Christmas ornament: "I could have probably opened this lock with a stale Dorito."
Matthew L please, please hook a picker up with a link. I need to laugh too
Some more quotations thank goodness we have smart people here.
@@jaythatguyyouknow5135 ua-cam.com/video/tPXqTQsk5o4/v-deo.html
Adrian Kinny, my picker!
I'm just imagining a board meeting at Vaultek discussing this fault:
"Ok, the LifePod has passed our test stage. I don't think there is any way the average consumer will be able to open this safe"
_"but what if they have a fork?"_
Frabbachino I know I mean look at the faults in their nuclear bunker plan that didn’t work very well
This assumes that the manufacturer even cares.
@@afnDavid I know, right?! But with videos like this, with lots of view, it may get them to care when their pockets take a hit.
@@afnDavid What kind of stupid statement is that? people aren't going to buy a product they know is faulty so the company will make less money. Their interest is obviously in making money so they will obviously want to fix it.
All they would have to do is a simple update on whatever kind of controller they are using for the lock that says if its locked then disable reprogramming switch
@@TriMarko Or even easier. Add the need to enter the old passcode and then enter the new
When he said "let's try to find that button" and slid the fork in, I could swear he was gonna jokingly say "click on one"
Lol same
💀💀💀💀💀
"I once saw him pick a lock with a fork, a f**king fork!"
Yes I have just watched John Wick for the millionth time
save that for when he uses a pencil... we know it's coming...
a forking fork
WHO DOES THAT?!?
"You lost the lawyer? How???"
"I don't know sir, all we found was this fork on the floor..."
This! This is just great! XD
Nah, he couldn't POSSIBLY leave such a valuable instrument behind!
@@512TheWolf512 He knew that the fork was too powerful and wanted to give himself more of a challenge
You know they didn't say how or idk... cause they just looked on his channel after he posted it an saw how he escaped 😆
The fact that he didn't open the Vaultek safe with a Bobby pin feels like a huge missed opportunity.
Underrated comment!
@@mallobag Not really
@@kris-ok8fl yeah really
@@kris-ok8fl it’s a fallout reference. You didn’t get it
@@MrSolidBlakeGaming i know
Vaultec security always had flaws.
To think that I could take their "Cryolator" out of their gun lock with just a dog..
Damn Bethesda.
hahaha
It just works
@@Johnof1000Suns ^this make me laugh thinking about a comment in The Outer World video where the suggested swapping "It's not the best choice, it's SpacerChoice" and "Aunt cleo, Better than nature" with "Bethesda, it just works" and "EA sport, it's in the cash" 😂
Funny, I tried it several times and never got it to work. I guess dogmeat knows I hate him.
@@TheTheJimJim Those ones and zeros gotta feel appreciated yo
Vaultek Engineer: “Ah, Friday. Let’s see what entertainment ole’ UA-cam has for me today and- OH SWEET GOD NO”
wow - a company that addresses flaws quickly - world needs more of these!
Company ceo be like
" *WHAT THE FORK* "
more like " I DON'T GIVE A FORK "
WHAT? THE FORK!?
HITESH ADHIKARI 😂😂😂
😂😂
CaptainSparcklez be like "what the fork?!"
You know what I’m just gonna keep my stuff in a paper bag and hope for the best from now on.
JeredtheShy LOL
It is probably safer than a safe!
This is why I REALLY want him to do some recommendations!!
Though I DO remember a video of how for under $5 you can take tools for those quicklock locks for door locks and make them very difficult to pick.
Seriously, I would LOVE to see him go "Now here's how to make your home and valuables are ACTUALLY safe...."
Instead of just going "Look at how laughably easy this is!" or "Look at how easy this is if you have the right tools!"
😂😂
🤣🤣🤣😂😂😂😂😂
At this point LPL is just setting the world record for most locks opened with household items.
When I saw the feed: "Opened with FORK"... I was like: He is taking the piss at this point...
Check out "Opened with a twig"
The shape of the fork is actually an important thing here. It wouldn't work with a knife or spoon.
You mustn't have watched many LPL videos to think that. He doesn't need to take the piss. Still waiting for him to open something with a banana though.
@Liberal Tears it's a common phrase in England to mean "he's kidding or he can't be serious.."
@Liberal Tears LPL's comments section is normally so polite, shame
My safe is totally secure from all attacks
LPL: I'm hungry and brought a fork
WE ARE SO SCREWED
Shhh, he'll use a screw to open a lock next if you say things like that in his earshot.
We are not screwed, we are forked :)
@@Eunakria I want to see him open a lock with a lock.
Satoru you mean we are so forked?
You also can screwed it open using flat heads
Luke: My lightsaber is in this locker and I don't know the combination!
Obi-Wan's ghost: Use the forks, Luke!
how is this not the top comment xd
most underrated comment on this video!!
@@RipOfflineAudio Because this video was made 1 year ago and this comment was made 3 months ago.
LMAO. Nice!
Hmmm, the snark is strong with this one… let your heart fill with pun! Ok that sucked but this comment should get a pin in second place 🥈
Other channel “I fully endorse this product” LPL “hold my lock picks imma use a fork lol”
Can you imagine working hard to develop a new product and then you see it on a thumbnail of LPL. "Oh noo, nonononooo", you give it a chance and look at the title "picked with a fork".. fuuuuck that must be tough
Quentin GALLEA how about seeing the video is 2 minutes long
Then again, who would come up with using cutlery as a means of defeating a lock as a first option. ^_^
reine svenssons I think he said “plastic lid”; thats the give away as to how most folks who want in will get there.
@@AiOinc1 I would be somewhat proud that it took him that long.
Damn, vaultek handled this really well. Love to see it
I cant wait for the episode where he plays a tune on a flute and opens the lock like a snake charmer.
When LPL forgets his tools downstairs and needs to resort to his utensils from breakfast..
This is the LPL and I just finished my French toast....
Before I eat this french toast I'll pick a lock with it, don't blink.
At least he used a clean fork.
I love how fault finding is such an effortless feat for you. Truly amazing.
There's something amazingly mind-boggling about safes that have such fundamental flaws, and the way you point it out by using a fork of all things, is just brilliant. I hope the people who designed the safe watches this and learn a good lesson about what not to do in the future.
And have a red face
They did. They replied with a software fix. This won't allow the reset button to do anything when the case is locked. Now I'm sure there's gonna be a way to bypass that as well if someone really wants to find a way.
that's why it's best to leave safe building to the pros
@@ratataran But what about the key lock that's next to it that disables the physical lock? That looks kinda like it's hardware-based. Granted, you'd still have to pick the lock after disabling it.
Me: *Sees vault tek*
Also me: *Fallout flash backs starts playing*
Companion for fallout would definitely use him go get places
lock pick 100
i dont want to set the world on fire
i just want to start a flame in your heart
@@hardwirecars in my heart I have but one desire
And that one is you, no other will do
War... War never changes
One of these days we'll hear "This is the lockpicking lawyer and I will open this lock by giving it a mean look."
"oh no officer, I don't have any lock picking tools with me, just this fork!"
Now I know the next episode of this is going to be him unlocking a lock with a lock
He's already done that, with the breakaway master locks.
Andria Marie “There is no lock.”
@@jttech44 you got the number for that?
Jesus Christ 😂
Lockception
I've recently been recommended a lot of gun locks from LPL in my recommendations (ironic that I don't even own a gun), and I love seeing the comparision between this particular video and the others: The others always emphasize on being a bad design and terrible flaws (wafer, magnets or both), and yet this one is loaded with high security features and only a single, careless flaw, not to mention it could have a quick fix by putting on a lid, the maker even took the video as constructive criticism. It's great
You might say that the lock designers "forked up" :D
Get the fork out.
boo, hiss, etc.
This approach gives a whole new meaning to the phrase "forking the code"
Are you forkin' kidding me right now?
Probably an easy software patch; "If the thing is locked, don't listen to what the buttons inside say."
The hard thing would be getting the patch to all the lockboxes that are already in stores and with customers
@@lilpeach101 True because I don't think most people would give a second thought to making sure their firmware was up to date on a product like this. It shouldn't have to be.
It's probably impossible to update these lunch boxes outside of factory ^^'
That would only be possible if there is already a sensor that detects if it is locked or not. And if they were smart enough to install that sensor, why would they not have used it?
Wouldn't work without a switch/sensor to detect if the lid has opened, the software in these thing will power a solenoid for a brief period and expecting you to open the case while the solenoid is retracted, after that it will just go back to sleep, it doesn't know if the lid has been re-closed or not
Working in product development myself,this kind of highlighting of possible design flaws is amazingly helpful. You're doing the locking industry a big favour with your videos.
“Using this fork Bosnian Bill and I enjoyed a Valentines Day Meal with”
We sure did tension each other's wrenches
We'll use this Fork that bosnianbill uses for his spaghetti and I clean in the dishwasher...
Imagine the feeling of these lock developers' hearts drop when seeing these! Great work either way
"I'm going to use this fork Bosnian Bill and I made"
Love that saying
Nah....... that fork would be much fancier.....
thanks made my day
Lmao
This man consistently destroys every lock company and I love it
"Why a FORK, Cousin?" - "Because it would HURT more!" lol
I see what you did there, even if no one else does.
Great villain, but the accents were kinda bad
@@CWPTraining They were! lol
Too funny.
“I’m going to stick a fork in it to see if it’s done”...
...Yes, definitely done.
For Gods sake why don’t these companies hire this guy to test their DAMN PRODUCTS!!! Holy crap you can’t have this kind of defect in a gun safe!!
... I don't think you've messed around with many gun safes--this is honestly a decent piece of work (comparatively) most are this bad or weaker.
Even if they did, they would have done nothing about it. The chances that nobody in the whole development and production chain did not realize this are slim, yet nobody cared or if did, the company didn't care. It takes a viral video these days to get things done, unfortunately. And I must say the LPL is doing far more good with these videos.
Gun safes like this are more about preventing immediate access than they are about preventing access "no matter what" like a large safe you would bolt to your floor. The latter is something you'd have in your home to ensure no unauthorized access can occur like children. Travel safes like this are more for your car/truck in order to prevent it from being used/seen before you get to it
@@gearloose703 "Even if they did, they would have done nothing about it." Check the top pinned comment on the vid. Honestly shocked by the response.
If he never showed this video no one trying to break into it would know that unless they had one to learn this exploit. It has to already be open to find that out about its reprogram button
I want to see TLPL do a series on these sort of boxes & locks called "tested by tantruming toddler" to see just how secure these safes are at keeping children out
The real question: "Is this just a software issue?"
If I were on the board of directors for this company I would have this fixed and a pre-production revision in the mail to LPL within 24 hours, with a few hundred dollars cash inside a locked box and a nice note challenging him to try again.
If the microcontroller inside has a reliable method of detecting that the system is locked and closed, then it will be very easy to disable the button when the box is closed. If this is done, and the barrel lock can be disabled digitally, the only potential way to open a box after forgetting the code will be either destructive, or waiting on the battery to discharge assuming someone was smart enough to create a battery discharge threshold that relinquishes control to the mechanical lock before shutting down from low power. The circuit that takes control might be some kind of latching relay that only requires power to change states, (or maybe not, as that has it's own magnetic attack vulnerabilities). If a relay like circuit is not flipped due to low battery life, I think the only way left to get inside is destructive.
-Jake
They probably cheaped out on a switch to detect when locked.
@@alexandramarberry1023 If that's how you or the factory update firmware, then yes, classic attack vector.
I think you buried the lede. The real question is: "Is there a microswitch to detect if the lid is open?" It might be easy to explain how to and update software, but without knowing if the lid is open the only options are engineering some fix, and sending it to each safe owner.
It’s certainly more economical to frame this as a software issue, but the introduction of more complexity (even if it’s as slight as checking that the device is actually open) may actually provide a new attack vector or a new point of failure. For instance, we might be able to trick the microcontroller into thinking that the safe is open, and then we can push the button.
I would disable EVERYTHING. Run out of battery? Too bad. No port, no nothing. Now you have to cut it open. You want secure, there you go. If you're not responsible Enough to check the battery every couple of months, you're not responsible enough to have a firearm.
Vaultek: OUR PRODUCTS ARE AMAZING
LPL: Fork you.
I bought one of these for my new Camaro since I have to secure my weapon before I go into my work place. This is ten times more secure than the standard glove box and the cable is attached to the bottom of my passenger seat so I can slide it under and out of sight.
These videos are getting more esoteric by the second.
I swear, one day he'll open a lock with his mind.
He uses his mind to open all of the locks. Try opening a lock when you have no mind; doesn't work well.
I wanna see him pick a lock with another lock.
So, much like a top shelf, the only protection this gives, is that my children cant be bothered going to the kitchen for an easily accessible tool to access it.
only because this video was posted. No child would've ever figured that out on their own. Now there's a tutorial.
@@ExplosionChimp This dilemma has been explained many times before. Both children and thieves have more time than you do to figure out schemes and flaws in security devices; and will eventually exploit them. With, or without your knowledge. These videos and the many like it serve as a defense for the average Joe unknowingly buying faulty products. Unto which criminals and curious children make short work of regardless if there is a "tutorial" or not.
Even without the fork exploit, this safe is pretty easy to open. There are 256 possible password conbinations, you could try out all of them relatively quickly.
That stuck out to me too, especially unsuitable around kids. It does apparently prevent pin entry for 4 minutes after 6 incorrect entries, but on average it would take 128(half the total number of possible codes) attempts = 128/6 = 21 sets of attempts = 84 minutes total waiting + time to enter codes. Of course there's a very reasonable chance it could take many less attempts.
ie: it wouldn't matter much to kids or anyone else who spends a long time overall with access to the safes location.
Apparently you can optionally set the code up to 8 numbers, which would immensely increase the number of possible combinations, but it seems likely most people wouldn't bother.
More buttons would be much better, a 2nd row of 4 buttons would mean 4096 possible combinations even for a 4 digit combination.
Portable safes seem to be asking for trouble anyway though.
0:42 "That's because the designers made a rookie mistake"
Ouch...
After reading comments, I think this vulnerability was deliberate to allow people a non-destructive means to their valuables in case of forgetfulness.
Yeah they didn't send it to the lpl before selling it!
They fixed it.
a knife, a fork...
next LPL will open a bank vault with a spoon.
There is no spoon
“... why a spoon?”
“Because it will hurt more, you idiot!!!”
CheshireTomcat68
Lol, with the LPL its only the safe that bends...
One of the most fascinating things about this channel to me is the fluidity / dexterity with which this guy does everything. I know he probably has to do multiple takes often like anyone else, but even the way he puts in a code like “1234” is just slightly abnormally smooth and satisfying to watch
Some UA-camr: I endorse this lock. It is great!
LPL: Hold up, pal.
Lock: *Sweats*
Fellow UA-camr: Buy this product
Lockpicking lawyer: I'm about to destroy this guy's whole endorsement.
The S in Vaulttek is for Security, the C is for competence.
awesome man
Just seen my first ad at the start of a LPL, good on you! They may only be 2 minute clips but I binge watch all of them and if any UA-cam deserves ad rev it's you!
He could totally do a sponsor spot. I'd watch that.
@Seth Organ -- how do you know that LPL didn't monetize the video?
Its 1 AM, and im watching a guy lockpicking a gun safe with a fork on youtube
and..you will do it again..and again...and again...as we all do, we have no choice in this
I especially watch him because he's too fast
Its 4.43am, and I'm just watching it
Its 4 AM, and I'm watching a guy lock picking a gun safe with a fork on UA-cam...
David Bost 4:00am is prime LockPickingLawyer hours
I like this video: You praise the innovation and good approach, show the flaw and also tell the manufacturer how to improve on it.
"Now if one of your coworkers accidentally packs their lunch in a gun safe, you'll have a neet little party trick to show them."
logically usual and you’ve already got the fork to eat it with
I'm gonna start unironically protecting my lunch in a portable gun safe.
Next video: "Lock opened by staring at it for 6 seconds".
I'd watch that movie. "Lawyers who stare at locks."
I never woulda thought the button would accessible personally. Good thing you guys think hard for us.
The programmers actually thought of this (being able to reprogram the code *while* it's locked) and quickly wrote a patch. Sadly the manufacturer got the code's wrong fork
This is a joke only programmers that use version control wil get...
Episode 1
"Someone's breaking into the house!"
"Don't worry, I've got a fork!"
For some people, common cutlery was the first tool used to gain entry to local (home) restricted areas (e.g., parent's bedroom, sister's diary) that have tempted their curiosity for to long. That which is hidden becomes that which is most curious and, as a result, we spend a great deal of time and effort trying get at that which we have been denied.
When I got locked out of my house back in high school, I’d actually hide a fork around the yard to open the door. It only worked when both locks weren’t on the door.
Even though this is a very simple tool to get into this safe, you would need prior knowledge of this very specific issue to pull it off, and if you are breaking into a tiny gun safe like this, I doubt you would be the most intelligent person around. Even considering this, the company fixed this issue which is very admirable.
Lock: exists
LPL: Rookie mistake
lock: has anti shotgun potection, water proof, improssible lock, no screws
LPL: rookie mistake cuz why not?
*_"LockForkingLawyer"_*
!!!
Enjoy your return to the surface. And thank you for choosing Vault-Tec.
I am waiting for the "so today we have a safe that is fireproof, waterproof, crushproof, pickproof, and bombproof. Unfortunately the designers created a major error while designing it and I will pick it with a pair of chopsticks."
Someday, I hope to hear you say, “After all these years, I found one I can’t pick!!”
This safe should be un-pickable, especially if it holds guns. Once the firmware knows the safe is locked, it should disable the combination change button. Simple to do that change in firmware. Or have another switch hidden when the lid is closed to disable the change combination change switch.
Great video!! Thanks!!
Harry McDow And how about don’t give it a plastic lid! (Just after 1:00)
Pretty sure the Bowley locks gave him a run for his money. Super interesting.
Look up the naughty bucket videos. He beats a number of them, but apparently some win out.
I think the ability to reset the code without the combination is for when the mechanical backup isn't disabled. Say you forget your combination because you lost about it in your garage, but kept the key. You can open it up and reset the code. This can still be fixed if you have it know if the lock is open or not, regardless of how it was openned.
I wanted to leave a comment just like this, but then had this realization:
The key backup makes a firmware "am I locked?" check impossible. It's more than a valid assumption to make that, given they had to resort to this, the locking mechanism has no sensors to tell if it's engaged. And so if the lock was open using the key backup, the firmware would still believe the lock is engaged - and prevent you from using the password reset feature.
@@cardboardbox_tech It doesn't. Just some simple "wires" and a nand gate will sot that out. If they don't built it that way, that it is entirely their fault.
There are so many possibilities. However a simple piece of plastic on the lid, that goes over the button when it's closed, would have probably been the simplest way to secure it.
Great job with finding the design flaws and great job to Vaultek for responding and swiftly fixing the flaw.
LPL are you John Wick? “With a freaking fork”
he decodes locks purely from sight, this guy is better than john wick.
@@Joe_McLeod did you here that joke go woooosh?
Good timing, I was about to buy one of these and now will not.
It's a flaw you can easily fix, though. Just cover that button with a coin and double sided tape
buy one but keep all the forks inside
@@xanamata5386 What if the burglar brings his own set of silverware? I'm sure most intruders have at least on piece of cutlery with them...
I glued a thin metal plate over the button just now, and I can't press the button from the outsite. It's a serious flaw, but for those who already have it, just place any rigid metal plate over the button. I thought about just removing the plastic button itself; but I'll explore that later. For now, the metal plate works. I may add a tiny hole to the plate so I can at least access the button with a needle.
@@xanamata5386 brilliant
LPL, you are a total savage genius. Companies should consult with you, before they role out any product. Issues like you demonstrated here would be reconciled right away during the R&D process. Good work!
Elementary school child who only gets to use sporks: “Well at least it can only be picked with a specialty tool that most people don’t have access too. “
A scenario the other way around is more likely the case because Sporks have gone out of production and are quite expensive to purchase now as a result. A math teacher I had was going to use some for some reason for a class but fond out that is is unreasonable to try to aquire them.
@@VinegarPotato Are you american? Here in germany we can buy those in stacks.
"I'll be using the fork BosnianBill and I ate dinner with."
Honestly this is the best kind of product testing and its completely free
the fact that he didn't even have to put in the old combination before resetting is the true mistake here
By this logic, not only the owner, but a locksmith should be unable to help someone that forgot the combo
Logic holds up. You forget. You've gotta get the angle grinder out
WyrdPleigh if you want to be safe, then yes, there should not be a back door on a product like this.
@@maplemeep This is standard practice on products that allow rekeying, recoding, or s change of password. You need the working key or code to change to a new one. A locksmith will use some other exploit, or just brute force the code to open it.
That's because you can only reset to a new combination once you've already successfully opened it with the old one or the key - at least that was their plan.
"the plastic lid" 🤔
Also, four numbers from 1-4 offers just 256 possible combinations.
Its still easier to buy a gun. 256 combination takes in the worst case still some time. If someone think he needs a weapon that is ready to fire i dont want to enter a very long code. With force you can open anything takes just a bit more time. Best way remove the bolt carrier and store it in an diffrent place.
@@RC2225 an hour and a half of work attempts that guarantee an open lock, or equivalent hours of work to afford a firearm?
A runescape player can fletch over 20,000 longbows every day without a good reason, but what about a determined thief?
Mate, you need to do your maths. There are 4000 possible combinations.
@@I.J.1981. I think you need to? 64 with fixed numbers (1-4, assuming only 4 numbers used for combination) innit?
@@I.J.1981. Each digit has four possibilities. 4*4*4*4=256.
Thanks for the update on the new version and how quickly the company responded to get this firmware issue resolved.
This is 2020 vaultek gun safe and today I'm going to show it's weird quirks and features!
Doug? (=
LawPickingLawyer: Vaultek gun locker.
Me: fallout 4 flashbacks
"it's the vaultek life pod"
Fallout 4 players: *PTSD intensifies
Vault 34 survivors: *ghoul noises*
LockPickingLawyer: Finds and exposes a critical flaw on a top product, alerting the manufacturer to immediately upgrade firmware saving them millions.
Vaultek: Good looking out bro, we left you a comment on UA-cam n gave you a like. I guess we're even now right?
Getting paid isn' usually why white hats do what they do.
If they were smart they would give lpl a million dollars to consult on "lifepod 2.0 lpl approved" I'll buy that
@@ketherga so why they do that?
Company should have some ethics , they should reward him or at least recognise through a formal thank
They could have lost million in law suit
I feel at this point he's just trying to find the weirdest way to open things.
I call it PickBaiting
What gave it away... when he started using legos?
There were quite a few requests to use a fork in the comments from some of the other ones lately. I take this as a good sign that LPL is at least browsing comments.
I think that it's a good way to bring in a bit more variety. Also, it's cool to see what can be done without tools. Sometimes it's a little difficult to believe that they're that bad, since it's a highly skilled picker using tools designed to pick locks. This way, it seems a little more reasonable, and it really drives the point home.
You mean after the stick and the straw? 😂
Vaultek: Welcome to the next generation of security.
LPL: So anyway, I started forking
I glued a thin metal plate over the button just now, and I can't press the button from the outsite. So there you go. It's a serious flaw, but for those who already have it, just place any rigid metal plate over the button. I thought about just removing the plastic button itself; but I'll explore that later. For now, the metal plate works. I may add a tiny hole to the plate so I can at least access the button with a needle.
That would be my simple solution. Is it so hard to do recessed buttons, they were common at one point?