GitHub: ViGrey Twitter: @ViGreyTech LinkedIn: Vi Grey

Picking TSA Locks with a Bobby Pin

Aug 21, 2017

In September 2015, a collaborative GitHub repository was created to create and share 3D models of the leaked TSA keys. Of course, in traditional reactionary fashion, news agencies caught wind of this and wrote articles about how anyone can break into TSA locks and how the locks were no longer secure. I can assure everyone that it wasn't the 3D printed keys that made the locks insecure.

The lock that's readily available to buy in the United States is the TSA007 key. It looks like a regular key, but much more slender. Regular lock picking can be done to open the lock, although the key hole is a bit more slender than most key holes on locks. The key being as slender as it is means the teeth depths of the key don't change much from tooth to tooth, so I figured out that I could pick the lock with 2 tension wrenches instead of a tension wrench and pick. This lead me to trying 2 bobby pins, and eventually a single bobby pin, which is shown in the video below

TSA007 locks are not insecure because the master key design was leaked or because 3D printed keys are publicly available. TSA007 locks are insecure because they are very poorly designed locks. That said, these locks are not meant to be secure, they are mostly meant to keep honest people out. Just keep in mind that a very weak point to any TSA007 lock is the TSA007 lock itself, no matter how well designed any extra lock features included might be. (Of course you could always just open the zippers of luggage with a ballpoint pen)