NOTE: Ms. Garcia has already posted to social media that she plans to change the locks and the keys... just in case anyone out there was determined to see this video as some kind of risk to her personal security. She's already on it.
@@truthseeker308 maybe she was, we can't know for sure. Either way, I'm happy that people are being mindful of this and talking about Good security posture.
@@DeviantOllamOne could probably derive the exact location of that photo, by triangulation - not just the building, but also the floor and window. It has tons of identifiable landmarks and enough detail for occlusion.
part of the same lesson: you would not write your PIN onto your card, then please do not write your address onto your keys. Do not use your employers marketing lanyard on your workplace keyring. maybe don't use your companies gift backpack for your work laptop.
@@quillclock well, I do not know her, maybe she is a tiny bit more clever than what we are assuming: maybe this was indeed not her real keys, or she changed the locks anyways. Or that's how I would do it, if I was to brag about my new flat on social media. Maybe I would likewise not post the real picture from my own balcony, but maybe a similar view from another balcony that I took while browsing the appartments.
always appreciate you posting these sorts of things without shaming folks. we haven't gotten to the point where this stuff is being taught young as a basic personal security practice, and until we get there, it's pretty unreasonable to act like everyone should know better.
The MINUTE I saw those keys I was like "Yep... Falcon"... My old boss LOVED using Falcon SFIC and even bought out a MK system from them through US lock. There were SO many sold in the area that even today, 10 years later, I still have the control key for that system on my keyring so the second I see a Flacon logo I reach for it and usually get get a pulled core. It might have been convenient and cost effective during the "security though obscurity" days but definitely NOT good security. As one of my favorite movie bad guys explained "Quick and easy is how you bake a cake, or clean a toilet, or shop by mail, it is NOT, how you run a business." I say that to say this.... Chances are, the company who did THAT building, has probably done others, and might well be using the same MK system. Sooo the top tier master and controls would open everything in not only THAT building, but possibly others... We're in a modern age.... Do better fellow locksmiths.
Did this years ago in college when most of the apartments used Best/Falcon locks with non-restricted keyways, although not a public photo of keys exactly like this. Took a quick cell phone picture of my friend's keys on a table, measured the cuts with grid lines in Gimp, filed a copy at home. A week later we were visiting the same apartment and I let myself in.
Most of the older/lower end car keys for the last several decades were tip stop as well. Now it seems to be mostly side cut as a backup for the smart fob.
Someone replied to her post saying that it's a bad idea to post your keys, and she said she was having them changed anyway. Quite likely this key is already useless, and you're not going to get far with just knowing the building.
Oh I'm sure she was planning on changing the locks before she was informed...not. If she had any security sense, she would have never even posted what building she lived in, less not her keys. With that kind of money she needs to hire a security consultant to screen everything before it goes into the wild of the internet, and a social media manager as a backup.
I can’t believe people actually watched this and thought to themselves “secret agent Ollam, using his top-secret skills infiltrate this independent woman’s flat”… like WTF! I bet you use pronouns, don’t you?
If u use perspective cropping in photoshop you get a front view of the key without distortion. Should be faster and more accurate. I use it to photograph paintings that otherwise reflect light back in the lens. I shoot it a bit from the side and after perspective cropping it looks just like you were standing in front of it, but without the light spots on the painting.
14:13 I'm sort of curious what the "Post War" amenity is (second column, second row). Like my first thought was it was a typo, but then, what was it supposed to be?
You create some of the most interesting content out there. Keeping us safe, making us laugh, making us think. Good stuff! I think I remember you doing a video about a guy that posted the keys to his restaurant years ago. I had never even thought about that being an issue until then. It's so funny to me that all these years of me watching (and enjoying) your fascinating videos started when I was doing some research about writing instruments, pens specifically. YT suggested a video called "PEN testing" or something like that, and I thought, "This guy tests pens for a living? This is a 45 min (maybe it was longer?) lecture about pens? I guess I'll see that that's about." Turned out to be one of your videos and was of course about a whole world that I had never looked into before. I watched the whole video, and then started going through a bunch of your videos, and subscribed that day. I've still never tried to pick a lock, or done any of the things you talk about, but I am still enjoying every minute of your videos. I also hopefully won't make some mistakes people make when travelling or posting online, all because of what you've shared with us. Thank you!
Great video! I spent a year in Indianapolis (‘94-‘95) working maintenance at a large building that used Best SFIC (had some Falcon cores, too). Best (being based in Indianapolis) actually let me tour their facility once and it was pretty awesome. Best being my first foray into institutional locksmithing, has caused me to always fixate on those best blanks behind you and wonder which keyway they were (I’m not neurotypical, lol). Mystery solved, now I can pay full attention to your videos!
NYC real estate is one of the greatest scams out there and why most of us laughed when a certain orange tinted individual was charged with exaggerating the value of their properties.... Yeah there's also trees in central park and those designer handbags on the corner aren't real. Welcome to the big apple.
@@JJFX- charged means he was exaggerating the value. like, no prosecutor is going after someone with legal defense funds that large unless there is compelling evidence. just because everyone else is scamming doesnt make them not a scammer. also there are definitely trees in central park idk what youre talking about
I don't put much stock in "fitting in with the neighborhood" when we're talking about downtown Manhattan: if there's anywhere a giant modern high-rise belongs, it's there, right? But that's an ugly-ass building. Still, I guess if you've got the money, the one place you don't have to look at it is from inside.
This is why having "Decoy Keys" on your keychains, Is a Good thing! 75% of the keys on 'my main keychain' are Decoy. and I don't let other use my keys. I even keep some keys in electrical heat shrink. so no-one can see the dibbing of the key & I can see if the seal been tempered with.
Not really mentioned in this video, but here is how to find the floor at One Manhattan square At 10:55 On the left of the screen grab, the building with a blue / zinc color is Trump's 40 Wall Street The top floor, acc. to Wikipedia, is 836 ft (255 m) This is what intersects the horizon. The horizon is a bit below where it would be if this was an infinite plane, because of Earth curvature, take that into account. This means that she' s approximately ALSO at this height. This matches the spec of One Manhattan Square Roof 847 ft (258 m) So she's on the top 5% of the building You can try with other features that align, but it will require using a bit of arithmetic (Thales theorem) It involves the ground distance between the building, and you don't have that problem with the horizon at infinity.
Glad to see that as people, we can make sure people make good decisions in life. Like making sure not to post your current keys to your home on the internet or not to doxx yourselves. But at some point, didn't anyone talk to the building designer, thinking that this might be a bad idea? Good thing they didn't build a second one next to it.
You should mail her the key and tell her to refrain from doing things like that in the future. You know enough of her address to get it to her building and if you conveniently smudged the apartment number the post office would still probably get it to her. It's shocking how effective the post office is at making sure mail gets to where it was supposed to go.
I had a personal letter mailed to me with the street address misspelled, the number transposed, the zip code wrong, and my name spelled incorrectly and it showed up with no problem! i was grateful to receive it as it was important to me. it was incredible!
One question that I have now that someone mentioned access to those building amenities: If you have pictures/bittings for TWO different keys in that building, how likely are you to be able to deduce the "master key" bitting (assuming it has one)? With 3 known bittings? 4?
Dev has a video on decoding Master Keys. If you're doing the Master Key attack that he mentions, you just need 1 known key and a bunch of key blanks and a key cutter of some sort. Dev also has a video challenge of where he gives you a picture of 1 key, and 2 bitting values of the master key, and you're supposed to figure out the rest, and you can reverse out the 3rd key in the system too. From your original question, you might be able to do it with 2 non-master keys. You could see where the values stay the same, and where they change. If you get lucky, you might be able to narrow down the values for a master, if not outright figuring it out. Obviously, more keys means more info to figure it out, but unless you know for certain, it's possible those other keys may not be for the same system. However, if you do have physical access to the location, and a good reason to hang around, you just need to do the attack Dev outlines.
@@shura0107 Oh yeah, I know that video. But this one was about decoding from an image. And yes, I know that _IF_ you're so lucky to have 2 matching keys that don't share a place where they differ from the master key, _then_ you can decode it, but the question was more: what's the likelihood of that happening? I could try to do the math, but I don't even know what factors are important: that the apartment complex has 880-something units; 6 pins total; 10 pin depths; how the pins are distributed between identically bitted pins versus "private" or "dead" pins that the front door and other common locks don't check; ...what else? 880 apartments would mean there's at least 3 private pins, if you want to avoid identical bittings. (Actually 4 because master+1 and master-1 would make the wafers too thin, leaving you with 8^4=2120 or 8^3=265.) So, Let's say that 2 pins have to be identical between keys and the front door lock only checks those 2. (Sounds a bit weak...) If the combinations of the 4 individual bits are truly random, then there's a 7-in-8 chance for any pin of any key to differ from the master, and a 49-in-64 chance for both keys to differ from the master. I.e. a 15-in-64 chance of success for one of the 4 pins. And in total a (15/64)^4=0.3% chance of success for 2 keys. 1.1% for 3 keys, and 2.9% for 4 keys. That seems way too low, somehow. Let's say the even don't like master+2 and master-2 (which still provides over 1000 combinations), then it's (1-(5/6)^K)^4 for K keys, or 0.9%, 3.1% and 7.1% for 2, 3 and 4 known kyes.
Years ago I showed my students how easy it was to copy a key from a photo. I teach a 2 year vocational technology program to 11th and 12th graders, and a portion is devoted to physical security. "Your servers are only as secure as the locks on the server room door." is something I like to say. - Anyway, I took an un-surreptitious photo of our custodians key, and hand filed a copy of it in class using a blank which I ordered online. It worked (with some jiggling) on the first try. I also teach (the interested ones) about wheel lock manipulation, and have a couple different wheel locks on pedestals for them to play around with. They make fantastic fidget toys!
My friend got his job as an admin by climbing over an adjacent wall to a server room that was being hacked and there was no one with a key because the admin was MIA.
I appreciate videos like this, because awareness is so important when it comes to understanding how we interact with the internet. Good on Yanet for learning from this fumble and making the effort to switch her keys at least. Also, holy fuck that's an expensive apartment. I knew New York was expensive in general, but good lord.
In that case, I can see someone trying to do social engineering by posing as a a "fire system service inspector" in an attempt at gaining access to the building. I have a hunch this would work. However, my only evidence this could work is how easy it is to social engineer your way into other places; My only evidence is youtube videos of other people social engineering their way into places they don't belong. (Sometimes social engineering consists of nothing more than pretending you belong there, along with saying "hi" to someone in charge.)
Good on you! I've heard more than a few argue for improvising a TQ but I just watched a video of what is likely social violence (you've disrespected me and must pay) in which the victim was stabbed and rendered unconscious in about 25 seconds! Try improvising faster than that. I'd like to encourage you to consider compressed gauze (ideally with hemostatic agent but your budget might dictate otherwise) and chest seals. You TQ limbs, pack junctions and seal the trunk. In the USA there are, often free, stop the bleed courses in which you can get hands-on practice. I'm not dressed without my wallet, (my adaptation of a devious) keyring, something to make fire, something with which to cut things, some sort of cordage, my (usually ankle worn) IFAK, something spicy in stream format for long range eye poke, where it's appropriate another tool with range longer than my arms and legs, (because I'm married) a tube of lip balm and, (because of societal expectations) clothing, cell phone, earbuds and charger. Excepting "another tool" and the cell phone that's about $200 of being prepared to handle most tasks and problems. We each have to pick what's right for our situation so that's just one example and, it is my hope, food for thought.
I have an IFAK for every room in the house, and my Car... In addition to "other tools". Did over 20 years in the Military, and trained to save lives; not take them... but also know how to be a Guardian.
@@ETC_Rohaly_USCG understood and thank you for interfering with natural selection when even the Navy is afraid to go out. Seriously, y'all get the best memes and, on information and belief I understand that TYFYS gets a bit tiring even if it's honestly meant.
I live in the Bay Area and my rent (outside SF) is $24/sqft which is low. $50+ per sqft is pretty in-line with a 2BR apartment in the city and I'm not talking luxury apartments yet. These are annual prices, so 24/sqft is $2000/month for a 1000sqft place. Or $8000/month for the same thing in her building.
You could probably pull the GPS coordinates from the meta data too, most phones have it enabled by default it's been a feature of google phones for years to sort photos by location.
Oh. No prob Bob. I'll just take the service elevator up to get past the security concierge. I saw that on a TH-cam talk once. Once I get past that guy 'I'll let myself in'...😉 I won't. I'm not going to NY. I'm 1000 miles south and happy here. I'm just being silly.
I think you nailed it. And the price/sq ft is twice my house payment (including escrow for insurance and property taxes). And I have a nice house. Not extravagant. But, nice.
A lot of these places also have a smart system that might be at play. They suck sometimes cuz it requires a working smart phone but if it's a high end apartment it may use multiple means of entry beyond just a piece of metal.
I imagine the apartment, or at the very least the floor, could be estimated using the photos and videos by calculating the lens distortion (to reverse it and get a more perfect geometric view), and the general geometries of the various buildings in view. The further apart the photos and moments in the video(s) are, the better, even with just a single point of view, there could still be some landmarks that could might provide enough features to align with the viewpoints and get a good estimate; I've seen geoguesser wizards do more with less.
The sacrifices this great man makes for us is astounding. To think Ms. Garcia will now forever see him branded as a freaky little stalker gremlin, just so we can understand security better and be safe. Truly a legend of the highest order.
Not to mention the staffing at the entrance many of these buildings have a system like door king for accsess control but also have the latest in surveillance camera that have off sight monitoring.
@@connorhorman totally agree but door king has also come out with a couple other key cuts other then their standard 16120 key. Having needed access while doing construction in some of these buildings, my 16120 key did not work, had to stand around waiting for a PM to show up.
How many times you have to tell people. DONT POST KEYS ONLINE. DON'T CARRY THEM OUTSIDE YOUR POCKET, DON'T LEAVE THEM ON A TABLE IN FULL VIEW!!!! come on people
Like the key would even slow you down getting into 99% of american homes. (bump keys, combing, a simple rake...) Few take security seriously until _after_ they've been robbed.
I don't post to social media..... but I would have never known showing a picture of your keys could lead to this........... Also this is my first time coming across channel and I've definitely subscribed to you now!
Nice video. You should reach out to her, send her the key to try out, and maybe add contact info for a good locksmith in the area who could repin the cores.
Or hey, ya know, crazy idea, just hold the keys by the biting and not the head. You want a picture of your keys, fine, just don't show the important bits (pun very intended).
One more aspect of this is that we don't actually know she lives there. You can pay to take photos inside of an apartment like this one and plenty of online personalities do it.
Someone else commented that loads of influencers live there. Might be some combo of promotional advertising on the buildings part or a company renting it out to influencers.
the funny thing is that i had to scroll a while through many photos of her to find one that was NOT so risque and thus suitable for turning into a thumbnail
There have been a number of internet influencers that live in that building as well. Seems to be a magnet for those type posts. So in the listing the average rent per sq foot is $97USD/month So your 500 sq ft studio is $5K per month. Completely insane! 🤠👍
I've shared pictures of my keys so I can show people the carabiner I use and the various charms I use to identify different keys, but I make sure it's arranged so that the bitting isn't visible on anything important. It's slightly less secure than not sharing pictures at all (since you can find out what lock brands I use) but still hides the most important information.
I remember my Dad's 1958 Buick had two positons to turn off the ignition: OFF & LOCK. If you left it at OFF, you DID NOT NEED A KEY to start and run it!
I also wonder with someone with a photographic memory, could recreate a key just from sight alone, but i imagine with some keys, that have unusual pitting, that would be pretty difficult, especially with some of the german brands.
What many people fail to realize is that the previous tenants/owners can have keys as well. Change the locks when moving in, if the building refuses don't live there.
You helped criminals, Dev. You saved them about a minute on Google Earth triangulating to find the building. And they got this information for the low low price of watching a 16 minute video, more than it would take to do it themselves. 😂
I struggle with possibly over-sharing myself. I bet it wouldn't take someone long to figure out where our place is.... Hope to see ya at camp! Stop by the Unix tent, I'll probably be messing with telephones :)
There are key catalogs, PDFs which he is using. Combining the physical evidence, the key in your hand, the lock, etc, some industry knowledge (pro locksmiths or Dev here), and a goodly amount of time scrolling the pages, it usually isn't too hard to find the manufacturer and product line/keyway. Seems like a lot of work for not much utility.
@@phillyphakename1255 thanks for the input. Seems like you are likely correct. Just thought it would be cool to have a website where you could upload a picture of a key and it would try to automatically identify the likely key types. Maybe not that useful in practice but perhaps a fun software project.
All obvious to most people on your channel as well, but a similar mentality should be taken when sending screenshots to people, especially in public social channels. Give it a skim to make sure it doesn't have any unique/identifiable information on it! I mean, we have geoguesser players that can find your exact coordinates from some blades of grass and the angle of your shadow, there's no need to make it any easier lol. There's a decent argument that if somebody finds out where you live that you don't want knowing, it's not from some deep connection / insider type sleuthing, it's probably just something you posted yourself X years ago without thinking and it's still there for all to see. Cheers.
yeah, I don't have around the clock security and am not insulated from the consequences of my own choices, so I don't post pictures looking out my window or in front of my apartment. or hell, even my neighborhood. also don't post pictures of my face to the public.
I kinda refuse to care about privacy security as a relatively poor person, because my mindset is that if there are really enough people out there weird enough to commit crimes on people simply because they can, I don't want to be alive on the same planet as them anyway. Like, no one is benefitting here. That said, I just don't post private stuff on social media, because if I want a friend or group of friends to see something that happened in my life, private messages and group chats seem much more useful anyway, so the people I want to see it don't miss it...
even if you have the key bitting and the building location, thats still not enough info to know which door the key belongs to, and in a building like that, there are probably going to be 1000+ doors
I once seen a video of people marking down to 5mm (0.2inch) from a single picture just by knowing the time of day the photo was taken. I have no doubt people will be able to work out the elevation and even which window she taken the photo from. I personally, cannot do it, but there are some scary cleaver people out there.
Not 1000+ by any stretch. For one, expensive flats don't tend to have many neighbors (hell, the building *total* very likely doesn't have more than a couple hundred flats). For another, you can approximate how high it is from the roofs of nearby buildings. For third, you get the direction of the window trivially.
even if it was 1000+ that's not hard to figure out through other means, especially now that you can open all other doors for common areas of the building
NOTE: Ms. Garcia has already posted to social media that she plans to change the locks and the keys... just in case anyone out there was determined to see this video as some kind of risk to her personal security. She's already on it.
" She's already on it."
If only she were 'already on it' before hitting 'post'.
Well, seems she have a better head on her shoulders than many others. To her safety, success and ultimately, happiness I suppose.
@@truthseeker308 maybe she was, we can't know for sure. Either way, I'm happy that people are being mindful of this and talking about Good security posture.
At least they are SFIC and it will be a quick rekey.
@@DeviantOllamOne could probably derive the exact location of that photo, by triangulation - not just the building, but also the floor and window. It has tons of identifiable landmarks and enough detail for occlusion.
catch me standing on a floor tile in the kitchen and thinking, damn this cost more then I get in a month
_kitchen floor tiles turn out to be 4’x4’._
God damn it!
part of the same lesson: you would not write your PIN onto your card, then please do not write your address onto your keys. Do not use your employers marketing lanyard on your workplace keyring. maybe don't use your companies gift backpack for your work laptop.
If Corporate wants opsec, they should chill with the silly swag.
she was literally like "here's where I live, let yourself in" in one picture.
(obviously to the wrong person that's what its saying)
@@EyeMWingif the extra security is needed, keys should be checked in and out from security desk daily.
I don't care if my workplace gets burgled.
@@quillclock well, I do not know her, maybe she is a tiny bit more clever than what we are assuming: maybe this was indeed not her real keys, or she changed the locks anyways. Or that's how I would do it, if I was to brag about my new flat on social media. Maybe I would likewise not post the real picture from my own balcony, but maybe a similar view from another balcony that I took while browsing the appartments.
If you just want to mess with people show off fake keys with a bitting of 129313, which is the Windows alt code for the clown face emoji.
Nah imma go with 696969
Its unicode - U+1F921
This is an extremely high effort troll and I'm here for it lol.
@@Artood4R2 621420
293 is unlikely to be acceptable for most keys
always appreciate you posting these sorts of things without shaming folks. we haven't gotten to the point where this stuff is being taught young as a basic personal security practice, and until we get there, it's pretty unreasonable to act like everyone should know better.
The MINUTE I saw those keys I was like "Yep... Falcon"... My old boss LOVED using Falcon SFIC and even bought out a MK system from them through US lock. There were SO many sold in the area that even today, 10 years later, I still have the control key for that system on my keyring so the second I see a Flacon logo I reach for it and usually get get a pulled core. It might have been convenient and cost effective during the "security though obscurity" days but definitely NOT good security. As one of my favorite movie bad guys explained "Quick and easy is how you bake a cake, or clean a toilet, or shop by mail, it is NOT, how you run a business."
I say that to say this.... Chances are, the company who did THAT building, has probably done others, and might well be using the same MK system. Sooo the top tier master and controls would open everything in not only THAT building, but possibly others...
We're in a modern age.... Do better fellow locksmiths.
Did you just clickbait me into educational content? Well done sir.
"Towering Monument to Gentrification" -- stealing this. 😂
Did this years ago in college when most of the apartments used Best/Falcon locks with non-restricted keyways, although not a public photo of keys exactly like this. Took a quick cell phone picture of my friend's keys on a table, measured the cuts with grid lines in Gimp, filed a copy at home. A week later we were visiting the same apartment and I let myself in.
I can't decide whether to like this comment, because it's unclear whether your friend gave you permission to do all this. *Iff* so, nice. :)
TIL Tip stop keys exist! TY for spreading your knowledge sir!
Most of the older/lower end car keys for the last several decades were tip stop as well. Now it seems to be mostly side cut as a backup for the smart fob.
Someone replied to her post saying that it's a bad idea to post your keys, and she said she was having them changed anyway. Quite likely this key is already useless, and you're not going to get far with just knowing the building.
Oh I'm sure she was planning on changing the locks before she was informed...not. If she had any security sense, she would have never even posted what building she lived in, less not her keys.
With that kind of money she needs to hire a security consultant to screen everything before it goes into the wild of the internet, and a social media manager as a backup.
I'd love to see that comment, I wish there was a way to link directly to it
@@kg4gav I'm sure there was a seemingly unrelated post right after asking if anyone knew of a good locksmith.
She should change the lobby keys too
I can’t believe people actually watched this and thought to themselves “secret agent Ollam, using his top-secret skills infiltrate this independent woman’s flat”… like WTF! I bet you use pronouns, don’t you?
If u use perspective cropping in photoshop you get a front view of the key without distortion. Should be faster and more accurate. I use it to photograph paintings that otherwise reflect light back in the lens. I shoot it a bit from the side and after perspective cropping it looks just like you were standing in front of it, but without the light spots on the painting.
i hadn't done that before... will look into it!
Or if you're gonna show keys, use a CH751 for the photo just for the meme
Oh I have one of those keys sitting right in front of me within arms reach. Love that key.
14:32 I love how they mention the microwave on the same list as the in-house two lane bowling alley😂
14:13 I'm sort of curious what the "Post War" amenity is (second column, second row). Like my first thought was it was a typo, but then, what was it supposed to be?
@@seabream Just telling you the building bones weren't laid in 1937.
When I purchased my house I did post a picture of the keys that I got. But I had already changed the lock to something much better.
That's the best way to do it 👍
Even key photos are fake on the interwebs now!
It probably still sets a bad example and may add encouragement to do the same, except probably without the same precaution
@@MatthijsvanDuin Fair observation. When I posted I did state that I had already changed the locks.
You create some of the most interesting content out there. Keeping us safe, making us laugh, making us think. Good stuff!
I think I remember you doing a video about a guy that posted the keys to his restaurant years ago. I had never even thought about that being an issue until then.
It's so funny to me that all these years of me watching (and enjoying) your fascinating videos started when I was doing some research about writing instruments, pens specifically. YT suggested a video called "PEN testing" or something like that, and I thought, "This guy tests pens for a living? This is a 45 min (maybe it was longer?) lecture about pens? I guess I'll see that that's about." Turned out to be one of your videos and was of course about a whole world that I had never looked into before. I watched the whole video, and then started going through a bunch of your videos, and subscribed that day. I've still never tried to pick a lock, or done any of the things you talk about, but I am still enjoying every minute of your videos. I also hopefully won't make some mistakes people make when travelling or posting online, all because of what you've shared with us.
Thank you!
That was my first YT vid where I discovered Deviant as well (I thought of an animal pen...? and I watched, fascinated).
I appreciated the "6, 9, nice" callout when reading the bitting 😂
nice
nice
nice
Me too ☺️
nice
Great video! I spent a year in Indianapolis (‘94-‘95) working maintenance at a large building that used Best SFIC (had some Falcon cores, too). Best (being based in Indianapolis) actually let me tour their facility once and it was pretty awesome. Best being my first foray into institutional locksmithing, has caused me to always fixate on those best blanks behind you and wonder which keyway they were (I’m not neurotypical, lol). Mystery solved, now I can pay full attention to your videos!
"I'm not neurotypical"
Welcome to the club.
"That's pricey, but honestly, not that bad.... PER SQUARE FOOT???"
Studio apartments run $700,000+ and the 1 to 4 bedrooms run up to $4-5 million each.
NYC real estate is one of the greatest scams out there and why most of us laughed when a certain orange tinted individual was charged with exaggerating the value of their properties.... Yeah there's also trees in central park and those designer handbags on the corner aren't real. Welcome to the big apple.
NY be like that
@@JJFX- charged means he was exaggerating the value. like, no prosecutor is going after someone with legal defense funds that large unless there is compelling evidence. just because everyone else is scamming doesnt make them not a scammer.
also there are definitely trees in central park idk what youre talking about
For New York... it really isn't.
"would you post your passwords to the internet? Keys are passwords in solid form."
All the computers at my work have abc123 as the password. I've given reasonable disclosure at this point, I'm good with posting that on the internet.
More like pin codes. There are more pixels on your screen than possible key bittings.
@@emilysmith6897 remarkably similar key space too. 10 000 combos for a 4 digit pin, 16 807 bittings for a 5 pin kwikset.
Hey did you know that when you post passwords on the internet they turn into *? Watch! My password is: ***********
Just FYI, Google Maps has a 3D map view
Select Satellite and have Globe View checked.
Shift clicking will let you rotate the view perspective.
I didnt get the cheese grater line until a further away "profile" shot. Dayum, thats spot-on and hideous!😂 Way to ruin the neighborhood 🤮
yeah, it's one of the worst additions to NYC in a while, unfortunately.
I don't put much stock in "fitting in with the neighborhood" when we're talking about downtown Manhattan: if there's anywhere a giant modern high-rise belongs, it's there, right? But that's an ugly-ass building.
Still, I guess if you've got the money, the one place you don't have to look at it is from inside.
This is why having "Decoy Keys" on your keychains, Is a Good thing! 75% of the keys on 'my main keychain' are Decoy. and I don't let other use my keys.
I even keep some keys in electrical heat shrink. so no-one can see the dibbing of the key & I can see if the seal been tempered with.
super solid commitment to security there!
This is the lock-peeking lawyer...
With this phrase every lock in the world is opened
Hey DeviantOllam, thanks so much for being you. Pretty sure I've appreciated most everything I've ever seen from you. Good job
Not really mentioned in this video, but here is how to find the floor at One Manhattan square
At 10:55
On the left of the screen grab, the building with a blue / zinc color is Trump's 40 Wall Street
The top floor, acc. to Wikipedia, is 836 ft (255 m)
This is what intersects the horizon.
The horizon is a bit below where it would be if this was an infinite plane, because of Earth curvature, take that into account.
This means that she' s approximately ALSO at this height.
This matches the spec of One Manhattan Square
Roof 847 ft (258 m)
So she's on the top 5% of the building
You can try with other features that align, but it will require using a bit of arithmetic (Thales theorem)
It involves the ground distance between the building, and you don't have that problem with the horizon at infinity.
Glad to see that as people, we can make sure people make good decisions in life. Like making sure not to post your current keys to your home on the internet or not to doxx yourselves.
But at some point, didn't anyone talk to the building designer, thinking that this might be a bad idea?
Good thing they didn't build a second one next to it.
You should mail her the key and tell her to refrain from doing things like that in the future. You know enough of her address to get it to her building and if you conveniently smudged the apartment number the post office would still probably get it to her. It's shocking how effective the post office is at making sure mail gets to where it was supposed to go.
I had a personal letter mailed to me with the street address misspelled, the number transposed, the zip code wrong, and my name spelled incorrectly and it showed up with no problem! i was grateful to receive it as it was important to me. it was incredible!
I've seen letters with nothing more than a name and city get to the right person. 'tho not immediately. (yes, the USPS has a name database.)
thank you for making this video - nice video to send to people that are confused why pictures of their keys on the web is a bad thing
This is awesome content as always, but where do I get that shirt? So damn good
it's from my favorite noodle house in Austin... www.ramen-tatsuya.com
One question that I have now that someone mentioned access to those building amenities:
If you have pictures/bittings for TWO different keys in that building, how likely are you to be able to deduce the "master key" bitting (assuming it has one)? With 3 known bittings? 4?
Dev has a video on decoding Master Keys. If you're doing the Master Key attack that he mentions, you just need 1 known key and a bunch of key blanks and a key cutter of some sort. Dev also has a video challenge of where he gives you a picture of 1 key, and 2 bitting values of the master key, and you're supposed to figure out the rest, and you can reverse out the 3rd key in the system too.
From your original question, you might be able to do it with 2 non-master keys. You could see where the values stay the same, and where they change. If you get lucky, you might be able to narrow down the values for a master, if not outright figuring it out. Obviously, more keys means more info to figure it out, but unless you know for certain, it's possible those other keys may not be for the same system. However, if you do have physical access to the location, and a good reason to hang around, you just need to do the attack Dev outlines.
@@shura0107 Oh yeah, I know that video. But this one was about decoding from an image.
And yes, I know that _IF_ you're so lucky to have 2 matching keys that don't share a place where they differ from the master key, _then_ you can decode it, but the question was more: what's the likelihood of that happening?
I could try to do the math, but I don't even know what factors are important: that the apartment complex has 880-something units; 6 pins total; 10 pin depths; how the pins are distributed between identically bitted pins versus "private" or "dead" pins that the front door and other common locks don't check; ...what else?
880 apartments would mean there's at least 3 private pins, if you want to avoid identical bittings. (Actually 4 because master+1 and master-1 would make the wafers too thin, leaving you with 8^4=2120 or 8^3=265.)
So, Let's say that 2 pins have to be identical between keys and the front door lock only checks those 2. (Sounds a bit weak...)
If the combinations of the 4 individual bits are truly random, then there's a 7-in-8 chance for any pin of any key to differ from the master, and a 49-in-64 chance for both keys to differ from the master. I.e. a 15-in-64 chance of success for one of the 4 pins. And in total a (15/64)^4=0.3% chance of success for 2 keys. 1.1% for 3 keys, and 2.9% for 4 keys.
That seems way too low, somehow.
Let's say the even don't like master+2 and master-2 (which still provides over 1000 combinations), then it's (1-(5/6)^K)^4 for K keys, or 0.9%, 3.1% and 7.1% for 2, 3 and 4 known kyes.
Years ago I showed my students how easy it was to copy a key from a photo. I teach a 2 year vocational technology program to 11th and 12th graders, and a portion is devoted to physical security. "Your servers are only as secure as the locks on the server room door." is something I like to say. - Anyway, I took an un-surreptitious photo of our custodians key, and hand filed a copy of it in class using a blank which I ordered online. It worked (with some jiggling) on the first try.
I also teach (the interested ones) about wheel lock manipulation, and have a couple different wheel locks on pedestals for them to play around with. They make fantastic fidget toys!
My friend got his job as an admin by climbing over an adjacent wall to a server room that was being hacked and there was no one with a key because the admin was MIA.
I appreciate videos like this, because awareness is so important when it comes to understanding how we interact with the internet. Good on Yanet for learning from this fumble and making the effort to switch her keys at least.
Also, holy fuck that's an expensive apartment. I knew New York was expensive in general, but good lord.
A fire system service inspector would have full access.
Streisand in full effect.
hah, facts.
In that case, I can see someone trying to do social engineering by posing as a a "fire system service inspector" in an attempt at gaining access to the building. I have a hunch this would work. However, my only evidence this could work is how easy it is to social engineer your way into other places; My only evidence is youtube videos of other people social engineering their way into places they don't belong. (Sometimes social engineering consists of nothing more than pretending you belong there, along with saying "hi" to someone in charge.)
Look like you belong there. (and are miffed that you had to be there.)
Great video, thanks.
For those wondering the T-shirt is from Ramen Tatsu-Ya.
10:54 I love how you carry a cuff key.😂
I still need to "notch" mine... ❤
Just started to carry a C.A.T. Tourniquet as part of my E.D.C.
Good on you! I've heard more than a few argue for improvising a TQ but I just watched a video of what is likely social violence (you've disrespected me and must pay) in which the victim was stabbed and rendered unconscious in about 25 seconds! Try improvising faster than that.
I'd like to encourage you to consider compressed gauze (ideally with hemostatic agent but your budget might dictate otherwise) and chest seals. You TQ limbs, pack junctions and seal the trunk. In the USA there are, often free, stop the bleed courses in which you can get hands-on practice.
I'm not dressed without my wallet,
(my adaptation of a devious) keyring,
something to make fire,
something with which to cut things,
some sort of cordage,
my (usually ankle worn) IFAK,
something spicy in stream format for long range eye poke,
where it's appropriate another tool with range longer than my arms and legs,
(because I'm married) a tube of lip balm and,
(because of societal expectations) clothing, cell phone, earbuds and charger.
Excepting "another tool" and the cell phone that's about $200 of being prepared to handle most tasks and problems.
We each have to pick what's right for our situation so that's just one example and, it is my hope, food for thought.
I have an IFAK for every room in the house, and my Car... In addition to "other tools".
Did over 20 years in the Military, and trained to save lives; not take them... but also know how to be a Guardian.
@@ETC_Rohaly_USCG understood and thank you for interfering with natural selection when even the Navy is afraid to go out.
Seriously, y'all get the best memes and, on information and belief I understand that TYFYS gets a bit tiring even if it's honestly meant.
I live in the Bay Area and my rent (outside SF) is $24/sqft which is low. $50+ per sqft is pretty in-line with a 2BR apartment in the city and I'm not talking luxury apartments yet.
These are annual prices, so 24/sqft is $2000/month for a 1000sqft place. Or $8000/month for the same thing in her building.
being that guy: looks like a corner unit, probably could get fairly close to which floor from the photos
Matt Parker and other math nerds can figure it out using triangles and Pi lol.
@@rustymustard7798 What's Pi got to do with it? (got to do with it?)
Or just look it up on acris
@@bermanmk Which is why it's a good idea to have a land trust or a Wyo LLC own your property(s).
@@chaz720 answer: it's half of tau. ;)
You could probably pull the GPS coordinates from the meta data too, most phones have it enabled by default it's been a feature of google phones for years to sort photos by location.
I kinda laughted when i noticed that the about page for such an expensive building has misspelled "Sauna"
Thx for the warnings and the valuable information
Oh. No prob Bob. I'll just take the service elevator up to get past the security concierge. I saw that on a TH-cam talk once. Once I get past that guy 'I'll let myself in'...😉
I won't. I'm not going to NY. I'm 1000 miles south and happy here. I'm just being silly.
I think you nailed it. And the price/sq ft is twice my house payment (including escrow for insurance and property taxes). And I have a nice house. Not extravagant. But, nice.
A lot of these places also have a smart system that might be at play. They suck sometimes cuz it requires a working smart phone but if it's a high end apartment it may use multiple means of entry beyond just a piece of metal.
Heh - Navy bootcamp in 1985 had us stenciling our Social Security numbers on the outside of our seabags/duffle bags...
It was a very different world back then. I still have a university ID using my SSN. (they stopped that shit pretty fast.)
I imagine the apartment, or at the very least the floor, could be estimated using the photos and videos by calculating the lens distortion (to reverse it and get a more perfect geometric view), and the general geometries of the various buildings in view. The further apart the photos and moments in the video(s) are, the better, even with just a single point of view, there could still be some landmarks that could might provide enough features to align with the viewpoints and get a good estimate; I've seen geoguesser wizards do more with less.
14:40 What One Manhattan Square doesn't have is a proofreader; they seem to have an excellent *suana* :D
wow bro!! that pay phone is CRISP!!
where did you find that?
Took it off a wall of a police station...
...would be a good story. But I simply bought it used and have been restoring it. ☺️
@@DeviantOllam it looks amazing, good job!!
you can just stop with the first sentence and refuse to elaborate to increase the size of the fish ;D
As a Mexican I have to say, you pronounced her name impeccably 👌
The sacrifices this great man makes for us is astounding.
To think Ms. Garcia will now forever see him branded as a freaky little stalker gremlin, just so we can understand security better and be safe.
Truly a legend of the highest order.
Not to mention the staffing at the entrance many of these buildings have a system like door king for accsess control but also have the latest in surveillance camera that have off sight monitoring.
Well, Door King isn't a substantial security device, but the surveillance cameras probably help.
@@connorhorman totally agree but door king has also come out with a couple other key cuts other then their standard 16120 key. Having needed access while doing construction in some of these buildings, my 16120 key did not work, had to stand around waiting for a PM to show up.
Indeed. The security in a building like that does not come from _your key._ I'm kind of surprised they don't have RFID badges, too.
How many times you have to tell people. DONT POST KEYS ONLINE. DON'T CARRY THEM OUTSIDE YOUR POCKET, DON'T LEAVE THEM ON A TABLE IN FULL VIEW!!!! come on people
Between Dev and JoseMonkey, I would not want those guys mad at me. God bless weaponized autism. They are raising awareness of infosec and PII.
Like the key would even slow you down getting into 99% of american homes. (bump keys, combing, a simple rake...) Few take security seriously until _after_ they've been robbed.
I don't post to social media..... but I would have never known showing a picture of your keys could lead to this...........
Also this is my first time coming across channel and I've definitely subscribed to you now!
great content, as always, and i love the shirt
Nice video. You should reach out to her, send her the key to try out, and maybe add contact info for a good locksmith in the area who could repin the cores.
Or hey, ya know, crazy idea, just hold the keys by the biting and not the head. You want a picture of your keys, fine, just don't show the important bits (pun very intended).
One more aspect of this is that we don't actually know she lives there. You can pay to take photos inside of an apartment like this one and plenty of online personalities do it.
Someone else commented that loads of influencers live there.
Might be some combo of promotional advertising on the buildings part or a company renting it out to influencers.
It took me 6mins until I noticed it was RAMENS not RAMONS on the tshirt XD
"Don't do this." "Now, let's do this."
When you were talking about this lady's safety at her building, I couldn't help think about John Lennon who was shot leaving the Dakota building.
Thanks for reminding us to not doxx ourselves!
Damn is that baby's first nsfw click bait thumbnail lol
the funny thing is that i had to scroll a while through many photos of her to find one that was NOT so risque and thus suitable for turning into a thumbnail
@@DeviantOllam Unexpected use case for Safe Search?
There have been a number of internet influencers that live in that building as well. Seems to be a magnet for those type posts. So in the listing the average rent per sq foot is $97USD/month So your 500 sq ft studio is $5K per month. Completely insane! 🤠👍
Maybe that place has really good internet connectivity?
I've shared pictures of my keys so I can show people the carabiner I use and the various charms I use to identify different keys, but I make sure it's arranged so that the bitting isn't visible on anything important. It's slightly less secure than not sharing pictures at all (since you can find out what lock brands I use) but still hides the most important information.
I clicked for the thumbnail but stayed for the great content
I'd recognize those falcon keys anywhere. The VA likes to use those
I remember my Dad's 1958 Buick had two positons to turn off the ignition: OFF & LOCK. If you left it at OFF, you DID NOT NEED A KEY to start and run it!
I also wonder with someone with a photographic memory, could recreate a key just from sight alone, but i imagine with some keys, that have unusual pitting, that would be pretty difficult, especially with some of the german brands.
Don't worry everyone! She's been sleeping at my house 😂 you can keep the key 🔑
For once I'm commenting before watching your video. I have no idea if we can, but we sure as hell gotta try :)
OK future me just back from watching the video. Seems she posts everything else on the internet so no surprise her keys are too :)
Is there a technical advantage to tip-stopped locks/keys? Are they harder to bump?
What many people fail to realize is that the previous tenants/owners can have keys as well. Change the locks when moving in, if the building refuses don't live there.
You helped criminals, Dev. You saved them about a minute on Google Earth triangulating to find the building.
And they got this information for the low low price of watching a 16 minute video, more than it would take to do it themselves. 😂
yeah raise your hand if you have a pitchfork AND this building is in reach. still can throw the old vga cables from the box at them.
It is amazing how many people want to show off their keys. then get upset when you tell them that the can easily be copied by sight reading them.
Deviant is upping his thumbnail game! Ozzy Man approves!
My favorite "unique features":
• Relaxation Lawn (aka "a lawn")
• Renovated
• Teen Arcade (no adults allowed?)
• Adult Treehouse (no teens allowed?)
Amazing video as always!
A Keynote of a video!
I struggle with possibly over-sharing myself. I bet it wouldn't take someone long to figure out where our place is....
Hope to see ya at camp! Stop by the Unix tent, I'll probably be messing with telephones :)
Very educational. And though I would like to see how you live, your security is more important.
0:32 what about those 18 keys you posted to the internet right behind you as you're saying that? EDIT: Oh they're blank references
0:01 there you have even 24 of them 😮😂
So, did you send her that key you cut, as something to try just in case she hadn't completed the lock change yet? :)
dev where did you get that shirt?
Links to the T Shirt please 👍😅
Ramen Tatsu-Ya in Austin Texas
Hey Deviant, is there not an easily searchable database of key types? Would that be a worthwhile side project for a software developer (me)?
There are key catalogs, PDFs which he is using.
Combining the physical evidence, the key in your hand, the lock, etc, some industry knowledge (pro locksmiths or Dev here), and a goodly amount of time scrolling the pages, it usually isn't too hard to find the manufacturer and product line/keyway.
Seems like a lot of work for not much utility.
@@phillyphakename1255 thanks for the input. Seems like you are likely correct.
Just thought it would be cool to have a website where you could upload a picture of a key and it would try to automatically identify the likely key types.
Maybe not that useful in practice but perhaps a fun software project.
All obvious to most people on your channel as well, but a similar mentality should be taken when sending screenshots to people, especially in public social channels. Give it a skim to make sure it doesn't have any unique/identifiable information on it! I mean, we have geoguesser players that can find your exact coordinates from some blades of grass and the angle of your shadow, there's no need to make it any easier lol. There's a decent argument that if somebody finds out where you live that you don't want knowing, it's not from some deep connection / insider type sleuthing, it's probably just something you posted yourself X years ago without thinking and it's still there for all to see. Cheers.
stallone once posted the keys to the vatican on instagram when he visited there. not sure whether you saw that cc to you. lol
Surprised you're not rocking a SpaceMouse, nudge the image in 3-space. :-)
Everyone needs to understand privacy, to have a glimpse of security. Everyone needs to learn you're your own worse enemy.
yeah, I don't have around the clock security and am not insulated from the consequences of my own choices, so I don't post pictures looking out my window or in front of my apartment. or hell, even my neighborhood. also don't post pictures of my face to the public.
I kinda refuse to care about privacy security as a relatively poor person, because my mindset is that if there are really enough people out there weird enough to commit crimes on people simply because they can, I don't want to be alive on the same planet as them anyway. Like, no one is benefitting here.
That said, I just don't post private stuff on social media, because if I want a friend or group of friends to see something that happened in my life, private messages and group chats seem much more useful anyway, so the people I want to see it don't miss it...
16:47
You don't share phots of your keys, eh? What's that BEHIND YOU!? 😲
The building has a "suana". Woah!
ai already blurs things, key bidding should be one of these automatic things
The arms crossed and 'That's why we're all here' had serious school principal vibes, love it.
subbed and liked for the music and the premise!
i figured a video about a NYC building would be improved by a song from an old punk band back in Philly =)
Can we talk about those sword key blanks in the background though?...
even if you have the key bitting and the building location, thats still not enough info to know which door the key belongs to, and in a building like that, there are probably going to be 1000+ doors
I once seen a video of people marking down to 5mm (0.2inch) from a single picture just by knowing the time of day the photo was taken.
I have no doubt people will be able to work out the elevation and even which window she taken the photo from.
I personally, cannot do it, but there are some scary cleaver people out there.
Not 1000+ by any stretch. For one, expensive flats don't tend to have many neighbors (hell, the building *total* very likely doesn't have more than a couple hundred flats). For another, you can approximate how high it is from the roofs of nearby buildings. For third, you get the direction of the window trivially.
It might get you into maison-keyed common areas though. You could do plenty of damage with access to that cigar room or bowling alley.
@@samiraperi467 you can just watch Alfred Hitchcock’s Rear Window style
even if it was 1000+ that's not hard to figure out through other means, especially now that you can open all other doors for common areas of the building