Kryptonite Evolution 2000 U- Lock hacked by a Bic pen
by Phillip Torrone 
posted Sep 14th 2004 at 5:04PM
Much to our surprise, we were able to hack our
Kryptonite Evolution 2000 U- Lock with a ballpoint pen. This $50 lock is supposed to be one of the best for
"toughest bicycle security in moderate to high crime areas"—unless the thief happens to have a Bic pen. We
used to use these to lock up our bicycles, but we're switching to something else ASAP. (Oh, and just to be
trite, the pen is mightier than the lock.)
Click here to watch the video (WindowsMedia)
[Via Metafilter]
Reader Comments (Page 2 of 4)
tom @ Dec 19th 2005 2:26AM
I've been riding bikes for 30 years and have
5 of them. There is really no need
for me to buy an expensive Kryptonite lock
anyway since the 2 bikes I normally ride
are inexpensive. There are always ways
to steal a bike it seems and my solution is
to just not give the thief anything good
to take to begin with. So save your money
and buy a couple of extra cheap bikes and
locks.
hip hop anonymous @ Dec 19th 2005 2:26AM
omg I just read all your comments and they are beautiful. my bike shop at least knew about this problem this summer, fortunate for me I suppose, but you cynics are right. Almost any lock can be busted quickly with the right tool. Thank you very much for all your extremely insightful comments. I read the crap AP article in the paper this morning and couldn't make head or tail of it. Clearly Kryptonite is not alone in its culpability on these locks as this has been a fairly well known problem..
Michael Donley @ Dec 19th 2005 2:26AM
I have an Avenir lock. It's about 15 years old and I tried that on it. The center pin diameter on the lock is too big to fit in the pen. Maybe it is just on Kryptonite locks.
Glen @ Dec 19th 2005 2:26AM
I tried it on my Schwinn U lock, purchased in 2001, but I could not get it open. I see someone else said they did get a Schwinn open. Anyone else try a Schwinn lock? I don't think we should make the assumption that every cylinder lock will fail, but it does not look encouraging.
Glen @ Dec 19th 2005 2:26AM
My guess is that as Kryptonite tried to make the locks cheaper to manufacture, they finally did something that left them open to this kind of attack. One of the basic rules in designing a modern lock is to prevent a key of similar shape from turuning the tunmblers. There is really no excuse for this design flaw.
Charlie @ Dec 19th 2005 2:26AM
Gang,
This is not that new, except the bic pen part - circular locks have always been the easiest thing to pick. I used to hang with a locksmith (oh, 20+ years ago). We had picks that looked like a key, but with grooves milled on the outside - it had a bunch of pins where you could adjust the tension - and you didn't even really have to adjust it - set it fairly high, and push in while twisting. With practice, it can be done as fast as having the key!
First time I saw it done, I started thinking of circular locks like I think of keyed light switches - they keep honest people honest - that's it
steven @ Dec 19th 2005 2:26AM
I've got an Evolution 2000. In fact, I've had the same bike over a decade. The first lock failed a year ago after 10 years of service and since it's warranted for life I got a free replacement. Now I'm looking forward to the next free replacement. I heard Kryptonite was going to have a response early this coming week in which they will offer replacements on certain models. I was initially irritated that this was all over the web, since it now gives the trick to any idiot. But the up side is that the publicity is going to force Kryptonite to respond, and according to some, the technique has been well known for a long while. Obviously it wasn't well enough known to thieves in my city, since though I've had them try to break the lock off, I don't think anyone has ever attempted to bic it off, otherwise I wouldn't still have the bike!
WDF @ Dec 19th 2005 2:26AM
It took me probably over an hour fiddling with it because it got stuck at 90 degrees (needs to go 180 to open). My hands got so sore I had to get my weightlifting gloves (open fingered). Finally got it to move (just by chance), when I felt the little clicks as it moved that was total salvation!!! I locked it then like an idiot tried again and it got stuck at 90 degrees! Finally got it back to where I can stick the key back in. Only wasted two pens. Don't think I'm going to fiddle with it any more! I think some locks are more easily opened due to their tumbler configuration (mine has 3 long & 4 very short cuts in the key) because mine was a pain in the ass.
Steve @ Dec 19th 2005 2:26AM
It's only a small group of people that will both want to steal bikes and be able to aford these modern plastic pens.
-Kryptonite CEO
l8brkr @ Dec 19th 2005 2:26AM
I have a late '80's - early '90 Kryptonite "Rock" u-lock for a motorcycle (big, heavy). The lock cylinder is larger than the ID of the BIC and I managed to widen the pen's end with a large diameter Phillips screwdriver enough to insert it. I was able to manipulate the "tumblers", but was NOT able to open the lock.
Regarding Kryptonite's accountability, I feel that they should be held to a higher standard than "Smith Locks, Anytown, USA" since Kryptonite's marketing stance has been, since inception in the '70's (?) as I recall, "we make the best and stand squarely behind it". I second the person who said that it would be the Yankee thing to do for Krytonite to provide replacement at no cost for all of their locks that have this vulnerability.
Shel @ Dec 19th 2005 2:26AM
Man, Its like: "Need a new bike?"
Just go get a bic... and grab one off the street today.
$.69 will get you a nice $690.00 bike - easy.
If you had a kryptonite. Maybe you ain't got sh!t anymore.
The video is pretty tough for Krypton's second best.
Can't wait to see what Wednesday's "deal" is on Kryptonite's recovery plan. Reading their press release - I'm thinking that I should have bought a CRAFTSMAN U-Lock...
I like Sears Craftsman product support much better...
it's more like: "If it says CRAFTSMAN, we'll replace it - no questions."
My Kryptonite lock(s) all say Kryptonite in two places, but I guess it 's a different Kryptonite brand.
I used to think Kryptonite was a cool company, but now wonder why they are standing behind only some of their products.
I should have known that a Superman lock is what I wanted.
Thanks for the link. I have linked the info on my site too-
Sentry @ Dec 19th 2005 2:26AM
Nice! I widened the Bic pen tube a bit with a vegetable peeler, jammed it in the lock on my Sentry 2180 Fire Safe (same cylindrical lock as the Kryptonite bike locks), and turned. It opened with no problem. I requested a new safe from Sentry.
Josh @ Dec 19th 2005 2:26AM
Dude!....I did it. I just bought a Evo 2000 and picked it in under 60 seconds w/ a pen. It's so easy and so friggin dangerous.
My bike was stolen in SF last week in broad daylight and no sign of a struggle to get to my bike. I'm convinced this is how it was done. Watchout Kryptonite, here I come.
bobo @ Dec 19th 2005 2:26AM
Yes this sucks, but be careful how much faith you put into locks to begin with. I just ruined a pen trying (and failing) to open my new-ish KryptoLock but have had similar spooky experiences with cars:
I jiggled a small penknife in the trunk lock of my 1960's Ford Mustang to pop the trunk open when I locked the keys inside. Worked like a charm.
My grandfather went to pick up his new Chrystler (early 90's) at the dealership. When he pressed the button on the keychain to open the trunk, seveal other trunks on the lot also opened.
A kid at my high school locked the keys to his Honda Accord inside the car. Another kid with a similar Accord tried using his keys to open the door and they worked. Probably a super-rare coincidence, but still unimpressive.
brad @ Dec 19th 2005 2:26AM
hey. i saw this and went downstairs cause my roomate has a kryptonite lock. its not a 2000 but it worked. i used a papermate flexgripultra pen. size med. it worked amazing. the flex grip made it possible to grip and twist it open. i locked it back up with the pen too. piece of friggin cake.
gabs @ Dec 19th 2005 2:26AM
dude, that sucks for you. Good thing I use a chain and a combo lock as well as a U lock with a NORMAL key.
sulleleven @ Dec 19th 2005 2:26AM
I will be releasing an adapter that covers the lock with a lock. It will be only $10.
Update:
unfortunately, this adapter can be picked with a toothpick. We will be releasing a new lock to lock the locks lock. stay tuned.
Carl Tam @ Dec 19th 2005 2:26AM
I bought a used bike and krypto lock I'm guessing circa 2000 from a co-worker he gave me one key which got lost. I thought I was going to have drill cut etc for hours. I went outside armed with a bic stick the completely round one and a "sakura jelly roll" gel pen It probably took longer to take the plug off the pen then it did to open the lock. The jelly roll did require enlarging the inside diameter a bit with a screwdriver. As for the notch in the lock to the best of my knowledge it's only for aligning the lock in the closed position. I installed cylinder locks "star locks" on my car and one the keys given had the little nub ground off in case the got "stuck in a not 90 degree position. So I don't think that nub twists the lock in any way it's just the tumbler pins.
Rob @ Dec 19th 2005 2:26AM
I'm no expert when it comes to picking locks, but I found an old bic pen with the white tube, and it only took me a few minutes - mostly to get the harder plastic ends off the tube. I also wrapped some tape around the tube for an easy grip, and dipped one end of the tube in hot water for a few minutes to soften it up. And voila! My "Trek by Kryptonite" lock, bought in 2001, is now completely worthless . . . I don't know yet whether I'll go with a new Kryptonite or some other kind of system, but for now I'm just relieved that I was the first one to pick this particular lock.
Pdot @ Dec 19th 2005 2:26AM
Took me 30 seconds to steal my roommates bike..heh, well to unlock it from our porch.
Wish I knew about this when I was 16. I'd be rich.
P.
Alan Feltman @ Dec 19th 2005 2:26AM
Has anyone looked into this?
Kurt @ Dec 19th 2005 2:26AM
I've rekeyed several Kryptonite locks. It's not a matter of simply pushing down all the pins to get the cylinder to rotate, thus opening the lock. That would be too simple to defeat.
Each of the seven pins you see is actually a set of two pins, whose overall length is roughly the same. But each separate pin is a different length. A key has seven cuts on it which engage each pair of pins. When the pins are depressed a certain depth, the two pin interfaces all line up so the outer cylinder can rotate, opening the lock.
I have u locks from the mid eighties till relatively recent vintage. A locksmith I met said he could pick the older locks because all of the pins had the same spring tension. But when Krypt. unveiled the K4 locks, they made the springs with varying tension, thus making locksmith picking tools obsolete.
The only way I can see this "hack" method working is if the pins are very similar in length. Perhaps Kryptonite decided to cut prodution costs by making the pins too similar in length.
Either way, if this method truly works on a large number of their U locks, they should provide replacement product at no charge to consumers.
I guess we'll find out tomorrow (Sept. 22)!
Good luck everyone.
Chris @ Dec 19th 2005 2:26AM
I tried this on my late 80's vintage "Norco Bike Gaurd 6" u-lock and could hardly get the pen in let alone unlock it. Because I wasn't able to unlock it doesn't mean it's invulnerable to the pen attack; has any one been able to compromise a Norco lock with a pen? I doubt it, but if you have, can you let us know.
paul horowitz @ Dec 19th 2005 2:26AM
no amount of "i had to warn the public" changes the fact that you singularly are responsible for every bike thief on the planet upgrading thier technology. now everyone with Kraptonite locks get to re-purchase... Fuck You!
paul horowitz @ Dec 19th 2005 2:26AM
no amount of "i had to warn the public" changes the fact that you singularly are responsible for every bike thief on the planet upgrading thier technology. now everyone with Kraptonite locks get to re-purchase... Fuck You!
Andrew @ Dec 19th 2005 2:26AM
http://cgi.ebay.ca/ws/eBayISAPI.dll?ViewItem&rd=1&item=7103552086
Andrew @ Dec 19th 2005 2:26AM
http://cgi.ebay.ca/ws/eBayISAPI.dll?ViewItem&rd=1&item=7103552086
Joyce @ Dec 19th 2005 2:26AM
I agree Chris' opinion. I and all my roommates can't open the U-lock by BIC pen, either. I feel Bikeguard's U-lock is really much better than Kryptonite.
rz350 @ Dec 19th 2005 2:26AM
heard about this in the news today..harley bikes have the same type of lock/starter key. was wondering if thats possible?
Eric Clark @ Dec 19th 2005 2:26AM
Well chalk up another stupid idea. This guy decided to show a Fort Worth, Texas police officer that he could pick the Kryptonite Lock with a bic pen, which the officer supplied. The officers patrol bike was locked to a street sign while the officer was attending to personal business in one of the bars restrooms. The officer came back to see that his bike was gone, and the person who had made the bet was riding down the street with the lights winking. The person was arrested.
El Biggus @ Dec 19th 2005 2:26AM
on a non-U Kryptonite lock (can't remember the name of it, but it has the same tumbler-type lock and a big fat cable) and after finding a pen that fitted it took about 2 minutes of wiggling to pop it open. I suspect with practice it will become as easy as using a key. (The old style combination locks with the four or five spinning wheels suffered a similar fate; with a bit of practice you could open them as fast (if not faster) than you could if you knew the combination.)
Luckily I'm a lazy bastard, so I don't take my bike out much anyway. :)
BiG @ Dec 19th 2005 2:26AM
we have kryptonite cable locks for all our computers...same barrel lock. Works just as easily as on the bike locks. Very unhappy right now!
Sophie @ Dec 19th 2005 2:26AM
Did you really had to tell the trick? If I had a Kryptonite-something, I'd be mad after you.
Daemon @ Dec 19th 2005 2:26AM
OK, not a joke. I live in Croatia, in a nice neighbourhood. I just lost a bike that was "parked" in front of my house. It was an old model of Peugeot bike, not worth much nowdays since it is about 5 yrs old, but it cost me a fortun when i bought it (aluminium, RSHOX suspension), and i was proud to have it. Ah well. Internet is super thing for spreading bad news ...
:(
Rob @ Dec 19th 2005 2:26AM
Well I don't know about everyone else, but I am considered a pretty mechanically inclined guy and I cannot open my Evolution 2000 lock with any BiC pen. My cylindrical tumbler is just too large for the BiC pen to fit over. I have to hammer the pen tube onto the lock to even get anywhere, and after that there isn't too much progress.
I even opened the pen tube up a bit so it more easily fit over the tumbler. Still nothing.
My lock is from 99 or 2000, and I have found a few other people who have said that their locks from those years are unaffected. I am pretty confident that my lock cannot be defeated with a method this simple. I checked out my key, and I have a pretty broad range of key slot lengths. I guess that is why my lock isn't pickable with a BiC pen.
Can anyone else verify this, or that the locks they were able to defeat were from a certain year, or the key only had a limited variation between key slot lengths?
Jay @ Dec 19th 2005 2:26AM
The BiC TricK works and has for years. However, having been both a carpenter, an avid cyclist, and a bike shop wrench, I still think the easiest, most reliable way to get through a bike lock of ANY kind is a cordless reciprocating saw with a metal-cutting blade. Can't tell you how many people I've cut locks for in a matter of seconds. I stand by my biking credo: If you have a bike that's nice enough to worry about locking up, don't leave it anywhere that calls for a lock! I sure don't leave my good bikes out of sight unless I know they're safe. My spare-parts cruiser, however, isn't something I worry about.
Stop riding your freeride, downhill, tricked out bikes to class, the store, etc. We've seen your North Face coat and your Nalgene 'binered to the internal frame LoweAlpine backpack that you always carry and we get the picture: You're outdoorsy! ;-)
Sten @ Dec 19th 2005 2:26AM
Looks like Kryptonite has decided to do the right thing, at least if you go looking for the info.
http://www.kryptonitelock.com/
KRYPTONITE OFFERS FREE PRODUCT EXCHANGES TO ALL CURRENT OWNERS OF KRYPTONITE TUBULAR CYLINDER LOCKS
If you currently own a Kryptonite tubular cylinder lock and are concerned about the security of this lock, Kryptonite will exchange this lock for you with a comparable non-tubular cylinder lock.
To participate in the exchange program, please send an email to kryptonite@irco.com
You will receive an auto response asking you for information including your name, address and lock type. It will also give you information on exchanging your lock. Kryptonite will pay the postage for all exchanges. Please note that this email address sends an auto response do not send questions to this email address as it is not monitored. If you have questions, please send an email to locktalk@irco.com
We expect locks to begin shipping in mid-October.
John F. @ Dec 19th 2005 2:26AM
I tried the pen trick on my Kryponite lock and my wife's, and wasn't able to open either one. Both are older models (just goes to show that newer isn't always better!) with the keyhole in the end of the cross-bar, not like the Evolution 2000. The Bic pen was too small to fit the round keyhole properly, and when I tried a larger diameter pen I still was unable to open either lock.
bsc @ Dec 19th 2005 2:26AM
So, now I can't lock my lock now that I've opened it with a pen - key and pen both don't work. Any adivce (other than getting a different lock)?
ellipsis repeated @ Dec 19th 2005 2:26AM
What is the comparable non-tubular lock that I will receive - a combination lock??? What are you offering us?
Tad @ Dec 19th 2005 2:26AM
Flick of the Bic, Sir Robin of the Hood?
Tad @ Dec 19th 2005 2:26AM
Flick of the Bic, Sir Robin of the Hood?
Guy @ Dec 19th 2005 2:26AM
Just saw your bike lock video on Fox News Chicago. Did they contact you first?
Wowsers @ Dec 19th 2005 2:26AM
Does anyone know whether this trick is specific to the Krypto brand, or are other U-Locks vulnerable? And if so, what's a good alternative??
cheers
Pete Aronson @ Dec 19th 2005 2:26AM
Hmmm, there might be a market for stolen Krytonite locks. They are SO easy to steal. Leave the bike, take the lock and turn it in for a new one.
...said with sarcasism. I have Krytonite locks that I purchased in 1977 thru last month. I feel "naked" right now without a GOOD lock on my motorcycles and bikes. This really makes me mad.
Matt Ivaliotes @ Dec 19th 2005 2:26AM
So you have to go without a lock at all for several weeks in order for them to replace their defective product? Great plan. Very customer friendly.
So who out there makes *good* locks? I need to do some replacing.
Pete Aronson @ Dec 19th 2005 2:26AM
Oxford disc lock from www.lockitt.com They have some pretty high security locks on their site. No Kryptonite ones.
Jennifer @ Dec 19th 2005 2:26AM
Although I appreciate the information, I think showing a video of how this is done is unnecessary: you might as well provide an instruction manual to prospective bike thieves. This is irresponsible reporting.
Saygen @ Dec 19th 2005 2:26AM
Hope I'm not the only one that has asked this but dose that trick also work for things like vending machines? Because my school has like 50 soda and candy machines and well you get my point.
David Cloutier @ Dec 19th 2005 2:26AM
I read all the posts saying it works, and those that said that it (in theory) could not. So I tried it.
Victim: small Kryptonite KryptoLok, purchased 3/2001.
Tools: "BiC round stic med/moy USA", needlenose pliers, scissors.
Method: Removed end of pen by squeezing sides, which broke the cap and allowed removal by pulling. Inserted one side of pliers into the barrel and twisted a few times to widen the opening. Used scissors to ream the inside and smooth a little. Pushed the pen barrel into the lock, pushed harder and twisted to get it as far down as possible. Turned - and it moved! I removed pen and saw that it had turned 60 degrees. Re-applied pen, pushed hard again to seat it, twisted while pushing, heard little clicks, and IT OPENED! It absolutely works.