Cracking a Password on an Electronic Lock | Original
Source: Amazon
In the summer of 2019, when I was living in Beijing, I read the book “Surely You’re Joking, Mr. Feynman!” by Richard Feynman. In the book, he shared his experiences of unlocking other people’s lockers by guessing the passwords, etc. I don’t remember the details, but it gave me a strong impression.
I suddenly went to look at the electronic lock on my house. It is like the one shown in the image above. When I put my head close to it to examine it, I could see the dust. I used the password 369258, and those areas were really kind of clean, while the 147 areas had dust. That’s really interesting. I rented a house from Ziroom for around 4800 CNY a month in Tongzhou. So, the electronic lock they installed for the houses they rent out is like the product shown above.
I kind of got excited about this experience. I got a little bold. And at that time, I was working on my startup from home, so I didn’t need to go to an office like others. At noon, I thought that my neighbors probably went to work.
And more importantly, though you can see the dust distribution on the keypad, even if you know what the six digits are, there are a lot of combinations possible. So, I guessed my trick for hacking it probably wouldn’t work. But let’s try it anyway.
I went to the house that was just in the same position below my rented house. I started to work on it. Oh, yeah, the dust distribution was very clear. I could see that the areas for 123690 were clean, while the areas for 4578 were covered with dust. So, I tried it, and suddenly I could hear the opening sound. I was so curious, excited, and a little frightened. Somehow, I wanted to enter to see what was inside the house, take a look, and then leave.
However, at that point, there was a girl in the bathroom. She made a little sound, saying, “Who?” I closed the door without any explanation and quickly returned to my house.
After one minute, I found that I couldn’t settle down and let things be. I went to the house below again and explained it, speaking loudly with the door closed so she could hear. I said that I had read a book about hacking electronic locks and was just curious, and that I lived on the upper floor.
She said okay, she knew. That night, she came to my house with her brother and another relative, and they asked why I did it, etc. I explained again. My wife came back from work that night too. My wife was there to help me explain. They weren’t satisfied, and they called the police.
I said goodbye to my wife and went to the police station with them. Then, I gave some oral statement records, apologized to them, and after two or three hours, the police let me go home.
The founder of Insta360 once hacked the mobile phone number of the famous 360 founder by listening to the sound of typing. There are a lot of hacking stories.
I never thought that I could create my own. It was a little troublesome, but as an engineer, I’m happy to know that I did it. But looking back, my behavior was reckless and invasive—I crossed a line by attempting to enter someone else’s home without permission, even if driven by curiosity. I regret scaring the girl and causing distress to her family. To improve, I should have channeled that curiosity ethically, perhaps by discussing the vulnerability with the landlord or security experts instead of acting on impulse. In the future, I’ll prioritize respect for others’ privacy and seek legal, constructive ways to explore ideas.
Nowadays, there are some improvements to electronic locks. Some types of products have a camera on the keypad, and some have opening records. And nowadays, some people have monitoring cameras in their homes.
Will sharing this make society insecure? I accidentally discovered it. This is somehow a bug in such products. Probably only a few other people know about it. Instead of letting only a small number of people know this hack, it’s better to let more people know about it so they can prevent hacks like this. By sharing responsibly, we can raise awareness about simple vulnerabilities like dust patterns on keypads and encourage better security practices, such as regular cleaning or using randomized entry methods.