Las Vegas Sun

March 28, 2024

Criminals aren’t the only ones breaking in

Black Hat

John Locher / AP

Deputy Secretary of Homeland Security Alejandro Mayorkas speaks at the Black Hat conference Thursday, Aug. 6, 2015, in Las Vegas. The annual computer security conference draws thousands of hackers and security professionals to Las Vegas.

The word “hacker” might conjure thoughts of the Edward Snowden, Ashley Madison or Sony Pictures data breaches.

Generally, hackers are people who illegally break into computers to gain unauthorized access to data.

But hacking also can encompass a broad swath of activities — and not just related to computers.

Las Vegas is home to a number of hackers, from computer-security experts to high schoolers. They hack computers, buildings, even locks.

Most of what they do is legal. Some of what they do is not.

The lockpicker

Lockpicking in Nevada

Nevada has some of the strictest lockpicking laws on the books. In most states, lockpicks are legal, and the state must prove criminal intent if police find them in your possession. However, in Nevada, possession of picks can be considered evidence of criminal intent.

The first rule of lockpicking is you don’t pick a lock that isn’t yours. The second rule of lockpicking is you don’t pick a lock you use every day.

At least that’s what lockpicker and network engineer Jeff Rosowski says.

Rosowski learned to lockpick to prepare for Mystery Challenge, a contest of puzzles, ciphers, tricks and codes at the annual DefCon hacker conference. Since, he has maintained his skills at monthly lockpicking nights at SYN Shop, a Henderson hackerspace he helped found in 2008.

The lockpickers at SYN Shop said lockpicking is a relaxing pastime. One practices while watching TV.

Basic lockpicking isn’t hard to learn. The simplest locks have only one pin. An average padlock might have four or five pins. Regardless, the principle is the same: Insert a tension wrench into the keyhole, then use a pick to press the pins up inside the lock.

Much of lockpicking is based on feel, but some is luck. Rosowski’s favorite locks to pick are padlocks.

“Brinks are generally good,” Rosowski said. “This one, I’ve opened exactly once.”

Lockpicking has real-life applications, too. Rosowski once used a pick to get into a storage shed for which he had lost the key. He doesn’t regularly pick his front door, however, as it could ruin the lock.

Despite the ease of picking locks, Rosowski says he doesn’t worry about someone picking his. As with most security protocols, he says, “locks keep honest people honest.” If people really want to break in, they can.

“There are certain things you do to make yourself safer,” Rosowski said. “You don’t parade all your luggage out to your car. You have to do things that don’t make you look like a target.”

The urban explorer

Meet one of Las Vegas’ most experienced urban explorers. He has broken into and climbed most of the hotels on the Strip.

He goes by Tremulant — the name of a recording by his favorite band, The Mars Volta — due to legal issues associated with trespassing on private property. He always loved exploring — “Goonies” and “Indiana Jones” were among his favorite childhood movies — and embarked on his first urban exploration in high school.

He scaled the unfinished Fontainebleau during his junior year. He had been afraid of heights until that climb.

“I couldn’t even get close to a ledge or anything; I’d break into a sweat,” Tremulant said. “I’d be shaking. I couldn’t walk.”

Preparations for the climb took several days: He and a friend spent multiple nights hiding on the Riviera’s rooftop, watching Fontainebleau security guards to figure out their patterns.

As for the climb itself, the pair didn’t bring any equipment. The stairwells on the bottom stories of the hotel were boarded up, so the two climbed over facades and through windows until they reached an open portion of stairwell. They took the stairs to the roof, moved onto a crane, then climbed the rest of the way on that.

“As soon as I stepped onto that crane and looked down, my fear of heights disappeared,” Tremulant said. “It was strange.”

The purpose of urban exploring, according to those who engage in it, truly is to explore, not to damage or vandalize. For Tremulant, exploring has helped him appreciate his hometown.

“I’ve never been too much a fan of this city, and I’ve always been looking for ways to enjoy it more,” Tremulant said. “With exploring, I’m able to visually see the aspects and the failures that I dislike about the city of Las Vegas and explore them in a physical environment. It’s a really eye-opening experience.”

Since Fontainebleau, Tremulant has climbed most of the Strip hotels as well as the Downtown Summerlin tower, Manhattan West and the new tower at the Silverton. He spent a week exploring Las Vegas’ subterranean storm drain system, stumbling across a bag of money, drugs, a dead dog, and somewhere below Caesars Palace, a community of about 40 homeless people. He also has explored in Los Angeles, Michigan, Utah and Colorado.

The hardest, by far, has been the Strip.

“As soon as you walk into the hotel, they’re aware you’re there,” Tremulant said. “There are thousands of cameras everywhere. When you know your intent is to get into an employee area of the casino or an entirely out-of-bounds area of the casino, you have to make sure that they don’t know that’s your intent.”

In fact, Tremulant said he was banned for life from every MGM Resorts International property — until he wrote a letter to the head of security apologizing. Metro Police also were involved in one instance, Tremulant said, though he has never been fined or arrested.

Nothing, so far, has stopped his explorations.

“It’s nice to be able to sit down a few hundred feet above it all and look down,” Tremulant said. “It separates you from the parts of the city you don’t like. From up there, it’s a beautiful city.”

The safe crackers

It’s not every day a physics teacher asks you to build a safe, then fly to Israel to try to break into other people’s safes.

But that’s exactly what happened last spring at the Meadows School.

Six students were tasked with using principles of physics to build a safe that other students would have to try to crack at the Weizmann Institute of Science in Rehovot, Israel. Over two months, the group designed a Las Vegas-themed safe, with lasers, ferrofluid, remote control cars, diffraction gratings and a do-it-yourself computer.

“It was a tangible physics problem,” said Ryan Blount, a senior at the time. “We had to learn circuitry, lasers and mirrors — a bunch of things I never thought I’d have to learn.”

The team traveled to Israel in April to compete. It didn’t place in the competition, but several members were juniors and hope to compete again next year.

“It was my teacher who helped me have that love for physics and being able to make these things applicable, rather than just prepare us for the AP exam,” Blount said.

Blount now is studying at the U.S. Military Academy at West Point with the intention of earning a degree in mechanical engineering. He hopes to work in military intelligence.

The computer hacker

Emilie St-Pierre learned HTML and CSS for fun as a child, coding on sites such as Myspace and Neopets. She never thought it would become her life.

After a stint bartending and as a makeup artist, St-Pierre took up programming three and a half years ago. Now, she attends the College of Southern Nevada to hone her network security skills and works as a part-time security consultant in the valley. She also co-hosts a weekly computer security podcast, “Gr3y Noise,” recorded out of SYN Shop in Henderson.

The 26-year-old Montreal native is what some might call a white hat hacker, someone who breaks into a system to test its security, not to exploit it. St-Pierre said she has discovered six system vulnerabilities, and notified the vendor each time.

One vulnerability she found was in the messaging application WhatsApp. After changing her phone number, St-Pierre discovered she could access the photos and messages of the person who previously had the number. St-Pierre said she contacted the company but never heard back.

There’s no official ethical code for hackers, so each person has to come up with his or her own system for handling vulnerabilities.

“I have my own ethics, and I’ll contact the company if I find a vulnerability,” St-Pierre said. “But what happens a lot is that many people won’t do anything about it.”

If a vendor does nothing for three months, St-Pierre considers releasing the information to the public — not to encourage others to exploit it but to publicly pressure the company to fix the vulnerability.

But releasing a vulnerability must be a calculated decision. A company easily can sue a hacker for releasing proprietary information.

“It’ll be their entire legal team against your zero-person team,” St-Pierre said.

All of the vulnerabilities St-Pierre discovered came from interacting with the front ends of systems. To hack into the back end of a piece of software would be too risky.

“I’m concerned about the laws in regard to computer hacking,” St-Pierre said. “It seems like when you add the word ‘computer’ into a crime, you get four extra years added to your sentence. People are getting 10 to 15 years for crimes related to computers.”

The main problem is education has fallen far behind technological advancements, according to computer-security expert Nick Rosario, St-Pierre’s co-host on the podcast. Not only have laws and policies stagnated, more systems are vulnerable because people don’t know how to secure themselves.

“Humans are the low-lying fruit,” Rosario said. “Humans will always be hackable.”

In turn, growing demand for products has pressured companies to turn out software without proper security.

The answer isn’t harsher penalties for hackers but more education for lawmakers and the public, Rosario and St-Pierre said.

“Hacking is like, ‘What if I did this?’ and then, ‘Well, what if I did this?’” St-Pierre said. “It’s taking an approach to a system, and instead of using it for what it’s supposed to do, you make it do something else.”

Join the Discussion:

Check this out for a full explanation of our conversion to the LiveFyre commenting system and instructions on how to sign up for an account.

Full comments policy