2026-06-26 –, Prime Dome
I spent years installing Trilogy Alarm Locks for the military. Other locksmiths asked for recommendations, I let them know of Trilogy's fast response to responsible disclosures (at that time), and I soon started seeing them in pharmacies, more government buildings, and banks. Then, after the company stopped responding to my vulnerability disclosures, I spent a year figuring out how to hack them. Nearly every angle I approached it from, I found a new vulnerability. The company never responded, despite acknowledging through a third party.
This talk walks through a five-layer attack chain against the T2/T3 lock platform: physical bypasses that leave little to no trace, NAND flash manipulation that injects ghost users with master privileges, a firmware hook on the MSP430 microcontroller that writes a persistent backdoor code during factory reset (using hand-patched TI assembly, because apparently that's a thing I do now), and USB emulation of the proprietary audit cable using FaceDancer and a GreatFET One.
Over a year later, I was able to prove that a lock deployed in critical infrastructure has credentials that can be cloned from the trash, firmware that can be rewritten through an unblown JTAG fuse, and whose audit trail (the one used as legal evidence) can be fooled by a device that costs less than the lock itself.
I'm not a firmware engineer; I'm a locksmith who got curious, bricked a lot of boards, filled a notebook with bad hypotheses, and eventually taught myself enough TI assembly to write a 38-byte payload that survives every factory reset method. The tools were a $30 flash programmer, a soldering iron, and an unreasonable amount of stubbornness.
The talk closes with a constructive argument: self-auditing endpoints are fundamentally broken. If the lock controls access AND writes the audit log, you have a suspect writing their own alibi, not a log that should be used in legal evidence. I'll propose an Observer System Model where independent sensors verify what the lock claims, and discuss why even cheap mitigations (blow the JTAG fuse, encrypt the NAND, authenticate the cable, use a TPM) would have stopped every attack in this chain.
Everything is published: code, dumps, patches, pcaps, 33 pages of handwritten notes, and a 4,000-word research journal documenting every wrong turn.
Repo:
https://github.com/Qweary/T2-T3-Lock-Exploitation-Research
Blog:
https://qweary.github.io/backburner/
The five attack layers, in order of escalation:
Layer 1 — Physical: Acoustic side-channel keylogging through speaker voltage leakage. Tailpiece deflection with a stiff wire. Factory reset triggered by freezing battery leads with an inverted compressed air can. Remote unlock via bridging always-hot wires accessible through an external comm port. None of these generate audit events.
Layer 2 — NAND Flash (Adesto AT45DB041E): Complete reverse engineering of the 264-byte page layout storing 50 users per page. User codes stored as ASCII nibbles in plain decimal for the user codes (“0” substituted with “B” due to TI assembly conflicts with the microprocessor). Permission flags with easy to understand byte sequences (F1=Master, E1=Elevated, C1=Supervisor). Lazy write model where the MSP430 only commits RAM to NAND on battery removal. Arbitrary privilege escalation and user code injection via a $30 universal programmer and SOP8 clip. Injected codes appear in "Print Users" but not "Export Users,” presenting a stealth window for forensic evasion.
Layer 3 — Firmware (MSP430F2418 via JTAG): The JTAG fuse was never blown. Full read/write access to firmware. Located SetMasterCode() at 0x9ECA. Hijacked execution at 0x9EE8 with a BR opcode redirecting to unused space at 0xFA20. The 38-byte payload writes an elevated user code (696969) to slot 49 during every factory reset. Survived multiple resets across multiple boards. Video demo available.
Layer 4 — USB Cable Emulation (CP2102 via FaceDancer): Built a GreatFET-based emulator matching the Silicon Labs VID/PID, device descriptors, vendor requests, and bulk endpoints of the proprietary programming cable. DL-Windows recognizes the emulated device and interacts with it. Partial pass of the software's Loopback Test (~40 of 303 packets). Vendor audit software performs no cryptographic authentication — trust is based entirely on USB descriptors, then happily passes data back and forth with the cable.
Layer 5 — Audit Trail Subversion: The synthesis of all four layers. NAND injection creates users invisible to some export methods. Firmware injection creates codes invisible until queried. Cable emulation opens the door to intercepting or forging audit data between lock and PC. Combined: a lock whose credentials, firmware, and audit trail can all be manipulated by an attacker with physical access and modest tools. The fact that these locks are shipped over international waters before being installed in the most sensitive areas leaves many opportunities, and motivation, for a bad actor to inject a phantom into the pipeline.
Target hardware: Alarm Lock Trilogy T2/T3 (MSP430F2418 + Adesto AT45DB041E + CP2102 USB interface). Deployed widely in US healthcare, education, government, and financial sectors.
Blog series: https://qweary.github.io/backburner/
Repository: https://github.com/Qweary/T2-T3-Lock-Exploitation-Research
Louis Piano (Qweary) is a red teamer who happens to also be a locksmith for the US Department of the Army. He researches the collision of physical and digital security; demonstrating that the boundary between them was always imaginary. His hardware work includes a year-long reverse engineering project against institutional electronic locks, from NAND flash dumps to hand-patched TI assembly firmware hooks. On the cyber side, he builds multi-agent AI swarms with agentic capabilities for red team operations. Most recently, he deployed them at WRCCDC regionals, where Anthropic sponsored a blue team of 30-40 Claude instances defending against both his swarm and the human red team; this was a first-of-its-kind experiment to see the impact of augmented red team operations vs agentic blue team defense in a live competition. Based in Olympia, WA, he volunteers with OlyMega makerspace and believes persistence matters more than pedigree. This is his first conference talk.