Hacker Set To Demonstrate 60 Second Brinks Safe Hack At DEFCON

darthcamaro writes: Ok so we know that Chrysler cars will be hacked at Black Hat, Android will be hacked at DEFCON with Stagefright, and now word has come out that a pair of security researchers plan on bringing a Brinks safe onstage at DEFCON to demonstrate how it can be digitally hacked. No this isn't some kind of lockpick, but rather a digital hack, abusing the safe's exposed USB port. And oh yeah, it doesn't hurt that the new safe is running Windows XP either.

Re:Why not have mechanical security too?

[Mal-2]

It's basically an ATM in reverse, for stores. Put money in, and you're not SUPPOSED to be able to get it back out. Instead, it immediately shows up in your bank account. The bank will come around and empty the safe when it is convenient to them. If the power fails, they'll just have to come back some other time.

At least that's the plan. The exploit clearly shows that someone other than the bank or a Brinks employee CAN open the safe.

But of course, nobody reads the articles before complaining. This is /. after all.

Re:Seriously!

[Mal-2]

In this case, the Windows version is irrelevant. They didn't attack Windows, they attacked the software running on top of it. Since the OS wasn't compromised, upgrading it would do one of two things: (1) break things, either a little or a lot OR (2) absolutely nothing.

"Even if the CompuSafe were running Windows 10, it wouldn't have changed the exploit that we will be demonstrating," Salazar said.

It's right in there. Of course that would require reading the article, and I'm sure I broke some unwritten rule by doing so.