Hacker Set To Demonstrate 60 Second Brinks Safe Hack At DEFCON

darthcamaro writes: Ok so we know that Chrysler cars will be hacked at Black Hat, Android will be hacked at DEFCON with Stagefright, and now word has come out that a pair of security researchers plan on bringing a Brinks safe onstage at DEFCON to demonstrate how it can be digitally hacked. No this isn't some kind of lockpick, but rather a digital hack, abusing the safe's exposed USB port. And oh yeah, it doesn't hurt that the new safe is running Windows XP either.

Seriously!

[invictusvoyd]

Digital safe running XP = = special ops commando running with a muzzle load flint lock.

Re:Seriously!

[thegarbz]

I think a more apt example would be a special ops commando dragging a trebuchet. It's slow, unwieldly, probably would hinder you more than help you, and is incredibly heavy for an otherwise simple mission.

The WTF is not that it is running Windows XP, it's that it is running a full blown OS at all.

Re:Seriously!

[K.+S.+Kyosuke]

In this case, the Windows version is irrelevant. They didn't attack Windows, they attacked the software running on top of it.

There may be a somewhat strong correlation between being so stupid that you decide to run Windows XP on a sensitive embedded system and being so stupid that you write a sensitive application in a way that makes the whole system have obvious mistakes in it.

Re:Seriously!

[vtcodger]

A "safe" with a USB port? What could possibly go wrong?

Why?

[bickerdyke]

Why does a safe need an operating system?

And then why for heavens sake has it to be a desktop operating system? Does it need to run MS Office or what was the design idea here? It's not like there are especially hardened OSses out there for embedded devices. (Not to mention that this means we have a safe that's running on a x86 architecture)

And after having such a terrible design idea, why have it implemented by a moron using an out of date, unsupported, and buggy OS?