Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Robot At DEFCON Cracked A Safe Within 30 Minutes (bbc.com)

Posted by EditorDavid on from the automating-larceny dept.

schwit1 shared an article from the BBC: Using a cheap robot, a team of hackers has cracked open a leading-brand combination safe, live on stage in Las Vegas. The team from SparkFun Electronics was able to open a SentrySafe safe in around 30 minutes... After the robot discovered the combination was 51.36.93, the safe popped open -- to rapturous applause from the audience of several hundred... The robot, which cost around $200 to put together, makes use of 3D-printed parts that can be easily replaced to fit different brands of combination safe. It cannot crack a digital lock -- although vulnerabilities in those systems have been exposed by other hacking teams in the past.
Though the safe had a million possible combinations using three two-digit numbers, the last number had slightly larger indents on the dial -- reducing the possible combinations to just 10,000. And in addition, "the team also discovered that the safe's design allows for a margin of error to compensate for humans getting their combination slightly wrong" -- which meant that the robot only had to check every third number. "Using this method, they could cut down the number of possible combinations to around 1,000."

"Some SentrySafe models come with an additional lock and key, but the team was able to unlock it by using a Bic pen."

8 of 128 comments (clear)

  1. Sounds like they watched a few Richard Feynman by Tulsa_Time · · Score: 5, Insightful

    You Tube Videos...

    --
    5 out of 6 people enjoy Russian Roulette & 6 out of 7 Dwarfs are not Happy
    1. Re:Sounds like they watched a few Richard Feynman by Registered+Coward+v2 · · Score: 4, Informative

      Exactly. The stories of his safe cracking in Surely You're Joking... are great. That book and they follow-on should be required reading for anyone interested in hacking, in the old school meaning of the term.

      --
      I'm a consultant - I convert gibberish into cash-flow.
    2. Re:Sounds like they watched a few Richard Feynman by gl4ss · · Score: 4, Interesting

      They're an interesting read for anyone who doesn't want to be an idiot, really.

      even if you figured out some of the stuff yourself, reading surely you're joking gives you at least some hope in humanity and in that, no, people aren't that different despite few decades of time passing - but you don't have to let it get to you too much.

      aaaanyways also this is kinda why proper safes have delay locks.. with a home safe I would be more interested in if it keeps the stuff safe in an event of fire or whatever(the reason for the name "safe" vs. a lockbox).

      --
      world was created 5 seconds before this post as it is.
  2. Very Cool Application by mykepredko · · Score: 4, Informative

    I know this isn't at the level of what you'd see in a James Bond movie, but neither is the Sentry safe.

    Congratulations to the team at SparkFun!

    --
    Mimetics Inc. Twitter
  3. Re:So, not surprised they're not all that secure by starblazer · · Score: 4, Insightful

    1) steal safe
    2) stash safe
    3) attach robot
    4) profit?

    Key to this is to make sure its bolted to the floor. Most home safes aren't.

  4. Re:Help me understand this by gl4ss · · Score: 4, Insightful

    it's defcon.

    that is, nowadays it seems it's just about a) money b) cheesy pr stunts to get said money.

    why do you think it's in vegas and not say in hamburg?

    never mind the fact that it was just a brute forcer - ultrasonic detection, xrays, click detection or anything - just brute force an amount a human could brute force!.

    like okay, just have it as an exhibit on the show floor.. okay.

    but just take a look at the talks. okay there's apple watch jailbreak but thats about it and even that is kind of a who gives a fuck when you can buy open smartwatches for 1/6th of the price

    --
    world was created 5 seconds before this post as it is.
  5. Re: My Sentry safe model 1250.. by dunkelfalke · · Score: 4, Informative

    Maybe where you come from, but German police is trained to shoot to stop. This is one of the reasons why in Germany only about 12 persons per year get shot to death by the police. German police is also trained to only shoot as ultima ratio when there is no other way to stop a person instead of using their firearm when they are scared. This is why many German cops never once have shot at people during their decades-long carreer.

    --
    "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
  6. Re:My Sentry safe model 1250.. by kelemvor4 · · Score: 4, Interesting

    This. I work for the Seattle city government, and we demand a less than four hour response to all break-ins. We are trying very hard.

    That's pretty pathetic. To be useful it needs to be a lot closer to 15 minutes. Otherwise, they're never going to catch anyone or save any lives. At 1+ hours, all they're doing is playing secretary as they write a report.
    If you can't protect your citizens better than that, you should be encouraging gun ownership and self defense/home security type training for citizens.
    In Tampa, FL I've had to call the police 2 or 3 times in the past decade. They've always come very quickly, I don't have actual times but I'm thinking close to 15 minutes for sure.

    I just can't get over it. You're proud of a 4 hour response time? That's really bad.