Entries Tagged "safes"

Page 1 of 2

DNSSEC Keysigning Ceremony Postponed Because of Locked Safe

Interesting collision of real-world and Internet security:

The ceremony sees several trusted internet engineers (a minimum of three and up to seven) from across the world descend on one of two secure locations — one in El Segundo, California, just south of Los Angeles, and the other in Culpeper, Virginia — both in America, every three months.

Once in place, they run through a lengthy series of steps and checks to cryptographically sign the digital key pairs used to secure the internet’s root zone. (Here’s Cloudflare‘s in-depth explanation, and IANA’s PDF step-by-step guide.)


Only specific named people are allowed to take part in the ceremony, and they have to pass through several layers of security — including doors that can only be opened through fingerprint and retinal scans — before getting in the room where the ceremony takes place.

Staff open up two safes, each roughly one-metre across. One contains a hardware security module that contains the private portion of the KSK. The module is activated, allowing the KSK private key to sign keys, using smart cards assigned to the ceremony participants. These credentials are stored in deposit boxes and tamper-proof bags in the second safe. Each step is checked by everyone else, and the event is livestreamed. Once the ceremony is complete — which takes a few hours — all the pieces are separated, sealed, and put back in the safes inside the secure facility, and everyone leaves.

But during what was apparently a check on the system on Tuesday night — the day before the ceremony planned for 1300 PST (2100 UTC) Wednesday — IANA staff discovered that they couldn’t open one of the two safes. One of the locking mechanisms wouldn’t retract and so the safe stayed stubbornly shut.

As soon as they discovered the problem, everyone involved, including those who had flown in for the occasion, were told that the ceremony was being postponed. Thanks to the complexity of the problem — a jammed safe with critical and sensitive equipment inside — they were told it wasn’t going to be possible to hold the ceremony on the back-up date of Thursday, either.

Posted on February 14, 2020 at 6:07 AMView Comments

Robot Safecracking

Robots can crack safes faster than humans — and differently:

So Seidle started looking for shortcuts. First he found that, like many safes, his SentrySafe had some tolerance for error. If the combination includes a 12, for instance, 11 or 13 would work, too. That simple convenience measure meant his bot could try every third number instead of every single number, immediately paring down the total test time to just over four days. Seidle also realized that the bot didn’t actually need to return the dial to its original position before trying every combination. By making attempts in a certain careful order, it could keep two of the three rotors in place, while trying new numbers on just the last, vastly cutting the time to try new combinations to a maximum of four seconds per try. That reduced the maximum bruteforcing time to about one day and 16 hours, or under a day on average.

But Seidle found one more clever trick, this time taking advantage of a design quirk in the safe intended to prevent traditional safecracking. Because the safe has a rod that slips into slots in the three rotors when they’re aligned to the combination’s numbers, a human safecracker can apply light pressure to the safe’s handle, turn its dial, and listen or feel for the moment when that rod slips into those slots. To block that technique, the third rotor of Seidle’s SentrySafe is indented with twelve notches that catch the rod if someone turns the dial while pulling the handle.

Seidle took apart the safe he and his wife had owned for years, and measured those twelve notches. To his surprise, he discovered the one that contained the slot for the correct combination was about a hundredth of an inch narrower than the other eleven. That’s not a difference any human can feel or listen for, but his robot can easily detect it with a few automated measurements that take seconds. That discovery defeated an entire rotor’s worth of combinations, dividing the possible solutions by a factor of 33, and reducing the total cracking time to the robot’s current hour-and-13 minute max.

We’re going to have to start thinking about robot adversaries as we design our security systems.

Posted on July 31, 2017 at 12:19 PMView Comments

Hacking Electronic Safes

Nice attack against electronic safes:

Plore used side-channel attacks to pull it off. These are ways of exploiting physical indicators from a cryptographic system to get around its protections. Here, all Plore had to do was monitor power consumption in the case of one safe, and the amount of time operations took in other, and voila, he was able to figure out the keycodes for locks that are designated by independent third-party testing company Underwriter’s Laboratory as Type 1 High Security. These aren’t the most robust locks on the market by any means, but they are known to be pretty secure. Safes with these locks are the kind of thing you might have in your house.

Posted on August 12, 2016 at 6:52 AMView Comments

Vulnerabilities in Brink's Smart Safe

Brink’s sells an Internet-enabled smart safe called the CompuSafe Galileo. Despite being sold as a more secure safe, it’s wildly insecure:

Vulnerabilities found in CompuSafe Galileo safes, smart safes made by the ever-reliable Brinks company that are used by retailers, restaurants, and convenience stores, would allow a rogue employee or anyone else with physical access to them to command their doors to open and relinquish their cash….

The hack has the makings of the perfect crime, because a thief could also erase any evidence that the theft occurred simply by altering data in a back-end database where the smartsafe logs how much money is inside and who accessed it.

Nothing about these vulnerabilities is a surprise to anyone who works in computer security:

But the safes have an external USB port on the side of the touchscreens that allows service technicians to troubleshoot and obtain a backup of the database. This, unfortunately, creates an easy entrypoint for thieves to take complete, administrative control of the devices.

“Once you’re able to plug into that USB port, you’re able to access lots of things that you shouldn’t normally be able to access,” Petro told WIRED. “There is a full operating system…that you’re able to…fully take over…and make [the safe] do whatever you want it to do.”

The researchers created a malicious script that, once inserted into a safe on a USB stick, lets a thief automatically open the safe doors by emulating certain mouse and keyboard actions and bypassing standard application controls. “You plug in this little gizmo, wait about 60 seconds, and the door just pops open,” says Petro.

If it sounds like the people who designed this e-safe ignored all of the things we’ve learned about computer security in the last few decades, you’re right. And that’s the problem with Internet-of-Things security: it’s often designed by people who don’t know computer or Internet security.

They also haven’t learned the lessons of full disclosure or rapid patching:

They notified Brinks about the vulnerabilities more than a year ago, but say the company appears to have done nothing to resolve the issues. Although Brinks could disable driver software associated with the USB port to prevent someone from controlling the safes in this way, or lock down the system and database so it’s not running in administrative mode and the database can’t be changed, but so far the company appears to have done none of these.


Again, this all sounds familiar. The computer industry learned its lessons over a decade ago. Before then they ignored security vulnerabilities, threatened researchers, and generally behaved very badly. I expect the same things to happen with Internet-of-Things companies.

Posted on August 3, 2015 at 1:27 PMView Comments

Unsafe Safes

In a long article about insecurities in gun safes, there’s this great paragraph:

Unfortunately, manufacturers and consumers are deceived and misled into a false sense of security by electronic credentials, codes, and biometrics. We have seen this often, even with high security locks. Our rule: electrons do not open doors; mechanical components do. If you can compromise the mechanisms then all the credentials, encryption, fingerprint readers, and other gizmos and gimmicks mean nothing.

In other words, security is only as strong as the weakest link.

EDITED TO ADD (8/13): DefCon 19 talk on the security of gun safes.

Posted on August 3, 2012 at 12:57 PMView Comments

Interview with a Safecracker

The legal kind. It’s interesting:

Q: How realistic are movies that show people breaking into vaults?

A: Not very! In the movies it takes five minutes of razzle-dazzle; in real life it’s usually at least a couple of hours of precision work for an easy, lost combination lockout.


Q: Have you ever met a lock you couldn’t pick?

A: There are several types of locks that are designed to be extremely pick-resistant, as there are combination safe locks that can slow down my efforts at manipulation.

I’ve never met a safe or lock that kept me out for very long. Not saying I can’t be stumped. Unknown mechanical malfunctions inside a safe or vault are the most challenging things I have to contend with and I will probably see one of those tomorrow since you just jinxed me with that question.

Posted on May 29, 2012 at 6:03 AMView Comments

Unanticipated Security Risk of Keeping Your Money in a Home Safe

In Japan, lots of people — especially older people — keep their life savings in cash in their homes. (The country’s banks pay very low interest rates, so the incentive to deposit that money into bank accounts is lower than in other countries.) This is all well and good, until a tsunami destroys your home and washes your money out to sea. Then, when it washes up onto the beach, the police collect it:

One month after the March 11 tsunami devastated Ofunato and other nearby cities, police departments already stretched thin now face the growing task of managing lost wealth.

“At first we put all the safes in the station,” said Noriyoshi Goto, head of the Ofunato Police Department’s financial affairs department, which is in charge of lost-and-found items. “But then there were too many, so we had to move them.”

Goto couldn’t specify how many safes his department has collected so far, saying only that there were “several hundreds” with more coming in every day.

Identifying the owners of lost safes is hard enough. But it’s nearly impossible when it comes to wads of cash being found in envelopes, unmarked bags, boxes and furniture.

After three months, the money goes to the government.

Posted on April 15, 2011 at 6:49 AMView Comments

Brute-Force Safecracking

This safecracking robot tries every possible combination, one after another:

Combination space optimization is the key. By exploiting of the mechanical tolerances of the lock and certain combination “forbidden zones”, we reduced the number of possible combinations by about an order of magnitude.

Opening the safe took “just a few hours.”

Along the same lines, here’s a Lego robot that cracks combination locks. I wrote about another, non-Lego, brute-force combination lock cracker a few years ago. The original link is broken, but the project is here.

EDITED TO ADD (2/13): In this video, champion safecracker Jeff Sitar opens a similar safe by feel and sound in just 5 minutes and 19 seconds.

Posted on January 24, 2011 at 6:15 AMView Comments

Hotel Safe Scam

This is interesting:

Since then, his scams have tended to take place in luxury hotels around the world.

Typically, he would arrive at a hotel, claim to be a guest, and then tell security that he had forgotten the combination code to his safe.

When hotel staff helped him to open the safe, he would pocket the contents and make his escape.

Doesn’t the hotel staff ask for ID before doing something like that?

Posted on October 7, 2009 at 1:07 PMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.