
How Secure Are Electronic Safe Locks? [video] - noobie
https://www.youtube.com/watch?v=HxQUKAjq-7w
======
patcheudor
Security is an interesting thing. I always tend to default to the easiest
path. In the case of inexpensive consumer safes the easiest path tends to be
smacking the safe in the right spot to cause the locking solenoid to bounce or
going after the "backup lock" which is used for access in the event of an
electronic lock failure. Here's a video I posted several years ago on YouTube
on how to open the wall safe in my house. Radial, aka tubular pin locks are
pretty much broken by design. I've never met one I couldn't pick with a
business-card.

[https://www.youtube.com/watch?v=E13H7NAGnPI](https://www.youtube.com/watch?v=E13H7NAGnPI)

------
malenm
tldr; This was a ~$500 medium-level security safe and he was unable to crack
it via the electronics.

~~~
JshWright
Your tl;dr; doesn't sufficiently capture Dave's level of Australian...

------
markbnj
One of my favorite EEVBlogs. Thanks for the submission. Bob's yer uncle!

Side note: Dave noted the use of the old school OTP chip to store the
executable code, contrasted it with modern flashable chips, and then linked
the use to the original design. However I wonder if retaining the OTP chip
isn't a specific security measure? It does what is needed with much less
attack surface than a reprogrammable chip, doesn't it?

------
kabdib
A safe I used at a prior company had a digital lock with one combination. A
little searching for similar models revealed that the lock had additional
combinations, not documented in the manual for _our_ safe, with factory
default combinations. We changed the extra entries quickly.

I wonder how many more there are. It's software, it's practically
uninspectable, it sure wouldn't surprise me.

~~~
flarg
In my experience those digital hotel safes that you set a code for usually
have a standard override code (often 5555) - failing that a sharp ta to the
top of the keypad gets some open. It's a kind of a shame they don't take this
sort of things seriously.

~~~
marincounty
I don't trust them either. When I check into a hotel/motel; I ask for no maid
service. I do ask for an extra set of linen though. They always look at me
like I'm crazy. Even when I ask though, some establishments clean my room
anyways? I can't prove it, but I feel I have had stuff stolen form my room. I
just saw a commercial for a new Los Vegas hotel. Their sales pitch was we
clean your room 2x daily. I said to myself, "I'm not going there." When I
bring a few grand worth of stuff to a hotel, and decide to take a chance with
the maid service, I lock my stuff up in a large Pac Safe made for Backpacks.

~~~
allersj
I didn't know you could request no maid service. I usually leave the Do Not
Disturb sign displayed on the door during my entire stay.

~~~
kelt
During my stay in China the DnD sign does not seem to apply, they still come
in...

------
deutronium
I was wondering if you could also attempt glitching attacks?

~~~
Qiasfah
This is unlikely considering you only have access to the external power
supply. As Dave notes there is a filtering stage on the PCB to help isolate
the chip.

~~~
deutronium
One form of glitching is voltage glitching though

