
Robot cracks open safe live on Def Con's stage - SirLJ
http://www.bbc.com/news/technology-40760648
======
agumonkey
Last month I had the disappointing surprise of finding a lock on my bike. I
forgot I put it (it's been years since I last used it). And it's not a key
lock.. so I'm screwed. Not willing to cut the cable.. I decided to brute force
it. 999 space is fun. Luckily you quickly find similar tips than the alignment
one to speed up the process. And since it's not a full rotary lock, I could
also "DDR" the tests by testing when going from 0 to 9 then from 9 to 0. 5
minutes later and 800 attempts I was lifting my bike like a king. Until I
realize the rear tire was dead. TL;DR; do not succomb to the seductive power
of cryptanalysis.. check rubber first !

~~~
adekok
When I was 10, I found a rotary bicycle lock + connected chain, locked alone
to a post in a park. Having read up on locks even then (god knows how), I
tried the method of "pull on it and spin the dials".

About 30 seconds later, it was unlocked.

I used that lock for about 10 years, until I went to University, where the
thieves were a bit smarter.

~~~
shasheene
Just a note that the lock you found may have not been abandoned.

Many bike posts in my university's undercover bike shed often had several
locks without a bike in sight. It turned out many people leaving bike locks on
posts they often use (it doesn't take up much space or prevent someone from
using the post).

It saves those cyclists the hassle of carrying the the lock with them (only
the key), which is particularly an issue with those very heavy bike U-locks
and D-locks.

~~~
grogenaut
Agreed. I have a lock on the work bike lockers I use. Everyone seems to do
this. Means you can have a very hefty lock but not carry it. Speaking of we
moved buildings I need to snag it.

------
Pinckney
It's a cool robot, but auto-dialers are a known tool in safecracking.

Additionally, the safe in question seems to be a SentrySafe SF082CS, which
caries NO security rating from UL. The lowest test rating, RSC, only requires
the safe survive a 5 minute attack with hand tools.

~~~
p4lindromica
How do I find a UL-security-rated safe? Does it matter if I don't bolt it to
the floor?

~~~
donavanm
Depends on where you are. UL ratings are used in north america. There are
similar EU ratings that I dont recall of hand. TL ratings are for theft/entry
resistance. There are other modifiers for fire, water, chemical, etc
resistance. Unrated "safes", and even some that are said to be rated, are
junk. In NA you want to get in touch with a local safe dealer/specialist. Most
of their business is commercial, and they are _not_ the same as a locks ith or
"security" company. Moving and installing a safe is a specialist job by
itself.

As a sibling commented RSCs are the lowest level and appropriate for home use
of low level valuables. Expect $500-1000 and up. TL rated products are almoat
always geared towards commercial use. When I was looking a local safe company
had a korean made TL-15 with 1 hr fire resistance for about $2500. This was a
very bare bones commercial demo/returned unit about 2'x3'x5' interior.

All safes and RSCs _must_ be anchored to the structure on 2 or more sides to
be effective. RSCs or "gun safes" will simply be pulled/cut out of the
structure if not anchored. TL safes will be knocked over and attacked at the
door or floor.

Heres UL testing a safe that probably costs $10,000+ today.
[https://m.youtube.com/watch?v=OtbGUbeM860](https://m.youtube.com/watch?v=OtbGUbeM860)

~~~
p4lindromica
This leads me to believe that if I am renting an apartment, I am SOL.

~~~
cantrevealname
> _if I am renting an apartment, I am SOL_

Not at all! If you're renting in a high-rise building, the floors will be
concrete below the laminate or hardwood. A good safe will have either 4 holes
or 1 center hole in the base to allow you to anchor it to the floor. Use a
concrete drill bit to drill a hole in your apartment floor in a discreet area,
like in a closet or laundry room. If you can borrow a hammer drill it'll be
faster, but even an ordinary drill will work, though slower. Make sure you buy
a _concrete_ drill bit.

Then attach the safe using concrete screws and anchors. You can use either a
self-tapping concrete screw or, better, put the correct size expanding sleeve
into the hole first[1]. Even with a single concrete anchor/screw, the safe
will be 100 times more difficult to steal. I've seen expensive TL-15 safes
($5000+) with only one center hole in the base, so I assume the manufacturer
thought that was sufficient (if properly anchored).

Before you place the safe, put down a sheet of plastic or a very thin patch of
carpet to protect the laminate or hardwood floor. Cut holes in the plastic
sheet or carpet for the concrete screws.

When you move out of your rented apartment, fill the holes with putty matching
the color of the laminate or hardwood floor. If you make a small effort at
patching up, the holes will be invisible.

One more piece of advice: The drilling won't take long, but it'll be very
loud. If you have a nosy landlord or superintendent, do the drilling when he's
not around. A superintendent, for example, is unlikely to work on a Saturday
or Sunday.

Also, cover the safe with a sheet or blanket, so if someone casually looks in
your closet or laundry room, the safe won't be noticed.

[http://howtospecialist.com/wp-content/uploads/2012/01/How-
to...](http://howtospecialist.com/wp-content/uploads/2012/01/How-to-install-
concrete-anchor-4.jpg)

~~~
toomuchtodo
You're advocating damaging someone's property without their permission. Don't
do that.

~~~
mturmon
Found the landlord!

~~~
protomyth
Or the person who had their basement apartment flooded.

------
asciimo
I love this frank response from the safe manufacturer:

'... speaking to Wired magazine earlier this month, when the team demonstrated
its method on a smaller safe, a spokeswoman for the safe maker said: "In this
environment, the product accomplished what it was designed to do."'

~~~
ChuckMcM
It is designed to trick people into building robots to open it? :-)

More seriously though, I consulted a friend and neighbor when buying a safe
for my home. This person who owns a locksmith shop and is a registered
locksmith (and has been for > 20 years) asked me to look up the median
response time of the police to my address. Since I live near the police
station it was fairly small. He said you only need a safe that can last 15 -
20 minutes and you will need to anchor it so that it can't be easily yanked
out of your house. Any professional thief will skip it and it may keep an
amateur working on it long enough for the police to arrive and arrest them in
the act.

That made a lot of sense to me.

~~~
micaksica
You bought a TL-15 safe for your home? Where did you place it? Even the
smaller TL-15 safes weigh hundreds of pounds and require some logistics to
place. They are very impractical for most apartment dweller types, or even
some high-density, old-construction flats because of their weight.

~~~
ChuckMcM

       > You bought a TL-15 safe for your home?
    

Yes I did. It did not weigh hundreds of pounds. Its location was constrained a
bit by where it could be secured to the structure but not unreasonably so. And
it wasn't like I've got paintings or something in it, just stuff that if the
house burned down I'd want to have survive and a few things I'd rather other
folks not have (like passports).

~~~
sobani
From this thread I've learned that a people-resistant safe might not be fire-
resistant.

Please check if your safe can actually handle heat and water.

~~~
ChuckMcM
That is correct, and something to specify when buying a safe. In our case I
was actually replacing a fire safe that my wife had bought at CostCo so fire
resistance was a 'must have' feature. It has has our critical documents in it
and a key to the safe deposit box where actually valuable but not something
you might need to get out at home stuff is kept.

------
saalweachter
I'm honestly a little disappointed it's "just" an automated safe cracker.

I wanted to see a hulking brute of a robot peel the safe like an apple with
its powerful metal claws.

------
Animats
Here's a commercial version. [1]

This seems to be an exhaustive-search combination lock solver. Someone else
has built one that not only manipulates the lock, but uses a contact
microphone to listen to it. But I can't find the reference.

[1]
[https://www.youtube.com/watch?v=fIavLorioys](https://www.youtube.com/watch?v=fIavLorioys)

~~~
themcaffee
A key element of this is it's ability to limit the amount of possible
combinations from 1 million to about 1000 due to small flaws in the dials. A
contact microphone might be able to even further reduce this search space in
combination with the existing exploits.

~~~
Animats
There are Sergeant and Greenleaf locks with a half-digit tolerance, so you
have to get the number exactly right. They're not popular, because they're
such a pain to use.

~~~
blacksmythe

      >> half-digit tolerance
    

I assume you mean <0.5digit tolerance.

There is a big difference between 0.55digit tolerance (might be able to try
two numbers at once with enough mechanical precision to the solver) and
0.45digit tolerance.

------
radarsat1
> Some SentrySafe models come with an additional lock and key, but the team
> was able to unlock it by using a Bic pen.

Um.. that also seems like an important problem?

~~~
Pinckney
It's a well-known attack on tubular locks.

------
dws
SparkFun posted a full tutorial on their machine few months ago.

[https://learn.sparkfun.com/tutorials/building-a-safe-
crackin...](https://learn.sparkfun.com/tutorials/building-a-safe-cracking-
robot)

------
0xbear
Aren't there a whole bunch of videos on YouTube of kids opening these with not
much more than a length of steel wire and primitive hand tools? You decidedly
do not want a safe that's not UL listed.

~~~
natch
Think of this as version 1.0 of the robot, though.

Unlike hand tools, the improvement curve of such robots will be interesting to
watch over time. [Edit: especially to the extent that the improvement is
partly in the innovative hands of the hacker / maker community as opposed to
just a few commercial companies as with existing "speed dialers."]

------
anindha
So many people in SF leave their house keys in those 3 digit combination locks
for Wag dog walkers. Something like this could crack that in seconds.

~~~
throwaway76543
A typical front door lock is considerably easier to defeat than the mechanism
on one of these safes. Many can be opened in seconds with a bump key or other
pick tools.

~~~
aqzman
No kidding! I recently picked up lock picking as a hobby, and it really makes
me realize just how insecure most locks really are. I'm a total beginner and
I'm able to pick some locks in seconds.

~~~
TheSpiceIsLife
Most regular houses I've lived in (in Australia) could be trivially and
discretely broken in to with a jemmy bar (crowbar).

My neighbour had his two jet skis stolen from his carport on a weekday, they
were chained to a post.

The auto shop across from my work had their delivery ute stolen from inside
the building while six staff were an open door way away.

I caught someone sitting in my car trying to start it with a screwdriver. I
nearly asked him if he wanted me to show him how it's done.

I keep telling my partner not to leave her laptops and cashbox visible from
the windows and to lock the front door when she's in the bathroom or backyard.

People I thought were my friends have stolen from me.

Unless you have something worth protecting and the budget to protect it...
Security is a hopeless mess.

~~~
robk
Is Tasmania that bad? This sounds like Detroit

~~~
TheSpiceIsLife
That encouraged me to take a peek, turns out Launceston was the the worst
place in Tasmania for home burglary in 2014/15[1], but still not as bad as
other areas around the country.

1\. [https://www.canstar.com.au/home-insurance/state-hotspots-
for...](https://www.canstar.com.au/home-insurance/state-hotspots-for-home-
theft/)

------
kumarvvr
Those framing pieces of aluminum or steel look awesome. They look great for
quick mechanical structural work.

Anyone have any idea where to buy them from ?

~~~
kejaed
The people that presented this on stage are from SparkFun, you can likely buy
all the bit from them. Most of the robot parts look like it is from the
Acrobatics line that they cary:

[https://www.sparkfun.com/pages/Actobotics](https://www.sparkfun.com/pages/Actobotics)

------
thesmallestcat
Somebody dumb enough to leave a key to their house right next to their house
in a city like SF deserves to get burglarized.

~~~
DrScump
Gotta love this attitude, which is widely shared by Bay Area media and law
enforcement.

\- "You shouldn't have parked there. "

\- "You shouldn't have left anything visible in your vehicle."

\- "You shouldn't have left anything _in_ visible in the trunk, either."

As for "key right next to house" how _else_ do you propose letting agents show
your property to prospective buyers or tenants?

In SF, property crimes don't matter. I once had a road rager _shoot at me and
blow a window out in my car_. SFPD response? "We can't find the round
(bullet), so we'll just give you a case number (and no further
investigation)."

Edit: typo

~~~
Semiapies
That's a serious pain. :/ Glad you weren't shot, though.

(Is "road eager" auto-correct for something?)

~~~
khedoros1
"road-rager", I'd guess.

