SoylentNews is people
SoylentNews
Submitted via IRC for Bytram
One of Amazon's top-selling electronic gun safes contains a critical vulnerability that allows it to be opened by virtually anyone, even when they don't know the password.
The Vaultek VT20i handgun safe, ranked fourth in Amazon's gun safes and cabinets category, allows owners to electronically open the door using a Bluetooth-enabled smartphone app. The remote unlock feature is supposed to work only when someone knows the four- to eight-digit personal identification number used to lock the device. But it turns out that this PIN safeguard can be bypassed using a standard computer and a small amount of programming know-how.
As the video demonstration below shows, researchers with security firm Two Six Labs were able to open a VT20i safe in a matter of seconds by using their MacBook Pro to send specially designed Bluetooth data while it was in range. The feat required no knowledge of the unlock PIN or any advanced scanning of the vulnerable safe. The hack works reliably even when the PIN is changed. All that's required to make it work is that the safe have Bluetooth connectivity turned on.
[...] The vulnerability means that anyone who relies on a VT20i safe to secure valuables should immediately turn off Bluetooth connectivity and leave it off indefinitely. Safes can still be locked and unlocked using a traditional physical key, as well as by owners' fingerprints. Some Amazon customers, however, have complained the fingerprint feature is flawed as well.
[It's not clear from the story if the issue can be patched. - Ed]
(Score: 2) by meustrus on Monday December 11 2017, @04:29PM (3 children)
Maybe a good electronic could be secure. If it was also physically secure in every way that matters. But the very act of installing an electrically-activated unlock mechanism makes it susceptible to electromagnetic perturbances, which can be very difficult to secure against. Do you encase the thing in lead to keep signals from leaking through and unlocking it outside of the normal command protocol? And then there's the fact that cheaper locks can be triggered just by physically jolting them. Some lighter gun safes with electronic locks can be unlocked simply by dropping them about a foot onto a solid surface.
Bottom line: unless the limitations of a physical lock (mainly the inability to have multiple codes) are a major security concern, a physical lock is always going to be more secure.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
(Score: 2) by bob_super on Monday December 11 2017, @05:41PM
The physical lock also still works when the power gets cut off at the beginning of the Alien Zombie Apocalypse.
The guy who hid his physical backup safe key 3 years ago may have a problem at bug-out time.
What do you mean by "it's a corner case with low probability"? Aren't people overly sensitive to low-probability events the exact target in that market?
(Score: 2) by TheRaven on Tuesday December 12 2017, @10:35AM (1 child)
The same is true for physical locks. I don't have any experience with gun safes, but I've seen cash lock boxes that can be opened by dropping them and ones that can be opened with a flat-edged screwdriver instead of the key. A well-designed electronic safe has two wires going through the case into the locking mechanism and (unlike a mechanical lock) has no physical access from the outside to any part of the locking mechanism. The two wires run a serial protocol that is rate limited to one try every few seconds and sends simple bidirectional messages. The hardware inside sends a random number, the electronics on the outside encrypt this with an asymmetric key held by the unlocking token and send it back. The interior electronics then decrypt it with the other key from the keypair and trigger an unlock if they match. This requires a hardware random number generator, a clock (for the delay) and either a few dozen lines of code and a hardware RSA implementation, or a few hundred lines of code without. The sensitive electronics are inside the safe and so difficult to tamper with.
Outside the safe, you can have a full general-purpose OS with all of the vulnerabilities that this implies: It can't open the safe unless it can sign something with the correct key, and that key is held in a smartcard, which will just do signing and not allow the key to be exfiltrated.
Such a design, if implemented correctly, is more secure than any mechanical lock design.
sudo mod me up
(Score: 2) by meustrus on Tuesday December 12 2017, @03:45PM
It's too bad there's no way to prove an electronic lock on the market is built according to your design. Marketing doesn't need proof because customers will buy shit based on misplaced trust in the manufacturer, retailer, and government regulations keeping them safe.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?