HN Theater @HNTheaterMonth

David Jones' EEVBlog had an episode attempting to do powerline analysis of an electronic safe: https://www.youtube.com/watch?v=HxQUKAjq-7w

Like other commenters here I'm wary of using an electronic lock because I'm not able to inspect the code for backdoors. I wonder if there's enough of a hacker market to warrant creating a crowdsourced electronic safe (or retrofit of the electronics of an existing electronic safe).

⬐ cmdrfred

I'd like to see an opensource deadbolt.

Somewhat related, check this out. In the video they theorize that the power line attack is obfuscated by software techniques. An old OS may have buggy USB drivers I can imagine but they claim the OS does not matter.

https://www.youtube.com/watch?v=mdnHHNeesPE and this https://www.youtube.com/watch?v=HxQUKAjq-7w

⬐ malenm

tldr; This was a ~$500 medium-level security safe and he was unable to crack it via the electronics.

⬐ JshWright

Your tl;dr; doesn't sufficiently capture Dave's level of Australian...

⬐ markbnj

One of my favorite EEVBlogs. Thanks for the submission. Bob's yer uncle!

Side note: Dave noted the use of the old school OTP chip to store the executable code, contrasted it with modern flashable chips, and then linked the use to the original design. However I wonder if retaining the OTP chip isn't a specific security measure? It does what is needed with much less attack surface than a reprogrammable chip, doesn't it?

⬐ kabdib

A safe I used at a prior company had a digital lock with one combination. A little searching for similar models revealed that the lock had additional combinations, not documented in the manual for our safe, with factory default combinations. We changed the extra entries quickly.

I wonder how many more there are. It's software, it's practically uninspectable, it sure wouldn't surprise me.

⬐ flarg

In my experience those digital hotel safes that you set a code for usually have a standard override code (often 5555) - failing that a sharp ta to the top of the keypad gets some open. It's a kind of a shame they don't take this sort of things seriously.

⬐ marincounty

I don't trust them either. When I check into a hotel/motel; I ask for no maid service. I do ask for an extra set of linen though. They always look at me like I'm crazy. Even when I ask though, some establishments clean my room anyways? I can't prove it, but I feel I have had stuff stolen form my room. I just saw a commercial for a new Los Vegas hotel. Their sales pitch was we clean your room 2x daily. I said to myself, "I'm not going there." When I bring a few grand worth of stuff to a hotel, and decide to take a chance with the maid service, I lock my stuff up in a large Pac Safe made for Backpacks.

⬐ allersj

I didn't know you could request no maid service. I usually leave the Do Not Disturb sign displayed on the door during my entire stay.

⬐ kelt

During my stay in China the DnD sign does not seem to apply, they still come in...

⬐ deutronium

I was wondering if you could also attempt glitching attacks?

⬐ Qiasfah

This is unlikely considering you only have access to the external power supply. As Dave notes there is a filtering stage on the PCB to help isolate the chip.

⬐ deutronium

One form of glitching is voltage glitching though

⬐ patcheudor

Security is an interesting thing. I always tend to default to the easiest path. In the case of inexpensive consumer safes the easiest path tends to be smacking the safe in the right spot to cause the locking solenoid to bounce or going after the "backup lock" which is used for access in the event of an electronic lock failure. Here's a video I posted several years ago on YouTube on how to open the wall safe in my house. Radial, aka tubular pin locks are pretty much broken by design. I've never met one I couldn't pick with a business-card.

https://www.youtube.com/watch?v=E13H7NAGnPI