Matthew Rosenquist
Member
An open source robot, developed by the team at Sparkfun, can crack a safe in 15 minutes. With motors, gears, and custom logic, this device is designed to find the right combination to unlock a reinforced door. It is a Do-it-Yourself automatic safe cracker! Should we worry about the risks of thieves gaining access to our prized possessions with DIY tools or embrace the opportunity that this may bring better lock designs?
[video=youtube_share;_fTz2D6x20U]https://youtu.be/_fTz2D6x20U[/video]
Risk or Opportunity?
Like so many situations of security, there exist both risks as well as opportunities. The open-source bot can crack safes that have close to a million different possible combinations, very quickly. That means that anyone could duplicate the design and create their own. They might even improve upon the design and adapt it to various types of safes. This puts locked-up valuables at risk from thieves who would use such a tool to open victim’s safes.
On the other hand, such open source research and testing against consumer safes brings to light vulnerabilities that can be eliminated by manufacturers. The very creativity, ingenuity, and open-source technology that created the robot can also provide insights into the unseen weaknesses of safes. This open-source community represents a desperately needed pool of resources that can complete a feedback loop to designers.
Although this is a risk to assets locked away in safes, it is a much greater opportunity for the industry to learn about the vulnerabilities so they can make their products more resistant to attacks. Those manufacturers who see this as an opportunity will actively engage with the community and outpace competition who languish with weak designs.
[video=youtube_share;5HtdLiOqetc]https://youtu.be/5HtdLiOqetc[/video]
I say it is better to discover the weaknesses so better design will emerge and supplant weaker versions. It is the natural state of continuous improvement. I am all for strong security. The best way to get there is to test the defenses and improve as weaknesses are discovered. The question is, will safe companies embrace or shun the input?
Interested in more? Follow me on LinkedIn, Twitter (@Matt_Rosenquist), Information Security Strategy, and Steemit to hear insights and what is going on in cybersecurity.
Image Source: https://learn.sparkfun.com/tutorials/building-a-safe-cracking-robot
[video=youtube_share;_fTz2D6x20U]https://youtu.be/_fTz2D6x20U[/video]
Risk or Opportunity?
Like so many situations of security, there exist both risks as well as opportunities. The open-source bot can crack safes that have close to a million different possible combinations, very quickly. That means that anyone could duplicate the design and create their own. They might even improve upon the design and adapt it to various types of safes. This puts locked-up valuables at risk from thieves who would use such a tool to open victim’s safes.
On the other hand, such open source research and testing against consumer safes brings to light vulnerabilities that can be eliminated by manufacturers. The very creativity, ingenuity, and open-source technology that created the robot can also provide insights into the unseen weaknesses of safes. This open-source community represents a desperately needed pool of resources that can complete a feedback loop to designers.
Although this is a risk to assets locked away in safes, it is a much greater opportunity for the industry to learn about the vulnerabilities so they can make their products more resistant to attacks. Those manufacturers who see this as an opportunity will actively engage with the community and outpace competition who languish with weak designs.
[video=youtube_share;5HtdLiOqetc]https://youtu.be/5HtdLiOqetc[/video]
I say it is better to discover the weaknesses so better design will emerge and supplant weaker versions. It is the natural state of continuous improvement. I am all for strong security. The best way to get there is to test the defenses and improve as weaknesses are discovered. The question is, will safe companies embrace or shun the input?
Interested in more? Follow me on LinkedIn, Twitter (@Matt_Rosenquist), Information Security Strategy, and Steemit to hear insights and what is going on in cybersecurity.
Image Source: https://learn.sparkfun.com/tutorials/building-a-safe-cracking-robot