Brink's computerized safe uses Windows XP, was hacked in 1 minute


#1

[Read the post]


#2


#3

Remember, if you run Windows and everything goes south, nobody will yell at you, because it’s Windows. Surely job security is more important than… security.


#4

I suppose that was technically a violation of the DMCA.
If you left a stack of bricks of $20 bills on the counter with a napkin on top, with ‘010110’ written on the napkin, and somebody stole them, would that also constitute a violation of the DMCA?


#5

“Once you’ve plugged in the USB to deliver the exploit, you could have just as easily written malware to the safe to perform remote transactions at a later point in time,” Petro explained.

So unrestricted local (physical) access to system + root exploit to boot into and possibly even installing your own mouse/keyboard, Linux wouldn’t have fared better.

What does the exploit have to do with Windows at all?


#6

Come on, even Microsoft had to admit Windows XP is not a recommended choice for security-minded applications after they ended support for it (no new security patches) last year. The cluelessness shown by this “CompuSafe” should be self-evidently funny.


#7

Microsoft attempted to retire it, but there remain new security patches being paid for by many corporations and governments.

If you have any understanding of security, Windows XP is not so much the issue versus local access to the device with all ports enabled. Any OS will find its protections sidestepped via these attack vectors.


#8

It doesn’t have much to do with Windows - they say right in the (short) article that Windows 10 wouldn’t have fared any better.

Yes, there was unrestricted physical access - to the outside of the safe, not to any sort of service panel on the inside. They didn’t have access to the motherboard, the RAM, the flash drive with the OS on it, anything like that. That’s exactly the sort of scenario that safes are designed to withstand, except this one didn’t.


#9

Rule 1 of hacking, If you can physically access it, you can own it. Who the heck thought a public facing USB port was a good idea?


#10

Doesn’t match the article, which goes over the attack vector I mentioned-

One of the main vulnerabilities we are focusing on comes by way of a USB port that is on the exterior of the safe," Salazar told eWEEK. "We have created a little tool that we can just plug into the safe, wait 60 seconds for the tool to do its work, and then the safe doors will open and you can take all the cash out.


#11

I get you, there seems to be a perfect storm of “computer security” expertise fail.

But you might agree that the ‘WinXP being a virus and exploit magnet’ cliché, right or wrong, will be familiar to anyone who’s had to fix the damn thing for a relative. Even if they wouldn’t know an attack vector from a Vector W8.

My point is that the windows angle makes for a catchier story lead than a dry “supposedly safe thing actually unsafe for a number of reasons” if your intended public is not security experts.


#12

I mean, I agree that the lede is “catchy”, just not factual.


#13

How does my description not match what you quoted?

They had access to the outside of the safe, and only to the outside. There was a USB port on the outside of the safe, yes - so they had access to the USB port. On the outside of the safe.


#14

So… lock security is typically rated for how long the device will slow an intruder- really good padlocks are worth like 10 minutes (tops!). Safes are the same. The very best are able to take 60 minutes of abuse (and ho-boy the list of abuse in the rating is epic! hint: nitroglycerin!).

This safe is clearly not one of the best.


#15

The USB port is a direct connection to the innards of the device, so full local access to exploit.


#16

are you saying that the headlines here are, on occasion, imprecise to hyperbolic?


#17

I can argue with an element of the story without getting “the vapors”, insulting the editors, or being “disappointed in BoingBoing” :smiley:

I suppose it’s just a distracting element. An old-ass build of Windows Embedded could probably be secure in any ATM, seeing as they’re still releasing security updates for legacy builds.


#18

It really isn’t though.

It’s fairly typical to consider “ability to plug in a keyboard, type on it, and view the screen” on a separate level from “full unrestricted physical access” - where the latter includes the ability to induce reboots, replace the boot media, pull internal storage out and connect it to an external reader, connect a signal analyzer to the RAM bus, etc.

It’s a safe. Safes are rated assuming the attacker has full access to all exterior surfaces of the safe - but not to the inside of the case, where things like a combination reset lever might be present.


#19

This topic was automatically closed after 5 days. New replies are no longer allowed.