"Last Christmas, Nathan Seidle's wife gave him a second-hand safe she'd found on Craigslist. It was, at first glance, a strange gift. The couple already owned the same model, a $120 USD SentrySafe combination fire safe they'd bought from Home Depot. But this one, his wife explained, had a particular feature: The original owner had locked it and forgotten the combination. Her challenge to Seidle: Open it.
Seidle isn't much of a safecracker. But as the founder of the Niwot, Colorado-based company SparkFun, a DIY and open-source hardware supplier, he's a pretty experienced builder of homemade gadgets, tools, and robots. So over the next four months, he and his SparkFun colleagues set about building a bot that could crack the safe for them. The result: A fully automated device, built from off-the-shelf and 3-D printed components, that can open his model of SentrySafe in a maximum of 73 minutes, or half that time on average, with no human interaction. In fact, in the demonstration Seidle gave WIRED in the video above, the process took just 15 minutes.
In the process of building his safecracking robot, which he will demonstrate live at the Defcon cybersecurity conference next week, Seidle discovered a series of real vulnerabilities in the relatively cheap, but popular, SentrySafe he tested. But the larger lesson of his work goes beyond his particular safe's security flaws. It points instead to a new reality for vendors of physical security equipment: If automated tools can crack your locks or safes, the increasing affordability of those tools makes you more vulnerable than ever. "You're going to have an army of geeks like myself poking and prodding and trying to do things like this," says Seidle. "The nature of the toolset is getting cheaper, so more nerds are getting brave with their puzzling."…"