{"id":7002,"date":"2025-09-18T05:03:27","date_gmt":"2025-09-18T05:03:27","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/09\/18\/hacking-electronic-safes-html\/"},"modified":"2025-09-18T05:03:27","modified_gmt":"2025-09-18T05:03:27","slug":"hacking-electronic-safes-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/09\/18\/hacking-electronic-safes-html\/","title":{"rendered":"Hacking Electronic Safes"},"content":{"rendered":"\n<div>Hacking Electronic Safes<\/div>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>Vulnerabilities in <a href=\"https:\/\/www.wired.com\/story\/securam-prologic-safe-lock-backdoor-exploits\/\">electronic safes<\/a> that use Securam Prologic locks:<\/p>\n<blockquote>\n<p>While both their techniques represent glaring security vulnerabilities, Omo says it\u2019s the one that exploits a feature intended as a legitimate unlock method for locksmiths that\u2019s the more widespread and dangerous. \u201cThis attack is something where, if you had a safe with this kind of lock, I could literally pull up the code right now with no specialized hardware, nothing,\u201d Omo says. \u201cAll of a sudden, based on our testing, it seems like people can get into almost any Securam Prologic lock in the world.\u201d<\/p>\n<p>[\u2026]<\/p>\n<p>Omo and Rowley say they informed Securam about both their safe-opening techniques in spring of last year, but have until now kept their existence secret because of legal threats from the company. \u201cWe will refer this matter to our counsel for trade libel if you choose the route of public announcement or disclosure,\u201d a Securam representative wrote to the two researchers ahead of last year\u2019s Defcon, where they first planned to present their research.<\/p>\n<p>Only after obtaining pro bono legal representation from the Electronic Frontier Foundation\u2019s Coders\u2019 Rights Project did the pair decide to follow through with their plan to speak about Securam\u2019s vulnerabilities at Defcon. Omo and Rowley say they\u2019re even now being careful not to disclose enough technical detail to help others replicate their techniques, while still trying to offer a warning to safe owners about two different vulnerabilities that exist in many of their devices.<\/p>\n<\/blockquote>\n<p>The company says that it plans on updating its locks by the end of the year, but have no plans to patch any locks already sold.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Bruce Schneier<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.schneier.com\/blog\/archives\/2025\/09\/hacking-electronic-safes.html\">Go to bruce schneier<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hacking Electronic Safes Vulnerabilities in electronic safes that use Securam Prologic locks: While both their techniques represent glaring security vulnerabilities, Omo says it\u2019s the one that exploits a feature intended as a legitimate unlock method for locksmiths that\u2019s the more widespread and dangerous. \u201cThis attack is something where, if you had a safe with this [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[646,57,1363,449,476,1848,1,416],"tags":[87],"class_list":["post-7002","post","type-post","status-publish","format-standard","hentry","category-backdoors","category-bruce-schneier","category-disclosure","category-locks","category-patching","category-safes","category-uncategorized","category-vulnerabilities","tag-bruce-schneier"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/7002"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=7002"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/7002\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=7002"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=7002"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=7002"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}