“That was one of the scariest things we’ve done,” SparkFun founder Nathan Siedle told the BBC. “Lots of things can go wrong, and this was a very big audience. We’re really happy it opened up.”
It took Siedle and his colleagues about four months and $200 to build the automated, safe-cracking robot, using off-the-shelf and 3D printed components, that opened his safe in a little over an hour. The robot has, among other parts, a $20 Arduino board, a $40 motor, an aluminum frame, sensors for determining if the safe’s handle has been turned, and 3D printed components, including a coupler that attaches to the dial of the safe.
As Andy Greenberg explains in a WIRED magazine article, “In the most basic sense, the resulting safecracker works by ‘bruteforcing’ the SentrySafe—trying every possible combination. Like your high school locker’s combination lock, the safe has three internal rotors that each have to be set to a certain position–by dialing a series of three numbers–to open it. Since each of those rotors has 100 positions, corresponding to as many numbers on the safe’s dial, trying all one million combinations (100 x 100 x 100) at the speed of about ten seconds per guess would take nearly four months.”
“Because the safe has a rod that slips into slots in the three rotors when they’re aligned to the combination’s numbers, a human safecracker can apply light pressure to the safe’s handle, turn its dial, and listen or feel for the moment when that rod slips into those slots,” Greenberg wrote. “To block that technique, the third rotor of Seidle’s SentrySafe is indented with twelve notches that catch the rod if someone turns the dial while pulling the handle.”
Let’s say that one of the dials is set to open at 14. Thanks to this quirk, 13 and 15 will also work to open the safe. The robot was able to check every third number in this way, which majorly reduced the possible number of combinations.
The statement read, “In this case, there was a tremendous effort, uninterrupted time in a controlled environment, the right tools and significant technical knowledge needed to eventually manipulate the safe. In this environment, the product accomplished what it was designed to do and would be realistically very difficult, if not impossible, for the average person to replicate in the field.”
While the robot can’t crack a digital lock, the SparkFun team designed it with 3D printed parts that are able to be replaced in order to fit different combination safes.
“We designed it for a particular type of safe, but it doesn’t really matter – you can actually 3D-print a coupler that can match any safe that you may have,” Siedle said.
In addition, anyone can make their own safe-cracking robot, since it was built with inexpensive, open source parts. But Siedle isn’t trying to help burglars – besides having a little DIY fun, he says that his team’s work serves to warn people about the potentially lax security of safes, and to be used “as a way to demonstrate the changing nature of physical security in an era of cheap robotics.”
Siedle said, “Could someone replicate it? Yeah, that’s the point. But there are so many cheaper and better ways to open up a safe than building one of these.”
“You’re going to have an army of geeks like myself poking and prodding and trying to do things like this. The nature of the toolset is getting cheaper, so more nerds are getting brave with their puzzling,” said Siedle.
To watch the SparkFun team successfully open the SentrySafe live at DEF CON, check out the BBC video. Discuss in the 3D Printed Robot forum at 3DPB.com.
[Sources/Images: BBC / WIRED]