Brinks has a safe that runs Windows XP and hackers say they can crack it in 60 seconds

Brinks has a safe that runs Windows XP and hackers say they can crack it in 60 seconds

Windows XP is the venerable war horse of operating systems. What it isn’t is the greatest software to base your supposedly super-secure safe system on. But hey, that’s just what Brinks did.

Next month at DefCon in Las Vegas (August 8), a group of security researchers say they’ll demonstrate how to crack one of Brink’s CompuSafe digital safes in under 60 seconds.

And get this: The model in question is the CompuSafe Galileo, which is predominantly used in retail stores for cash management. That means serious amounts of loot would be up for grabs were these hackers more of the black hat variety.

Oscar Salazar and his colleague Dan Petro, both of security firm Bishop Fox, explained to eWeek that they focused on a USB port on the safe’s exterior. They built a software tool that opens the door within a minute once a USB is attached.

The underlying OS running the Galileo is XP, but Salazar says it wouldn’t be any better with Windows 10. For a start, that USB port the hackers exploited isn’t even physically secured.

The best detail of the researchers’ story is that they literally smashed on the keyboard to discover what happened when arbitrary keys were pressed together. That technique allowed them to escape the safe’s ‘kiosk’ mode and execute the attack.

I’ve contacted Brinks for comment and will update this post if it offers one.

DefCon Hackers Tell How They Cracked Brink’s Safe in 60 Seconds [eWeek]

Read next: Protect your site from bots with metal band logos

Read next: Trello gets serious about the enterprise with new paid tier