Windows XP is the venerable war horse of operating systems. What it isn’t is the greatest software to base your supposedly super-secure safe system on. But hey, that’s just what Brinks did.
And get this: The model in question is the CompuSafe Galileo, which is predominantly used in retail stores for cash management. That means serious amounts of loot would be up for grabs were these hackers more of the black hat variety.
Oscar Salazar and his colleague Dan Petro, both of security firm Bishop Fox, explained to eWeek that they focused on a USB port on the safe’s exterior. They built a software tool that opens the door within a minute once a USB is attached.
The underlying OS running the Galileo is XP, but Salazar says it wouldn’t be any better with Windows 10. For a start, that USB port the hackers exploited isn’t even physically secured.
The best detail of the researchers’ story is that they literally smashed on the keyboard to discover what happened when arbitrary keys were pressed together. That technique allowed them to escape the safe’s ‘kiosk’ mode and execute the attack.
I’ve contacted Brinks for comment and will update this post if it offers one.
Published July 28, 2015 — 14:46 UTC