security firm exposes security vulnerabilities in popular handgun safe (video)
One of Amazon\'s best-selling gun safes, The Vaultek VT20i pistol safe is advertised as a safe way to store weapons. Owners can open the safe using Bluetooth- Enable the smartphone app by entering a four to eight digit pin. However, as the video from the security company\'s erliu lab shows, there is no need for a PIN to open the app. The researchers showed how they could open the safe by sending Bluetooth data from their laptop to the safe. In a blog post, the company details \"the ability to take advantage of multiple security failures\" in v20i \", explains how to open the safe box by sending Bluetooth data from the laptop to the safe box, which allows them to open the safe without a PIN. All you need is to turn on the Bluetooth connection in the safe box. Vaultek\'s response to the video was that hacking was more difficult than it looked, and then two of the six labs objected to that. \"What you don\'t see is the preparation time required to isolate the correct code, and the time required to study the safe and its transmission, vaultek told Arstechnica in an email: \"and the subsequent decoding time required to generate the final code. \". \"It can take a couple of hours of work and also the ability to look at the properly paired phones. \"Once you \'ve developed this capability or written a script to do it, you can influence any security in this product line in seconds,\" Austin Fletcher of the two Sixes Labs told Another vulnerability is that there is no limit on the number of attempts to guess the PIN. The PIN can only use the number 1- 5, and can only be between four and eight numbers, so it can be opened using brute force attacks. The company notified Vaultek about the issue in October and waited until a solution was found before their findings were made public. On Saturday, Vaultek wrote on Facebook that it was working with two or six laboratories to make the safe safer.