Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    US Government Seeks Medical Records of Trans Youth

    August 29, 2025

    Leak suggests new Philips Hue lights will have direct Matter support

    August 29, 2025

    Microsoft’s next annual update for Windows 11 is in Release Preview testing

    August 29, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds
    Security

    Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds

    News RoomBy News RoomAugust 9, 20254 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    Zhou added in his statement that Securam will be fixing the vulnerabilities Omo and Rowley found in future models of the ProLogic lock. “Customer security is our priority and we have begun the process of creating next-generation products to thwart these potential attacks,” he writes. “We expect to have new locks on the market by the end of the year.”

    Photograph: Ronda Churchill

    In a followup call, Securam director of sales Jeremy Brookes confirmed that Securam has no plan to fix the vulnerability in locks already in use on customers’ safes, but suggests safe owners who are concerned buy a new lock and replace the one on their safe. “We’re not going to be offering a firmware package that upgrades it,” Brookes says. “We’re going to offer them a new product.”

    Brookes adds that he believes Omo and Rowley are “singling out” Securam with the intention of “discrediting” the company.

    Omo responds that’s not at all their intent. “We’re trying to make the public aware of the vulnerabilities in one of the most popular safe locks on the market,” he says.

    A Senator’s Warning

    Beyond Liberty Safe, Securam ProLogic locks are used by a wide variety of safe manufacturers including Fort Knox, High Noble, FireKing, Tracker, ProSteel, Rhino Metals, Sun Welding, Corporate Safe Specialists, and pharmacy safe companies Cennox and NarcSafe, according to Omo and Rowley’s research. The locks can also be found on safes used by CVS for storing narcotics and by multiple US restaurant chains for storing cash.

    Rowley and Omo aren’t the first to raise concerns about the security of Securam locks. In March of last year, US senator Ron Wyden wrote an open letter to Michael Casey, then director of the National Counterintelligence and Security Center, urging Casey to make clear to American businesses that safe locks made by Securam, which is owned by a Chinese parent company, have a manufacturer reset capability. That capability, Wyden wrote, could be used as a backdoor—a risk that had already led to Securam locks being prohibited for US government use like all other locks with a manufacturer reset, even as they’re widely used by private US companies.

    In response to learning about Rowley and Omo’s research, Wyden wrote in a statement to WIRED that the researchers’ findings represent exactly the risk of a backdoor—whether in safes or in encryption software—that he’s tried to call attention to.

    “Experts have warned for years that backdoors will be exploited by our adversaries, yet instead of acting on my warnings and those of security experts, the government has left the American public vulnerable,” Wyden writes. “This is exactly why Congress must reject calls for new backdoors in encryption technology and fight all efforts by other governments, such as the UK, to force US companies to weaken their encryption to facilitate government surveillance.”

    ResetHeist

    Rowley and Omo’s research began with that same concern, that a largely undisclosed unlocking method in safes might represent a broader security risk. They initially went searching for the mechanism behind the Liberty Safe backdoor that had caused a backlash against the company in 2023, and found a relatively straightforward answer: Liberty Safe keeps a reset code for every safe and, in some cases, makes it available to US law enforcement.

    Liberty Safe has since written on its website that it now requires a subpoena, a court order, or other compulsory legal process to hand over that master code, and will also delete its copy of the code at a safe owner’s request.

    Image may contain Mohamed El Shorbagy Purple Face Head Person Photography Portrait Accessories Glasses and Blouse

    Rowley and Omo planned to reveal the existence of Securam’s vulnerabilities more than a year ago, but held off until now due to the company’s legal threats.Photograph: Ronda Churchill

    Rowley and Omo didn’t find any security flaw that would allow them to abuse that particular law-enforcement-friendly backdoor. When they started examining the Securam ProLogic lock, however, their research on the higher-end version of the two kinds of Securam lock used on Liberty Safe products revealed something more intriguing. The locks have a reset method documented in their manual, intended in theory for use by locksmiths helping safe owners who have forgotten their unlock code.

    Enter a “recovery code” into the lock—set to “999999” by default—and it uses that value, another number stored in the lock called an encryption code, and a third, random variable to compute a code that’s displayed on the screen. An authorized locksmith can then read that code to a Securam representative over the phone, who then uses that value and a secret algorithm to compute a reset code the locksmith can enter into the keypad to set a new unlock combination.

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleYour Outdoor Air Quality Monitor Could Lead to Safer Air for Everyone
    Next Article Sand and Deliver: We Raced Across Dunes to Find the Best Beach Wagon

    Related Posts

    US Government Seeks Medical Records of Trans Youth

    August 29, 2025

    Senate Probe Uncovers Allegations of Widespread Abuse in ICE Custody

    August 27, 2025

    Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database

    August 27, 2025

    A Special Diamond Is the Key to a Fully Open Source Quantum Sensor

    August 25, 2025

    Data Brokers Face New Pressure for Hiding Opt-Out Pages From Google

    August 23, 2025

    493 Cases of Sextortion Against Children Linked to Notorious Scam Compounds

    August 20, 2025
    Our Picks

    Leak suggests new Philips Hue lights will have direct Matter support

    August 29, 2025

    Microsoft’s next annual update for Windows 11 is in Release Preview testing

    August 29, 2025

    TikTok is now letting everyone DM each other with voice memos and pictures

    August 29, 2025

    Hisense’s take on the Samsung Frame TV is $300 off

    August 29, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    Framework actually did it: I upgraded a laptop’s entire GPU in just three minutes

    By News RoomAugust 29, 2025

    Today, I can confirm the system actually works. I traveled to Framework’s San Francisco offices…

    The future of AI hardware isn’t one device — it’s an entire ecosystem

    August 29, 2025

    What’s really happening with the hires at Meta Superintelligence Labs

    August 29, 2025

    Lenovo leaks show concept laptop with rotating display

    August 29, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.