3D-printed 'Robotic Button Basher' cracks phones' PINs using persistence, luck
Created by Justin Engler and Paul Vines, the bot simply guesses all the possible PIN combinations
Wednesday 24 July 2013
It's not the most high-tech threat to your phone but it is 100 per cent effective: the Robotic Reconfigurable Button Basher (R2B2) cracks the PIN number safeguarding your phone by simply trying every possible combination.
Created by security researchers Justin Engler and Paul Vines for Def Con - the hacker conference hosted in Las Vegas - the R2B2 costs around $200 and can crack a PIN code in around 20 hours.
Of course, anyone could crack a PIN code in this way (there's only 10,000 possible combinations - you just have to try them all) but why waste your time when cheap robot labour can do the job for you?
Speaking to Forbes Engler and Vines described how they constructed the bot from a combination of off-the-shelf and 3D printed components. An open-source Arduino controller; a couple of $10 servomotors; a webcam to see when the robot succeeds, and some 3D-printed parts from the pair's local hackerspace were all it took.
Although running every combination takes nearly a full day, researchers have shown that 26% of smartphone users use one of twenty most common PIN codes - either sequential codes (1234 is the most common), repeated digits (1111 and the like) or 'patterned' numbres (the cruciform 2468 or 'straight down the middle' 2580).
R2B2 did hit a problem with iPhones however, as iOS delays the user for each incorrect PIN they enter, leaving would-be thieves (or impatient robots) waiting hours before they can try again.
Still, Engler and Vines say the point of the project is simply to highlight how insecure four-digit PIN codes are. They're currently working on a version of their machine that will latch onto cash machines, as well as developing a version that uses electrodes instead of a 'finger' to work the touch pad. Dubbed Capacitative Cartesian Coordinate Brute-force Overlay (C3BO for short), this next-gen button basher should be revaled come Def Con next month.
Life & Style blogs
Malaysia Airlines flight MH17 crash: 'Nine Britons, 23 Americans and 80 children' feared dead after Boeing passenger jet is 'shot down' near Ukraine-Russia border
Malaysia Airlines MH17 crash: Vladimir Putin is given 'one last chance' to end hostilities in Ukraine
The 'scroungers’ fight back: The welfare claimants battling to alter stereotypes
The truth about conspiracy theories is that some require considering
Malaysia Airlines MH17 crash: Ukrainian military jet was flying close to passenger plane before it was shot down, says Russian officer
Malaysia Airlines MH17 crash: Massive rise in sale of British arms to Russia
- 1 Malaysia Airlines MH17 crash: Pro-Russian rebel 'admits to shooting down plane'
- 2 Louis van Gaal gets tough with Manchester United players, with Darren Fletcher and Luke Shaw berated in public and Phil Jones left looking bemused
- 3 Is Gideon Levy the most hated man in Israel or just the most heroic?
- 4 Peaches Geldof inquest: Tragic final moments of socialite's life reveal she lied to husband about failed heroin tests
- 5 Israel has discovered that it's no longer so easy to get away with murder in the age of social media
iJobs Gadgets & Tech
£35000 - £45000 per annum + competitive: Progressive Recruitment: If you're pa...
£45000 - £55000 per annum + competitive: Progressive Recruitment: SAP Business...
£40000 - £60000 per annum + competitive: Progressive Recruitment: My client, a...
£45000 - £55000 per annum + Benefits: Progressive Recruitment: SAP Functional ...