PIN-Cracking Robot To Be Showed Off At Defcon 114
Sparrowvsrevolution writes "At the Def Con hacker conference in Las Vegas early next month, security researchers Justin Engler and Paul Vines plan to show off the R2B2, or Robotic Reconfigurable Button Basher, a piece of hardware they built for around $200 that can automatically punch PIN numbers at a rate of about one four-digit guess per second, fast enough to crack a typical Android phone's lock screen in 20 hours or less. Engler and Vines built their bot, shown briefly in a preview video, from three $10 servomotors, a plastic stylus, an open-source Arduino microcontroller, a collection of plastic parts 3D-printed on their local hackerspace's Makerbot 3D printer, and a five dollar webcam that watches the phone's screen to detect if it's successfully guessed the password. The device can be controlled via USB, connecting to a Mac or Windows PC that runs a simple code-cracking program. The researchers plan to release both the free software and the blueprints for their 3D-printable parts at the time of their Def Con talk."
Re:lock out? (Score:5, Informative)
"But every Android phone that Engler and Vines tested was set by default to use a much less stringent safeguard, delaying the user just 30 seconds after every five guesses. At that rate, the robot can still guess five PINs every 35 seconds, or all 10,000 possibilities in 19 hours and 24 minutes."
Not by default.