"One of the main vulnerabilities we are focusing on comes by way of a USB port that is on the exterior of the safe," Salazar told eWEEK. "We have created a little tool that we can just plug into the safe, wait 60 seconds for the tool to do its work, and then the safe doors will open and you can take all the cash out."Other than that, it's totally safe. Right? Oh, wait:
It might raise eyebrows that the operating system that powers CompuSafe Galileo is Windows XP, which Microsoft no longer supports.[blink] [blink]
This is why we can't have nice things - they all have software.
Why on earth use a full blown OS like windows for a device that only does 2 things? (open/close, and reset combination)? Seems like a purpose-built program would be tighter, faster and more secure.
ReplyDeleteAnd the USB port should be INSIDE the safe.
Heck, a small MSP430 running OpenRTOS - or something even smaller - could do the job quite nicely. Simpler hardware requirements, too.
ReplyDeleteGood Lord, what kind of idiot designed this?
ReplyDeleteor maybe he was a genius, who was planning on robbing theses safes?
Spike, the idiot who designed this read http://www.jokeindex.com/joke.asp?Joke=159 and didn't realize it was a warning, not a guide.
ReplyDeleteThey used Windows XP because programmers are used to it, and it's fairly easy (cheep) vs using an embedded OS, which requires hiring somebody that knows what they're doing.
ReplyDeleteI agree about the USB port, though.
Put the damn thing inside the safe, and then you could use an Arduino, Raspberry Pi, or even a PIC to handle the job!