Open Sesame: how vulnerable is your stuff in electronic lockers
Dennis Giese, braelynn
DEF CON 32 Main Stage · Day 1 · Main Stage
In "Open Sesame: how vulnerable is your stuff in electronic lockers," security researchers Dennis Giese and braelynn explore the often-overlooked security posture of electronic locker systems, specifically focusing on models from market leaders Digilock and SAG. The talk aims to shed light on critical vulnerabilities within these devices, particularly in **offline managed lock systems**—those found in environments like gyms, universities, and government buildings where master keys or administrative PINs are used to manage multiple lockers without constant network connectivity. This research underscores a significant gap in the security landscape, as these systems often safeguard personal belongings, sensitive equipment, or even critical infrastructure, yet their underlying security mechanisms may be deeply flawed.
AI review
This talk by Giese and braelynn delivers a critical wake-up call regarding the security of ubiquitous electronic locker systems from market leaders like Digilock and SAG. By demonstrating successful hardware reverse engineering and firmware extraction, they expose fundamental flaws in how PINs and master keys are handled in offline managed systems. The research offers high practical impact, revealing that perceived security is often a dangerous illusion, and provides actionable insights for both users and manufacturers to reassess their physical access control security. The vendor's initial…