Senator Wyden Exposes Backdoor Codes in Safe Locks
According to a recent article by 404 Media, U.S. Senator Ron Wyden has accused two of the largest manufacturers of commercial safe locks, SECURAM and Sargent and Greenleaf (S&G), of embedding backdoor codes in some of their products, potentially posing a threat to national security.
In his letter, Wyden calls upon the U.S. government to alert the public about the vulnerabilities present in these products and how they could be exploited by foreign agents to steal commercial secrets from American companies.
SECURAM, a Chinese company, and Sargent and Greenleaf, an American firm, were identified in the letter as manufacturers whose locks feature a code reset function. This allows bypassing the locks without the owner’s consent by simply entering a special codeword, which seems to be universal across all models and units.
Should this information fall into the hands of actual malefactors, the rate of breaches and infiltrations into major companies could multiply exponentially. Indeed, following public disclosure, this could very well happen unless companies swiftly address the replacement of their safes and locks.
Particularly alarming is the fact that the U.S. Department of Defense has long been aware of such vulnerabilities in these products and even prohibited their use in government sectors of the country. However, it did not deem it necessary to inform the public.
Wyden’s letter mentions that the companies’ websites directly indicate the possibility of a “special code” that can be used to access the safes. The senator’s primary critique concerns the companies’ lack of transparency with end-users, as customers are not always notified about the existence of such “hidden features.”
Information security expert Deviant Ollam believes that such codes could indeed be used by manufacturers but insists on the necessity of fully informing users about the existence of these secret access mechanisms.
SECURAM and S&G manufacture locks for various types of safes, including those used for storing weapons and bank vaults. Both companies have confirmed the presence of such codes in some of their products, citing their utility in certain situations, but also acknowledged that they might be compelled to disclose the codes through legal government requests or court orders.
Senator Wyden expresses concern about SECURAM’s obligation to follow Chinese laws, which theoretically allows the Chinese government to access safes of American companies. He urges the U.S. National Counterintelligence and Security Center to update its recommendations for American businesses, cautioning against the use of locks with such functionality.
