A lot of people suggesting just to forget about it. Jeez, I couldn't sleep properly until I found out what's inside. I would personally be more disappointed in myself for ignoring it than opening it and finding nothing. At least I would have a safe.
On the other hand, I would try cracking it myself, for fun. If not, call someone.
Haha, recently bought a new home which also had a safe embedded in the concrete under the flooring.Place was apparently owned by a dude who had been in jail, a few owners back, to add to the 'story'.
Key was present but not the code, which would be useless as the know was rusted in place and wouldn't move.
In the end we drilled a hole through the top plate (did not take very long but made a lot of noise) and stuck a little camera through to find it was empty (as far as we could see).
Cemented over it, new floor over that, left as a surprise to future owners.
It would've been fun to put some piece of treasure for the next adventurer. Maybe a time capsule or even a single silver coin (only about $20) would really delight someone. This has me thinking I should do something like this in my house.
I don't know if the mechanism is loose enough to accept multiple combinations as valid inputs but it can drastically reduce the search space. For instance, if the safe also accepts the numbers before and after the correct one the search space is divided by 3^[number of 'digits'].
I think you mean de Bruijn sequence [0], can be hard to reach via search if you don't know the name.
> a de Bruijn sequence of order n on a size-k alphabet A is a cyclic sequence in which every possible length-n string on A occurs exactly once as a substring (i.e., as a contiguous subsequence). Such a sequence is denoted by B(k, n) and has length k^n, which is also the number of distinct substrings of length n on A; de Bruijn sequences are therefore optimally short.
That is, it reduces the total number of input symbols required to traverse all permutations from (k^n)*n to (k^n)+n-1. i.e each sequence attempt takes only one extra input symbol regardless of the code length (n) or alphabet (k).
Once I learned this (actually originally ended up figuring out for k=2 since google failed to reveal this page), I started to notice the critical difference between short 4 digit permutation keypads on doors: those that accept a continuous stream of input characters without a reset are vulnerable to this shortened brute force sequence; whereas those that require you delimit sequences with a separate key are not.
Specifically: a non-delimited 4 digit decimal keypad takes at most 10003 input chars to crack, whereas a delimited one with a reset button takes 50000 (~5 times more, n+1 for the reset button). I'm not sure if continuous form are merely cheaper or the delimited form are simply newer and lock makers a little wiser?
[edit]
I suppose in the worst case for the non-delimited 4 digit keypads, if you also figure out the subset of alphabet used (i.e UV light button trick), then it reduces to (n^n)+n-1 = 259 input symbols !! except it adds the requirement of generating the sequence dynamically... but that's hardly difficult for n=k=4... and if any buttons are used more than once it reduces k further! e.g if a button is used twice then (4^3)+4-1 = 67!
> I'm not sure if continuous form are merely cheaper or the delimited form are simply newer and lock makers a little wiser?
Found this article [0] on exactly the same thing. Except he goes further to ask the difficulty added by simply increasing the alphabet by one (without adding delimiter key, and remaining vulnerable to de brujin sequences) vs adding a delimiter key. Answer: It depends on whether n > k.
The reduced alphabet attack works equally on both forms as far as I can see.
It pretty much has to be this way, otherwise an exhaustive code search would not have a 70% chance of success. The robot is relying on that sloppiness and not doing every number.
If the parent is referring to de Bruijn sequences then it should in theory be 100% reliable since the device will be traversing every permutation.
I suspect the 70% success is more to do with mechanical reliability, since the device must be compatible with multiple different mechanical combination locks that have different physical characteristics and may be far from in perfect operating condition - and also be able to operate at a reasonably high speed to be able to traverse all combinations in reasonable time even when using a de Bruijn sequence.
Once I lived in an apartment with a safe that had been locked open. It was a giant, heavy thing too large to move. The owners simply renovated the apartment around it.
Eventually I got bored and started playing with it. Since it was locked open, it was possible to start taking apart the door from the inside. Once the tumblers were exposed, I figured out the combination.
It was tremendous fun!
If anyone here is in a similar situation, I recommend cracking the safe. Building the robot seems like a nice bit of mechanical engineering:
More than tangential! For those on the fence, the article is fun. It has some technical details about the actual mechanics of getting inside safes but gets a little into the psychology of it as well. For example, families cracking the safe of a deceased loved one may be both excited, sad, and afraid of what they’ll find (secrets are like that).
I bought an apartment and even though there was no safe, I was tempted to remove the flooring everywhere just to see what was beneath it... I wouldn't last a second without opening that safe. I'd probably try and make the robot myself though :-)
We own a 100 year old place that we’ve been renovating for the last 2 months (when we took ownership). I found a (small) stash of money under the carpet (about £200 in pristine 1990s notes).
That’s probably the best thing I found. Less savoury was the discovery that the house was, in fact, owned by rats. They were everywhere. There was a lovely little nest made from a bag of straw and lined with a newspaper from 1938. They’d eaten into the expansion tanks in the loft so they had a fresh supply of water.
Based on the couple of houses I have purchased in my life, rodents own a lot of things. Until you bring the cats into your life. Then the rodents don't own as much. You still don't own anything either, because the cats become the new owners, but they are at least preferable to the rodents. ;)
You could theoretically look through all the walls with an old dental X-Ray unit. I remember reading an article on here about someone who reverse-engineered an X-Ray-sensitive camera module and used an old dental emitter as the source.
All the radiation shielding would obviously be get important. :D
It's set into the ground and surrounded by concrete poured around it. Seems like that might not do so good. If I wanted to cheaply find out what was in it I would drill a small hole and use a $20 endoscope. With a Home Depot drill rental you could be out $50 max vs 600-1000 for a locksmith.
A Home Depot drill is not going through the walls of any good safe.
Not to mention, just randomly drilling holes in a safe is a pretty bad idea, as it might contain a glass relocker, or any other relocker you might accidentally trigger.
Angle grinder and a shit load of disks will usually be sufficient. Takes a while, but unless they have James Bond style poison gas / acid / explosives etc embedded in the safe enclosure you will eventually make it through.
Safes are rated in amount of time it takes to destructively open, usually with power tools. Anywhere from like 20 minutes to a few hours can be expected IIRC
This is an abandoned safe in a residential installation. It doesn't have any of that shit. In the extremely small chance that the safe contains anything at all and it has a relocker mechanism, well it doesn't really matter because you had to cut through the safe to get inside in the first place.
You vastly overestimate the security of safes. It might take a while and you might kill a few drill bits in the process, but you could definitely drill through most safes, especially in home installations.
As far as relockers go, you've already resorted to destructive methods. If you find that it's worth opening after drilling, then you'll find a way in.
I looked into safe cracking a while back and it seems most of them are sustainable to various attacks. Instead of spending a dime on what's most likely empty safe i would make it a funny family hobby to try to break it. If they have no use of the safe afterwards i would apply more brute force, seeing they are not limited by time. Drilling a hole and inserting an endoscope would be a fast solution, but would ruin the challenge of breaking it :)
OR make a jig to try combinations, leave it running for the next two years until it opens? Imagine the fun, solenoids and stepper motors and embedded firmware and interface apps!
When you place something in a safe it's usually important, so there is no chance you would leave it behind when you move out. Should not take too long to try all the combinations though.
Assuming no-one else knows about the safe. Wouldn't you at least mention it in a will or other document? Or if someone knew you had some stash, wouldn't they look for it?
I remember a program on TV, where they opened a few hundred old bank boxes hoping to find a treasure map. They of course did not find anything. Wouldn't you check many times if any box had anything of value before decommissioning them?
There is something very exiting and addicting with mystery boxes though...
That rate seems much too high, for either a mechanical lock mechanism or an electronic keypad (which I guess would have some kind of lockout for brute forcing anyway).
I suspect that number is too high. 90 numbers per dial doesn't necessarily mean 90 valid positions. It could easily be 20 or 30 valid positions which comes out to a lot less. Plus, not all combinations of individually valid positions are themselves necessarily valid.
For example a standard Master dial lock has 40 hash marks but, IIRC, older ones had only about 12 valid positions. There was a trick you could use to find the third position, which would have left 144 combinations try except there were a few invalid combinations reducing to around 120. This is for a lock that a naive estimate would but at 40^3 or 64,000 combinations.
Master Locks have always had little hacks to them - for many years you could find the first position by feeling the tension difference, then the second and third positions were at predefined offsets which would change every few years as the offsets became widely known (pre-internet). My favorites were the keypad locks that allowed the numbers to be entered in any order - after a few weeks of use the paint would wear off the numbers being used so you didn’t need to guess at all - just be patient. Fast forward to today and you have two dozen guys on YouTube tearing down the locks, and you realize that most are only good enough to keep honest people honest.
They may not know how much the slop is, or the exact procedure to open it if you do know the combination (turn left X times, then turn right Y times...). Though you'd expect a locksmith with access to a safe-cracking robot would also have access to documentation showing that.
Or as others said, the lock mechanism could be faulty or seized.
The lock might be broken? Gummed up lubricants come to mind.
No idea if that's a common problem with safes, but it's pretty clear that a safe would not have any outside maintenance access to fix a problem like that (other than drilling it open, which seems to be routine enough given the "yeah, we can make it usable again" offer)
Depending on the quality of the lock there is some play in the mechanism (that is also why lockpicking works). This reduces the number of combinations. If you can lookup (model type documentation) or learn (by feel) how the internal mechanism works you can reduce the amount of combinations to guess even more as you can approach the combination one 'layer' at a time.
I once witnessed someone open a safe in a few hours. It is truly amazing to see these kind of proffesionals at work. How they approach this puzzle and the knowledge they can acquire by just feeling. Especially considering it took me a few tries to open the safe when I knew the combination.
But its not likely to tell the difference between 50-0-50 and 49-0-49. I suspect the "70% chance" for the robot to succeed is because it's going to try every 4th number or 5th number to hugely reduce the search space.
Trying every 5th number is just 8000 combinations!
My thoughts exactly - with plenty of precedents, these “left behind” safes never contain anything interesting. I think the best finding I’ve seen was a couple of handwritten receipts from the early ‘80s.
If it's just about having a usable safe, it's an easy decision. They just need to decide whether the cost for the locksmith is worth it for them to have a usable safe...
If it's about what might be in there... shouldn't it be fairly easy to drill a small hole (given the right type of drill) and use a miniature/endoscopic camera to take a look?
So? You still have the hole and can peek inside to see if is empty or not. And if it's not then get it out and sledgehammer it in your garden, just for fun, then sell it to your local junk yard.
On the other hand, that you want to use it, then design your own robot and try all combinations. There is no time constraint since you're the owner, no need to "finish in 3 days"
The catch is, if it has anything the person will not follow up, else someone might claim it or the police might take away their new drug stash and weapons.
Is the cover plate concealing a backup key lock? Call in the lock picking lawyer. Seems like many safes/locks don't stand up much to experienced attacks.
I am glad I wasn't the only person thinking about LPL for this. I wonder how much he would charge for a internet consult and recommendations on tools. Might end up being way less than the try-every-combination-or-we-drill-it locksmiths that are an hour awway
Since this is now somewhat famous, LPL will get a lot of views for opening this. As long as he can make a video about it, he should be able to do it free and turn a tidy profit.
I think the expectation is that the locksmith would have to travel twice, once to setup the safe cracker, and once to pick it up. ( $150 x 2 ) + $300 = $600
That said: If the safe is old and the locksmith is pretty good, there's a legit possibility that the locksmith could just crack the safe. I had an old safe worked on and the locksmith told me he could open it without the combo just from the feel of the tumblers.
I’m wondering if there’s any statistical analysis of the value of the items inside any given safe? It would seem as this phenomena happens more and more it would be valuable to have an aggregated list of the number of safes we’ve tried to open and the eventual value of the contents so we can better asses how much work to put into opening this new one.
It doesn't seem in any way a "safe" safe, it is just a very ordinary low-cost "home" safe, it shouldn't be that dificult to open it, it looks similar to the one that Sparkfun's Nathan Seidle founder opened up with an (el-cheapo, around 200 US$ in parts) self- made robot:
Ignoring the fact that a transmissive X-ray image requires something to be on the other side of the object to catch the rays that pass through, have you ever tried passing X-rays through metal?
On the other hand, I would try cracking it myself, for fun. If not, call someone.