CNET también está disponible en español.

Ir a español

Don't show this again

iPhone 12 and 12 Pro review Stimulus negotiation reckoning NASA Osiris-Rex MagSafe accessories for the iPhone 12 The Haunting of Bly Manor ending AOC starts Twitch channel Walmart Black Friday

3D-printed button-bashing robot guesses phone PINs

A hacker robot takes the brute force approach to guessing smartphone PINs by just punching in numbers until it hits the right combination.

Droid X passcode screen
You might not want to hand this over to the R2B2. Amanda Kooser/CNET

The old standby four-digit PIN passcode for smartphones is a mere speed bump to R2B2, a PIN-guessing robot that shares pretty much no physical resemblance with the famous "Star Wars" droid. But just as R2-D2 was good at opening starship doors and hacking into the Death Star, so is R2B2 good at hacking into Android phones.

The device consists of a robotic fingertip that taps out different passcodes until it manages to hit on the right one. Instead of a hacker having to sit there and try all the potential combinations in a mind-numbing exercise in boredom, the indefatigable robot provides the labor.

The bot's full name is Robotic Reconfigurable Button Basher. It's the creation of security researchers Justin Engler and Paul Vines. Engler will be presenting it at the upcoming Black Hat USA conference. Besides punching in numbers, it can also handle pattern-based lock screens.

R2B2 can figure out an Android PIN in 20 hours, assuming it doesn't just get lucky early on. The device was crafted from an Arduino microcontroller, three servomotors, a Webcam, and plastic parts created on a 3D printer. The whole creation cost about $200 to make.

One antidote to a machine like R2B2 is a smartphone that locks the hacker out after a certain number of attempts. The robot would have to be super lucky to break in under those circumstances. The bot does bring some added attention to the issue of easily hackable passcodes. It might be time to reconsider your smartphone security level.

(Via Forbes)