[Cryptography] Liberty Safe reveals that it has backdoor access to it's physical safes and provides access to law enforcement.

Tue Sep 12 19:04:49 EDT 2023

> On Sep 11, 2023, at 20:57, Christian Huitema <huitema at huitema.net> wrote:
> 
> 
> 
> On 9/11/2023 12:01 AM, Matt Palmer wrote:
>> ...
>> It is already possible to access a safe in a non-destructive way: serve the
>> warrant on the safe's owner.  If they refuse, then they get locked up for
>> contempt and out come the diamond drills and explosive slurry.
>> This entire setup by Liberty Safe is just a form of key escrow, and it has
>> all the same weaknesses of every other key escrow scheme ever proposed.
> 
> So what's the alternative? An open source safe?

Locksmiths rekey or re-combo things all the time. I recently had a locksmith come and rekey a lock because I wanted the same key to open that door and another one. I've seen a plot point of some heist movie that the safe in question had had custom mods made to it.

The real thing we're talking about is what the thread model and failure modes are, and physical objects afford different properties.

One issue is what you want happen if there's a legal-system attack on the safe. They can (and will) destroy the safe to get access, as people have noted. If it's the movie cliché of a safe in a wall behind a painting, you likely need a new wall, too, and that's inconvenient. They may even *prefer* to destroy your safe than simply asking you to open it, because they can. The decision to prefer destruction over access also opens up a threat to an equivalent of swatting -- someone doesn't like you because you won a video game, so they convince the cops to look in your safe for the gun that killed Tupac or something.

Next, there's the case of who might want to get into it. Sure, we're talking about law enforcement, but what if the people who want to get into it are your heirs, who'd like to get your will out of it? This is definitely a "what's your threat model?" question. Remember, attackers and defenders are on an orthogonal axis to good guys and bad guys.

Another is what's in the safe, and what sort of protection do you want. If it's your autographed first edition of Newton's Optics, you may not want it to be in a safe that might get drilled out. Heck, if it's the stolen Mona Lisa, you might not want that, either. Or even just bags of cash -- what if they're highly collectable bank notes? Remember that there is at least Confidentiality, Integrity, and Access in a security model; let's add physical safety and integrity to that list. 

Tying the above together, one of the purposes of a safe is physical protection against fire, storms and so on. Another is just to keep it have some sort of integrity, like combos on briefcases and luggage. TSA luggage locks are a compromise here, as well. They *are* going to open your luggage. (In contrast, there are firearms cases for airlines where they are definitely *not* going to open it, and you have an inspection before securing the case; it's a different threat model.)

I also add as a last thing that there's user error, as well, to protect against. For example, the people processing your will put the will in the safe, forgetting in the moment that the combo to the safe is in the will.

We've seen many of these edge conditions in infosec, particularly when the threat model is that the data is valuable. Plenty of people have lost cryptocurrency with analogues of many of these. I know of a company that specializes in opening up cryptocurrency wallets with semi-invasive means because people lost a password or something.

	Jon