Consumer Rights Wiki - User contributions [en]

Consumer Rights Wiki talk:Bugs

2025-09-22T18:30:53Z

Chuck: /* Main Page 404 */ new section

<div style="margin: {{#ifeq:{{{navbox|<noinclude>yes</noinclude>}}}|yes|2px}} 0 0.5em; padding: 0.5em; {{{style|border: 1px solid #A0A5AD;}}} {{{backgroundstyle|background-color: var(--background-color-progressive-subtle, #eaf3ff); color: inherit;}}}">
<div style="padding: 0.25em 0; text-align: center; font-size: 120%; border-radius: 3px; font-weight: bold; {{{titlestyle|background-color: var(--background-color-content-added, #aad1ff); color: inherit;}}}">Welcome — Issues of Interest to Developers</div>
When reporting a bug, please include as much detail as possible to help developers reproduce and fix the issue.
'''Please do not report security issues here'''. Email them to '''security@fulu.org''' instead.

*'''Check for duplicates:''' look through existing reports before posting to avoid repeats.
*'''System details:''' include your operating system, browser, and platform (e.g. Windows, macOS, Linux, x86, ARM, Chrome, Edge, Safari, Firefox).
*'''Inputs and outputs:''' describe what you did, what you expected to happen, and what actually happened.
*'''Reproduction steps:''' provide clear, step-by-step instructions so developers can replicate the bug.
*For general discussions not related to bugs, please use the [[Consumer Rights Wiki talk:Moderators' noticeboard|Moderators' noticeboard]] instead.

<div style="padding: 0.25em 0; text-align: center; font-size: 150%; border-radius: 3px; font-weight: bold">[[Special:NewSection/Consumer Rights Wiki talk:Bugs|Report a new bug]]</div>

*You will receive a response from [[User:UntoK]] or [[User:JakeL]], who are contracted to provide professional support for this wiki in a production environment.
</div>
<br />
{{Archives}} 

==Wiki search engine indexing==

There are a couple of posts asking about search engine indexing of this wiki: [[Consumer Rights Wiki talk:Moderators' noticeboard#Should CRW be indexed by search engines?]] and [[Talk:Main Page#Suggestion: Implementing a /robots.txt page]]. '''''[[User:JackFromWisconsin|📎 JackFromWisconsin]]''''' ([[User_talk:JackFromWisconsin|talk]] | [[Special:Contributions/JackFromWisconsin|contribs]]) 02:20, 24 August 2025 (UTC)

:We are currently looking into this and I will update the thread as and when we have a solution or any further news. [[User:JakeL|JakeL]] ([[User talk:JakeL|talk]]) 00:38, 8 September 2025 (UTC)

==Moderator's noticebord and report bug pages innaccessible(ish) in old look==

I know it must not be a very high priority, but i just wanted to let you guys know that if you change appearance of the wiki through the settings, the side bar no longer contains stuff like the moderator's noticeboard and the report bug page [[User:Plankton|Plankton]] ([[User talk:Plankton|talk]]) 02:34, 2 September 2025 (UTC)

:@[[User:Plankton|Plankton]] What skin are you talking about? On [https://consumerrights.wiki/index.php?title=Main_Page&useskin=vector 2010 vector] (the "old look") the sidebar appears just fine. The only skin without a sidebar is MinervaNeue, which is the MediaWiki suggested mobile skin (which I understand has been disabled on this wiki for the time being while the technical team works out bugs). Would appreciate more information on what is happening (are other sidebar items showing?, etc.). '''''[[User:JackFromWisconsin|📎 JackFromWisconsin]]''''' ([[User_talk:JackFromWisconsin|talk]] | [[Special:Contributions/JackFromWisconsin|contribs]]) 03:27, 2 September 2025 (UTC)
:Hi, I would also appreciate clarification on this if possible please, particularly which theme you are referencing. I have tried all the installed themes and have not been able to reproduce the issue outside of the MinervaNeue theme, which, as noted by Jack, is a mobile-specific theme and shouldn’t be used on desktop. [[User:JakeL|JakeL]] ([[User talk:JakeL|talk]]) 00:37, 8 September 2025 (UTC)
::Hey there @[[User:JackFromWisconsin|JackFromWisconsin]] @[[User:JakeL|JakeL]] I apologize for the late response I havent been able to be active on this wiki as of late. The skin is MinervaNeue. When I switch to it, some tabs such as the "Report a bug" and "Moderators' noticeboard" are not present in the sidebar (which is toggleable on that theme).
::I will add that i am on a 3:2 monitor, firefox, Linux mint, no idea if that affects anything, but the more info you have the better [[User:Plankton|Plankton]] ([[User talk:Plankton|talk]]) 20:32, 17 September 2025 (UTC)
:::Hi, thanks for your reply. Please don’t use MinervaNeue, it’s a mobile-only theme and isn’t intended for desktop use. It’s also not currently in use on mobile, as it doesn’t work correctly there either. That’s why you’re seeing missing tabs and sidebar items. [[User:JakeL|JakeL]] ([[User talk:JakeL|talk]]) 20:57, 17 September 2025 (UTC)

== Main Page 404 ==

I am getting a 404 on the site. Turns out I was able to get to the main page if I manually remove the "/Main_Page" from the URL bar, but that seems wrong. [[User:Chuck|Chuck]] ([[User talk:Chuck|talk]]) 18:30, 22 September 2025 (UTC)

User:Chuck

2025-09-16T00:53:39Z

Chuck: Into to myself

I am a programmer by trade, but I am new to contributing to wikis. Please reach out with any concerns - I am eager to improve!

SecuRam installs backdoor on ProLogic series safe locks

2025-09-16T00:51:13Z

Chuck: /* SecuRam's Response */ Reword for clarity. The word "free" here could be confused to mean "no-charge."

{{IncidentCargo
|Company=SecuRam, Liberty Safe
|StartDate=2025-08-08
|Status=Pending Resolution
|ProductLine=ProLogic
|ArticleType=Product
|Type=Unprompted Risk to Users
|Description=Researchers demonstrate that SecuRam ProLogic safe locks can be opened by unauthorized users with OEM installed backdoor.
}}
Researchers find way to open safes with SecuRam ProLogic safe locks without the passkey using backdoor codes installed by the manufacturer. <ref name=":2" /><ref name=":3" /> SecuRam offers no path for vulnerable customers to protect themselves. They have declined to offer a firmware patch, and have not yet released new ProLogic locks that are not vulnerable to this attack.<ref name=":0" /><ref name=":1" />

==Background==
In 2023 news broke that Liberty Safe kept a master key for all safes that it sold.<ref>{{Cite news |last=Levenson |first=Michael |date=2023-09-08 |title=How a Company That Makes Gun Safes Angered Gun Owners |url=https://www.nytimes.com/2023/09/08/business/liberty-safe-codes.html |work=The New York Times}}</ref> Security researcher Mark Omo and James Rowley attempted to discover vulnerabilities involving this master key. They were unsuccessful, but did discover two techniques for opening safes sold by Liberty Safe that were equipped with SecuRam ProLogic series locks.<ref name=":0">{{Cite news |last=Greenberg |first=Andy |date=2025-08-08 |title=Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds |url=https://www.wired.com/story/securam-prologic-safe-lock-backdoor-exploits/ |work=WIRED}}</ref>

==The Incident: Discovery that the Backdoor is Vulnerable==
On August 8th, 2025 while on-stage at DEF CON<ref name=":3">[https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Mark%20Omo%20James%20Rowlery%20-%20Cash%2C%20Drugs%2C%20and%20Guns%20Why%20Your%20Safes%20Aren%27t%20Safe.pdf DEF CON Presentation] Slides by Mark Omo and James Rowley</ref><ref name=":2">[https://infocondb.org/con/def-con/def-con-33/cash-drugs-and-guns-why-your-safes-arent-safe Cash, Drugs, and Guns: Why Your Safes Aren't Safe] - DEF CON talk abstract by Mark Omo and James Rowley</ref> in Las Vegas, researchers Mark Omo and James Rowley demonstrated that SecuRam ProLogic safe locks can be opened by unauthorized users without the passkey using backdoors installed by the manufacturer. In the interest of public safety, they opted not to publicly reveal the techniques they discovered. They did however provide a live demonstration to journalist Andy Greenberg from WIRED.<ref name=":0" /><ref name=":1">{{Cite web |date=2025-09-11 |title=We Digitally Cracked A High-Security Safe {{!}} Hacklab {{!}} WIRED |url=https://www.youtube.com/watch?v=upVzWfokDQc |website=Youtube}}</ref>

==SecuRam's Response==
SecuRam's CEO Chunlei Zhou responded to the discoveries by saying that the vulnerabilities were already known by industry professionals. Zhou also added that SecuRam will not provide updated firmware for vulnerable locks, but will be releasing new ProLogic safe locks that are not vulnerable to the aforementioned backdoors by end of year 2025.<ref name=":0" /><ref name=":1" />

==Consumer response==

On August 8th, 2025 in response to SecuRam CEO Chunlei Zhou's statements, researchers Mark Omo and James Rowley rebutted by saying that the vulnerabilities were not previously known to the public. Liberty Safe has also responded to Zhou's statements, claiming that the vulnerabilities were previously unknown to them.<ref name=":0" /><ref name=":1" />

==References==
{{reflist}}

SecuRam installs backdoor on ProLogic series safe locks

2025-09-16T00:47:24Z

Chuck: Page summary

{{IncidentCargo
|Company=SecuRam, Liberty Safe
|StartDate=2025-08-08
|Status=Pending Resolution
|ProductLine=ProLogic
|ArticleType=Product
|Type=Unprompted Risk to Users
|Description=Researchers demonstrate that SecuRam ProLogic safe locks can be opened by unauthorized users with OEM installed backdoor.
}}
Researchers find way to open safes with SecuRam ProLogic safe locks without the passkey using backdoor codes installed by the manufacturer. <ref name=":2" /><ref name=":3" /> SecuRam offers no path for vulnerable customers to protect themselves. They have declined to offer a firmware patch, and have not yet released new ProLogic locks that are not vulnerable to this attack.<ref name=":0" /><ref name=":1" />

==Background==
In 2023 news broke that Liberty Safe kept a master key for all safes that it sold.<ref>{{Cite news |last=Levenson |first=Michael |date=2023-09-08 |title=How a Company That Makes Gun Safes Angered Gun Owners |url=https://www.nytimes.com/2023/09/08/business/liberty-safe-codes.html |work=The New York Times}}</ref> Security researcher Mark Omo and James Rowley attempted to discover vulnerabilities involving this master key. They were unsuccessful, but did discover two techniques for opening safes sold by Liberty Safe that were equipped with SecuRam ProLogic series locks.<ref name=":0">{{Cite news |last=Greenberg |first=Andy |date=2025-08-08 |title=Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds |url=https://www.wired.com/story/securam-prologic-safe-lock-backdoor-exploits/ |work=WIRED}}</ref>

==The Incident: Discovery that the Backdoor is Vulnerable==
On August 8th, 2025 while on-stage at DEF CON<ref name=":3">[https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Mark%20Omo%20James%20Rowlery%20-%20Cash%2C%20Drugs%2C%20and%20Guns%20Why%20Your%20Safes%20Aren%27t%20Safe.pdf DEF CON Presentation] Slides by Mark Omo and James Rowley</ref><ref name=":2">[https://infocondb.org/con/def-con/def-con-33/cash-drugs-and-guns-why-your-safes-arent-safe Cash, Drugs, and Guns: Why Your Safes Aren't Safe] - DEF CON talk abstract by Mark Omo and James Rowley</ref> in Las Vegas, researchers Mark Omo and James Rowley demonstrated that SecuRam ProLogic safe locks can be opened by unauthorized users without the passkey using backdoors installed by the manufacturer. In the interest of public safety, they opted not to publicly reveal the techniques they discovered. They did however provide a live demonstration to journalist Andy Greenberg from WIRED.<ref name=":0" /><ref name=":1">{{Cite web |date=2025-09-11 |title=We Digitally Cracked A High-Security Safe {{!}} Hacklab {{!}} WIRED |url=https://www.youtube.com/watch?v=upVzWfokDQc |website=Youtube}}</ref>

==SecuRam's Response==
SecuRam's CEO Chunlei Zhou responded to the discoveries by saying that the vulnerabilities were already known by industry professionals. Zhou also added that SecuRam will not provide updated firmware for vulnerable locks, but will be releasing new ProLogic safe locks that are free from the demonstrated vulnerabilities by end of year 2025.<ref name=":0" /><ref name=":1" />

==Consumer response==

On August 8th, 2025 in response to SecuRam CEO Chunlei Zhou's statements, researchers Mark Omo and James Rowley rebutted by saying that the vulnerabilities were not previously known to the public. Liberty Safe has also responded to Zhou's statements, claiming that the vulnerabilities were previously unknown to them.<ref name=":0" /><ref name=":1" />

==References==
{{reflist}}

SecuRam installs backdoor on ProLogic series safe locks

2025-09-16T00:31:42Z

Chuck: Company Response + Consumer Response + more references

{{IncidentCargo
|Company=SecuRam, Liberty Safe
|StartDate=2025-08-08
|Status=Pending Resolution
|ProductLine=ProLogic
|ArticleType=Product
|Type=Unprompted Risk to Users
|Description=Researchers demonstrate that SecuRam ProLogic safe locks can be opened by unauthorized users with OEM installed backdoor.
}}
{{Ph-I-Int}}
==Background==
In 2023 new broke that Liberty Safe kept a master key for all safes that it sold.<ref>{{Cite news |last=Levenson |first=Michael |date=2023-09-08 |title=How a Company That Makes Gun Safes Angered Gun Owners |url=https://www.nytimes.com/2023/09/08/business/liberty-safe-codes.html |work=The New York Times}}</ref> Security researcher Mark Omo and James Rowley attempted to discover vulnerabilities involving this master key. They were unsuccessful, but did discover two techniques for opening safes sold by Liberty Safe that were equipped with SecuRam ProLogic series locks.<ref name=":0">{{Cite news |last=Greenberg |first=Andy |date=2025-08-08 |title=Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds |url=https://www.wired.com/story/securam-prologic-safe-lock-backdoor-exploits/ |work=WIRED}}</ref>

==The Incident: Discovery that the Backdoor is Vulnerable==
On August 8th, 2025 while on-stage at DEF CON<ref>[https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Mark%20Omo%20James%20Rowlery%20-%20Cash%2C%20Drugs%2C%20and%20Guns%20Why%20Your%20Safes%20Aren%27t%20Safe.pdf DEF CON Presentation] Slides by Mark Omo and James Rowley</ref><ref>[https://infocondb.org/con/def-con/def-con-33/cash-drugs-and-guns-why-your-safes-arent-safe Cash, Drugs, and Guns: Why Your Safes Aren't Safe] - DEF CON talk abstract by Mark Omo and James Rowley</ref> in Las Vegas, researchers Mark Omo and James Rowley demonstrated that SecuRam ProLogic safe locks can be opened by unauthorized users without the passkey using backdoors installed by the manufacturer. In the interest of public safety, they opted not to publicly reveal the techniques they discovered. They did however provide a live demonstration to journalist Andy Greenberg from WIRED.<ref name=":0" /><ref name=":1">{{Cite web |date=2025-09-11 |title=We Digitally Cracked A High-Security Safe {{!}} Hacklab {{!}} WIRED |url=https://www.youtube.com/watch?v=upVzWfokDQc |website=Youtube}}</ref>

== SecuRam's Response ==
SecuRam's CEO Chunlei Zhou responded to the discoveries by saying that the vulnerabilities were already known by industry professionals. Zhou also added that SecuRam will not provide updated firmware for vulnerable locks, but will be releasing new ProLogic safe locks that are free from the demonstrated vulnerabilities by end of year 2025.<ref name=":0" /><ref name=":1" />

==Consumer response==

On August 8th, 2025 in response to SecuRam CEO Chunlei Zhou's statements, researchers Mark Omo and James Rowley rebutted by saying that the vulnerabilities were not previously known to the public. Liberty Safe has also responded to Zhou's statements, claiming that the vulnerabilities were previously unknown to them.<ref name=":0" /><ref name=":1" />

==References==
{{reflist}}

{{Ph-I-C}}

SecuRam installs backdoor on ProLogic series safe locks

2025-09-16T00:18:23Z

Chuck: /* [Incident] */ Incident description + new references

SecuRam installs backdoor on ProLogic series safe locks

2025-09-16T00:07:28Z

Chuck: /* References */ fixed data format

SecuRam installs backdoor on ProLogic series safe locks

2025-09-16T00:05:59Z

Chuck: Background and references

SecuRam installs backdoor on ProLogic series safe locks

2025-09-15T21:55:59Z

Chuck: Researchers demonstrate that SecuRam's ProLogic series of safe locks can be opened by anybody using two techniques that exploit the backdoor installed on the locks at the time of purchase.