A team of engineers attending next week’s Black Hat hacking conference created R2B2, the incredibly patient Robotic Reconfigurable Button Basher. The ‘bot punches four-digit combinations at a rate of about one-per-second until it breaks past a phone’s security screen. Working at that rate, it can break through an Android phone in under 20 hours.

It can’t get through any phone’s security, though: the iPhone, by default, makes users wait more and more time to try again after each incorrect passcode, meaning R2B2 couldn’t hack in during a reasonable amount of time. Android phones, by default, only make users wait 30 seconds to try again after every five incorrect codes. (Don’t fret too much: it’s not like most petty thieves have the Arduino and 3-D printing skills required to build this robot.)

The creators say they’re looking into making a version that could crack ATM pins or bank vaults, which would be a little scary (although wouldn’t a bystander figure something was up when a robot was punching numbers into an ATM for 20 hours?)

[Forbes via Gizmodo]