Open Millions of Hotel Rooms With Arduino 268
MrSeb writes with an excerpt from Extreme Tech about a presentation at Black Hat: "Bad news: With an Arduino microcontroller and a little bit of programming, it's possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms. This hack was demonstrated by Cody Brocious, a Mozilla software developer, at the Black Hat security conference in Las Vegas. At risk are four million hotel rooms secured by Onity programmable key card locks. According to Brocious, who didn't disclose the hack to Onity before going public, there is no easy fix: There isn't a firmware upgrade — if hotels want to secure their guests, every single lock will have to be changed. I wish I could say that Brocious spent months on this hack, painstakingly reverse-engineering the Onity lock protocol, but the truth — as always, it seems — is far more depressing. 'With how stupidly simple this is, it wouldn't surprise me if a thousand other people have found this same vulnerability and sold it to other governments,' says Brocious. 'An intern at the NSA could find this in five minutes.'"
Well, that's it! (Score:5, Insightful)
Bad news: With an Arduino microcontroller and a little bit of programming, it's possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms.
Well, that's it! There's only one thing we can do... outlaw Arduinos
Re: (Score:3, Funny)
Bad news: With an Arduino microcontroller and a little bit of programming, it's possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms.
Well, that's it! There's only one thing we can do... outlaw Arduinos
Not a complete solution, I'm sure there are other devices that could be used. To solve the problem completely we'll have to outlaw programming.
Re: (Score:3)
That's not sufficient. We have to go all the way and outlaw thinking. It's the only way to be sure no one defeats our puny weapons with their superior intellect.
Re:Well, that's it! (Score:5, Insightful)
"...who should be scolded for not disclosing the hack to Onity before going public"
a) As if they don't already know what the hack is.
b) If the only solution is to change all the locks, maybe on their own dime, do you think disclosure will make them volunteer to do it?
Re:Well, that's it! (Score:4, Interesting)
Well, that's it! There's only one thing we can do... outlaw Arduinos
That's the beauty *cough* of the DMCA. They already are illegal! They will continue to be illegal until the Library of Congress makes an exemption [wikipedia.org].
I'm not completely sure if owning them is legal or not. The DMCA prevents "dissemination of technology, devices, or services intended to circumvent measures". Later provisions in the law cover cases where the device is not intended for circumvention, but is frequently used that way, such as open source DVD player software, which is not intended for copying the DVD, but can be used that way. Simply owning an Arduino would not qualify as "dissemination", but if you unknowingly sold or gave away your Arduino, I'm pretty sure you could be charged with breaking the DMCA. It's unlikely that you would be charged, unless the person that bought your Arduino proceeded to use it to break into a hotel room, but the point is that it's nearly impossible to avoid breaking this law!
Re:As usual however (Score:5, Funny)
Re: (Score:2)
You don't need his geek card. It was hacked in 5^H 2 minutes using a raspberry pi!
I wouldn't have either (Score:5, Insightful)
When the guys share these hacks with the companies ahead of time, they tend to get sued or get their presentations cancelled by the vengeful corporations. They're better off not disclosing these things ahead of time.
Re: (Score:3)
Their presentations may or may not get suppressed, but this approach pretty much ensures he will get sued.
Worse, in his paper he uses an example of framing a hotel employee for murder! While dramatizing the vulnerability is not uncommon amongst hackers looking to draw media attention to the seriousness of their claims, suggesting a plan for murder is a really, really poor choice. The consequences of this could be even higher than the civil penalties of a lawsuit.
Re:I wouldn't have either (Score:5, Funny)
That is, unless he is planning to use the Basic Instinct Defense "What, do you think I am stupid enough to publish details of how a murder could be committed, by anyone, using these devices, and then do it myself?"
Though, if he tries it, I hope he remembers, the short white dress and no underwear is key to making it work.
Re:I wouldn't have either (Score:4, Insightful)
> suggesting a plan for murder is a really, really poor choice
From the website explanation:
Unless you believe that Brocious can somehow know the details of every murder trial currently going on anywhere in the world at this time, this fact is actually an excellent defense for justifying immediate disclosure.
And anyway, if your interesting legal theory was correct, the broadcast of every Columbo episode, for example, would have exposed {N,A}BC to criminal charges or civil liability. Not likely.
Re: (Score:2)
Very good point!
But that won't stop an attorney hell-bent on suing him into oblivion from bringing it up in court negatively as well: "The defendant literally told people how to use his device to get away with murder! This is further evidence that he was being malicious towards the plaintiff in his disclosure, which is why you must find in favor of my client."
Re: (Score:3, Insightful)
You know how you feel when your computer-illiterate relatives try to talk to you about programming or hacking? That's how lawyers feel when Slashdotters try to talk about law.
Re: (Score:3, Insightful)
If they truely can not fix these locks without physically replacing them, I can garentee any prior contact with them about this bug would have resulted in every legal and possible assumed legal resposnse they could think of to prevent him from disclosing the information.
The end result would be no disclosure and everyone that stays in one of these hotel rooms is at risk. At least if the information is public, people can take action to protect themselves and their stuff by using the deadbolt/latch, the safe,
Re: (Score:2)
Re:I wouldn't have either (Score:4, Interesting)
When the guys share these hacks with the companies ahead of time, they tend to get sued or get their presentations cancelled by the vengeful corporations. They're better off not disclosing these things ahead of time.
Plus in this case, what could Onity have done? They cannot create an update that is automatically downloaded and installed over the next month onto those locks, like with Windows or Flash. If they knew about this before, and had a proper fix for it, then they would have to communicate it to thousands of hotels, and that would result in disclosure as well.
Re:I wouldn't have either (Score:5, Insightful)
Bad news for you maybe (Score:5, Funny)
Great news for the budget-minded vacationer looking for a hotel bargain.
Re: (Score:2)
Or just someone looking to hide a few bodies
http://www.snopes.com/horrors/gruesome/bodybed.asp [snopes.com]
Stolen (Score:2, Redundant)
Someone stole my first post. It was locked in a hotel room.
Reliable? (Score:4, Informative)
Re:Reliable? (Score:5, Insightful)
From TFA: He tested this hack on three randomly choosen hotel room doors, failed to open any. Had to stop to reprogram the device, and then managed to open one of the doors. I'll stick to being worried about corrupt security guards.
Proof of Concept != Final Version
Re: (Score:2)
Or, as in my case on two different occasions, asking the cleaning personnel to open my door because I got locked out while going to get ice.
But seriously, who leaves shit in their rooms at hotels anyway? The hotel safes can be opened with 0000 or 9999 most often and with staff members making minimum wage, the chance of theft is high.
When I'm traveling, all of my items of any real value come with me (laptop, phone, wallet, money, prescriptions) and if
Re: (Score:2)
When I'm traveling, all of my items of any real value come with me (laptop, phone, wallet, money, prescriptions) and if they want to steal my shitty clothing and toiletries, so be it.
And when you are at Disney World, the pool, the fitness center or the bar, how does lugging that laptop around go?
Re: (Score:2)
I never had a single problem with it (and I did exactly all of those things when I was at WDW for a conference in April).
Re: (Score:2)
The best place to keep valuables when staying somewhere like that is locked in the trunk of your car. If you flew and then took cabs rather than get a rental car, your situation is pretty hopeless.
Re: (Score:2)
When I travel, I leave my stuff out everywhere similar to what I do at home, throw loose bills and change on the table, laptop sitting out possible still plugged in and on. I average about 30 nights a year in a hotel room and I've never had a problem with anything mising that I've noticed. When my room is cleaned, all of my stuff is still in the same exact place or its moved into one neat pile instead of many scattered piles. It only takes one corrupt person though but its not like the one time you forge
Re: (Score:3)
My experience in the last hotel where I stayed:
Got out of the pool, wrapped in a towel, went to the desk.
– Oh, ma'am, I'm sorry, I guess I forgot my key in the room. Can somebody open the room for me? It's 104
– Don't worry, click-click-swipe. Here is a new key for you. Cheers!
How hard is this system to abuse?
Re:Reliable? (Score:5, Informative)
I suspected upon hearing this that he was trying to bitbang a protocol using the Arduino functions such as delaymicroseconds and digitalwrite and he was probably having to adjust these to account for inconsistencies caused perhaps between locks (where battery voltage may affect timing) but also the inherent timing problems caused by the braindead manner in which these "friendly" functions operate. Even worse, he is using the Arduino's Serial library which is even worse about causing timing and memory problems.
Upon reading his code I found that assumption to be correct. If he ditched the Arduino library and wrote correct AVR code using ISR's and hardware timers to implement the communication protocol I think the reliability of the exploit would dramatically improve. Reading his analysis of the protocol I even think the two-wire interface could be used directly with a tiny bit of extra hardware. Also, the Arduino MEGA is unnecessary; a normal arduino or even a $2 ATTiny would do this job fine.
I should mention that it's not his fault that the Arduino library is terrible code and that its essentially unusable for this kind of thing; they do sort of purport that is more capable than it is. I do however suggest that you adjust your thoughts on the reliability of his exploit.
A bit of hyperbole... (Score:5, Insightful)
The bottom line is that if you aren't using the mechanical bolt or slide lock when staying at *any* hotel, you were vulnerable way before this hack. Keep in mind that there are plenty of AUTHORIZED users of master card keys on the hotel staff.
Re:A bit of hyperbole... (Score:5, Insightful)
When a hotel staffer uses a master key card, it's logged (the security system notes which key was used when). Presumably with this hack, that isn't necessary. Also, the ability to open the doors on 25% of hotel rooms is still a concern.
Re:A bit of hyperbole... (Score:5, Interesting)
Does Onity offer centrally logged door units?
99% of the shit I've worked with at hotels (from an installation POV) just checks that the mag card has a particular number in track 3. They're dumb as fuck.
Putting the word "ADM" in track 2 unlocks most of the doors in many hotels. Sad but true fact.
Auditing (Score:4, Insightful)
Re:A bit of hyperbole... (Score:5, Insightful)
The bottom line is that if you aren't using the mechanical bolt or slide lock when staying at *any* hotel, you were vulnerable way before this hack.
That might work if you're *in* the room. What if you need to venture outside?
Re: (Score:2)
Re:A bit of hyperbole... (Score:4, Insightful)
Re: (Score:2)
all he would have to do is knock on the door and say "Hotel security. Open the door, please".
The hotel has a voice activated door? Cause otherwise I don't quite understand how claiming to be hotel security causes the door to open.
Re: (Score:2)
>>>Cause otherwise I don't quite understand how claiming to be hotel security causes the door to open.
Because you can't read.
If a bad guy wanted in while someone was inside, all he would have to do is knock on the door and say "Hotel security. Open the door, please". I had this happen to me one time except it was a cop. I refused to open the door, so the cop went across the aisle to the neighbor instead (the source of a marijuana smell).
Re: (Score:2)
Because you can't read.
Did you hear that loud "whoosh" noise?
The point is that someone knocking on the door and saying "Hotel security. Open the door, please" only works when the person in the room is a complete moron.
Re: (Score:2)
not only that but every hotel has cleaning people on every floor every day. there are cameras everywhere in common areas. a person loitering outside a door will not only be on camera but any maid can call it in to security.
security is the whole system, not like every individual piece has to be 100% secure
that's why stock iphones have never had a big security issue. iOS by itself is not 100% secure but combine it with the app store and the apple ecosystem and there has never been a big malware incident
Re: (Score:2)
iOS by itself is not 100% secure but combine it with the app store and the apple ecosystem and there has never been a big malware incident
You mean other than iOS itself, right? :)
Re: (Score:2)
How do I use this slide lock when I leave my things in the room but I wish to leave?
Should I hire someone to operate that for me?
Re: (Score:2)
Also, this can be defeated by simply using any one of the mechanical locks on the door.
...which you can only employ if you're actually in the room, which thwarts most burglars anyway.
Re: (Score:2)
the only time to leave something valuable in the safe is jewelry when you go to the pool. otherwise you take your phone, wallet and other valuables with you
unless you're a secret agent and need to lock up your top secret spy info. laptops are cheap and any secret data should be encrypted anyway or stored in da cloud
swedish supermodels beware (Score:5, Funny)
Geeks now have the ability to get into your hotel room while changing into your bikini...
But why would a geek be changing into your bikini?
Re:swedish supermodels beware (Score:4, Funny)
Basically it's the perfect armor.
Some 500 pound guy in a thong is so horrific that you simply can't look at it long enough to aim and shoot.
That and the whole Cthulu-esque "I stared into madness and madness stared back" aspect.
Re: (Score:2)
Geeks now have the ability to get into your hotel room while changing into your bikini...
But why would a geek be changing into your bikini?
Hey! I don't have a bikini! Let's be clear about that!!!
(And think of this: a geek who is changing into the bikini of another geek?!?! Or are we talking about two female geeks here?)
Re: (Score:2)
Hey! I don't have a bikini! Let's be clear about that!!!
You mean... those are tan lines?
What happened to responsible disclosure? (Score:5, Insightful)
Re:What happened to responsible disclosure? (Score:5, Insightful)
Responsible disclosure is a fair response to a responsible failure. Few of these that make the news are responsible failures. Chisellers dressed up in security theatre profiting from their faux contrivances while playing this stupid game of harassing the bearer of bad news, as if the bearer of bad news is an indentured, unpaid employee.
I understand the source of this faux reverence for charlatans much better after reading God is not Great. Scientology was a crock from day one, but now that so many gentle and naive souls have absorbed this crockery and imbued it with deep personal meaning, those of us who are deeply offended by the shitbag Hubbard are supposed to subside into polite silence. I asked myself after reading Hitchens: Why do I sit around keeping a respectfully stiff upper lip about xemufascism? To hell with that.
Banks should not be bailed out of bad loans, and security professionals should not be bailed out for chrome-plating obscurity. When the mistake is subtle enough to make a patent examiner's head explode, I'm all for responsible disclosure. Either pass the bar, or don't let the door hit you on the way out.
Re: (Score:2)
The way things are now, you're more likely to get sued and shut up by a court order before you could tell anyone else. Atleast this way, the public is aware of the issue before they get sued. If anything, this assures the public is served important information and does more for public good then going to the company directly.
I'm not saying this company would
Re:What happened to responsible disclosure? (Score:4, Interesting)
In this case he took it upon himself to decide that "there is no possible fix therefore responsible disclosure won't help." But we don't know for sure that the company can't fix the problem with some kind of software update - that's simply his claim. If there is a way to update the EEPROM, any way at all, then a software update could have fixed the problem. Sure, it would be a breaking change to the existing card key systems, but it might not entail a hardware fix to millions of hotel room doors. This guy never gave them that chance.
Notification would have enabled the company to create an update plan, to order a million new circuit boards, to redesign the protocols, to schedule repair crews, to do whatever it took to fix the problem, and to have all that stuff prepared before his disclosure. No matter who they are and how badly they want to fix the problem, this is a year long process at least. Now, during that entire year, bad guys with Arduinos will have full access to unoccupied hotel rooms.
And he's going to get sued into the next millennium. Not only are the plaintiffs going to use arguments like the above, but they're also going to drag his business dealings into it. They're going to make claims like "he's disgruntled because his business venture failed, and he did this out of spiteful retaliation." They're going to throw so much trash at him that I'm not sure even Johnny Cochran would have been able to get him out of trouble.
Re:What happened to responsible disclosure? (Score:4, Informative)
He didn't reveal the actual hack, he only demonstrated that one exists.
Further, there are already several instances of people being sued into silence after responsible disclosure.
Further the problem can not be fixed, and replacement of all locks world wide would be so experience and time consuming that it would never be done in response to responsible disclosure.
The probable outcome here is that the lock maker buys more insurance and sends a memo to customers offering a discount on new and improved locks. Which will be ignored by virtually all hotels.
Responsible disclosure would serve no purpose in this instance.
Re: (Score:2)
The hacker has announced that the complete hack will be revealed, source code and all, on his web site soon.
Re: (Score:3)
responsible disclosure is still widely considered to be a good practice.
Responsible disclosure will inform those vulnerable as soon as possible, so they can take steps to mitigate. There's nothing responsible about keeping a security flaw secret.
Re: (Score:2, Insightful)
As another poster has mentioned, responsible disclosure has been punished in the past, by the original disclosee using the courts to prevent the later presentation.
When the courts did not punish these parties for
the court system effectively took an anti-responsible-disclosure position. This guy is just going along with the g
I'm sure the government has easier ways (Score:2)
If true it's a pretty poor show by Onity, but I'm sure governments have had plenty of success simply forcing, tricking or bribing the hotel desk or cleaning staff into opening the rooms for them. I'm pretty sure that all the US government would have to do is turn up with a warrant and be given access to any room they like regardless of the type of lock used.
Re:I'm sure the government has easier ways (Score:5, Insightful)
Silly Reader, warrants are so 20th century. These days, they just show a letter, that you can't discuss with anyone, citing a "secret" law. Yes, it's unconstitutional, but if you're a $12/hour clerk, and the guy with the gun is asking, are you going to make a fuss?
Re:I'm sure the government has easier ways (Score:5, Insightful)
With a warrant, you can do practically anything, because a judge has signed off on it.
It's what they can do without warrants that scares me.
Re: (Score:2)
Re: (Score:2)
The key is silent access, as another poster mentioned. If hotel staff use the master key-card, that's logged to the security system. If police show up with a warrant, that warrant is part of the public record (in most cases) and shows up in the police logs. In any of those cases, there's a way to know about the breach nearly as soon as it happened. With this crack, there's no record that the security system was defeated, which makes recovery even more difficult. Consider the following:
Wrong (Score:4, Insightful)
Re: (Score:3)
Chances are that retrofitting the existing lock will cost more than replacing it.
Re:Wrong (Score:4, Informative)
Every single lock will not have to be changed. There are several ways to fix this without replacing the entire lock. Fill the hole.
And you can't recharge the battery any more - so sooner or later your lock is going to be out of service.
Cover the whole with an exterior lock.
Probably impossible as the current casing has not been designed for that; and anyway they all will end up with a single physical key: copy that and you're good. And anyway this requires a physical modification to the lock, likely the whole outer casing, not much less work than replacing the whole lock.
Put a more secure circuit between the exterior plug and the lock's main board. That more secure circuit only need to handle NOT letting you read the memory.
That is equivalent to changing out the main board of the lock. Which is probably more practical: it is not likely this lock has any space inside to install an extra board inside. Besides considering how modern devices are designed, replacing the lock is probably easier to do than replacing or adding a circuit board. Which is definitely not something your run-of-the-mill handyman can do.
Re:Wrong (Score:4, Insightful)
Every single lock will not have to be changed. There are several ways to fix this without replacing the entire lock. Fill the hole. Cover the whole with an exterior lock.
That port is used to recharge the battery in the lock.
Put a more secure circuit between the exterior plug and the lock's main board. That more secure circuit only need to handle NOT letting you read the memory. Given that the article is completely wrong about having to change the locks, I would question whether there really isn't a way to fix it via firmware. Either way though, the fix does not require a new lock, and it is a task that the hotel's regular handyman can perform.
The board itself is probably cheap, removing the port from the board and soldering in a new daughter board/port would be expensive. I don't see any advantage to that over replacing the whole board, which is what the article ("New circuitboards will have to be installed in every affected lock,") actually suggests.
Given that the article is completely wrong about having to change the locks, I would question whether there really isn't a way to fix it via firmware.
Brocious's full time job was to reverse engineer Onity's locks and front desk systems for a startup; he probably knows whether the lock has upgradable firmware.
Re:Wrong (Score:5, Insightful)
Every single lock will not have to be changed. There are several ways to fix this without replacing the entire lock. Fill the hole. Cover the whole with an exterior lock. Put a more secure circuit between the exterior plug and the lock's main board. That more secure circuit only need to handle NOT letting you read the memory. Given that the article is completely wrong about having to change the locks, I would question whether there really isn't a way to fix it via firmware. Either way though, the fix does not require a new lock, and it is a task that the hotel's regular handyman can perform.
Fill the hole: No. Read the article. The hole is needed and used routinely to charge the battery and reprogram.
Cover the hole with an exterior lock: So this is your plan to avoid changing out the lock? Add yet another lock on top? And how secure is that lock?
Add a circuit ahead of the main board: Where? There is no room for that. You would have to replace the entire main board.
Firmware fix: Perhaps possible, but these are very old designs using very limited microcontrollers. And you would still have to replace every reprogramming device in the field to get around this because your solution would also prevent reprogramming the lock.
So, NO, the article is not completely wrong. Your post is pretty close to completely wrong.
By the time you do any of the modifications you suggest, it would be cheaper to change the lock.
And none of those changes could be accomplished by the handyman. At best, they might be able to change out the lock. Most of those guys know how to swing a wrench and a toilet plunger. They are not very good at board level soldering. Even worse at changing microprocessors inside a lock chassis designed specifically to be tamper resistant.
Best case is that they can replace the entire circuit board using cheaper more modern ICs in the same amount of space. But even that is likely to more expensive to than just replacing every single lock.
In actuality, This will never be done, until the next hotel remodel. Additional theft insurance, maybe purchased by the manufacturer, will be by far the cheapest alternative.
Re: (Score:2)
Exactly.
Seriously, I can't imagine how GP was moderated insightful.
Did the moderators all skip breakfast this morning?
Image (Score:5, Interesting)
The hacker has (in his picture for the Forbes article) unkempt hair and a T-shirt that says "It's Fun To Use Learning For Evil!". I realize Black Hat has this whole counterculture thing going guys, but would it kill you to put on the veneer of respectability? Geez... this guy looks like a cliche movie hacker lackey.
You know that your intentions are honorable, that you wouldn't (for instance) rob a hotel room, and that maybe you are part of the process by which society gets stronger over the long run, but the audience of Forbes is predisposed to see you as a shady menace (or cost multiplier). And the audience of Forbes has more real influence to pass laws that restrict or limit access to your favorite toys (prior examples being some telephony tools, radio electronics, lockpicks, encryption software, etc.).
It sounds silly, but a clean shave and a button-down is how you say "I'm one of the good guys" to this crowd (or the general public, actually).
Re:Image (Score:5, Insightful)
would it kill you to put on the veneer of respectability?
Like a banker? ;)
Re: (Score:3)
Like a banker? ;)
Exactly! Better evidence to prove GP's point does not exist. Just look respectable and society at large won't punish you for losing trillions to enriching yourself. If we all started showering regularly we could own this town!
Re: (Score:2)
would it kill you to put on the veneer of respectability?
Would it kill you to judge people based on their acts and not their appearances?
Re: (Score:2)
would it kill you to put on the veneer of respectability?
Would it kill you to judge people based on their acts and not their appearances?
Appearance IS AN ACT.
Re:Image (Score:4, Insightful)
Do you want to turn people off needlessly
If those people are such sorry excuses for human beings as to judge someone based on the clothes they wear, they can fuck right off. There is nothing inherently respectable about wearing slacks, and quite a lot inherently disrespectable about judging people based on appearances. It's just another manifestation of the base tribal instincts that are responsible for racism, and it's not a bit nicer.
Re: (Score:3)
He's a hacker, at a hacking conference, doing something that happened to be of interest to Forbes.
Re: (Score:3)
Re: (Score:2)
So they're called (Score:5, Funny)
Definitely worth a funny mod (Score:2)
One in three doors (Score:2)
I read about this on BBC News [bbc.com] this morning, and two things struck me:
1. "In tests Mr Brocious conducted with Forbes news site, the system did not prove entirely successful - only one of the three doors, at three hotels in New York, opened." So it doesn't work everywhere, but it's a good proof of concept. From the above ExtremeTech article: "Brocious found that he could simply read this 32-bit key out of the lock’s memory. No authentication is required ... By playing this 32-bit code back to the lock .
Locks only keep honest people out. (Score:2)
Re: (Score:3)
Cute, but trite homily.
Throwing that out there as an excuse is just so much hand waiving the problem away. Murder? Well, you didn't expect your dear brother to live for ever did you?
Hotels don't promise you security against someone with unlimited time an unlimited resources, nor does anyone have enough time or resources unless they are willing to use explosives.
Like the opening scene in a movie (Score:2)
If he is always itching to disclose, who would ever hire him?
Answer: the wrong people. Not that it sounds like his skills are so great.
I'd be worried about his safety, next time.
Re:Lock the door when inside (Score:5, Funny)
Re: (Score:3, Insightful)
Obviously that person meant the chain lock that's separate from the key card lock. I hope not just the deadbolt; the ones built in to hotel key card lock mechanisms can be opened by the master key card. Not the ones the housekeepers carry but the one the chief maintenance guy keeps in his office. One assumes this hack can open the bolt as well as the regular latch.
Re: (Score:3)
I've stayed in â20/night hostels where key cards served dual purposes.
Shared dormitories had individual lockers for each inhabitant. Multiple key cards would open the room but each only a single locker.
In this situation, a 'housekeeper exploit' could possibly find the locker code compromised, even if the room code remained secure.
Re:Lock the door when inside (Score:4, Funny)
I've never hacked an Onity programmable key-card lock, but I did stay in a Holiday Inn Express last night.
Re: (Score:2)
Is hostel a EU spelling of hotel? Not familiar with the hostel spelling. YOu said it more than once, so guessing it isn't just a typo....
Re:Lock the door when inside (Score:5, Funny)
the chain lock that's separate from the key card lock
Or according to Jon Stewart - "I have a chain lock on my door that says to criminals 'you're not getting in here......unless you push....kind of hard....with your hand'."
Re: (Score:2)
Well, yes, but while sleeping deaf hotel guests might be in trouble anyone else would be awakened by the breakage.
Re:chain lock (Score:3)
Re:Lock the door when inside (Score:5, Interesting)
Obviously that person meant the chain lock that's separate from the key card lock. I hope not just the deadbolt; the ones built in to hotel key card lock mechanisms can be opened by the master key card. Not the ones the housekeepers carry but the one the chief maintenance guy keeps in his office. One assumes this hack can open the bolt as well as the regular latch.
We had a problem with a hotel safe once. When the tech guy came he popped the plastic keypad off to expose a serial port then hooked up his iPhone to it and opened the door. I wonder how secure that is...
Re:Lock the door when inside (Score:4, Funny)
We had a problem with a hotel safe once. When the tech guy came he popped the plastic keypad off to expose a serial port then hooked up his iPhone to it and opened the door. I wonder how secure that is...
Lies! iPhones and iPads are for content consumption only, and cannot possibly used for real work.
Re:Lock the door when inside (Score:5, Informative)
Many of those safes have backup passwords, hotels generally do not change the default one.
Re:Lock the door when inside (Score:5, Informative)
You mean those safes where hotel staff have a master code that unlocks them in case the guest forgets the code they set? Those safes?
Re:Lock the door when inside (Score:4, Funny)
Re: (Score:2)
Or a guest who wants to get back into their room...
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
There may be quite a number of people who have had items stolen from rooms "secured" by these locks now wondering what really happened. I also wonder whether there are any fired hotel staff who have been wronged in this. As Brocious points out, the hack is rather trivial and he's unlikely to have been the first/only person to have figured it out.
Its FAR FAR more likely that a hotel maid's card or a master card was duplicated by her shady love interest than anyone else detecting this.
I would say its probable that there is NOBODY who discovered this without inside knowledge. After all, who goes around plugging stuff into random sockets in hotel room locks without some inside knowledge of what that socket is for?
He didn't just happened to stumble on a micro-controller out of his TV remote that did this. He had to custom build a processor to do this.
Re: (Score:2)
http://media.tumblr.com/tumblr_lqjv5j6CVY1qidtfx.gif [tumblr.com]