Lock manufacturer Onity originally dismissed the trick as "unreliable and complex to implement," but based on YouTube videos, photos and testimony online, it's much easier than they thought.
At this summer’s Black Hat hacker's conference, Brocious showed off a device he'd created for under $50 that plugs into the data-port on the underside of widely used Onity keycard locks. Once he powered it up, the lock clicked open. Brocious said that because of a timing issue, his device didn't work every time. When Forbes reporter Andy Greenberg accompanied Brocious to various hotels, the device opened one out of every three locks he tested.
But now, according to Forbes, hackers who copied Brocious' device from the instructions that are readily available on his blog are having no trouble opening lock after lock after lock. One hacker actually asked Brocious (who obliged) to help him work out the kinks while another said his own homemade device worked flawlessly on the first five locks he tried.
For Onity, whose locks secure between 4 and 5 million hotel rooms around the world, this is really bad news. To their credit, the lock manufacturer quickly came up with a couple of solutions to fix the problem, but that fix will be slow to implement for a few reasons.
First, shoring up Onity's locks will require the installation of new hardware. The company is providing data-port caps to their customers free of charge, but it will be up to each hotel to order and install the new components. Second, the real solution, unavailable until the end of the month, which Onity somewhat disingenuously calls a "firmware" update, requires the physical installation of new
Click here for the rest of the story.
http://www.securitynewsdaily.com/2211-hotel-lock-hack-is-now-widespread-easy-to-implement.html?cmpid=492429
Is anybody beginning to get the idea that our technology and our reliance on it are outpacing our maturity and common sense?
ReplyDeleteI think they are sensitive so it`s better on leaving hotel if you scratch magnet on it all data on it erases....
ReplyDeleteVery thooughtful blog
ReplyDelete