Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsHacker gains access to 4 million hotel rooms with Arduino microcontroller
http://www.extremetech.com/computing/133448-black-hat-hacker-gains-access-to-4-million-hotel-rooms-with-arduino-microcontrollerBad news: With less than $50 of off-the-shelf hardware and a little bit of programming, its possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms.
This hack was demonstrated by Cody Brocious, a Mozilla software developer, at the Black Hat security conference in Las Vegas. At risk are four million hotel rooms secured by Onity programmable key card locks. According to Brocious, who should be scolded for not disclosing the hack to Onity before going public, there is no easy fix: There isnt a firmware upgrade if hotels want to secure their guests, every single lock will have to be changed.
The hack in its entirety is detailed on Brociouss website, but in short: At the base of every Onity lock is a small barrel-type DC power socket (just like on your old-school Nokia phone). This socket is used to charge up the locks battery, and to program the lock with a the hotels sitecode a 32-bit key that identifies the hotel. By plugging an Arduino microcontroller into the DC socket, Brocious found that he could simply read this 32-bit key out of the locks memory. No authentication is required and the key is stored in the same memory location on every Onity lock.
The best bit: By playing this 32-bit code back to the lock it opens. According to Brocious, it takes just 200 milliseconds to read the sitecode and open the lock. I plug it in, power it up, and the lock opens, Brocious says. His current implementation doesnt work with every lock, and he doesnt intend to take his work any further, but his slides and research paper make it very clear that Onity locks, rather ironically, lack even the most basic security.
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
8 replies, 2316 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (8)
ReplyReply to this post
8 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Hacker gains access to 4 million hotel rooms with Arduino microcontroller (Original Post)
Newsjock
Jul 2012
OP
dballance
(5,756 posts)1. Let the mass robbery of hotel rooms begin /eom
Junkdrawer
(27,993 posts)2. Lock on a lock....
Cover the port.
backscatter712
(26,355 posts)4. For four million hotel rooms?
And most of those hotel rooms are owned by big chains - Holiday Inn, Mariott, etc. who'd have to fix those locks en masse anyways.
At that scale, it'd probably be cheaper just to replace all those locks.
Junkdrawer
(27,993 posts)7. Temp fix until the locks are replaced....
Charge the lock one last time and epoxy the port.
The manufacturer - AT THEIR COST - then replaces the lock.
backscatter712
(26,355 posts)8. That's a short-term fix.
Though if the batteries peter out and the hotel doesn't get a replacement door lock in time, they're gonna have a problem...
Robb
(39,665 posts)3. Locks can be picked. Also: water wet.
Zalatix
(8,994 posts)6. Secret Assassin Man says
there is no such thing as a locked door.
tawadi
(2,110 posts)5. Well that's unsettling. eom