Slashdot Mirror


Open Millions of Hotel Rooms With Arduino

MrSeb writes with an excerpt from Extreme Tech about a presentation at Black Hat: "Bad news: With an Arduino microcontroller and a little bit of programming, it's possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms. This hack was demonstrated by Cody Brocious, a Mozilla software developer, at the Black Hat security conference in Las Vegas. At risk are four million hotel rooms secured by Onity programmable key card locks. According to Brocious, who didn't disclose the hack to Onity before going public, there is no easy fix: There isn't a firmware upgrade — if hotels want to secure their guests, every single lock will have to be changed. I wish I could say that Brocious spent months on this hack, painstakingly reverse-engineering the Onity lock protocol, but the truth — as always, it seems — is far more depressing. 'With how stupidly simple this is, it wouldn't surprise me if a thousand other people have found this same vulnerability and sold it to other governments,' says Brocious. 'An intern at the NSA could find this in five minutes.'"

8 of 268 comments (clear)

  1. Bad news for you maybe by crazyjj · · Score: 5, Funny

    Great news for the budget-minded vacationer looking for a hotel bargain.

    --
    What political party do you join when you don't like Bible-thumpers *or* hippies?
  2. Re:Lock the door when inside by Iniamyen · · Score: 5, Funny

    Don't fret, most hotel rooms have safes secured by Onity programmable key card locks.

  3. swedish supermodels beware by tekrat · · Score: 5, Funny

    Geeks now have the ability to get into your hotel room while changing into your bikini...

    But why would a geek be changing into your bikini?

    --
    If telephones are outlawed, then only outlaws will have telephones.
  4. So they're called by oldmac31310 · · Score: 5, Funny

    pwnity now...

    --
    http://www.acetonestudio.com
  5. Re:Lock the door when inside by specific · · Score: 4, Funny

    I've never hacked an Onity programmable key-card lock, but I did stay in a Holiday Inn Express last night.

    --
    If you lend someone $20 and never see that person again, it was probably worth it.
  6. Re:Lock the door when inside by Critical+Facilities · · Score: 4, Funny

    the chain lock that's separate from the key card lock

    Or according to Jon Stewart - "I have a chain lock on my door that says to criminals 'you're not getting in here......unless you push....kind of hard....with your hand'."

  7. Re:I wouldn't have either by TheCarp · · Score: 4, Funny

    That is, unless he is planning to use the Basic Instinct Defense "What, do you think I am stupid enough to publish details of how a murder could be committed, by anyone, using these devices, and then do it myself?"

    Though, if he tries it, I hope he remembers, the short white dress and no underwear is key to making it work.

    --
    "I opened my eyes, and everything went dark again"
  8. Re:As usual however by gblackwo · · Score: 4, Funny

    You have until the end of the day to gather your things and turn in your geek card.