Millions of hotel room keycard locks 'flawed'

2012-07-25 09:04
A Mozilla software developer is showcasing alleged vulnerabilities he discovered in hotel room locks manufacturer by Onity at the Black Hat Security Conference in Las Vegas, Nevada.

According to a report on Forbes.com, the weakness allegedly lies in a DC power port found at the bottom of the lock that can be "overcome by a few hacker tricks and a handful of cheap hardware".

Cody Brocious, a 24-year-old security researcher, was able to use an open-source hardware gadget he built for less than $50 (about R424 at R8,48/$), via the port.

“I plug it in, power it up, and the lock opens,” he says.

This particular lock has been installed on the doors of between four to five million hotel rooms around the world according to the company’s figures.

His reported break-in trick was successful when tested on a standard Onity lock ordered online, with him easily bypassing the card reader and triggering the opening mechanism every time. It wasn't as effect on actual Onity locks installed on real hotel doors though. Out ofthree doors tested he was only able to open one, that only on the second attempt after having made a few tweaks to his software. But the fact that Brocious was able to open even a single door is why hoteliers and travellers should be on guard.

Brocious is said to be releasing his research in a paper as well as source code through his website, potentially enabling others to perfect his methods.

When contacted, Onity's response was, “We have not seen Mr Brocious’ presentation and cannot comment on the content. Onity places the highest priority on the safety and security provided by its products and works every day to develop and supply the latest security technologies to the marketplace.”

If staying in a hotel with one of these locks, our advice would be,"Best you use that back up security chain lock just in case."
Read more on:    travel international

Join the conversation!

24.com encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.
NEXT ON NEWS24X

SHARE:

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
1 comment
Comments have been closed for this article.

Inside Travel

 
/News

#FindYourEscape with Traveller24

Your insider guide to exploring South Africa and the world...
 
There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.




Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.