Hotel door tech provider moves to crack down on lock hacker
An electronic hotel lock provider has issued a series of fixes to its technology after a cheeky developer used a major conference to demonstrate a hack to open doors.
Brocious used a piece of technology costing around $50 which he adapted so that he could attach the device to the underside of an Onity hotel lock.
According to The Register, Brodious’s device was only able to work because of two parallel issues with Onity locks: “The ability to read memory locations on vulnerable electro-mechanical locks and flawed cryptography in the key cards system itself.”
After initially dismissing the hack as “unreliable”, Onity has now issued details to potentially nervous hoteliers for how to prevent the hack from hitting their own properties.
The fix comes in two forms:
A “mechanical cap” which can be inserted in the programmable plug of the existing Onity locks, effectively blocking the physical access.
The second options is likely to anger hoteliers (who have found themselves at the mercy of recent developments, both security-wise and now financially) involves replacing the control mechanism and firmware for both the HT and Advance series locks that Onity produces.
The company says:
“For locks that have upgradable control boards, there may be a nominal fee. Shipping, handling and labor costs to install these boards will be the responsibility of the property owner.”
Expect this to run and run.
NB: Electronic hotel door lock image via Shutterstock.
Kevin May is editor and a co-founder of Tnooz. He was previously editor of UK-based magazine Travolution for nearly four years and web editor of Media Week UK from 2003 to 2005.
He has also worked in regional newspapers (Essex Enquirer) and started his career in journalism at the Police Gazette at New Scotland Yard in London. He has a degree in criminology and a postgraduate diploma in magazine journalism.