door lock
598 days ago
 

Hotel door tech provider moves to crack down on lock hacker

An electronic hotel lock provider has issued a series of fixes to its technology after a cheeky developer used a major conference to demonstrate a hack to open doors.

Onity was forced to react after Mozilla software developer Cody Brocious used the Black Hat security conference to outline how he could open hotel doors a simple open-source device.

Brocious used a piece of technology costing around $50 which he adapted so that he could attach the device to the underside of an Onity hotel lock.

According to The Register, Brodious’s device was only able to work because of two parallel issues with Onity locks: “The ability to read memory locations on vulnerable electro-mechanical locks and flawed cryptography in the key cards system itself.”

After initially dismissing the hack as “unreliable”, Onity has now issued details to potentially nervous hoteliers for how to prevent the hack from hitting their own properties.

The fix comes in two forms:

A “mechanical cap” which can be inserted in the programmable plug of the existing Onity locks, effectively blocking the physical access.

The second options is likely to anger hoteliers (who have found themselves at the mercy of recent developments, both security-wise and now financially) involves replacing the control mechanism and firmware for both the HT and Advance series locks that Onity produces.

The company says:

“For locks that have upgradable control boards, there may be a nominal fee. Shipping, handling and labor costs to install these boards will be the responsibility of the property owner.”

Expect this to run and run.

NB: Electronic hotel door lock image via Shutterstock.

 
 
Kevin May

About the Writer :: Kevin May

Kevin May is editor and a co-founder of Tnooz. He was previously editor of UK-based magazine Travolution for nearly four years and web editor of Media Week UK from 2003 to 2005.

He has also worked in regional newspapers (Essex Enquirer) and started his career in journalism at the Police Gazette at New Scotland Yard in London. He has a degree in criminology and a postgraduate diploma in magazine journalism.

 

Comments

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

  1. Andrew Sanders

    This security breach affecting millions of hotel rooms has finally been addressed thanks to the power of smartphones –

    http://www.hospitalitynet.org/news/154000397/4057920.html

    White paper on the subject will be available soon via http://www.openways.com

     
  2. Jane

    Nice. The company’s code has a flaw that puts both hotel operators and their guests at risk, but hotels have to jimmy the locks or have to pay to upgrade the hardware to protect themselves.

    Onity competitors VingSafe and SafLok should be paying attention – might be a good time to find new customers!

     
 
 

Email

  • (separate multiple emails with commas)
  • (optional)
  • (optional)
  • This field is for validation purposes and should be left unchanged.

Newsletter Subscription

Please subscribe now to Tnooz’s FREE daily newsletter.

This lively package of news and information from Tnooz’s web site provides a convenient digest of what’s happening in technology that drives the global travel, tourism and hospitality market.

  • Cancel