It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Black Hat hacker gains access to 4 million hotel rooms
page: 15
share:
Bad news: With less than $50 of off-the-shelf hardware and a little bit of programming, it’s possible for a hacker to gain instant, untraceable access to millions of key card-protected hotel rooms.
This hack was demonstrated by Cody Brocious, a Mozilla software developer, at the Black Hat security conference in Las Vegas. At risk are four million hotel rooms secured by Onity programmable key card locks. According to Brocious, who should be scolded for not disclosing the hack to Onity before going public, there is no easy fix: There isn’t a firmware upgrade — if hotels want to secure their guests, every single lock will have to be changed.
I wish I could say that Brocious spent months on this hack, painstakingly reverse-engineering the Onity lock protocol, but the truth is far more depressing. “With how stupidly simple this is, it wouldn’t surprise me if a thousand other people have found this same vulnerability and sold it to other governments,” says Brocious, in an interview with Forbes. “An intern at the NSA could find this in five minutes.”
Black Hat hacker gains access to 4 million hotel rooms with Arduino microcontroller
It seems to me like almost every important piece of technology is eventually revealed to have some sort of obvious back door which would allow instant untraceable cracking of said technology. I've seen it happen time and time again. These are the sort of sneaky tricks hidden up the sleeve of intelligence agencies so they can gain access to certain places without people suspecting they were there. I cannot believe how stupid the lock design actually was... his device simply needs to be plugged into the locks DC socket and it reads the unencrypted code straight from an unprotected memory bank and then sends the code back to the lock and the door unlocks. Once the device is connected the whole process takes under 200 milliseconds.
edit on 28/7/2012 by ChaoticOrder because: (no reason given)
reply to post by ChaoticOrder
I'm surprised this is just making news now. Exploiting/copying key cards and mag strip cards has been around for a long time, over a decade.
I've known many acquaintances that have duped janitorial master key cards to hotels and use them for free access to the swimming pool and gym facilities.
How is this just making news now?
I'm surprised this is just making news now. Exploiting/copying key cards and mag strip cards has been around for a long time, over a decade.
I've known many acquaintances that have duped janitorial master key cards to hotels and use them for free access to the swimming pool and gym facilities.
How is this just making news now?
reply to post by Druscilla
Try reading the article. This has nothing to do with exploiting key cards and mag strip cards. It's a direct hack of the actual electronic locking mechanism. You don't need to copy anyone's card. You just plug the device into the DC charging jack and the hotel door will open instantly. As the article says, over 4 million hotel rooms use this locking mechanism. At any time anyone with this device (which is cheap to build) could gain access to any of these rooms.
I'm surprised this is just making news now. Exploiting/copying key cards and mag strip cards has been around for a long time, over a decade.
reply to post by ChaoticOrder
Aha. My mistake. Thank you for the correction.
This is indeed interesting in that it cuts out the step of gaining access to a master key card (if only temporarily) to swipe for duplication.
It cuts out the middle man and allows for direct access.
Thank you.
Aha. My mistake. Thank you for the correction.
This is indeed interesting in that it cuts out the step of gaining access to a master key card (if only temporarily) to swipe for duplication.
It cuts out the middle man and allows for direct access.
Thank you.
That is going to cost an awful lot of money to fix, i remember the better quality electronic room locks were £650 each, and the cards cost on average
£15 quid to produce and administrate per user. these were appropriated by Leicester city council when they built a custom built Homeless
Hostel/Nightshelter in 2006.
They were battery operated though, no charging point so i guess they are safe.
They imported them from spain, and if anything goes wrong they have to wait 3-6weeks for replacements.
(Not very well thought out).
Do you think it is possible for the Hotel companies to request replacement under warranty, has this security flaw now been shown to prove them not fit for purpose?.
They were battery operated though, no charging point so i guess they are safe.
They imported them from spain, and if anything goes wrong they have to wait 3-6weeks for replacements.
(Not very well thought out).
Do you think it is possible for the Hotel companies to request replacement under warranty, has this security flaw now been shown to prove them not fit for purpose?.
Did they seriously not design it so this port is on the inside of the room?
reply to post by The X
It's possible the locks are still under warranty but I some how doubt it. But if they are I would assume an event like this is something they are covered for.
It's possible the locks are still under warranty but I some how doubt it. But if they are I would assume an event like this is something they are covered for.
Originally posted by NuclearPaul
Did they seriously not design it so this port is on the inside of the room?
It seems that way. I would assume they did it like that because when the locks decide to play games it's easier to debug them and get them fixed. If the port was on the inside and someone were to get stuck inside a room they wouldn't have a way to interact with the lock and send it commands, which could result in very undesirable scenarios.
edit on 28/7/2012 by ChaoticOrder because: (no reason given)
This is pretty funny... But couldn't they solve this pretty easily? Just place a box or cover over the lock, leaving a slot for the key card
obviously... They could screw it in with a special screwhead, use lots of screws and problem solved (to a degree)... Yes someone could still get hold
of the special screwdriver and sit there taking all the screws out etc. But it would be a big deterrent in my opinion. Who is going to want to sit
there taking out all the screws? Then putting them all back so as to not be detected?
It would certainly be better than the situation now. And at least if something did go wrong an engineer could access the charging port.
It would cost but not as much as replacing all the locks surely?
It would certainly be better than the situation now. And at least if something did go wrong an engineer could access the charging port.
It would cost but not as much as replacing all the locks surely?
edit on 28-7-2012 by mee30 because: (no reason given)
This is kind of neat. I'm giving this a try right now.
I'm using a PIC microcontroller ($1.50) and hand soldering it though so it fits inside of a pen.
Arduino is for kids.
It would be pretty easy to add an internal hardware fix for this. It will be neat to see what the hotel managers say when I show this to them. Could make a decent buck providing the fix
I'm using a PIC microcontroller ($1.50) and hand soldering it though so it fits inside of a pen.
Arduino is for kids.
It would be pretty easy to add an internal hardware fix for this. It will be neat to see what the hotel managers say when I show this to them. Could make a decent buck providing the fix
edit on 28-7-2012 by dainoyfb because: of typo.
reply to post by dainoyfb
You are awesome man.
I'm using a PIC microcontroller ($1.50) and hand soldering it though so it fits inside of a pen.
You are awesome man.
edit on 28/7/2012 by ChaoticOrder because: (no reason given)
Shame on ExtremeTech for improper use of terminology. Considering Cody Brocious disclosed this vulnerability, he would be considered more of "Grey
Hat" hacker.
A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software.
A black hat hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain"
A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee.
Wikipedia
What is misleading is the Title.
Black Hat is the name of a conference about IT security.
So it's hacker *at* black hat.... etc etc etc.
Black Hat is the name of a conference about IT security.
So it's hacker *at* black hat.... etc etc etc.
Originally posted by drakus
What is misleading is the Title.
Black Hat is the name of a conference about IT security.
So it's hacker *at* black hat.... etc etc etc.
That's just it. He is attending the "black hat security conference" but he is more of a "grey hat" than a "black hat." I partially understand why they chose the title (short, sweet, to the point and basically conveys the message). I expect to see this from general news publications but not from a technology news source. Especially when the tech news source is covering perhaps the most important security convention in the world.
It's a nitpick, I realize.
edit on 7/29/2012 by Lysis because: (no reason given)
new topics
-
COMPILATION: The Science of Ghosts and Ghost Hunting Why Files
Paranormal Studies: 2 hours ago -
Raytheon fined 950 million for defrauding the Pentagon
History: 4 hours ago -
Federal Government and Auditors Warn States Dominion Election Systems are Easy to Hack.
2024 Elections: 8 hours ago -
Breaking! Kamala Family Friend Confirms Race Hoax
US Political Madness: 10 hours ago
top topics
-
Breaking! Kamala Family Friend Confirms Race Hoax
US Political Madness: 10 hours ago, 24 flags -
Uk Govt sending staff and recruiting for people to campaign for Harris in the US
2024 Elections: 13 hours ago, 13 flags -
Candidate DONALD TRUMP Answering Questions from HISPANIC voters at Univision Town Hall 10-2024.
2024 Elections: 16 hours ago, 8 flags -
Scientists created a human-lamb hybrid in 1997 and I have questions
General Chit Chat: 17 hours ago, 7 flags -
Federal Government and Auditors Warn States Dominion Election Systems are Easy to Hack.
2024 Elections: 8 hours ago, 6 flags -
Toxoplasma Gondii Defib The Cat And The Kiffness
Pets: 16 hours ago, 5 flags -
Raytheon fined 950 million for defrauding the Pentagon
History: 4 hours ago, 3 flags -
COMPILATION: The Science of Ghosts and Ghost Hunting Why Files
Paranormal Studies: 2 hours ago, 2 flags
active topics
-
The evil government is behind Helene (proof online government document)
Geo-Engineering and Chemtrails • 120 • : andy06shake -
COMPILATION: The Science of Ghosts and Ghost Hunting Why Files
Paranormal Studies • 1 • : CosmicFocus -
Uk Govt sending staff and recruiting for people to campaign for Harris in the US
2024 Elections • 27 • : SprocketUK -
How Communism and Marxism Were Introduced in the USA
New World Order • 140 • : Kurokage -
Federal Government and Auditors Warn States Dominion Election Systems are Easy to Hack.
2024 Elections • 9 • : JJproductions -
Conspiracies and Neurotiscism
Philosophy and Metaphysics • 36 • : whereislogic -
Boy 7 Dies And 6 In Hospital After Devastating Explosion Destroys House In Newcastle
Mainstream News • 33 • : bastion -
Breaking! Kamala Family Friend Confirms Race Hoax
US Political Madness • 54 • : Freeborn -
Keanu Reeves and Graham Hancock!
Ancient & Lost Civilizations • 10 • : sapien1982 -
Abortion Funds Are In ‘A State Of Emergency’
US Political Madness • 109 • : KrustyKrab
5