Hotel Keycard Lock Hacker Questions Firmware Fix
Source: Information Week - Posted by Dave Wreski   
The demonstration of a real-world hardware security flaw in hotel room keycard locks at this year's Black Hat information security conference in Las Vegas saw guests literally reaching for their deadbolts. Last month, security engineer Cody Brocious demonstrated his attack against hotel locks made by Onity, which commands 50% of the hotel lock market, comprising somewhere between 4 million and 10 million locks. The attack capitalized on two flaws involving Onity's hotel keycard locks: Their memory could be arbitrarily accessed by an attacker, and the related communications data wasn't encrypted. As a result, once someone such as Brocious reverse-engineered the underlying communications protocol, they could trick the keycard lock into opening itself, using a bit of programming and $40 in parts available via sparkfun.com or Radio Shack.

Read this full article at Information Week

Only registered users can write comments.
Please login or register.

Powered by AkoComment!