Skip to main content
  1. Home
  2. Computing
  3. News

Hacking into your hotel room is easier than you might think

David Nield
By

hacking hotel room easier might think
Image used with permission by copyright holder
Old, insecure protocols could be giving unwanted guests access to hotel rooms across the globe, according to research carried out by one enterprising hacker. Spaniard Jesus Molina has been speaking to Wired about several vulnerabilities that he’s discovered and which he plans to present at a Black Hat security conference next month.

Door locking mechanisms remained secure, but Molina was able to easily take control of thermostats, lights, TVs and window blinds across the hotel he stayed at. “I could have changed every channel in every room so everybody could watch soccer with me,” he says, “but I didn’t.”

Recommended Videos

The key to the hack was a ‘digital butler’ app running on an iPad and an ageing communications standard called KNX. It enables guests to control the various pieces of equipment in their rooms, but it can easily be taken over by someone in the next room or sat in the lobby. If the right Trojan Horse virus was installed then the app could be controlled from the other side of the world.

Related

“Guests make assumptions that the channel they are using to control devices in their room is secure,” explains Molina, but that isn’t necessarily the case. “I didn’t have to be in the hotel to do what I did. I could have done it from anywhere. I could use a very big antenna from the next building.”

The hotel that Molina was staying at was the five-star St Regis in Shenzhen, China, but he believes the same systems are installed at many other locations in Asia, Europe and the United States. When the problems were reported to the St Regis, staff immediately took action, although fixing the issue required a wholesale upgrade of the network.

The problem is made more urgent by the fact that KNX is increasingly used in home automation networks as well. “People are reusing protocols that are not meant for the Internet of Things,” says Molina. “Using protocols like KNX for home automation makes no sense for wireless. This guerrilla war we’re playing with the Internet of Things can get dangerous. This is not something I say lightly.”

[Image: Eviled / Shutterstock.com]

Editors' Recommendations

Topics
David Nield
David Nield
Contributor
Dave is a freelance journalist from Manchester in the north-west of England. He's been writing about technology since the…
Apple GPT is real and may be coming sooner than you think
Siri on an iPhone.

Apple has been conspicuously absent in generative AI news, while OpenAI, Microsoft, Google, and Meta are making headlines with their advances daily. However, the iPhone maker hasn't given up, and a privacy-focused Apple AI is undergoing internal testing.

According to a Bloomberg report, Apple is working on a chatbot and has already been testing it internally. Reporter Mark Gurman's sources claim that Apple's AI plans are expected to be revealed in a major announcement in 2024. Apple engineers are said to refer to the AI as "Apple GPT" internally, suggesting it could use a generative pretrained transformer (GPT) somewhat similar to OpenAI's model.

Read more
If you have a Gigabyte motherboard, your PC might stealthily download malware
A Gigabyte Aorus Extreme motherboard.

Yet another motherboard manufacturer seems to be in trouble -- or rather, the people who own those motherboards might be. According to security researchers, countless Gigabyte boards might be vulnerable to dangerous cyberattacks.

If you want to be extra safe, there are a couple of things you can do to protect your PC. Here's what we know.

Read more
What is AGI? A self aware AI might be closer than you think
Robot from Bicentennial Man.

Artificial General Intelligence, or AGI, is considered by some to be the end goal of artificial intelligence (AI) development. Instead of having an AI that can perform specific tasks, an AGI would be able to perform any task you set it, and with enough time and computational power, do it well. Some see ChatGPT as the first example of AGI, while others consider us at least a few years away from an AI that can do anything.

Really, it's more of a debate about how exactly we define AGI, and how to know when we get there.
What is AGI?
An AGI agent should, in theory, be able to complete almost any intellectual task that a human or animal can do -- and potentially do it better. There are certain tasks that even an AGI can't complete, however, such as almost anything to do with the physical world. That is, at least, until robotics come into play.

Read more