Your hotel room keycard lock is vulnerable to hackers

Onity HT24 lock

The next time you stay at a hotel with keycard locks on your room door — that is to say, nearly any hotel nowadays — beware: You may not be the only one who can get in. And we’re not talking about the cleaning staff.

This is the warning of 24-year-old Mozilla software developer and self-described hacker Cody Brocious, who recently showed Forbes’ Andy Greenberg just how vulnerable some 4 million of the keycard locks used in popular hotels are to hacker trickery.

Brocious, who will present his complete findings at the Black Hat security conference in Las Vegas on Thursday, found that keycard locks made by manufacturer Onity can sometimes be opened using a $50 homemade, open-source gadget that plugs into the DC port located at the bottom of the lock housing. Brocious’s hacking tool works because the DC power port allows access to the lock’s memory (the lock is controlled by a simple computer, after all), which contains a piece of code that tells the lock to open, explains Greenberg. Just plug in the device, and a few seconds later, “click,” and you’re in.

At least, that’s how it is supposed to work — in practice, it’s not that reliable. Greenberg says that of the three doors Brocious attempted to demonstrate the tool’s ability on, only one worked — after the second try.

Brocious discovered the vulnerability in Onity’s lock system by accident, he says, while working for a startup called Unified Platform Management Corporation (UPM), which was attempting to create a universal lock system for hotels. Brocious was tasked with reverse engineering Onity’s locks, and thus discovered the “open sesame” trick. UPM later sold the intellectual property to locksmith training school the Locksmith Institute for $20,000. In other words: The ability to open Onity locks is not new, nor is Brocious the only one who knows how to build the electronic lock pick device.

When Greenberg contacted Onity to ask about its locks’ vulnerability, the company said it had not heard of Brocious’s invention, and ” places the highest priority on the safety and security provided by its products and works every day to develop and supply the latest security technologies to the marketplace.”

Not exactly reassuring, to say the least. Perhaps now you’ll make good use of that deadbolt.

Product Review

Equal parts tool and toy, the Lensbaby Edge 35 bucks photographic tradition

The Lensbaby Edge 35, part of the Composer Pro optic swap system, creates tilt-shift-like blur without the tilt-shift price. Made for photographers who want find tradition boring, it opens up new ways to work with blur.
Deals

Amazon and Best Buy smash prices on August smart home security locks

Amazon and Best Buy have the lowest prices for two August smart home door locks during a limited time sale. August was one of the first smart door lock companies designed specifically for smart home convenience and security.
Gaming

Transform into the ultimate leader with our tips and tricks for Civilization 6

Civilization VI offers both series veterans and total newcomers a lot to chew on from the get-go. Here are some essential starting tips to help you master the game's many intricacies.
Movies & TV

Skip the flowers and sunshine this spring and watch the best shows on Hulu

It's often overwhelming to navigate Hulu's robust library of TV shows. To help, we put together a list of the best shows on Hulu, whether you're into frenetic cartoons, intelligent dramas, or anything in between.
Emerging Tech

Feast your eyes on the wildest, most elaborate Rube Goldberg machines ever built

Want to see something totally mesmerizing? Check out several of the best Rube Goldberg machines from across the internet, including one that serves cake and others that do ... nothing particularly useful.
Emerging Tech

Watch a pack of SpotMini robot dogs perform a terrifying feat of strength

Boston Dynamics' SpotMini robotic dog is now going around in packs, and the results are somewhat concerning. Check out the video to see what kind of shenanigans 10 of them got up to recently ...
Emerging Tech

How emotion-tracking A.I. will change computing as we know it

Affectiva is just one of the startups working to create emotion-tracking A.I. that can work out how you're feeling. Here's why this could change the face of computing as we know it.
Emerging Tech

Notre Dame fire: How drones and a robot called Colossus helped limit the damage

The fire that devastated the iconic Notre Dame Cathedral on Monday shocked many around the world. In a bid to prevent even worse damage to the structure, Paris firefighters opted to deploy drones and a robot called Colossus.
Emerging Tech

New gunfire-detection system alerts police of shooters in seconds, not minutes

The Safe Zone Gunfire Detector is a fast gunfire-detection system that could help avert potential tragedies in public places like schools, malls, or anywhere a mass shooting might occur.
Emerging Tech

NASA chooses a special spot for its next crewed moon landing

Following the U.S. government's announcement last month of a desire to see American astronauts set foot on the moon again in the next five years, NASA has revealed a location on the lunar surface where it would most like to land.
Emerging Tech

Adidas has created a running shoe that’s made to be remade

Adidas has unveiled the Futurecraft Loop running shoe that it claims is the first performance footwear to be 100% recyclable. The shoe is the latest green initiative by the sportswear company and will go on sale in 2021.
Emerging Tech

Yale scientists restore cellular activity in a pig’s brain hours after its death

In what some may view as a porcine version of Frankenstein, Yale University scientists have restored circulation and cellular activity in a pig’s brain four hours after its death. The study is likely to be used to study brain function
Emerging Tech

Russia’s robot news anchor gives human TV presenters hope

Human news anchors anxious about robots taking their jobs will be feeling reassured this week after the appearance on Russian TV of a news-reading android that clearly needs a bit of work.
Smart Home

I have seen the future, and it’s full of salad-making robots

Think that robots bussing tables, tossing salads and baking bread is a futuristic concept? It's actually not as far away as you might think. Robots took center stage at a food robotics summit in San Francisco this week, where they showed…