Cody Brocious, a Mozilla software developer and security researcher, will be demonstrating a hotel keycard and door hacking vulnerability at the Black Hat security conference this evening, according to a report from Forbes.
The hack only works on doors secured by Onity locks. Onity is a keycard lock manufacturer which has its products installed on between 4 and 5 million hotel doors around the world. Cody is reportedly able to bypass these doors, albeit with mixed results, using a piece of hardware that he build for around $50 and some open-source software. Brocious says “I plug it in, power it up, and the lock opens.”
The hack works by plugging the home-made hardware into a DC power point under the lock and “…spoofing a portable programming device that hotel staff use to control a facility’s locks and set which master keys open which doors”, according to Forbes. It seems that the lock’s memory is open to any device that plugs into it and the crypographic key required to open the door is also stored in the lock.
Brocious doesn’t plan on completing his exploit but, following his presentation, he does intend to publish his findings so that others can continue his work.
“With how stupidly simple this is, it wouldn’t surprise me if a thousand other people have found this same vulnerability and sold it to other governments. An intern at the NSA could find this in five minutes.”
Unusually, Brocious has not contacted Onity regarding the security flaw and says that he doesn’t intend to.
“I didn’t want to delay putting this out there any further than I had to. I see no path to mitigate this from Onity’s side. The best way to help hotels at this point is educate them about this, not to go through Onity and delay getting the information out longer than I had to.”
When contacted for comment, Onity said in a statement “We have not seen Mr. Brocious’ presentation and cannot comment on the content. Onity places the highest priority on the safety and security provided by its products and works every day to develop and supply the latest security technologies to the marketplace.”