A security expert claims that with $50 worth of hardware and a few hacking tricks, he can break into almost any hotel room locked with a card key. If true, as many as 5 million hotel rooms worldwide may be at risk.
Some time this evening, a young man named Cody Brocious will step out in front of a large audience at Caesar’s Palace in Las Vegas.
At that moment, he will demonstrate how, with about $50 worth of palm-sized hardware and in a matter of seconds, he could break into their hotel rooms.
Or mine.
Or yours.
You know those plastic magnetic card-key locks that have replaced conventional metal keys at thousands of hotels around the world?
Well, according to Mr. Brocious, 24, such locks produced by a certain company have built into them not one but two different vulnerabilities that render them virtually null and void against a hacker with a modicum of skills and access to a Radio Shack store.
For a detailed breakdown on all this, check out the Forbes magazine story here.
Mr. Brocious plans to demonstrate this vulnerability himself this evening at the technical security conference known as Black Hat USA, which began last Saturday in Vegas and runs through Thursday.
The number of card-key locks vulnerable to this particular hacking technique are estimated to be somewhere between 4 million and 5 million worldwide.
Uhh…yikes?
If you’re in the room, there are plenty of old-school defensive measures you can take, not the least of which are deadbolt locks that come standard with most hotel rooms around the globe. Travel suppliers also sell special wedges you can use to stop anyone from entering the room while you’re inside.
You could even prop a chair or a suitcase against the door if you felt like it.
The real worry begins once you leave. At that point, the only thing standing between you and whatever you leave in your room is that card-key lock.
Not all card-key locks contain the twin vulnerabilities being outlined by Mr. Brocious. But enough of them do — and if he’s right, the knowledge of this vulnerability is already sufficiently widespread — to make this a concern.
So far, we haven’t heard anything definitive from the company that makes this particular type of lock. IBIT will let you know what, if anything, they intend to do about it.
Edited by P.A.Rice
Comments
Powered by Facebook Comments
Greg, This is incredible! You don’t know how many times hotel staff have given crew members keys to hotel rooms that are already occupied by someone else. Many people have walked into rooms on people with a regular room key, never mind the $50 Radio Shack hardware. Hotel safety is huge concern for everyone. Someone better invent something quick to protect the public during hotel stays. This is ridiculous.
This is truly scary stuff. The company that makes these locks needs to move on this, and quick.
Pingback: TRAVEL TECH THURSDAY 2.7.13 | I'm Black and I Travel!