Can you hear me now? Tales from a Cisco voice instructor

Aug 27 2012   7:11PM GMT

Road Warriors Beware

Dave Bateman Dave Bateman Profile: Dave Bateman

Next time you check in at you favorite hotel chain you may not be as safe as you think you are. If you are any kind of frequent traveler you already know better than to leave valuables in your hotel room when you are not there. However, you do expect a certain degree of protection. For instance, you assume that it would take more than a little knowledge and a $30 circuit board to unlock your hotel room. Well apparently you shouldn’t assume that.

Recently a software engineer demonstrated how a security flaw in as many as a million hotel key card locks can be exploited. The name of the company that makes the lock is Onity and they are reacting to address this flaw but it seems that there is no way to correct the problem short of replacing the circuit board on the locks. That’s a lot of circuit boards and a lot of locks. Of course the hotels will need to buy the upgraded circuit board and paid to have them installed. Onity is offering a no cost solution as well but it doesn’t really fix the problem, it just makes it a little harder to be hacked. This solution involves capping open ports on the locks and using security screws. In other words the hacker will have to partially disassemble the lock cover.

Even with the second option it is going to cost the hotels to fix this problem even it it’s only 8 hours of the hotel’s maintenance engineer’s time. I’m not sure how many hotels are going to jump on this and get it fixed so you may want to inquire about this with your hotel chain before you book your next visit.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: