Posted by: Dave Bateman
Next time you check in at you favorite hotel chain you may not be as safe as you think you are. If you are any kind of frequent traveler you already know better than to leave valuables in your hotel room when you are not there. However, you do expect a certain degree of protection. For instance, you assume that it would take more than a little knowledge and a $30 circuit board to unlock your hotel room. Well apparently you shouldn’t assume that.
Recently a software engineer demonstrated how a security flaw in as many as a million hotel key card locks can be exploited. The name of the company that makes the lock is Onity and they are reacting to address this flaw but it seems that there is no way to correct the problem short of replacing the circuit board on the locks. That’s a lot of circuit boards and a lot of locks. Of course the hotels will need to buy the upgraded circuit board and paid to have them installed. Onity is offering a no cost solution as well but it doesn’t really fix the problem, it just makes it a little harder to be hacked. This solution involves capping open ports on the locks and using security screws. In other words the hacker will have to partially disassemble the lock cover.
Even with the second option it is going to cost the hotels to fix this problem even it it’s only 8 hours of the hotel’s maintenance engineer’s time. I’m not sure how many hotels are going to jump on this and get it fixed so you may want to inquire about this with your hotel chain before you book your next visit.