Hotel key cards open to hacking, developer says

[skinz]

BBC News - Hotel key cards open to hacking, developer says

Hotel key cards open to hacking, developer says

A hacker claims his $50 device can access millions of hotel rooms


A hacker has developed a device he says can act as a universal hotel key card to access millions of rooms around the world.

Using a home-made gadget, security researcher Cody Brocious said he had mimicked a master key card to gain access to any room with an Onity lock.

Details will be revealed at the Black Hat conference in Las Vegas this week.

Onity said it would look at Mr Brocious's work and address "any potential issues".
Reverse engineering

"We will review and analyse Mr Brocious's presentation and any other information that he publishes on this subject," the company told the BBC in a statement.

"Onity places the highest priority on the safety and security provided by its products and works everyday to develop and supply the latest security technologies to the marketplace.

"Onity is prepared to address any potential issues posed by the presentation."

Onity has about 10 million locks installed in hotels around the globe.

Mr Brocious said he had used a cable connected to a DC power port below the door lock, and plugged it into a portable programming device he had built for $50 (£32).

The device is based on the Arduino operating system and mimics ones used by hotels to control which master keys open which doors.

Mr Brocious said he had discovered by reverse engineering hotel locks that every lock's memory was exposed to whatever device attempts to read it through the DC power port.

In tests Mr Brocious conducted with Forbes news site, the system did not prove entirely successful - only one of the three doors, at three hotels in New York, opened.

Mr Brocious plans to release all his research and source code on his website.

He said he had spotted the vulnerabilities in Onity's locks while working as the chief technology officer for a startup called Unified Platform Management Corporation, which sought to compete with bigger players in the hotel lock industry.

 

[miggy]

What a sad pathetic person he is. Have they not got nothing better to do than trying to figure out how to get in to people's hotel rooms. If they know who this person is why have they not stopped him before his little scam went public?. I honestly think there was bitter rivalry between him and the company he worked for and this is his way of getting back at them.

 

[skinz]

What a sad pathetic person he is. Have they not got nothing better to do than trying to figure out how to get in to people's hotel rooms. If they know who this person is why have they not stopped him before his little scam went public?. I honestly think there was bitter rivalry between him and the company he worked for and this is his way of getting back at them.

I posted this in response to an email I received some time ago. I guess I should have posted that also. Maybe you will think different after reading this one


Some Information Which May Be

Useful.


Always take a small fridge magnet on your holiday, they come in handy at the end of it. Never even thought about key cards containing anything other than an access code for the room ?
Ever wonder what is on your magnetic Hotel room key card?



Answer:
a. Customer's name
b. Customer's partial home address
c. Hotel room number
d. Check-in date and out dates
e. Customer's credit card number and expiration date!
When you hand them back to the front desk your personal information is there for any employee to access by simply scanning the card in the hotel scanner. An employee can take a hand full of cards home and using a scanning device, access the information onto a laptop computer and go shopping at your expense.
Simply put, hotels don't erase the information on these cards until an employee reissues the card to the next hotel guest. At that time, the new guest's information is electronically 'overwritten' on the card and the previous guest's information is thus erased. But until the card is rewritten for the next guest, it usually is kept in a drawer at the front desk with YOUR INFORMATION ON IT!
The bottom line: Keep the cards, take them home with you, or destroy them. NEVER leave them behind in the room or room wastebasket, and NEVER turn them into the front desk when you check out of a room.



For the same reason, if you arrive at the airport and discover you still have the card key in your pocket, do not toss it in an airport trash basket. Take it home and destroy it by cutting it up, especially through the electronic information strip!
OR,



If you have a small magnet, pass it across the magnetic strip several times. Then try it in the door, it will not work. It erases everything on the card.
Information courtesy of: Metropolitan Police, London.

 

[miggy]

Wow they are all crooks ffs you only need a dodgy employee with a grudge in the Hotel and your id is history. Scary thought mate. While I was in Spain I returned to my room and the key card would not open the door. I went to the reception and explained and all they did was swipe it through a machine and it re-activated it?. Hmm

 

[skinz]

A mate of mine staying in a London hotel had his money nicked from his room only last month, nothing anyone could do, the hotel said there was a safe in the room that he should have used

 

[miggy]

A mate of mine staying in a London hotel had his money nicked from his room only last month, nothing anyone could do, the hotel said there was a safe in the room that he should have used

Would these hotel crooks not know the combination of the safe?. Especially cleaners they have access to everything.

 

[Him Her]

Most hotel safes can be set to the combination of your choice M8

 

[skinz]

Most hotel safes can be set to the combination of your choice M8

Correct - you choose the digits to lock the safe

 

[miggy]

Well that's one good thing then skinz you get to choose your own combination. Unfortunately your friend was unlucky. It is worth bearing in mind now to all members on here to be very wary of this key card type and thanks for the very useful info mate. :goodpost:

 

[nara]

Although it's pretty viral on the web, and even appears on legitimate sites, the key card story is an Urban Legend. They don't contain your personal info.

Thieves like them though as they can use them as blanks for programming dodgy ATM cards.

EDIT: Sorry better clarify. Post #1 is useful info. Post #3 is the Urban Legend.

 

[wiz569]

Most hotel safes can be set to the combination of your choice M8

Correct - you choose the digits to lock the safe

There is a master code though
Although you do need a special keypad machine to enter it

Although it's pretty viral on the web, and even appears on legitimate sites, the key card story is an Urban Legend. They don't contain your personal info.

Thieves like them though as they can use them as blanks for programming dodgy ATM cards.

EDIT: Sorry better clarify. Post #1 is useful info. Post #3 is the Urban Legend.

Correct all they hold (at least the ones I used/programmed) was the code to unlock your hotel room

 

[skinz]

Seems like it is indeed a hoax

Hotel Key Cards Encoded with Personal Info? - Urban Legends

Analysis: "That's just a nasty rumor," says Kathy Shepard, vice president in charge of corporate communications for Hilton Hotels Corporation, which owns and operates the Doubletree Hotel chain. "Our key cards are encrypted with minimal information -- the guest's name, room number and arrival and departure dates -- and encrypted in such a way that they can't be read by ordinary card readers."

According to Shepard, whom I interviewed on October 20, 2003, the rumor stemmed from an actual incident in 1999 in which a southern California police officer claimed that personal information had been easily extracted from a key card procured at a franchisee-owned Doubletree hotel. In later attempts officers were unable to reproduce that result, however, and the original claim has since been retracted, Shepard says.

Detective Sergeant Kathryn Jorge of Pasadena, who authored the above email alert, offers a slightly different version of events but agrees on the essential detail that the key card systems currently used by Doubletree and other major hotel chains pose no such security threat to guests.

"In years past," she said in a statement quoted by the news Website Bend.com, "existing software would prompt the user (employee) for information input. If the employee was unaware of hotel policy dictating that such information NOT be entered, it could have ended up on the card in error. Since this subject came up, experiments on newer cards have failed to duplicate the problem. It appears that the problem is not as widespread as it used to be in the larger chain hotels."

That said, it's worth noting that law enforcement officials still warn that lost or stolen hotel keys can be put to ill use by identity thieves in another way - namely, re-encoding them with stolen personal information and using them to mimic ATM or credit cards for unauthorized purchases and withdrawals. Prudence therefore dictates returning key cards to the hotel registration desk upon checking out or destroying them to prevent their falling into the wrong hands.

However it does seem that this was true once upon a time