Back in August, I blogged about a presentation at Black Hat, where a security researcher named Cody Brocious presented a paper on a vulnerability in hotel-door locks made by Onity, showing a method for opening many hotel-room locks with a simple, Arduino-based device.
Now comes the first reported case of a hotel-room break in using this technology "in the wild." A Hyatt in Houston's Galleria district was broken into using this method, according to the hotel, which had not replaced its locks even though it knew about the vulnerability.
In a statement sent to me, a White Lodging spokesperson says the company became aware of the vulnerability in its Onity locks in August, based on reading one of the stories I wrote about Brocious’s lock-hacking technique over the summer. But White Lodging says Onity only implemented a fix for that flaw in its locks after the September break-ins at the Houston Hyatt, around two months after I first alerted Onity to Brocious’s work.
Following those September incidents, White Lodging resorted to plugging the port at the bottom of its Onity locks with “epoxy putty,” according to the letter it sent to guests at its Houston location. The hotel company says it’s now working with Onity to put a more permanent solution in place, either plugging the locks’ ports or replacing their circuit board at every location it manages. “We sincerely regret that these thefts occurred, and hope that measures we have taken satisfy your concerns,” reads the letter to guests from White Lodging vice president Thomas Riegelman.
Security Flaw In Common Keycard Locks Exploited In String Of Hotel Room Break-Ins [Forbes/Andy Greenberg]
Vtech is a ubiquitous Hong Kong-based electronic toy company whose kiddy tablets and other devices are designed to work with its cloud service, which requires parents to set up accounts for their kids. 4.8 million of those accounts just breached, leaking a huge amount of potentially compromising information, from kids’ birthdays and home addresses to […]
The LG Watch Urbane 2nd Edition LTE was the company’s latest answer to Apple’s dominating entry into the market. But it died fast, pulled off the shelves within a week due to an unspecified problem with the display. Ron Amadeo writes that they “are not in a position to communicate the specifics of the issue […]
I’ve been using Stanley’s classic flask for years (I literally packed one, full of nice bourbon, in my suitcase this morning for the Melbourne/Sydney/Berlin trip I’m leaving on tonight), and I have no complaints: it’s beautiful, easy to close, and rugged.
Don’t get handcuffed by Apple’s standard 3-foot Lightning cord (that you’ve most likely already lost), treat yourself to 10 feet of luxurious charging convenience. The Colossal is certified by Apple for its high-end quality, and designed to support full use of your phone while you power up. You can also get it in a 2-pack […]
Today and tomorrow only we are offering an additional 15% off the entire Boing Boing store (some exclusions may apply). Simply use coupon code: BLACKFRIDAY at checkout! Below are a few of our favorites from the store: First Generation Lytro 16GB Camera: The First Consumer Camera to Capture the Entire Light FieldAdobe Training Videos: Lifetime Subscription: 6,000+ Adobe […]
Today only in the Boing Boing Store we are offering an extra 15% off of the below VPN deals just use coupon code: VPN15 at checkout. proXPN VPN: Premium Lifetime Subscription Surf the web with ultimate peace of mind – both at home and on the road – over proXPN’s fully-encrypted, lightning-fast servers. Your lifetime premium subscription […]