For millions of travelers the ubiquitous hotel key card is the primary
and essentially the only way to access their rooms at the end of day.
But when you will heard that the key card, you use to access your
private room is no longer safe then its very much possible that you will
shock. And trust me this happened in Black Hat 2012.
A security researcher, Cody Brocious believes the current systems used
to secure hotel doors throughout the United States and elsewhere are
severely flawed. Speaking at the Black Hat security conference here, Brocious demonstrated
how locks from Onity a company that sells security products to hotels
and other businesses can easily be bypassed. At the show, Brocious
detailed the primary security flaws that allowed him to bypass Onity
locks and gain access to rooms.
According to eWEEk -Brocious used an open-source tool known as Arduino,
a portable programming platform. Arduino was used as a substitute for
the commercial portable programmer that an Onity lock would typically
require. Brocious explained that the Onity locks have a serial hardware
connection that is easily accessible, as well. In addition to the
Arduino tool, Brocious used an oscilloscope that allowed him to see what
was happening in the lock whenever a key card was put in and the door
opened or closed. He was able to determine through his research that the
underlying firmware on the lock does not require any form of
authentication to arbitrarily access the memory of the lock. This means
it is possible to read out every bit of information that is on the lock,
which makes it possible for anyone to gain access or make a key.
In theory, programming for the lock should go over a secure channel,
rather than doing direct unencrypted memory access, said Brocious. The
problem, according to his research, is that the existing Onity lock
design does not easily allow for that, and there is no easy way to
update the firmware. Another potential option is to actually provide
physical security on the door lock. For example, the company could make
the serial port harder to access. However, with 5 million of these locks
in use today, Brocious said this would be an expensive and challenging
way to add additional security. The actual door locks are only half the
problem exposed by Brocious. The card keys are also at risk. Typical
card keys in the Onity system use only 32-bit key encryption making them
easy to decrypt, according to Brocious. "The system is broken at every
layer," said Brocious.
The severity of the issue and its high impact is what led Brocious to
choose to release his research at Black Hat. In addition to his
research, he is also releasing a software tool so that others can
continue or expand on his efforts. "Something needs to be done about
this problem, and I didn't want to put it out there in a way that could
be defeated by process," said Brocious. "No doubt, this vulnerability
has been found before, and it has been in the locks for years."
Brocious added: “I'd be surprised if this hasn't been used by malicious
actors in the past.” What Brocious is hoping to achieve from this
disclosure is not a mass string of hackers getting unauthorized access
to hotel rooms, but rather some kind of fix and industry response. "I'm
saying that this is what you're vulnerable [to], so come up with a way
to solve the problem," said Brocious.
0 komentar:
Posting Komentar