A word of warning to our readers: next time you check into a hotel room, realize you're probably not the only one that can get in. Take a moment to run your fingers along the bottom of the keycard lock and check for a power port. If you find one, it means a hacker with a couple of cheap hardware parts could gain access to your room without leaving a trace.
24-year-old Mozilla software developer and self-described hacker Cody Brocious has issued this warning after he found the vulnerability while reverse engineering Onity-manufactured locks. By connecting $50 in hardware to the DC port, the door will supposedly unlock and provide access. However, in practice, it's not quite that reliable.
While demonstrating it to a Forbe's journalist, it only worked on one of the three doors they tried and only on the second try after Brocious tweaked his software. Still, with a bit of time, a hacker could perfect the software and technique and somewhere around 4 million doors would immediately be able to be opened.
The method to do this will be released by Cody Brocious at the Black Hat security conference in Las Vegas on Thursday. Once released, other hackers can begin working on perfectly the method. Furthermore, the NSA and other governments most likely already know about this exploit and could have already perfected it and be using it.