A security consultant speaking at the Black Hat event has outlined how he gained access to the controls of 200 luxury hotel rooms in China.
At a session called Learn How To Control Every Room At A Luxury Hotel Remotely at Black Hat, Las Vegas, Jesus Molina spoke of the time he spent staying at the St Regis hotel, Shenzhen. Molina became "bored" - at which point he picked up a complimentary iPad granted to guests and reverse engineered a home automation protocol, KNX/IP. He then had access to the lights, temperature and more in his room - but by simply changing one digit of the iPad's IP address he could control rooms all over the hotel.
Molina thought about testing the methods with the door lock mechanism but decided not to. "I thought about looking to see if a similar system controlled the door locks but got scared," he said, according to Sky News. Later he made sure to inform the parent company of the security flaw, which is apparently now shut.