Onity Offers Solution for Security Flaw in Hotel Room Locks

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Onity has announced its solution for a major security flaw in its hotel room locks that was disclosed last month by hacker Cody Brocious.

In a statement, the company said it will implement a two-tiered approach. Later this month, a free "mechanical cap" will be made available to any customer who has the company's HT series locks installed. "This mechanical cap will be inserted into the portable programmer plug of the HT series locks," the company says. "With the existing battery cover in place the mechanical cap will not be removable without partial disassembly of the lock."

Alternatively, customers can choose to upgrade the firmware of HT or ADVANCE locks, which will require replacement of the control board. "For locks that have upgradable control boards, there may be a nominal fee," the company says. "Shipping, handling and labor costs to install these boards will be the responsibility of the property owner."

In response, Brocious wrote on his blog, "I feel it's very deceptive to say to customers 'we are preparing a firmware update' when you really mean that you're preparing a hardware update. They may be changing the firmware on the lock, but to make use of this, customers are required to replace the whole main circuit board. This is equivalent to Apple telling customers 'we're releasing a software solution for this issue' and then going on to say that they're doing it by replacing your laptop's motherboard."

"Both solutions will be available by the end of the month, and we wouldn't be surprised to see more than a few hotel owners solve the problem by upgrading -- to a different manufacturer," writes The Verge's Bryan Bishop.