Android app 'Caribou' cracks IP-based Cardkey security locks
YouTube link for mobile viewing
Security researcher Ian Robertson has built an Android application that can be used to bypass security on the popular Cardkey door control systems. Using his Droid Incredible, he is able to brute-force past any PIN, and issue commands across the Internet to the IP-based systems that will unlock all doors, grant 30 seconds to open them, then relock the doors -- all with a push of a button. Who says you need to be a registered guest to use that Holiday Inn jacuzzi?
This demonstrates not only the really poor security on these systems, but a level of 1337 that we haven't seen on Android as of yet. Hat's off to you Ian, and hopefully you can persuade a few people that they need to ramp security up a notch. [CyberSecurityGuy]
Be an expert in 5 minutes
Get the latest news from Android Central, your trusted companion in the world of Android
Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Threads.