Android app 'Caribou' cracks IP-based Cardkey security locks

YouTube link for mobile viewing

Security researcher Ian Robertson has built an Android application that can be used to bypass security on the popular Cardkey door control systems. Using his Droid Incredible, he is able to brute-force past any PIN, and issue commands across the Internet to the IP-based systems that will unlock all doors, grant 30 seconds to open them, then relock the doors -- all with a push of a button. Who says you need to be a registered guest to use that Holiday Inn jacuzzi?

This demonstrates not only the really poor security on these systems, but a level of 1337 that we haven't seen on Android as of yet. Hat's off to you Ian, and hopefully you can persuade a few people that they need to ramp security up a notch. [CyberSecurityGuy]

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Threads.

Latest

Galaxy A26 leak reveals Samsung's 2025 budget phone

See more latest ►

Get the top Black Friday deals right in your inbox: Sign up now!

Most Popular