Connect with us

Business

Two hackers have found how to break into hotel-room locks

Published

on

WHEN a hacker gets hacked, hackers hack back. That is exactly what an attendee at a hacking conference in Berlin in 2003 did when the keycard-operated lock of his hotel room got hacked. On returning to his hotel room, he found that his laptop had been stolen, but there was no evidence of forced entry. So how did the thief get into the room? Two of his colleagues spent more than a decade trying to answer that question. Now they have succeeded—and in the process they have exposed a security vulnerability that leaves millions of hotel rooms susceptible to theft.

Tomi Tuominen and Timo Hirvonen of F-Secure, a cyber-security firm, devised a hack that they say allows them to create a master key that mimics the guest keycards produced by VingSecure, a manufacturer of hotel locks. According to F-Secure, the affected software is used in more than 40,000 hotel properties across 166 countries. The BBC reports that big hotel chains such as Sheraton, Hyatt and Radison use locks made by VingSecure’s parent company, Sweden’s Assa Abloy (although the company has not formally stated which hotels use the vulnerable version of the software).

Messrs Tuominen and Hirvonen have not revealed exactly how their hack works, for fear of inspiring more hackers and thefts like the one that hit their colleague. But the basic concept goes something like this. Many keycards use electromagnetic fields known as radio-frequency identification (RFID). By holding an RFID reader near a keycard, a hacker can capture the card’s response and then use it later to create a new card with the same properties. Staff keys, such as those carried by cleaners, are particularly valuable targets, since they can access all guest rooms. Messrs Tuominen and Hirvonen say their hack, which uses software they created, allows them to turn any VingSecure keycard—including discarded and disabled ones—into a master key.

The pair of hackers told Gizmodo, a technology-news website, that it is not just keycards that are vulnerable to thieves. Guests’ personal data are also at risk. The hackers gained access to VingSecure’s server by unplugging a cable from a computer at a hotel’s reception desk, allowing them to see guests’ room assignments. F-Secure told the site, “a malicious actor could download guest data or create, delete, and modify guest entries.”

Since identifying the vulnerability, F-Secure has been working with Assa Abloy over the past year to develop a fix that will make its key systems harder to hack. Assa Abloy, for its part, sought to downplay the severity of the risk. A company spokeswoman emphasised to the BBC that the hack succeeded only after “12 years and thousands of hours of intensive work by two employees at F-Secure”, and that “these old locks represent only a small fraction [of the those in use] and are being rapidly replaced with new technology.” Still, for travellers, the saga is a reminder that many hotel rooms are not as safe as they may seem. And that if something goes missing, it is not always fair to blame the cleaners.

Source link

Business

Japan still has great influence on global financial markets

Published

on

IT IS the summer of 1979 and Harry “Rabbit” Angstrom, the everyman-hero of John Updike’s series of novels, is running a car showroom in Brewer, Pennsylvania. There is a pervasive mood of decline. Local textile mills have closed. Gas prices are soaring. No one wants the traded-in, Detroit-made cars clogging the lot. Yet Rabbit is serene. His is a Toyota franchise. So his cars have the best mileage and lowest servicing costs. When you buy one, he tells his customers, you are turning your dollars into yen.

“Rabbit is Rich” evokes the time when America was first unnerved by the rise of a rival economic power. Japan had taken leadership from America in a succession of industries, including textiles, consumer electronics and steel. It was threatening to topple the car industry, too. Today Japan’s economic position is much reduced. It has lost its place as the world’s second-largest economy (and primary target of American trade hawks) to China. Yet in one regard, its sway still holds.

This week the board of the Bank of Japan (BoJ) voted to leave its monetary policy broadly unchanged. But leading up to its policy meeting, rumours that it might make a substantial change caused a few jitters in global bond markets. The anxiety was justified. A sudden change of tack by the BoJ would be felt far beyond Japan’s shores.

One reason is that Japan’s influence on global asset markets has kept growing as decades of the country’s surplus savings have piled up. Japan’s net foreign assets—what its residents own abroad minus what they owe to foreigners—have risen to around $3trn, or 60% of the country’s annual GDP (see top chart).

But it is also a consequence of very loose monetary policy. The BoJ has deployed an arsenal of special measures to battle Japan’s persistently low inflation. Its benchmark interest rate is negative (-0.1%). It is committed to purchasing ¥80trn ($715bn) of government bonds each year with the aim of keeping Japan’s ten-year bond yield around zero. And it is buying baskets of Japan’s leading stocks to the tune of ¥6trn a year.

Tokyo storm warning

These measures, once unorthodox but now familiar, have pushed Japan’s banks, insurance firms and ordinary savers into buying foreign stocks and bonds that offer better returns than they can get at home. Indeed, Japanese investors have loaded up on short-term foreign debt to enable them to buy even more. Holdings of foreign assets in Japan rose from 111% of GDP in 2010 to 185% in 2017 (see bottom chart). The impact of capital outflows is evident in currency markets. The yen is cheap. On The Economist’s Big Mac index, a gauge based on burger prices, it is the most undervalued of any major currency.

Investors from Japan have also kept a lid on bond yields in the rich world. They own almost a tenth of the sovereign bonds issued by France, for instance, and more than 15% of those issued by Australia and Sweden, according to analysts at J.P. Morgan. Japanese insurance companies own lots of corporate bonds in America, although this year the rising cost of hedging dollars has caused a switch into European corporate bonds. The value of Japan’s holdings of foreign equities has tripled since 2012. They now make up almost a fifth of its overseas assets.

What happens in Japan thus matters a great deal to an array of global asset prices. A meaningful shift in monetary policy would probably have a dramatic effect. It is not natural for Japan to be the cheapest place to buy a Big Mac, a latté or an iPad, says Kit Juckes of Société Générale. The yen would surge. A retreat from special measures by the BoJ would be a signal that the era of quantitative easing was truly ending. Broader market turbulence would be likely. Yet a corollary is that as long as the BoJ maintains its current policies—and it seems minded to do so for a while—it will continue to be a prop to global asset prices.

Rabbit’s sales patter seemed to have a similar foundation. Anyone sceptical of his mileage figures would be referred to the April issue of Consumer Reports. Yet one part of his spiel proved suspect. The dollar, which he thought was decaying in 1979, was actually about to revive. This recovery owed a lot to a big increase in interest rates by the Federal Reserve. It was also, in part, made in Japan. In 1980 Japan liberalised its capital account. Its investors began selling yen to buy dollars. The shopping spree for foreign assets that started then has yet to cease.

Source link

Continue Reading

Business

Page not found | The Economist

Published

on

We are unable to find the page you’re looking for.
 
Try exploring the navigation links above to locate what you’re after,
or use the search box at the top of the page.

Source link

Continue Reading

Business

Page not found | The Economist

Published

on

We are unable to find the page you’re looking for.
 
Try exploring the navigation links above to locate what you’re after,
or use the search box at the top of the page.

Source link

Continue Reading

Trending