Go Back   FlyerTalk Forums > Travel&Dining > Travel Technology
Sign in using an external account

Reply
 
Thread Tools Search this Thread
Old Jul 31, 05, 1:02 am   #1
 
Join Date: Jan 2003
Location: East Lothian
Programs: SMWS
Posts: 722
Hacking Hotel TV systems

Wired has an interesting article on a guy who has hacked common hotel TV systems using a USB TV tuner and an IR transmitter. Seems like a bit too much hard work for me, but there ya go
bounty is offline   Reply With Quote
Old Jul 31, 05, 6:36 am   #2
FlyerTalk Evangelist
 
Join Date: Apr 1999
Location: Bryn Mawr PA & Wailea HI
Posts: 15,734
Slashdot posted it also. Sounds like too much puffery to be valid without mucho hours of work. I would like to see some data too.

I assume franks newest objective would be to program the Las Vegas slot machines to give him a jackpot on demand, give 66 MPG on a new MBenz and blow up all suicide bombers in their initial planning stages. Also eliminate all disease, vanish humger, uglyness, flat feet, JuniorJets(tm) etc.

MisterNice
MisterNice is offline   Reply With Quote
Old Aug 1, 05, 5:46 am   #3
 
Join Date: Jul 2004
Location: DFW
Programs: US Chairman, Marriott PP
Posts: 918
Go to the Hauppague web site.

I have the USB PVR box which is quite small. You take the cable from the wall as input and watch TV on your laptop.

Anytime someone buys a PPV from OnCommand you can watch it as well.

You must add these channels after you do a automatic chanel set-up.
rebadc is offline   Reply With Quote
Old Aug 1, 05, 11:41 am   #4
 
Join Date: Apr 2003
Location: SFO/SJC
Programs: UA General Member
Posts: 1,247
Quote:
Originally Posted by MisterNice
Slashdot posted it also. Sounds like too much puffery to be valid without mucho hours of work. I would like to see some data too.

I assume franks newest objective would be to program the Las Vegas slot machines to give him a jackpot on demand, give 66 MPG on a new MBenz and blow up all suicide bombers in their initial planning stages. Also eliminate all disease, vanish humger, uglyness, flat feet, JuniorJets(tm) etc.

MisterNice
This guy presented this at Defcon, so you can pretty much bet it's doable. I'm willing to bet it isn't all that difficult to automate the whole thing. I'd expect that there are only a handful of systems used by hotels worldwide. Solve for one, solve for many.
winkydink is offline   Reply With Quote
Old Aug 1, 05, 11:59 am   #5
 
Join Date: Jan 2005
Programs: LH-FTL, BRgold, EKsilver, FB silver, IHG-RA
Posts: 88
Avermedia AverTC Cardbus Plus

I recently purchased the pcmcia card AverTV Cardbus Plus from Avermedia. Tried it only once in a hotel so far and - as posted by rebadc - could watch TV on my notebook, by taking the cable signal from the wall.

I guess the rest of what is in the article on Wired is doable for someone with sufficient IT skills.
jolou is offline   Reply With Quote
Old Aug 1, 05, 12:09 pm   #6
Moderator: Travel Technology & Travel Photography
 
Join Date: Sep 2000
Posts: 37,093
I usually do things the other way around, I carry a portable DVD player and use a small modulator to hook up to the TV, so I can watch a decent movie without having to use a 9" screen...
ScottC is offline   Reply With Quote
Old Aug 1, 05, 1:16 pm   #7
 
Join Date: Oct 2001
Location: PHX/SFO/LAX
Programs: AA-EXP (1.6MM), HP-Gold, UA-2P, AS-MVP, BA-Slvr, VS-Slvr, HH-Diamond, SPG-Gold, IC-Plat, BW-Platinum
Posts: 7,756
Question Linux?

Quote:
The only hardware an intruder needs is a laptop running Linux, an infrared transmitter and a USB TV tuner.
Why is Linux needed or is it just the hacker's bias? The article didn't say.
__________________
History will show this as the PAArker Period, led by Doug the Deceiver.
ByrdluvsAWACO is offline   Reply With Quote
Old Aug 1, 05, 2:15 pm   #8
 
Join Date: Apr 2005
Location: Dallas, TX
Posts: 429
Quote:
Originally Posted by ByrdluvsAWACO
Why is Linux needed or is it just the hacker's bias? The article didn't say.
Pretty much all attacks on hardware or low level OS are started on linux. There is no bias 90% of of the time it is just shell scripts. Other times it is x86 assembly for linux. Remote r00ting, TCP/IP attacks, buffer overflow on programs, WiFi hacking ...yup pretty much all get started with shell scripts which run on *nix. some attacks can be emulated in windows with Cygwin.

i have to see if i can read some more info about this ...
ferrari_fan is offline   Reply With Quote
Old Aug 1, 05, 3:08 pm   #9
 
Join Date: Apr 2002
Location: Memphis, TN USA
Programs: NW Platinum, Marriott Silver
Posts: 416
I suspect that Linux would be necessary if the "hacker" were intent on doing some exploring around the hotel's network/IS infrastructure. If you were just looking to watch TV, I'll bet the USB TV tuner and remote would be enough.
__________________
Remember, no matter where you go...there you are.
H2O_Goalie is offline   Reply With Quote
Old Aug 1, 05, 9:42 pm   #10
 
Join Date: Mar 2005
Location: Los Angeles
Programs: Star Alliance
Posts: 143
I work in the hotel entertainment industry (lodgenet)
and it seems to me this would pose a challenge. I dont see how someone could hack into the hotels PMS (property managment system) from the
standard wall outlet. Sure if you have a tuner you can view all available channels on the line but you could only access certain information screens
if a person in another room is actually using that function and reviewing his or her mail or folio.
When one person decides to review his bill or use tvbased email, that information is sent to a modulator(channel) so it can be viewed from the tv.
so anyone with a tuner can view it as long as they are on the right channel at the right time.

How a person can hack into the actual hotel database is beyond me.
In order for a person to be able to use the cable line to access the hotels computer they would 1st have to go through the PPV/Services providers host computer, on top of that they would need to be able to modulate their information request on the frequency that the host uses to communicate
with the in room terminals. Our system uses two different frequencies
forward and return.

I'm not much of a programmer, I'm a glorified cable jock who works with computers as part of the hotel specific equiptment so I guess anythings possible.

The future trend and it's coming soon is for the signal to come encripted from our server and decripted at the terminal which is inside the television (smart card).

No more cable boxes on top of the tv and even if you did have a tuner you would prob only be able to get FTG(free to guest) channels and nothing else.

The MPAA is really coming down hard on our company to make sure that the stealing of movies is as hard as possible. At our local office we've already been inpected by the MPAA and by Sony Pictures in regards to our tape based
sites (older systems).
For about the last 2 years we have been installing all digital systems where the movies are delivered to the site over satellite then stored on on huge raid array then streamed to the room from a server.

Last edited by BambooTom; Aug 1, 05 at 9:50 pm.
BambooTom is offline   Reply With Quote
Old Aug 2, 05, 9:06 pm   #11
 
Join Date: Jan 2002
Location: Here, There and Everywhere (but now on the Pacific)!
Programs: AC E75, MPC G and NEXUS/GE fan, Fairmont Plat, SPG Gold, National EE, Amex Plat
Posts: 724
very interesting, BambooTom. If the movies are stored on a raid array, i'd imagine that it would have to be quite big!!!
kpalle is offline   Reply With Quote
Old Aug 2, 05, 9:26 pm   #12
Moderator: Travel Technology & Travel Photography
 
Join Date: Sep 2000
Posts: 37,093
Quote:
Originally Posted by kpalle
very interesting, BambooTom. If the movies are stored on a raid array, i'd imagine that it would have to be quite big!!!
Hardly... a 100Gb drive will hold up to 120 movies, and a 100Gb RAID is pretty cheap nowadays. If they are in low quality (and they usually are) then each movie could be as small as 450Mb, with most hotel offering no more than 10-20 movies they don't need much in the way of storage.
ScottC is offline   Reply With Quote
Old Aug 2, 05, 9:50 pm   #13
 
Join Date: Jun 2000
Location: DFW, 3.5 MM, AA EXP, LIFETIME PLATINUM, MARRIOTT LIFETIME PLATINUM, STARWOOD AMBASSADOR 223 NIGHTS, AND LIFETIME GOLD, HILTON DIAMOND, NATIONAL EXECUTIVE ELITE
Posts: 5,847
Quote:
Originally Posted by BambooTom
I work in the hotel entertainment industry (lodgenet)
and it seems to me this would pose a challenge. I dont see how someone could hack into the hotels PMS (property managment system) from the
standard wall outlet. Sure if you have a tuner you can view all available channels on the line but you could only access certain information screens
if a person in another room is actually using that function and reviewing his or her mail or folio.
When one person decides to review his bill or use tvbased email, that information is sent to a modulator(channel) so it can be viewed from the tv.
so anyone with a tuner can view it as long as they are on the right channel at the right time.

How a person can hack into the actual hotel database is beyond me.
In order for a person to be able to use the cable line to access the hotels computer they would 1st have to go through the PPV/Services providers host computer, on top of that they would need to be able to modulate their information request on the frequency that the host uses to communicate
with the in room terminals. Our system uses two different frequencies
forward and return.

I'm not much of a programmer, I'm a glorified cable jock who works with computers as part of the hotel specific equiptment so I guess anythings possible.

The future trend and it's coming soon is for the signal to come encripted from our server and decripted at the terminal which is inside the television (smart card).

No more cable boxes on top of the tv and even if you did have a tuner you would prob only be able to get FTG(free to guest) channels and nothing else.

The MPAA is really coming down hard on our company to make sure that the stealing of movies is as hard as possible. At our local office we've already been inpected by the MPAA and by Sony Pictures in regards to our tape based
sites (older systems).
For about the last 2 years we have been installing all digital systems where the movies are delivered to the site over satellite then stored on on huge raid array then streamed to the room from a server.
Bamboo,

Plesae don't take this personally, however, I think LodgeNet movie selection is really poor with respect to B (i.e. porn) movies. On Command (your competitor) really rocks in this area, with fresh new films each month.Why can't LodgeNet change these movies more often?? I can think of one film in particular that has been out there for like 8 months now. Also, the LodgeNet films are more expensive vs. On Command, as no packages are offered re: unlimited viewing.

Bottom line: LodgeNet is a ripoff with outdated films and ridiculous prices.
freeupgrade is offline   Reply With Quote
Old Aug 2, 05, 10:28 pm   #14
 
Join Date: Mar 2005
Location: Los Angeles
Programs: Star Alliance
Posts: 143
No offense taken
I fix their systems, they sign my checks.
I have nothing to do with pricing or programming.
BambooTom is offline   Reply With Quote
Old Aug 2, 05, 10:39 pm   #15
 
Join Date: Apr 2005
Location: PHX
Programs: US Airways Silver
Posts: 3,790
My understanding is that the person in the article used an IR blaster to get to menus on the system that aren't normally available to the guest. Since he had complete control over the IR signal, he was able to generate signals that the guest remote doesn't.

For example, he was able to reprogram the ID on the TV so it was identical to one in another room. He was then able to view that guest's portfolio.
alanh is offline   Reply With Quote
 
 
Reply

Bookmarks


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off
Forum Jump


All times are GMT -6. The time now is 1:23 am.