One security expert at last weeks DefCon hacker conference in Las Vegas showed attendees how technically talented hotel guests have been tricking systems to get gratis porn.
CBS’ “60 Minutes” recently reported that many of the largest hotel chains, including Hilton, Marriott, Hyatt, Sheraton and Holiday Inn, make “most of their in-room profits” from the sale of pay-per-view adult entertainment.
According to the report, half of all hotel guests at those chains purchase erotic video products during their stay.
Pay-per-view sales represent a significant revenue source for the hotel industry as well as adult entertainment companies who are paid licensing fees or commissions for their content.
Considering how easy hackers say it is to steal in-room porn, the practice could have serious consequences for the industry.
“No one thinks about the security risks of infrared because they think it’s used for minor things like garage doors and TV remotes, but infrared uses really simple codes. And they don’t put any kind of authentication in it,” Adam Laurie, director of security firm The Bunker, said.
In addition to porn thievery, hackers can tap into their own hotel bills as well as those of other guests.
Laurie said the process is easy because hotel systems place control on the user end rather than on servers and because they fail to use password protection or other authentication procedures. The only equipment required is a laptop running Linux, and infrared transmitter and a USB TV tuner.
Making the job even easier is the fact that most hotels use the same backend and front-end systems.