A couple months back there was some discussion stemming from a presentation at the Black Hat conference whereby someone detailed how it was possibly to unlock doors secured by a mag stripe key card without needing any key and without having the access logged in the system. At the time it was a theoretical issue, one where the details of the exploit were sufficiently documented that fixing it should have been reasonably easy. And, in defense of the manufacturer, they do have a fix available today for the flaw. But the company, Onity, only developed the fix well after someone allegedly burgled several Houston hotel rooms by taking advantage of the exploit. But there is a fix available. Problem solved, right??
Not so fast. The fix requires replacing a circuit board in the lock assembly and that is a pricey proposition. Onity currently is expecting that their customers will cover the costs of the new circuit board, as well as shipping and labor for the installation. Oh, and there are more than 4 million of these locks in service around the world. Not such a comforting thought, really.