For the past several weeks we have heard a lot of chatter about how vulnerable the Android operating system is when it comes to protecting users from viruses and malware, but Ian Robertson has turned the tables by developing an Android app to expose a completely different type of security risk. The app, called Caribou, can render door locks using an IP-based cardkey system (the type used at many office buildings, apartment complexes, and hotels) useless in one click and a matter of seconds.
The user need only obtain the IP address of the network the security system is operating on and Caribou brute-forces the rest. Once the PIN is cracked, doors are unlocked in sequence and remain unlocked for 30 seconds. No, it might not be as scary at first glance as a virus infecting your smartphone, stealing your data, and running up your bill, but in the wrong hands the technology could give crooks a one up on physical security systems. This is exactly the point Mr. Robertson wants to get across: Shore up those home and business security systems, because the next person using this technology might not have such a benevolent reason to do so.