hacking your apartment's electronic entry system

i was talking to a founder of a startup since i'm publishing a book in april (shameless plug: it's about how many of today's startups came to be and the founders' stories). i ask every founder to answer the same question that shows up on the YC application: talk about the time you most successfully hacked some (non-computer) system to your advantage.

of the 30 interviews i've done so far, i've seen lots of creative answers.  one of the answers reminded me that our apartment uses RFID to get into the building from the outside.  the doors to get into my apartment lock automatically at night, so you need the RFID card to get in.  there's also keypad that allows you to enter in a room number.  so if i typed in my room number, the apartment calls my cell phone and i can talk to the person outside via a speaker near the keypad.

edit: shortly after this went up, i realized who inspired this hack. it was dan gross and robby walker (the guys who started greplin.com). special thanks to them, and some of the hacks they use at greplin.com are genius. the book will go into detail.

so i realized after pushing all the buttons on my cell phone that "9" unlocks the door.  in effect, if you get locked out because you had to throw the garbage out at 2am, you must have either your cell phone or RFID card. if you're missing those, you're locked out for good.

i thought it'd be cool to try and hack this, so here's what i did:

  1. i signed up for a twilio account.  this is free and they actually give you $30 of credit when you join.  they'll give you a free sandbox number, which you can use to test your scripts.
  2. in order to imitate the "9" being pressed which unlocks the door, i tried to find somewhere in twilio's API that supported single-digit dialing but they didn't offer it.  if i tried to call a single-digit number, it just threw an error and said "invalid number" on the call logs.  twilio however does support playback of mp3, so i did a search for the list of DTMF tones and found them here in mp3 format.
  3. i wrote the very simple script (here's a link to the sample twilio script) which upon receiving a call, plays back the dial tone "9." i uploaded this to my linode box along with the mp3 file and asked my apartment to update my cell number after switching my twilio account over from the sandbox number to a real number.
  4. i got a notice that the number was updated, and i started letting myself in without keys.

i realized that this would be an easy hack to do in other places where keyless entry systems worked the same way.  an e-mail could be sent to the apartment manager to the effect of "i've updated my cell phone number, i wanted to let you know. can you please update it for me? -resident name" and since most apartment managers probably don't verify the e-mail address, you could probably just find the resident names on a directory outside where the mailboxes are at. probably not too useful since that's just one layer of security though.

here's a video of the hack in action:

17 responses
So, anyone who dials your apt will now get into your building ? Sounds safe.

I'd probably add a short pincode before spitting out the 9.

So effectively anyone could gain access to your apartment, simply by hitting your number?
I did this in mid 90's by recording the tone onto my answering machine. Then I found out that others had discovered that I'd done this and were using my answering machine to get into the building. I quickly got rid of it.
I'm confused. If you're writing a book, you probably know how to capitalize the first letter in your sentences. Is this a deliberate theme? Or do you just not consider blog posts to be formal enough for capitalization?
Oops, didn't mean that to sound so snarky. I'm actually curious. SMS messages and often Twitter don't have proper capitalization because people consider them informal. Most blog posts I've read usually do, and so I'm wondering if you're deliberately trying to have a more comfortable informal theme, or if it's just that you already thought of your blog that way?
hey steve, one day i stopped using the shift key in my blog and it has stuck ever since. this was a few years ago, and i wrote an article about it. you're free to read up on that if you're curious as to why i did it. it's just a more comfortable (read: lazy) writing style for me.
Interesting post, but I'm bothered by the vertical video. Nobody should do this, ever. I wish the iPhone (and other smart phones) would refuse to shoot video unless the camera was held horizontally.
Sarnia apartments for rent - http://www.clvgroup.com/rentals/Sarnia/
9 visitors upvoted this post.