Cody Brocious

From Infogalactic: the planetary knowledge core
Jump to: navigation, search
Cody Brocious
Born (1988-01-02) 2 January 1988 (age 36)
Waukegan, Illinois
Residence Denver, CO
Nationality United States
Occupation Software engineer
Employer Accuvant LABS[1]
Known for PyMusique, Alky Project, The Hardware Hacker Manifesto, Onity Lock Hack
Website http://daeken.com/

Cody "Daeken" Brocious is an American software engineer best known for his work on PyMusique and his demonstration of a hotel lock vulnerability in 2012 that affected several million locks in the US and was widely reported in the media.[2][3][4]

Biography

Cody William Brocious was born in Waukegan, Illinois, the son of a Naval Drug and Alcohol counselor. He moved to Chambersburg, Pennsylvania at the age of 3 and became interested in computing by the age of 4.[5] Brocious attended Chambersburg Area Senior High School and the Franklin County Career and Technology Center until the age of 17, at which point he decided to enter the work force by joining MP3Tunes in San Diego.

Notable projects

PyMusique

Brocious first saw recognition as founder of the PyMusique project, where he worked with Jon Lech Johansen of DeCSS fame. PyMusique allowed Linux users to purchase music from the iTunes music store without the standard FairPlay DRM implementation in place.[6]

MP3Tunes

Upon dropping out of High School, Brocious moved to San Diego, California to work at MP3Tunes under the leadership of Michael Robertson. Cody began work as a contractor on the Oboe project where he implemented a now defunct iTunes plugin for accessing the MP3Tunes Music Locker service. He was hired as a full-time employee of the company on his 18th birthday. During his employment, he continued his work on Oboe, where he worked on various other interfaces to the Music Locker service.

Falling Leaf Systems

During his employment with MP3Tunes, Brocious also joined forces with Brian Thomason, then an employee of another Michael Robertson company, Linspire Inc., to form Falling Leaf Systems LLC.[7][8] Falling Leaf Systems attempted to commercialize the Alky Project, which was started by Brocious to enable Microsoft Windows games to run on other platforms.

Falling Leaf Systems sold access to a membership site dubbed the Sapling Program, whereby users could access a build of Alky allowing them to demo the game Prey on either Linux or Mac OS X. Despite attempts to expand their stack by also supporting applications on disparate platforms, Falling Leaf Systems officially closed its doors in early 2008.[9][10]

iPhone hacking

Brocious, under the pseudonym Daeken, joined with a group of other hackers to reverse engineer the iPhone, granting users the ability to use their phones in ways not intended by Apple.[11] Using code developed by this project, George Hotz gained notoriety by performing the first successful hardware unlocking of a standard iPhone.

Emokit

In 2010, Brocious reverse-engineered the protocol used by the Emotiv EPOC EEG headset, publishing the AES key used for encrypting the sensor data.[12]

The Hardware Hacker Manifesto

The Hardware Hacker Manifesto was published on 21 September 2010. It gives some insight of the psychology of hardware hackers. Cody Brocious goes into an explanation of why it is important for owners to have the right to utilize hardware the way they wish to use it.[13]

Onity lock systems

At the 2012 Black Hat Briefings, Brocious presented several vulnerabilities about the Onity HT lock system, a lock used by the majority of U.S. hotels.[14] The security hole can be exploited using about US$50 worth of hardware, and it potentially affects millions of hotel rooms.[2][15] The device was eventually optimized down to the size of a marker, and was eventually used to perform burglaries.[16]

Onity has started rolling out safeguards for the problem in late 2012,[17] which was considered a slow reaction.[18] However, in 2013 it was still reported that some hotels continued to have the vulnerability exploited.[19]

References

  1. Lua error in package.lua at line 80: module 'strict' not found.
  2. 2.0 2.1 forbes.com – Hacker will expose potential security flaw in more than four million hotel room keycard locks, 2012-07-23
  3. Hotel-room lock hack tied to ongoing thefts – NBC News.com
  4. Faulty Hotel Locks Demonstrated by ABC News Report – ABC News
  5. Lua error in package.lua at line 80: module 'strict' not found.
  6. Lua error in package.lua at line 80: module 'strict' not found.
  7. DesktopLinux citing Thomason's role at Linspire
  8. Lua error in package.lua at line 80: module 'strict' not found.
  9. Lua error in package.lua at line 80: module 'strict' not found.
  10. Lua error in package.lua at line 80: module 'strict' not found.
  11. Lua error in package.lua at line 80: module 'strict' not found.
  12. Lua error in package.lua at line 80: module 'strict' not found.
  13. Lua error in package.lua at line 80: module 'strict' not found.
  14. demoseen.com – Inner workings of the Onity HT lock system for hotels, 2012-07-25
  15. extremetech.com – Black Hat hacker gains access to 4 million hotel rooms with Arduino microcontroller, 2012-07-25
  16. Electronic lock picking: Hotel heists allegedly exploited Onity keycard lock hack | Computerworld Blogs
  17. Onity rolling out safeguards against hotel keycard hacks, may fix some locks outright
  18. Fix for hotels’ electronic door lock hack slow to roll out | Ars Technica
  19. Hotel Lock Hack Still Being Used In Burglaries, Months After Lock Firm's Fix – Forbes

External links