Oyster card mifare hack

However in the real world most people want their technology to do something for reasonable cost. I feel it is somewhat unfair to blame Mifare for the lame security of its cards when it was trying to do the best it could under numerous constraints. I point the finger at the transit agencies for trying to use techno-wizardry to essentially shift a higher cost burden onto the riders.

RFID based systems are rolled out as a time saver like EZpass, however in reality RFID fare collection systems have longer transaction times than old token or mag stripe systems. The real advantages accrue to the operators who save on reader maintenance, save on ticket issuance, eliminate ride hoarding in advance of a fare increase, can more easily implement distance based fares and can benefit from any adoption of their system as a larger micropayment network.

Mag stripes might be dumb and copyable, but at least one had to get physical access to the card to clone it. RFID cards are nothing but a scam that have the wonderful side effect of rendering your transit pass vulnerable to remote hijacking by third parties.

Much like voting, leave the techno-wizardry at home and just stick with something robust with practical security measures. And secrecy does support security.

But if only a few people know how something works, it makes it harder to break. Mike B. The design constraints on Mifare Classic were the design constraints of The Radboud group filled in the missing bits on their own, so they have known the full algorithm for some time I think since about spring this year. I know I would have. He was not talking about pretending they not there, just that as far as kernel dev goes they are not special…. In other words, a failure on the part of Tfl becomes yet another stick with which to beat those passengers attempting to preserve some last vestige of privacy from our increasingly aggressive and overbearing state.

Maybe things will be different now Thieving Ken has gone. The problem is that I see no indication that they explained this to the people they were selling the chips to. I would like to point out that Nokia already makes Mifare-compatible cell phones which are capable of reading and writing Mifare cards including Oyster. Google for nfc and Mifare is very cheap. As far as I can see the whole system lacks any real security especialy the backend database and the staff that have either direct or indirect access to it.

Secondly all the journy info for all cards gets logged for an undisclosed period of time supposedly to prevent fraud so atleast seven years. Again it does not take a great deal of thought as to just how usefull that data is for all sorts of reasons. Most of which would probably be considered by most card holders as an invasion of their privacy. Aparty from the preditory aspects the data is of value to both public and private investigators. It appears that the Met police are starting to wake up to this, however it is clear that certain classes of youth are already well versed in this in that they swap outer cloathing Oyster cards and mobile phones thus obscuring their real movments.

It therfore can be assumed that the brighter criminals have woken upto this asspect of the system as well. Therfore the only people the data is likley to have use as a lever against are those going about their ordinary business who have the misfortune to be in the general area of a crime.

Daedala et al Even if the crypto is good RFID crypto cards have little or no defenses against even the most basic side channel attacks power, time.

Time is especially problematic due to the ms transaction window. I had this conversation with someone from that company who sells side channel filters for smart cards at CardTech and I was told flat out that for contactless farecards side channel protection is jut not yet possible. If the transit agencies actually bothered to do some research instead of just listening to vendors they would know that no matter what they did they would have little better security than mag strips.

Fraud can be minimized on any system with back end auditing. Initially I was going to disagree with you. The difference is that we are talking about London here.

The CCTV capital of the world. At my old Tube station I sometimes used like to take the stairs instead of the lift and I counted 20 security cameras covering the steps. Practices for maximising the business value of digital infrastructure Consumption-as- a-Service subscriptions. Microsoft Exchange servers break thanks to 'Y2K22' bug. Solving cyber security's diversity problem. Skip to Content Skip to Footer. News Home Security. That information in hand, it was a simple matter of using it to program new cards.

Jacobs says the same technique can clone smartcards that provide access to secure buildings. At the technical level there are currently no known countermeasures. So break out your tinfoil hats and alumnium hats, the smartcard hackers are coming to a building near you soon. The Dutch government are taking this VERY seriously, planning to replace all , smart cards used by their employees for access. That will be an expensive excercise.

And what rights does a consumer have after their card is cloned and their credit used, are they insured? Would they even notice? Source: Wired Blog Thanks to razta. Up to now the Dutch government has persisted in the project of the OV-card based on this mifare chip, even though it was proven vulnerable. Dutch hackers coming over onto our turf and telling us how its done, we should go over there and find a security hole in one of thier public systems. We could have a hacker turf war!

Isnt this the same technology the goverment wanted to use for the ID cards? Do you think the flaw the hackers found can be patched? Better encryption perhaps? Wish I lived in London, could get free transport all day long! Gona take a bigger interest in the metro system they use in my city, they dont use oyster cards here, they use magnetic strips. The cool thing about these chips is that they are being shrunk so much that they are approaching the microscopic level! I was reading in Popular Science or something about how they are getting embedded into new products.

The back office acts mainly as a record of transactions that have been completed between cards and readers. Also, this means that there's no real-time login to a centralised system which hosts the electronic wallet data, so assuming you have the encryption key, you can tap into what's on the MIFARE chip.

Anyway, back to the decentralised aspect of the cards. They did it by capitalising on this "distributed settlement network" and found that they could use an RFID reader to hack a reader at a station or on a bus et cetera and steal its encryption keys. They then found they were thereby able to access the transportation data on any card, so this would include cash balance, ID number for the card and any other details like bank account details and fare history.

However, they found they could also use the decrypted data to add fake credit to the card fraudulently, clone the card and even use it to travel for at least a day, because of the reader data getting sent back to an office everyday.

You must log in or register to reply here. Similar threads R. Have i been hacked! Replies 3 Views Apr 2, Addy. Hotmail hacked? Wookey Nov 23, computers, web and general tech. Replies 16 Views 1K. Replies 0 Views Jan 25, wreckhead. WIFI Hacking. Fingers Feb 23, computers, web and general tech 2 3. Replies 65 Views 3K. Replies 8 Views 10K. Nov 1, editor. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.