(http://news.bbc.co.uk/2/hi/technology/7516869.stm)
Makes one wonder whether the security of local smartcards has been tested and, if so, whether information on it's security will be published. ===== Oyster card hack to be unveiled Details of how to copy the Oyster cards used on London's transport network can be published, a Dutch judge has ruled. The ruling overturns an injunction to suppress the information won by NXP - makers of the travel smartcards used in London and many other cities. The injunction was sought in June 2008 after Dutch researchers demonstrated how to copy cards and travel free on the London Underground. The researchers plan to publish their research in October. [...] The weaknesses centre around the chip, called the Mifare Classic, that sits at the heart of the contactless card system. As well as being used on 17 million Oyster cards, the Mifare chip is also used in Hong Kong's travel network, and is the basis of the Dutch Rijkspas smartcard. [...] Security expert Bruce Schneier said: "As bad as the damage is from publishing - and there probably will be some - the damage is much, much worse by not disclosing." Mr Schneier said it was a "dangerous assumption" to think that only the researchers know about weaknesses with Mifare. "Assume organised crime knows about this, assume they will be selling it anyway," he said. Information about the research will be published in a journal and shown at a security conference held in Malaga. The Dutch group is one of three known to have cracked the Mifare Classic technology. ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) _______________________________________________ Slugnet mailing list [email protected] http://wiki.lugs.org.sg/LugsMailingListFaq http://www.lugs.org.sg/mailman/listinfo/slugnet
