back to article Microscope-wielding boffins crack Tube smartcard

Security researchers say they've found a way to crack the encryption used to protect a widely-used smartcard in a matter of minutes, making it possible for them to quickly and cheaply clone the cards that are used to secure office buildings and automate the collection of mass transportation fares. The attack works against the …

COMMENTS

This topic is closed for new posts.
  1. yeah, right.

    peer review

    The only possibly secure algorithm is one that's peer reviewed by knowledgeable people who are independent of the creators and their management. Even then, flaws will be found years later. But you'll still have a better algorithm.

    Of course, the likes of NXP, Microsoft and others still think they can do better. I certainly hope that these proprietary second-class security attempts are never used to lock up anything really important.

  2. joe
    Thumb Up

    Here is a good video.

    There is a good video on this here:

    http://www.hackaday.com/2008/01/01/24c3-mifare-crypto1-rfid-completely-broken/

  3. William Bronze badge

    Industrial Espionage

    Seems like Industrial Espionage rather than some guy doing a PhD. Of strongly believe that a competitor has been bankrolling this guy to reverse engineer the chip to see if there are any weaknesses under the name of 'education'.

  4. Chris Miller

    The moral is

    Don't try to develop your own 'secret' security protocol (except, perhaps, if you have the resources of GCHQ or the NSA behind you). In their defence, I suppose it may be possible that development work began before AES was available and single-DES was being deprecated (and wasn't particularly friendly for very low power applications, such as smartcards).

  5. amanfromMars Silver badge
    Alien

    AIMaster Key for Cyber Storms and TEMPESTuous C++++

    "They also say the attack defeats only a single layer of security and that additional layers would most likely prevent any misuse."

    Not so, whenever you Realise that the Key is Virtualisation.

  6. Barnaby
    Thumb Up

    Good moral to this story

    "moral of the story is that proprietary encryption schemes like NXP's Crypto1 are almost always a bad idea."

    Very true, not submitting a scheme to public review only allows the creators to "believe" it is secure which is often a delusion.

  7. Anonymous Coward
    Coat

    Was expecting a pun along the lines of-

    "when you have the tech to break these cards, the world is your Oyster"

    /coat

  8. Dave Bell

    Relying on secret processes is so 19th Century

    Kerckhoff's principle.

    Published 1883.

    Incidentally, this is also one of those sci-fi cyberpunk scenarios that people used to think ridiculous.

  9. Robin Bradshaw
    Boffin

    Video available too

    If you want so see a video of the presentation where this was first publicised go to video.google.co.uk and search for mifare, the video 24C3 - Mifare security - #2378 is the presentation where details of this were talked about.

  10. Daniel Wilkie
    Joke

    Shock!

    So let me get this right, they took the cheapest option of a range of products, and its not as secure as the more expensive versions of the same products?

    Oh well, at least the people responsibile for buying them will learn their lesson...

  11. heystoopid
    Paris Hilton

    Oh

    Oh , if truth be told whilst the makers claim that there is supposedly 48 bits in the key one can surmise logically and convenience to the makers that we have reserved first 4 bits for country code(stops transatlantic fools from opening Welsh garage doors), say 3 bits for industry type code (after all you don't want a tram ticket to give some innocent fool access to a place like Porton Down do we and for level access limits too ?) another 5 bit unique industry identifier code(replace wankers who lose things or reorders) a possible 5 bit date code and one check bit too ! , so in reality the keys would have a mere 30 bits left for the real key !

    Little wonder they were able to crack the codes so easily!!

    Idocracy rules supreme !

    One can surmise sales of RFID shielding cases for these devices would be a minimum mandatory requirement at the very least !

  12. Tony Barnes
    Flame

    Simple eh...?

    ***The research team was able to obtain the card's proprietary encryption scheme by physically dissecting its chip and examining it under a microscope. They then photographed various levels of its circuitry and used optical recognition software to produce a 3D representation of the entire chip. By examining the logic gates in great detail, they were able to deduce the proprietary algorithm, which NXP dubs Crypto1.***

    ***"It only takes a few minutes to break any card in particular," Nohl said in an interview. He said the modest amount of time and equipment required to crack any Mifare Classic card - in many cases less than 10 minutes on a typical PC - makes the attack ripe for criminals to carry out in the real-world attacks.***

    So having dissected, photographed, and 3D mapped the end result with optical recognition software to verify the logic gates, criminals will now be able to crack these cards with ease...? Sorry, but that sounds a little complicated to me, one would almost think it would be far less effort to blow the bloody doors off!!

  13. Anonymous Coward
    Alert

    @ Tony Barnes

    I think you'll find that once they worked out the algorithm once, they don't need to do it again for every card....

    All it would need is a RFID reader and a bit of software.

    Reading comprehension FTW! :)

  14. Tim

    News?

    Is this new? I thought I read months ago that the Oyster card had been cracked. Maybe Bruce Schneier mentioned it, or it's somewhere on http://rfidiot.org/ , but I can't spot it on either.

    Or maybe I dreamt it. Oh dear.

  15. Bruno Girin
    Black Helicopters

    @Tony Barnes

    Dissecting the chip and examining it under a microscope is only done once to understand the algorithm. Once you understand the algorithm, you can break *any* card within minutes.

    So the way organised crime works these days, some enterprising people will probably dissect one of those cards and go through the same steps as those guys to understand the algorithm and how to break it. Once they've done this, they'll sell the method to crack any card for £50 on some underground network, or whatever amount they think they can get away with. Then other enterprising people who think they can make a profit out of copying such cards will buy the method, copy gazillions of Oyster or other cards and sell the copies at a profit or use them to get access where they shouldn't.

    The process is indeed expensive if you want to break the one card. But if you make it into a business, this could be a nice money spinner for criminals.

  16. Anonymous Coward
    Anonymous Coward

    @Tony Barnes

    ... er did you *read* the article. The inital dissection & 3D mapping has been done. It doesn't need repeating. However it's lead to being able to crack a card in minutes .....

    RTFM

  17. Anonymous Coward
    Anonymous Coward

    @ AC @ Tony Barnes

    I think Tony is saying that "All well and good, this research company has elucidated the algorithm. What's the problem if they keep it out of the grubby mitts of those with criminal intent?"

    To which there are two answers which don't require any malice on the part of the researchers:

    1) They can't guarantee no one will steal the algoritm

    a) There are a lot of clever people and rich criminals to employ and equip them who may actually already have done this and refrained from publishing their results in order to reap the criminal benefit.

  18. Claus P. Nielsen

    So safe for train tickets, but not for security

    Ticket fraud would not be economic with this method if you can sell the cloned cards. It should be possible to trace multiplied cards (if there are enough of them using the same code) and either shut out the users from the system or even apprehend them when they try to pass the scanners.

    The reference test is whether it is easier or less expensive to clone a card than it is to fake a paper (or magnet strip) ticket.

    Corporate and government security is a different issue since these may be high value targets even if only a single card is cloned, but as I understand it, these cards are not being marketed for that purpose (which of course dosn't prevent some idiot from using them).

  19. Mike Crawshaw
    Paris Hilton

    *wince*

    "With anything proprietary, you can never guaranty that."

    "guarantee". The word is "guarantee".

  20. Anonymous Coward
    Thumb Up

    "Industrial Espionage"? Meh.

    "Seems like Industrial Espionage rather than some guy doing a PhD"

    I don't think so. Still if they can get the any money needed for the tools by doing a little flipchart presentation at the competitor's head office, then get a PhD thrown in for the results, more power to them.

    Also, "Industrial Espionage" is such a bigmouth word with nasty associations. What about "bespoke knowledge elicitation"?

  21. xjy
    Thumb Down

    Who's the ENEMY for fuck sake???

    So much of everyday life reads like a dystopian war screenplay these days. God knows who's protecting what.

    And all the ingenuity wasted a) on thinking up "terror" scenarios to be guarded against, and b) on thinking up ways of getting round the guarding.

    Jesus.

    Seems to me the enemy is more and more the ordinary consumer and Joe Public. Government and official premises are becoming as barb-wired and repellent as an Imperialist cop shop in Derry, and transport users seem to be considered as criminal joyriders instead of people who are forced to use public transport for hours to get to some crappy and insecure job just to make ends meet.

    Get rid of the secretive and undemocratic bastards now running things, and open doors will become the norm.

    Get rid of charges for something as fundamental to the functioning of a modern society as the public transport infrastructure, and you'll have a much pleasanter and smoother-running system.

  22. Anonymous Coward
    Stop

    Microscope?

    I somehow doubt that this was done with any old microscope. I remember at Uni being shown an uncovered ARM chip - that was about ten years ago and I don't know how old that chip was at the time. It was quite funny to look at even with the naked eye because it didn't have a colour. The feature size was at that time comparable to the wavelength of light, and the colour various portions appeared to be depended on the precise angle you held it with respect to the light.

    That was ten years ago and things have got even smaller since then. If light was too big then it certainly is now. You can't do that kind of work with an optical microscope. An electron microscope sure, but that isn't something that your average fraudster has access to.

  23. Ru

    48 bits?

    The Mifare Classic chip that this stuff is based on was released in 94. Not a good start. The UltraLight version used in Oyster cards was released in 2001. This makes it too early to benefit from the friuts of the AES program, but the inherent weakness of short key algorithms in general, and the various recommendations against secret algorithms untested by skilled cryptanalysts are older than that.

    Silly people. New techniques aside, the fact that you can brute force one of the cards 'in a few days' (depending on how much cheap, easily available hardware you have to parallelise the process) means that the whole thing is totally and fundamentally flawed.

    And thats what happens when you purchase throwaway hardware, designed and built as cheaply as possible.

  24. Anonymous Coward
    Thumb Down

    HO HO guess what?

    In common with almost every other "proprietary" encryption lash-up, this one is based on the hobbyists favourite, the Linear Feedback Shift Register (LFSR) - its too funny to be true again, and from Philips who should know better. This baby can be cracked with only twice the key length of output stream, messrs Berlekamp and Massey did it in ~1960. many attempts have been made since to include LFSR's into genuinely strong schemes, but they all break.

    Any one reviewer could have told them their Crypto-1 is based on fool's gold, and imho the detailed description of how they dissected the chip and made a 3D database is all bollocks, no way can you get the doping pattern (at one in 10^10) out of the silicon, and they will run some n-type tracking for confusion. You will get the metal layers, but these will be obfuscated with dummy traces, it is simply not machine-crackable.

    It is just a face-saver for NXP, a system like this can be (and almost certainly was..) cracked just from looking at the signals.

    look out for the next update, where another team does just this.

    how dismally poor, have they won a tranche of our ID card business yet?

  25. amanfromMars Silver badge
    Alien

    Internet Exploring ...Industrial Espionage

    "So having dissected, photographed, and 3D mapped the end result with optical recognition software to verify the logic gates, criminals will now be able to crack these cards with ease...? Sorry, but that sounds a little complicated to me, one would almost think it would be far less effort to blow the bloody doors off!!" ...... By Tony Barnes Posted Wednesday 12th March 2008 09:02 GMT

    With that algorithm knowledge, there are no bloody doors, Tony. IT would then be Presented with AIDanegeld* Font for XSSXXXXSource or at least ITs Lead Followers would.

    *"bespoke knowledge elicitation"? :-)

  26. Anonymous Coward
    Thumb Up

    I bet....

    ... you'll be looking at that busker in the tube a little differently today won't you...

    If he really a scruffy genuine busker, or is he really a scruffy techie and that guitar conceal a huge antenna?

    All your oysters are belong to us!

  27. Tony Barnes

    @ those who thought I didn't read the article...

    Yes, as confirmed by an AC, I was highlighting the fact that the crooks would have to do this original bit of cracking themselves, unless the researchers were short sighted enough to leave copies lying around. Keeping their traps shut, and invoking an investigation as to whether a large amount of keys were being cracked worldwide would of been an infinitely more responsible approach than polishing their knobs so publicly.

    So for those who implied I needed to read the article, before stating something that was in fact correct, try reading the post you are replying to, and engaging your brain. Alternatively, if sufficient AC's let me know that I am too cryptic (!), I will explain each and every word I bother posting on here to the nth degree, to try and avoid any miscommunication of the bastard obvious!!!

  28. POPE Mad Mitch
    Pirate

    effort of cracking

    Classic mifare cards have several data slots on them, each slot is protected by two encryption keys. one of the choices of mode for a slot is designed for ticketing/emoney applications and has one key that can do read/decrement, and the other key do read/write. so all your turnstiles would have the key to be able to read how much credit you have and deduct some, but only the charging stations would have the write key and be able to up your credit.

    if people like oyster have used this standard method, and trusted that the cards are secure, then all it would take is to crack the write key theyve used and you could trivially alter any card or create new ones.

    there are of course ways to be more cunning and secure about the whole thing if you use a little thought, but since when have large projects ever done that.

  29. Anonymous Coward
    Thumb Down

    Who wants to bet...

    Our Nuclear Power stations use these?!

  30. Anonymous Coward
    Anonymous Coward

    microscope not needed any more

    The crooks could just kidnap the guy who cracked the algorithm and threaten to cut his bits off unless they are told how to crack the card. Surely a much simpler, cheaper and quicker solution than doing the microscopy and reverse engineering again.

    Sometimes low-tech >> high tech.

  31. Norman Wanzer

    New door opens

    I was watching the video on how they found the encryption (link: http://www.hackaday.com/2008/01/01/24c3-mifare-crypto1-rfid-completely-broken/ ) and was struck by a scary thought. I wonder if they realize that they have also come up with a method that would allow reverse engineering of any silicon chip without the need of the photo templates. This could be bad for Intel, AMD, IBM or any other proprietary chip maker. While the dissection wouldn't yield a perfect copy of the design it would give enough data to reproduce the chip with just a little bit of digital logic used to fill in the blanks. Think of it as a logic version of hang-man. Couple that with the standard black box engineering probably already used and this could significantly reduce the reverse engineering time.

    I can see the the patent lawsuits already...

  32. Nick Rutland

    Keeping track

    What intrigues me is that they say they've sold 1-2 billion. That means they're not sure of whether they've sold a billion cards or not, in my view.

    Would you trust a card from an outfit like that to keep track of anything at all? (I have to: got an Oyster for daily commute)

  33. Anonymous Coward
    IT Angle

    @New door opens

    someone at my cybersecurity lab mentioned that didn't AMD do this decap and decode in order to reverse engineer the trusty old '386??

    ah memories....I bought a Compaq 386SX with 4Meg Ram upgrade....that'd buy me a whole coWPAtty 15*FPGA E-12 SuperCluster nowadays

  34. Anonymous Coward
    Anonymous Coward

    Flat out wrong?

    It looks like you would have to have quite a few invalid communications with the card before you could get the key and start valid communications. Why not just add code to disable the card if it has too many invalid connection attempts? I'm guessing that's the thinking de Bot was using when he mentioned "appropriate measures." Of course, this would probably allow for a DoS attack where somebody could intentionally block cards of passersby, but for some cards that's an acceptable tradeoff.

  35. John A Blackley

    Further to Tony Barnes

    I did understand what Tony Barnes meant and, further to his comment, I have a question.

    "All you'd need is an RFID reader and some software". I have no idea how much an RFID reader costs and, similarly, what 'some' software that would be or how much it would cost.

    That all aside, let's talk about return on investment here. Assuming Tony's implied argument is correct and Mr. Crook would have to fork out for the weak algorithm, let's add whatever an RFID and 'some' software would cost, take a step further and assume that Mr. Crook is better educated than I am and knows what to do with an RFID reader and 'some' software and then postulate that Mr. Crook does..............what?

    Steal a free ride or three on the Tube?

  36. Liam Meadows

    Not Suprised

    Not really suprised that the Algorithim was easy to crack when they give an estimate of how many cards have been sold

    "NXP says it's sold 1 billion to 2 billion of the cards"

    Fairly accurate then ?

  37. Anonymous Coward
    Coat

    @hat Mr. Crook does..............what?

    er......we use RFID systems in Nuclear Seals, no, not the cuddly ones that live off the coast of Windscale but the serious ones that lock away warm things. Of course our seals are impervious to this sort of attack, harrumph!

  38. James
    Coat

    Sorry but...

    .. a company that can't quantify the number its sold more precisely than this...

    "NXP says it's sold 1 billion to 2 billion of the cards"

    ...may not be the most reliable for number based operations.

    A bit like saying "My wife gave birth to 1 to 2 babies"

    The only excuse for this type of imprecision is vast overindulgence in alcohol or other mind twisting substances.....

    Mines the one or two coats on the one or two coat racks in the one or two cloakrooms over there (or there)

  39. Anonymous Coward
    Anonymous Coward

    >Steal a free ride or three on the Tube?

    Or reprogram the day ticket into an annual all zones travel card worth £2600 and sell them in the pub for £200

    You can also use them to make purchases of upt £90 in shops IIRC.

    Then when they are expanded to pay for congestion charges / road tolls and rail services they are worth even more.

  40. Anonymous Coward
    Anonymous Coward

    @John A Blackley

    Actually, there's quite a lot you can do with a cracked Oyster card. BTW. A Reader/Writer should be available for a couple of hundred quid tops ( search t'internet ). The researchers used a 150 Euro model.

    Once you can write to your Oyster, you can

    - Get free travel on the Tubes/Buses/Trains. A bit of playing around probably, but in Annual Travelcard costs a couple of thousand pounds per year. Well worth the effort.

    - A number of shops are rolling out Oyster for small payments ( Hong Kong's Octopus card shows the way ), so you can not only get a free ride, but a free lunch too, probably at McDonalds. And a paper too.

    - I suspect you could change the serial/identity number on the card, to make yourself harder to track. TfL have all your movements keyed to your card, but that'll be much harder if you change identity every trip.

  41. Ian Ferguson

    Can you be a bit more specific?

    "It's also used by public transit systems in Boston and London"

    Do you mean the widely used Oyster card system? If so why not say so?

  42. Anonymous Coward
    Anonymous Coward

    @Further to Tony Barnes

    An RFID reader and some software that a single student can write between pub runs (especially now that the leg work has been done) would not cost that much.

    On the other hand, a "free ride or three on the Tube" currently retails for £968.00 per year for Zones 1 and 2. The hardware and coding effort will be worth less than that (for the first user alone), and what's the chance they'll replace it with an incompatible system in under a year?

  43. Bryan B

    "about 50 cents apiece"

    Is that 50 eurocents (Dutch card, Dutch currency) or 50 US cents (US-centric writer)?

  44. WhatWasThat?
    Pirate

    False economy

    The odds of a system being replaced once a significant amount of money is lost will be quite high - after all, the costs are pushed onto the customer, aren't they?

    Besides, according to the Terms & Conditions (http://www.tfl.gov.uk/termsandconditions/901.aspx) of the Oyster card, particularly the bit about "Lost or stolen Oyster card", simply reporting that your card is stolen (without you knowing the ID of the card, eh?) allows them to update the system and disable use of the card.

    Does this mean there is a database that allows tracking of the card's usage? What is to keep them from implementing this (if not already) to confirm "amount on the card", etc? What is to say that it doesn't just read off the ID to confirm against the database of accounts and not even use the data on the card?

    If there is no database that they are checking against IRT, then the costs would be in setting up communications and access. That in itself may not be a small amount and could extend the lifetime of any nefarious projects.

    Anyone looking to make some extra dosh would have to get these questions answered first before selling "services" to the masses...

    [ Yay! I got to use "nefarious" in a post, too!]

  45. Frumious Bandersnatch
    Linux

    Re: Industrial Espionage

    William, it was really nothing ... of the sort.

    Surely the researcher is doing the company a favour by forcing them to strengthen their security? Blowing security by obscurity is more rightly compared with saying the Emperor has no clothes than the comparison with industrial espionage. No actual break-in was performed against the company (or its clients) and no secrets were subsequently stolen. All these guys did was point out that the locks don't work, and provided the proof to back up the assertion.

    I pity the poor fools that buy into fake security bullshit.

  46. A J Stiles
    Boffin

    Thoughts for the Future

    OK, it's time to think of the future, and I think there are two things that must be addressed here:

    ONE: Make the use of proprietary encryption algorithms flat-out illegal. The *only* secret should be the key. This is well understood by those with a clue: it is not just co-incidence that the OpenBSD implementation of ssh is considered to be the reference standard and the much less well known proprietary version, distributed without Source Code, languishes in obscurity. Not everybody has a clue, however. If they can make supermarkets print "CONTAINS GLUTEN" on a bag of flour (even though everybody should know that flour is made from wheat, which contains gluten -- but obviously someone doesn't, otherwise they wouldn't need the warning), they can surely ban "crypto" providers from keeping secrets which could compromise the integrity of the products they are selling (even though everybody should know there are occasions when you have no alternative but to insist on the Source Code -- but obviously someone doesn't).

    TWO: Outlaw "technology discrimination" (e.g., charging different prices according to whether payment is being made by electronic transfer or actual shiny round pieces of metal). This will hopefully prevent people being coerced into using inappropriate or improperly-tested technologies.

  47. Jim Moores
    Black Helicopters

    Any sensible business plan should build in the cost of a crack

    I remember reading that one of the big reasons why ONDigital (later ITVDigital) went down was because the smartcard that went in their set top boxes had been compromised. Unlike Sky, who had built into their business plan an assumption that cards would need to be replaced around every five years due to exploits, ONDigital hadn't built this cost into their calculations and so couldn't afford to reissue cards to all their customers.

  48. Anonymous Coward
    Anonymous Coward

    Maybe payback for Oyster rip off?

    I have detected early last year that the Oyster charging for cash-on-card is seriously flawed and charges a LOT more than it should (we're talking up to 30% or so more). If you buy a weekly or monthly, fine, but if you travel on cash (because, for instance, you're not that often in London) I would VERY strongly recommend you keep checking on what Oyster takes off your card because I've seen it screw up repeatedly - strangely never in my favour (which is a bit of a giveaway). This was noticed with two different cards, for all sorts of different journeys.

    Most revealing is the reaction of Transport for London support - they KNOW about this..

  49. Cameron Colley

    Isreal.

    You can tell the encryption is sub-standard when the paper detailing how it was broken doesn't contain the name "Shamir".

  50. John A Blackley

    Even Further To Tony Barnes

    Okay, I apologise. I didn't really mean ONE free ride on the tube. I'm sorry, okay?

    What I meant to imply in my original post was that, given the intent, investigative skills, time and money to hack an Oyster card (Yes, yes. I know. Oyster cards are also used to lock the doors to the nation's plutonium deposits and Natalie Denning's bedroom.) the potential return on investment is hardly the Heathrow bullion heist, is it?

  51. night troll
    Pirate

    The truth is....

    if it can be made it can be cracked or copied by anyone with enough to gain. Mr Brown & Co please note for your *secure* ID card system, it WILL be hacked and then what was the point of all the aggro apart from filling the coffers of the IT companies that you will get nice fat directorships from when you get kicked out of parliment.

  52. Mike

    peeling and microscopes

    Several misconceptions about this stuff floating around. From my personal experience:

    1) A "talented amateur" can de-cap a chip and lap to various layers for observation.

    2) While one wouldn't want to try it on the latest x86_64 or Power, jelly-bean chips are usually built with _much_ less advanced tech. Read "bigger features, fewer layers". Yes, probably less advanced than the ARM in your Mobe.

    3) It is true that you cannot "see" doping (or worse, implant). It is also true that most (particularly low-end) design systems use transistor shapes that reliably clue you into types. And of course if you are extracting circuits from polygons, which rail a transistor is closer too provides another clue.

    4) If you are dealing with a patterned area such as a ROM, the implant may indeed not be guessable. That's what stains are for. Yep. At least as far back as the 1990s.

    5) There are ways to obfuscate the above, but a group that uses an LFSR for "crypto" is not likely to even be aware of them, let alone be arsed to use them.

    6) If optical microscopes are truly not up to it, well, a co-worker of mine has a neighbor with a functioning electron microscope in his garage. Do not underestimate the passions of nerds.

  53. Anonymous Coward
    Anonymous Coward

    Application layer

    Surely transport implementations like Oyster employ velocity fraud detection, the old skool travelcards did anyway. If a card is duped then eventually it will be used in more than one place in a short period of time and be declined.

  54. Rolf Howarth
    Black Helicopters

    Sales figures

    ".. a company that can't quantify the number its sold more precisely than this...

    "NXP says it's sold 1 billion to 2 billion of the cards"

    ...may not be the most reliable for number based operations."

    Does it occur to you that:

    a) maybe they don't want to reveal precise figures to their competitors for commercial reasons

    b) the guy responding to the question didn't personally have the exact figures to hand but knew the approximate amount

    c) it depends how exactly you count them (eg. they may have been sold to a distributor or reseller but not yet sold to an end user, or they've introduced slightly different models over the years and it depends which you include in these figures. or they have partners or licensees who sell the same cards and it depends whether you includes those in the total or not)

    etc.

    Further, if a cheap, low security product has lasted for 15 years without being cracked, and if the manufacturer has managed to sell a billion or more at 50 cents each, then they certainly don't sound that incompetent to me!

  55. Midnight

    You mean proprietary encryption schemes aren't the best kind?

    How could we know? Why didn't someone _tell_ us about that?

    http://www.schneier.com/crypto-gram-9902.html#snakeoil

  56. Ishkandar

    @HO HO guess what?

    But, but...our government swears blind that our ID cards will be foolproof !! And since they are the government, they MUST be right, aren't they ??

    @AC@New door opens - serves you right for buying that cr*p. I built a 386 DX machine form bits for less than one third of the price of one of those and had more RAM and a bigger hard disk to boot (pun intended) !!

    @WhatWasThat? - they had actually thought of dealing with the real-time transactions in the HK system. What they *didn't* do was to get a proper estimate of the *VOLUME* of transactions per (time period). Comes day one and hordes of passengers using their cards and the system went splat !! So it is not simply a matter of dragging a lot of wires from *FIXED* sites to the server(s). Add on the mobile sites (buses, mini-buses,etc) that download when they get back to their home station and throw a *MASSIVE* data-dump down the line and most of the people involved walked around wearing brown trousers for weeks until the scalability of the system was properly tested and pronounced safe for general use !!

    What's to stop history from repeating itself in 2012 when hordes of tourists pour into London for the Olympics and the whole system grinds to a screeching halt ??

    @A J Stiles - I saw on a packet of dry-roasted peanuts "may contain nuts" !! MAY ?? If not nuts, what else ??

    @Rolf Howarth - "and if the manufacturer has managed to sell a billion or more at 50 cents each, then they certainly don't sound that incompetent to me!"

    You are certainly right if you are talking about their parasites, oops, sorry, I mean salesmen. It's their techies that are worrying !!

  57. Anonymous Coward
    Anonymous Coward

    Shielding Sleeves will help

    At least you can reduce the chance of getting skimmed or cloned if you keep the card in a shielded card sleeve except when you are using it.

    Identity Stronghold calls them a Secure Sleeve and has them at www.idstronghold.com

    In the UK SmartCardFocus calls them a Skimstopper and sells them at www.smartcardfocus.com/skimstopper

  58. tony trolle
    Unhappy

    the sleeves

    was shown on "London tonite" (6pm time slot) about 2-3 years ago to stop cloneing so was the card hacked way back then ?

  59. Anonymous Coward
    Coat

    No Pearls in cracked Oysters!!!

    London Underground caps the charges on an Oyster card daily depending on the zones covered:

    http://www.tfl.gov.uk/tickets/faresandtickets/singlefares/5196.aspx

    So lets consider the value of cracking a card. The only criminal benefit comes from copying the card and then selling it. So the average maximum value a cloned card could be used for per day would be around 9 or 10 pounds depending on the zones that the original was valid for.

    Now assuming that the TfL network can only detect duplicate cards in the system and then blacklist them overnight, then the maximum value of a cloned card would indeed be about 10 pounds (but on average a lot lower)

    Counterfeit goods typically sell for a lot less than the real thing so lets be generous and say the typical cloned card could be "sold" for 5 pounds (again best case)

    In volumes less than 100,000 Mifare cards cost about 2 pounds each. Which gives us a whopping 3 pounds margin per card. Plus the cost of a scanner/cracker/copier (say 500 pounds) (and a laptop) then our criminal mastermind has to clone, copy and sell nearly 200 cards before he starts to make a profit.

    This is best case - in order for the cards to be sold for their maximum value they need to be sold at the morning rush hour and assuming there is actually a market for these cards and they don't get arrested in the mean time, then you could imaging then making about a few hundred pounds a day.

    But in fact Tube station gates are smart enough to stop the same card being used twice in the station without it being used to exit first. So in fact cloned cards could only be used at a station different from the one where the genuine card was actually used.

    I'm sure an enterprising criminal capable of executing such a business would be better off contracting to an IT company in the City and surfing Youtube in an office, rather than getting cold and wet and risking prison outside an actual Tube station.

This topic is closed for new posts.

Other stories you might like