{"id":883,"date":"2008-06-26T05:57:56","date_gmt":"2008-06-26T05:57:56","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=883"},"modified":"2015-09-09T19:39:23","modified_gmt":"2015-09-09T11:39:23","slug":"hackers-crack-london-tube-oyster-card","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2008\/06\/hackers-crack-london-tube-oyster-card\/","title":{"rendered":"Hackers Crack London Tube Oyster Card"},"content":{"rendered":"

It just goes to show, having an aluminium lined wallet could really be useful! Hackers in the Netherlands found they could clone an access card using the Mifare<\/a> chip, after that they traveled to London to try their technique out on the Oyster card (used on the London Underground), which uses the same chip.<\/p>\n

It just goes to show…implementation of these cards really isn’t good yet.<\/p>\n

Dutch security researchers rode the London Underground free for a day after easily using an ordinary laptop to clone the “smartcards” commuters use to pay fares, a hack that highlights a serious security flaw because similar cards provide access to thousands of government offices, hospitals and schools.<\/p>\n

There are more than 17 million of the transit cards, called Oyster Cards, in circulation. Transport for London says the breach poses no threat to passengers and “the most anyone could gain from a rogue card is one day’s travel.” But this is about more than stealing a free fare or even cribbing any personal information that might be on the cards.<\/p>\n

Oyster Cards feature the same Mifare chip used in security cards that provide access to thousands of secure locations. Security experts say the breach poses a threat to public safety and the cards should be replaced.<\/p><\/blockquote>\n

Apparently they can only use the cloned card for one day’s travel, but still…what would stop them from doing it every day?<\/p>\n

Or cloning an access card to a more important place and wreaking some havoc there.<\/p>\n