Oyster Cards vulnerable to RFID hack, lots of other systems too
By Nilay Patel 
posted March 14th 2008 1:47PM
posted March 14th 2008 1:47PM
Cities / countries using the Mifare Classic for access control and / or mass transit ticketing:
- London (Oyster Card)
- Boston
- Netherlands (OV-Chipkaart)
- Minneapolis / St. Paul
- South Korea (Upass, T-money, Mybi)
- Hong Kong
- Beijing
- Milan
- Madrid (Sube-T)
- Australia (Smartrider)
- Sao Paulo (Bilhete Unico)
- Rio de Janeiro (RioCard)
- Bangkok
- New Delhi
exactly...
http://en.wikipedia.org/wiki/FeliCa
i thought they're different
its gonna effect a huge chunk of Asia... HK MTR, Singapore, Travelcard for India, Shenzhen Transcard... virtually all of Japan, the Pasmo, SUGOCA, TOICA to name a few...
Also Malaysia's Touch n Go system uses this sytem - cards used in most public transport, highway tolls and carparks.
Many bank ATM machines have RFID pads for re-loading your card directly from your account.
@azureice:
If you want to learn more head over to rfidiots.org most of this is derived from there, from mifare hacking to passport hacking and reading with sources.
Hmm, don't give a damn about people gaining free access to the tube, but it IS worrying that secure establishments can be accessed by all and sundry, and more importantly that this bloody stupid RFID passport can be hacked so simply.
While oyster accounts are linked to a name and an address, I don't believe any of that info is on the chip. And it's unlikely that you'd be able to hack the card to give you unlimited money since they're just tied into an account.
So just about the only thing possible is cloning someone else's card after cracking it, but it's not really worth the effort, and also very unlikely to be able to do without someone noticing. It might just take a few minutes at home, but probably not quite that easy to do on the tube.
Man you guys are making me miss London. Haha, shopping at Sainsbury's and chillin' at the Borders near Oxford circle (yeah ok I know I miss boring things).
That laptop is too big to use. Should have used umpc instead.