The vulnerability of cards based on the Mifare Classic RFID chip
(like the Oyster Card
used for the London Underground) has been known for some time now but, unsurprisingly, some pesky legal business has prevented the complete details from being published. That has now finally been cleared up, however, and Professor Bart Jacobs and his colleagues from Radboud University have promptly published their complete paper online. What's more, NXP Semiconductors, makers of the Mifare chip, are also now commenting on the matter, and saying that it never intended to completely stop publication of the research, but rather that it simply wanted to give customers time to update their systems. NXP's Steve Owen also adds that the company now doesn't "recommend the use of Mifare Classic for new installations," and that it's "working with customers to review their security." Those looking to dig in can find the paper at the link below and, in case you missed it the first time around, there's a video explaining the basics after the break.
[Via BBC Click