Slashdot Mirror

← Back to Stories (view on slashdot.org)

Aussie Researchers Crack Transport Crypto, Get Free Rides

Posted by timothy on Sunday October 21, 2012 @08:27PM from the dirty-socialists dept.

mask.of.sanity writes "Shoddy customised cryptography by a state rail outfit has been busted by a group of Australian researchers who were able to replicate cards to get free rides. The flaws in the decades-old custom cryptographic scheme were busted using a few hundred dollars' worth of equipment. The unnamed transport outfit will hold its breath until a scheduled upgrade to see the holes fixed."

1 of 88 comments (clear)

Min score:

Reason:

Sort:

Re:Killing anonymity by mcbridematt · 2012-10-21 21:12 · Score: 4, Interesting

More likely it is the Brisbane GoCard or Perth SmartRider - which use the horribly insecure MiFare Classic, which was compromised some years ago and there are 'off the shelf' exploits.
The operator of the Brisbane system even tried to play down the significance of the MiFare Classic exploit when it was known before launch.