Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Zealand's Hackable Transport Card Grants Free Bus Rides

Posted by Unknown on from the we'll-fix-that-tomorrow dept.

mask.of.sanity writes "Kiwis could have their names, addresses, dates of birth and phone numbers exposed by flaws in the Christchurch public transport system that could also allow locals to travel on buses for free. The flaws in the MiFare Classic system allow anyone to add limitless funds to their transport cards and also buy cheap grey market cards and add them to the system. The website fails to check users meaning attackers could look up details of residents and opens the potential for someone to write a script and erase all cards in existence. Several flaws have been known to the operator since 2009." There are two sets of problems: their website is not adequately secured, allowing identity harvesting attacks, and the transit cards themselves are easy to forge.

96 comments

  1. Why is everyone reinventing the wheel? by kwark · · Score: 2

    There have been already a couple of mifrate classic public transport implementations where they discovered the card was abusable! eg http://en.wikipedia.org/wiki/OV-chipkaart#Technology
    This was known in 2007.

    1. Re:Why is everyone reinventing the wheel? by Anonymous Coward · · Score: 0

      yes exactly !

      I really dont know why they dont use bluetooth and a software up dateable key exchange the Oyster/NFC tags cost the same as even old bluetooth tags...

      this is yet another example of how big companies sell systems that clearly dont work you only have to look at the Sydney transport mess...

      the other advantage of a bluetooth tag system is you could simply link it to phones...

    2. Re:Why is everyone reinventing the wheel? by Anonymous Coward · · Score: 0

      Why don't they use Bluetooth? I'd like my public transport card to fit inside my wallet and not require a battery.

    3. Re:Why is everyone reinventing the wheel? by Anonymous Coward · · Score: 0

      Aw the execs don't mind, they actually like it. You see the old system wasn't making them money anymore, not in kickbacks, so they start a campaign about how they should modernize the payment system and how it will make everybody's life easier and lower costs, and they hire a new contractor to implement the new system. They hire that contractor because they got the most kickbacks from them. Now they find the system is faulty, so they need to hire someone to fix it, guess what, more kickbacks. Wait 5-10 years, let people forget, then time to modernize the system again.

    4. Re:Why is everyone reinventing the wheel? by kwark · · Score: 1

      Bluetooth? They just shouldn't have picked a known bad contactless smartcard. NFC is perfectly suitable for this (and can be tied to "modern" phones)

    5. Re:Why is everyone reinventing the wheel? by Anonymous Coward · · Score: 0

      actually you could do so using Bluetooth Low Energy, and powered in the same way NFC is by a pulse...

      you can use a card if you wish but for people who want it to work with a phone... all makes could be supported

    6. Re:Why is everyone reinventing the wheel? by Z00L00K · · Score: 1

      Also several of the travel passes in Sweden have the same flaw, Västtrafik, SL etc. - all uses the same data format and basic strategy.

      It's fairly easy to hack and with the new cell phones with NFC you can even copy the card that someone else carries without them knowing it and copy that to another card.

      There are better cards that has better encryption, but it's just a question of time before they are broken too.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
    7. Re:Why is everyone reinventing the wheel? by Anonymous Coward · · Score: 0

      That's the point, they are not re-inventing the wheel. There aren't many companies who can build a ticketing system (and the pockets to fund one ).
      From a fast google search, it seems to be the same company who did and NL (chipkaart) and Chrischurst ....
      They are just a bunch of clueless managers and "technical authorities"(someone who has never done IT beside a 3 days course in data modeling and architecture would do a better job than most of them ). All of their systems shared the same core. So a flaw that exists in one system, will exist in another one.
      And the clients aren't much better as well.
      One funny thing, I was billed at 400€ a day, and through the game of contractors of contractors of contractors, I was billed to the final client at 1200€ / day.

    8. Re:Why is everyone reinventing the wheel? by viperidaenz · · Score: 1

      All makes could be supported? Only those with bluetooth low energy support.

      Also, no one has made a passive bluetooth card yet. It requires too much power and runs at 2.4GHz. You'd need to supply power on a different frequency.

    9. Re:Why is everyone reinventing the wheel? by tqk · · Score: 1

      [This] is yet another example of how big companies buy systems that clearly dont work[. You] only have to look at the Sydney transport mess...

      FTFY. If those buying !@#$ buy !@#$, they should bear the guilt.

      --
      "Tongue tied and twisted, just an Earth bound misfit ..." -- Pink Floyd.
    10. Re:Why is everyone reinventing the wheel? by stoatwblr · · Score: 1

      MiFare _IS_ a NFC card.

      Most of the problems I see with them revolve around operators not even bothering to use encryption in the first place.

  2. that and Sydney... should have gone bluetooth by johnjones · · Score: 2

    frankly they should have used a software system that worked with phones with optional card if you wanted it rather than a phone

    Oyster has been hacked again and again...

    http://www.wired.com/autopia/2008/06/hackers-crack-l/

    regards

    John Jones

     

    1. Re:that and Sydney... should have gone bluetooth by hairyfish · · Score: 2

      frankly they should have used a software system

      Or here's something left field, how about make public transport free and just pay for it through a flat levy? Oh noes! higher taxes! Yeah it won't sell politically, but really common sense tells you public transport benefits everyone so should be paid for out of the public purse. And think of how much more efficient you can make it when you don't have to bother with complicated ticketing systems. If you like public transport it's a win, if you're a Canyonero fan then you also win (less other cars on the road to get in your way). Of course it'll never happen because the 2nd amendment or some other bullshit excuse.

    2. Re:that and Sydney... should have gone bluetooth by viperidaenz · · Score: 1

      Public transport is heavily subsidised in New Zealand.

      I don't know about Christchurch, but in Wellington public transport is 2/3rds funded by rate payers.

    3. Re:that and Sydney... should have gone bluetooth by cascadingstylesheet · · Score: 1

      Or here's something left field, how about make public transport free and just pay for it through a flat levy? Oh noes! higher taxes! Yeah it won't sell politically, but really common sense tells you public transport benefits everyone so should be paid for out of the public purse. And think of how much more efficient you can make it when you don't have to bother with complicated ticketing systems. If you like public transport it's a win, if you're a Canyonero fan then you also win (less other cars on the road to get in your way). Of course it'll never happen because the 2nd amendment or some other bullshit excuse.

      Hmm ... sure, if you consider it a public benefit by getting the unwashed out of the way packed into their cattle cars, leaving the streets less crowded for us haves.

      Tougher sell put that way, though ...

    4. Re:that and Sydney... should have gone bluetooth by Master+Moose · · Score: 0

      I visited Christchurch about 6 years ago and all bus trips were the same price regardless of distance traveled.

      Of course I can not say if it is still the same, But I did appreciate the flat fare structure.

      --
      . . .gone when the morning comes
    5. Re:that and Sydney... should have gone bluetooth by Macgrrl · · Score: 1

      OK, so if public transit is free, how do we encourage people to swipe on and swipe off? What, why would we want them to I hear you say - it's about collecting system usage metrics for better planning.

      I suspect in most cases it would probably be cheaper not to collect fares and simply manage it via a levy/tax, if the usage patterns were never going to change. However if you need to capture the number of unique users of a system and which lines and stops they use and what times - some kind of networked token system is going to be by far your most efficient method of doing so.

      Most users are too self interested to wipe unless they were risking a fine if they didn't. Fare evasion is expensive to pursue - it requires ticket inspectors, infringement management frameworks, interfaces to the courts system.

      Maybe at some point we'll all have RFID chips embedded and it will simply track everyone who gets on and off a PT vehicle - maybe it will even anonomise the data, though probably not. At which point some government will make a big deal about doing away with the ticketing system and people will think it's a good thing. From a service provision point of view it might be. From a privacy point of view - not so much.

      --
      Sara
      Designer, Gamer, Macgrrl in an XP World
    6. Re:that and Sydney... should have gone bluetooth by Anonymous Coward · · Score: 0

      In Dunedin,it's 50% funded by rate payers. Also, you travel half the distance of Chch, and you can pay many times the cost - the buses here are expensive, and you can be physically threatened by a bus driver if you have symptoms of a cold.

    7. Re:that and Sydney... should have gone bluetooth by Anonymous Coward · · Score: 0

      OK, so if public transit is free, how do we encourage people to swipe on and swipe off? What, why would we want them to I hear you say[...]

      Because you're an idiot? Why would you need someone to swipe on and off? An electric eye (or a pressure plate) would count everyone who crossed the threshold just as well. You don't even really need numbers, you need "Is the bus full?"

      You could even have a camera that snapped an image once every minute, and then have someone make notes based on usage patterns.

      Swiping on and off is for amateurs and people who don't think about things very deeply.

    8. Re:that and Sydney... should have gone bluetooth by hairyfish · · Score: 1

      I used to live in Hong Kong where the us haves travel the same public transport as the great unwashed. I found it a lot easier and more civilised than anywhere else in the word where private transport dominates.

    9. Re:that and Sydney... should have gone bluetooth by hairyfish · · Score: 1

      Trivial problems that solutions already exist for. A led beam at the door will give you a reasonably accurate count, cameras can do accurate counts of people movement (I used to work for a place that did this specifically), or you just pick on mobile phone signals.

  3. Problem already solved by waynemcdougall · · Score: 4, Funny

    Good news everybody! Here in New Zealand such actions as hacking cards to add value, or taking personal information off websites, or even wiping data off someone else's computer system are all illegal.

    Thus solving the problem once and for all.

    --
    Recycle PCs and build a wireless community network www.hillsborough.org.nz
    1. Re:Problem already solved by Anonymous Coward · · Score: 0

      Using that logic, you might as well make guns legal.

      No. Making them legal leads to murder.

    2. Re:Problem already solved by Anonymous Coward · · Score: 0

      ONCE AND FOR ALL!

      (for those who don't get it: http://www.youtube.com/watch?feature=player_detailpage&v=OqVyRa1iuMc#t=86 )

    3. Re:Problem already solved by viperidaenz · · Score: 1

      Guns are legal in NZ, if you hold a gun license.
      Although, around 40 people are still murdered every year. Most without guns.

    4. Re:Problem already solved by gweilo8888 · · Score: 2

      ...which is the equivalent of 2,832 people being murdered in the US every year.

      Actual US homicide rate, courtesy of the CDC: 16,259, of which 11,078 were using firearms.

      So you have a 5.74x greater chance of being murdered in the USA than in New Zealand, assuming your figure was correct. (I didn't bother to check it.) And even if you ignore the firearm deaths completely in the US (but still include them for NZ), you still have 1.83x greater chance of being murdered in the USA.

      So much for the whole "guns make you safer" thing. You're less safe in the US in terms of non-gun crime, and you're much, much less safe in terms of gun crime.

    5. Re:Problem already solved by viperidaenz · · Score: 1

      I was just pointing out NZ is cooler than USA

  4. Such a deal by Earthquake+Retrofit · · Score: 2
    "Kiwis could have their names, addresses, dates of birth and phone numbers exposed by flaws in the Christchurch public transport system that could also allow locals to travel on buses for free."

    So I get free rides on the bus and anyone can see my (fairly public) directory information... not such a bad deal.

    --
    Fifty years of Yippie! 1968-2018
    1. Re:Such a deal by PRMan · · Score: 2

      Clearly the submitter doesn't understand the culture of the south island of New Zealand. When I was there recently, there were bags of apples in a barn with an "honesty box" where you paid the amount listed on the bag. Could I have stolen all the apples and got them "free"? I guess. But that's not the culture there. People pay for things because it's the right thing to do, not because the card "makes" them.

      --
      Peter predicted that you would "deliberately forget" creation 2000 years ago...
    2. Re:Such a deal by Anonymous Coward · · Score: 0

      I live in the South Island. Dunedin, actually - with the worst drivers in the world. They'll smash your car up and if you're not around, they'll fuck off rather than admit it.

      Let me tell you about the place I work. It's a big place, a media company with many employees, and is owned by one of the richest men in the country. Some of the staff are very well paid, some (such as myself) are paid shit.

      One day, a fellow poorly paid employee finished up. She bought a whole bunch of soft drink and pastries in for a small party. Within half an hour, someone had stolen all of the pastries. There's also an honesty box-based snack box there. Someone has been stealing food from it, and has taken more than $60 worth of snacks.

      Dunedin is full of selfish cunts, from stem to stern.

  5. Why do transit smartcards need to be hard? by jonwil · · Score: 3, Informative

    Why is it that transit smart cards always seem to take longer to roll out than promised, cost more than promised, end up being more complex than promised and end up being less secure than they should be?

    You dont even need to make the cards themselves "smart", you can make the cads just data storage devices that can store an encrypted data blob and do all the cryptography and stuff in the readers. And you can use good strong well-tested cryptography instead of inventing your own crypto.

    Cards would be cheaper because they wouldn't contain much logic, just a memory chip, RFID/NFC/whatever antenna and some logic to read from and write to the memory chip. Anyone who builds a reader and reads their card out will simply get an encrypted/signed blob that they cant mess with.

    1. Re:Why do transit smartcards need to be hard? by Anonymous Coward · · Score: 0

      You're thinking like an engineer. Try to think like a manager.

    2. Re:Why do transit smartcards need to be hard? by kwark · · Score: 1

      You need to take into consideration that there is no active connection to the central office, terminals and cards have to be able to work standalone if you want to stop abuse of anonymous cards and gsm jammers (in busses).

    3. Re:Why do transit smartcards need to be hard? by Mr.+Freeman · · Score: 1

      Because of laws that prevent the government from doing anything themselves. Everything has to be contracted out because a bunch of politicians think that the free market is magic. Of course, contractors have financial incentives to deliver projects that take longer than advertised because they get paid for that extra time spent. Having competent people means that the project is finished quickly, so hiring idiots is financially beneficial. Of course, the contractor also gets paid for all the maintenance they do when fixing the system when it breaks down due to all the bugs they put into it.

      --
      -1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.
    4. Re:Why do transit smartcards need to be hard? by jonwil · · Score: 2

      Thats why the terminals have all the intelligence.
      If the system is designed right, forged cards, replay attacks (e.g. add $50 to the card, read its contents, spend the $50, write the old contents to get a free top-up) and other such things can be prevented.

      What you can do is to add a simple hardware increment-only counter to the card. Each time the card is written to, the counter is incremented by the circuit logic. When the card is read, if the value of the counter doesn't match whats stored in the encrypted-and-signed blob, it will reject the card.

    5. Re:Why do transit smartcards need to be hard? by vakuona · · Score: 1

      Winner's curse. The implementation of any public project tends to be awarded to the lowest cost bidder, the one who has underestimated the costs.

    6. Re:Why do transit smartcards need to be hard? by Joe_Dragon · · Score: 1

      What you can do is to add a simple hardware increment-only counter to the card. Each time the card is written to, the counter is incremented by the circuit logic. When the card is read, if the value of the counter doesn't match whats stored in the encrypted-and-signed blob, it will reject the card.

      easy just roll it over so it loops back or even better have roll over to a negative number so when you try to get on the bus it says read error and they may just let you ride free after a few try's.

    7. Re:Why do transit smartcards need to be hard? by Anonymous Coward · · Score: 0

      Good luck making that 64-bit counter roll over.

      Alternatively, good luck making your card unusable by going way over NVRAM's rated write cycles.

    8. Re:Why do transit smartcards need to be hard? by Noishe · · Score: 1

      by going way over NVRAM's rated write cycles.

      Or you could just microwave the card

    9. Re:Why do transit smartcards need to be hard? by Chuck+Chunder · · Score: 1

      If the system is designed right, forged cards, replay attacks (e.g. add $50 to the card, read its contents, spend the $50, write the old contents to get a free top-up) and other such things can be prevented.

      What is the practical gain from that?

      The reality is that 99.9% of people are honest and will pay what they should regardless of whether the cards are insecure and could be 'hacked'. As such there isn't much to be gained from designing a system that protects against things almost no one is going to do anyway.

      Which doesn't explain why these systems always seem to cost so much and get delivered late. I can only assume the companies that make these things do that so the problem seems harder than it is.

      --
      Boffoonery - downloadable Comedy Benefit for Bletchley Park
    10. Re:Why do transit smartcards need to be hard? by viperidaenz · · Score: 1

      But this is a bus. There is an active connection to the central office. Some of them even have free WiFi.
      In Wellington our buses have a system called "Snapper". It's an NFC card that's used in buses and some stores. No value is stored on the card, you scan it when you get on the bus and scan when you get off. The correct fare is automatically taken from your balance.

      There are also a few phones it is compatible with.

    11. Re:Why do transit smartcards need to be hard? by the_olo · · Score: 2

      Why is it that transit smart cards always seem to take longer to roll out than promised, cost more than promised, end up being more complex than promised and end up being less secure than they should be?

      You dont even need to make the cards themselves "smart", you can make the cads just data storage devices that can store an encrypted data blob and do all the cryptography and stuff in the readers. And you can use good strong well-tested cryptography instead of inventing your own crypto.

      Cards would be cheaper because they wouldn't contain much logic, just a memory chip, RFID/NFC/whatever antenna and some logic to read from and write to the memory chip. Anyone who builds a reader and reads their card out will simply get an encrypted/signed blob that they cant mess with.

      Do you really think it's that simple? If it was, there would be no problem.

      Your proposed non-smart card solution (as any stored value one) is inherently susceptible to cloning. Anybody with a RFID/NFC reader can pass close to you just once, then produce a card that's an identical copy (from the perspective of the system) of yours. He can then have a few rides at your cost and discard the cloned card or load another individual's captured data onto it so that he can avoid using a particular person's card for too long.

      The transport company could see symptoms of duplication (rides by the same customer at the same time observed in different areas), but good luck with distinguishing between the original user and the clone! They'd have to employ careful analysis of riding patterns to isolate the individual who uses cloned cards (assuming that his transport usage patterns are uniform).

    12. Re:Why do transit smartcards need to be hard? by kwark · · Score: 1

      "The reality is that 99.9% of people are honest and will pay what they should regardless of whether the cards are insecure and could be 'hacked'."

      People are less honest then you think, most will do stuff they know they shouldn't if they think they will not get caught, even when there is no financial need.

      This chipcards and the required tollgates were introduced with a promise to stop fare dodgers. Recent news of the dutch system appears to have the effect of going from 11% to 2%. http://www.ad.nl/ad/nl/1012/Nederland/article/detail/2943764/2011/10/03/Aantal-zwartrijders-RET-daalt-spectaculair-door-ov-chippoortjes.dhtml
      The same might have been achived cheaper with more actual people in the public transport actually checking tickets..

    13. Re:Why do transit smartcards need to be hard? by kwark · · Score: 1

      "But this is a bus. There is an active connection to the central office."

      Until the perp. is using a gsm jammer (or you get into an area without coverage). The bus terminal will store the transaction for later validation, but since the perp is using an anonymous or cloned card he has gotten an untracable free ride.

    14. Re:Why do transit smartcards need to be hard? by sensationull · · Score: 1

      $3.80 saved by only an hours work and a thousand dollars worth of hardware along with the possibility of jail time... bargain :)

    15. Re:Why do transit smartcards need to be hard? by RobertLTux · · Score: 1

      easy fix if the connect goes down NO RIDE in fact if the card is in any way unreadable NO RIDE.

      couple this with a requirement that the readers must be working for the bus to stay in service and Bobs Your Uncle

      --
      Any person using FTFY or editing my postings agrees to a US$50.00 charge
    16. Re:Why do transit smartcards need to be hard? by IamTheRealMike · · Score: 1

      Such cards have existed for many years. The NZ bus network is apparently using "MiFare Classic" which is very, very old now and is known to be weak. Designing better systems is no use if people don't upgrade to them.

    17. Re:Why do transit smartcards need to be hard? by Anonymous Coward · · Score: 0

      They don't. The Canberra uses a system called MyWay. http://www.action.act.gov.au/fares/myway_-_prepaid_ticketing
      It works really well. Anyone can buy a ticket. Load the ticket with cash. Swipe on and swipe off. Each swipe does a database check on the ticket id.
      Fraud is minimal. The system Just Works.

    18. Re:Why do transit smartcards need to be hard? by Anonymous Coward · · Score: 0

      The one who underestimates the cost, and is usually too incompetent to put such a system together.

    19. Re:Why do transit smartcards need to be hard? by jonwil · · Score: 1

      Ok so you add a unique hardware ID (burned into the card when its manufactured and unchangeable) and the data stored on the card is tied to it. If the card data is cloned, the card its cloned to wont have the correct ID and will fail to work.

      Its not like the people cloning these cards to get free bus travel are going to be spending dollars on equipment that can somehow create cards with the correct unique ID for the cards they are copying. Plus, a cloned card wont have the correct transit company logos on it (unless you can replicate that too which also costs dollars to do properly) meaning inspectors or drivers looking to see your card (which happens on the transit network in my city which also has a card system) will see that its a fake.

    20. Re:Why do transit smartcards need to be hard? by jonwil · · Score: 1

      I have ridden on buses many times where the readers are not working (in fact I rode one the other day) and the driver just tells everyone to get on anyway (the readers in my city have a back-to-base link as far as I know). Often the alternative to "run the service with broken readers and let people on for free" is "don't run the service at all and piss people off because their bus didn't show up", "get a replacement bus with working readers and piss people off because the bus is late" or "get another driver to do the run and piss people off because the bus is late".

    21. Re:Why do transit smartcards need to be hard? by viperidaenz · · Score: 1

      If the connection is cut, the terminals stop working and you have to actually converse with the bus driver and pay cash

    22. Re:Why do transit smartcards need to be hard? by Anonymous Coward · · Score: 0

      In the United States, we waste an absolutely insane amount of time, money, and opportunities trying to collect fares on public transportation.

      We do this because the simple and obvious solution -- make public transportation free, and pay for it with anti-congestion taxes -- is political suicide. In nearly every major city in the United States, Rich people drive into city centers to work in an office, and poor people take public transportation into centers to work in the places that serve lunch to rich people [*]. Poor people who serve lunch don't contribute to political campaigns, and they don't vote, so they don't matter.

      Hence, poor people get public transportation with inconvenient payment schemes that cost more to implement than they collect, and inconvenient schedules because everyone avoids the bus.

      [*] The only exceptions are places where there is no public transportation at all, and New York.

    23. Re:Why do transit smartcards need to be hard? by lakeland · · Score: 1

      Because it is hard.

      (Disclaimer: I used to work for a company which bid unsuccessfully a few years ago to fix up the Christchurch system)

      Probably the hardest part is the decentralised nature. How much money do you have out there? If this card claims to have been topped up by a terminal but you have no record of that, either the terminal is slow at reporting back, or the card is lying. By the time you know, it's too late. We have no way of communicating with a card except when it happens to be brought on bus, and at that point we don't have an internet connection.

      Second hardest is probably balancing trust with flexibility. We want to enable internet top-up, but how do we get the money from an authorised transaction to your card without forcing you to buy a USB to NFC adaptor? We don't want to trust the card, or at least we want to test it for hacks. We don't want to trust the terminal, a single break-in there could cost a lot. And most of all we need to be constantly worried about primary keys - a break-in to signing keys would destroy everything.

      Third hardest is the cheap hardware. Customers expect to get bus cards for free, which means you can't afford more than about $5 per card. Also with a couple terminals per bus you need perhaps a thousand terminals in christchurch - many of which will only be used a few thousand times in their lifetime and so they can't be expensive either.

      Fourth hardest is probably the response time. You have roughly 200ms from card presence to approve/reject. That is not enough time for complicated checking - it is enough to check the has of a card number against a blacklist, or to run a challenge response protocol, but that's about it.

      That's just off the top of my head and gives a rough overview. These are largely solved problems, but I can understand why a place like Christchurch with a population of 350k, many of whom don't use PT, would elect to stick with a broken system until a national standard is rolled out.

    24. Re:Why do transit smartcards need to be hard? by Anonymous Coward · · Score: 0

      New York City has an even simpler solution to cloning: the cards use magstripes instead of RFID, so you can't clone a card without actually having possession of it.

    25. Re:Why do transit smartcards need to be hard? by the_olo · · Score: 1

      Ok so you add a unique hardware ID (burned into the card when its manufactured and unchangeable) and the data stored on the card is tied to it. If the card data is cloned, the card its cloned to wont have the correct ID and will fail to work.

      Its not like the people cloning these cards to get free bus travel are going to be spending dollars on equipment that can somehow create cards with the correct unique ID for the cards they are copying. Plus, a cloned card wont have the correct transit company logos on it (unless you can replicate that too which also costs dollars to do properly) meaning inspectors or drivers looking to see your card (which happens on the transit network in my city which also has a card system) will see that its a fake.

      How do you propose to practically achieve this "burned" ID?

      How can you prevent the attacker from obtaining cards from a different manufacturer who doesn't do this "burning in" and lets the users to set any value in any stored field?

      The whole aim of having the cards being "smart" is that they can be equipped with a protected private key that they don't allow to be read from the outside world and that these cards perform cryptographic signing internally, without letting any secret information about performed cryptography out.

      That's also why there's so much effort put into making smart cards tamper-evident (see Design principles for Tamper-Resistant Smartcard Processors (1999)) and withstand electromagnetic eavesdropping (see ElectroMagnetic Analysis (EMA): Measures and Counter-measures for Smart Cards) - so that you can't just put a receiver close to them when a transaction is being performed and steal their private key.

      As far as I understand, the flaws in various public transit card systems are mostly due to weak implementations of cryptography. Your proposed solution, on the other hand, is completely wide open to attacks, so it's much worse.

    26. Re:Why do transit smartcards need to be hard? by LordWabbit2 · · Score: 1

      I think for this it's more about hacking the system and sticking it to the 'man' than about $3.80.
      I'm fortunate enough to be working for a company that on the odd occasion actually asks me to hack/reverse engineer things and nothing beats finding that chink in the armor.

      --
      There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
    27. Re:Why do transit smartcards need to be hard? by Anonymous Coward · · Score: 0

      Cause somebody's brother-in-law probably keeps getting the damn contract, not the actual best solution provider....

    28. Re:Why do transit smartcards need to be hard? by Kalriath · · Score: 1

      Snapper isn't realtime either. The data is stored by the (offline) onboard computer, the new value written to the card, and the transactions online processed overnight when the data is shipped off to the Data Warehouse in Seoul, South Korea (at which point if you're in Auckland, the data is also propagated back to Auckland Transport for analysis). Most buses do not have active online connections.

      --
      For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
    29. Re:Why do transit smartcards need to be hard? by Kalriath · · Score: 1

      No it isn't, the implementation is awarded to the largest bidder, who estimated their costs perfectly fine, padded them by 150%, and lied about the timelines.

      --
      For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
    30. Re:Why do transit smartcards need to be hard? by Kalriath · · Score: 1

      And unfortunately that national standard has already been chosen in the form of Auckland Transport's buggy, half-assed implementation brought to you by Thales. It's over-budget, late, plagued by "intermittent technical difficulties" and you'll be lucky if customer service doesn't tell you to just throw your card away and buy a new one if you get hit by one of the system's biggest flaws (like, I don't know, a refusal to top up your account after you've paid - the amount just sits as "pending" and never applies to your balance).

      --
      For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
  6. justice by Anonymous Coward · · Score: 1

    they just had their city destroyed by an earthquake. let them have all the free bus rides they want.

  7. Smart people... by Coditor · · Score: 2

    ... apparently don't make Smart Cards.

    1. Re:Smart people... by flyingfsck · · Score: 2

      Hmm, you are a funny card, what?

      --
      Excuse me, but please get off my Pennisetum Clandestinum, eh!
  8. Re public transport for free? by hankwang · · Score: 1

    how about make public transport free and just pay for it through a flat levy?

    I'm all for subsidizing this kind of public infrastructure if only because the alternative is using tax money to deal with all the extra traffic. However, I don't believe that making it free is a good idea. Transportation, public or not, still costs money; with free public transport, all financial incentives for people to reduce unnecessary movements disappear, as do financial incentives for the operators to increase efficiency. This is asking for ever increasing costs of the public transport system.

    --
    Avantslash: low-bandwidth mobile slashdot.
    1. Re:Re public transport for free? by Calydor · · Score: 1

      What?

      You are confusing 'free' with 'paid for by your tax dollars'.

      People are not going to suddenly spend half their day on a bus driving back and forth because suddenly it's free (at the point of getting onto the bus) to do so. They will go where they need to go, just as they do today.

      The operator will get X million dollars from the government (from your tax dollars) to keep the busses running, serviced etc. If they go over budget they're screwed, which means they will want to increase efficiency so there's money left over for bonuses for the managers.

      --
      -=This sig has nothing to do with my comment. Move along now=-
    2. Re:Re public transport for free? by mspohr · · Score: 1

      Really? "Unnecessary movements...?"
      Should people just stay home and not go to work or socialize or recreate?
      As far as efficiency... every transport system has a budget and assets and costs... a good manager will optimize their use. A good manager will get good performance reviews and will be successful. This has nothing to do with the cost (free or otherwise) of the ride. People will be happy or unhappy with the service depending on the schedule of the transport and the facilities. They may be a bit more unhappy if they paid a lot for the service but the feedback will be the same.

      --
      I don't read your sig. Why are you reading mine?
    3. Re:Re public transport for free? by Anonymous Coward · · Score: 0

      In many areas, making it free means you have bums, crazy people, homeless people (the ones who refuse to go to a shelter), riding the thing all day to stay warm. Not exactly what you want out of a public transportation system. Those of us who live far enough out from the city centers and can't use public transportation don't want to fund it. Those that do use it should fund it. Just like the people who live near their work and don't need to cross a bridge shouldn't have to pay for the bridge. If I cross it, I pay the toll to fund it.

    4. Re:Re public transport for free? by hankwang · · Score: 1

      People are not going to suddenly spend half their day on a bus driving back and forth because suddenly it's free

      Actually, I think that that is exactly what will happen. See the other comment about loitering (sitting on the bus/train forever to keep warm). Other example: some 20 years ago, Netherlands introduced unlimited "free" public transport (bus and nation-wide trains) for students (age 18-24 years). It created a huge surge in passenger numbers, much more than what could be covered by the reduction in monthly allowances. So much that in the next few years, they restricted the hours of usage *and* increased the fees. I also recall that several courier services popped up, operated by students using their unlimited subscription to deliver packages on the other side of the country.

      --
      Avantslash: low-bandwidth mobile slashdot.
    5. Re:Re public transport for free? by tqk · · Score: 1

      I don't believe that making it free is a good idea. Transportation, public or not, still costs money; with free public transport, all financial incentives for people to reduce unnecessary movements disappear, as do financial incentives for the operators to increase efficiency. This is asking for ever increasing costs of the public transport system.

      Those buses and trains are on a schedule and are going to run if they can whether they're full or empty. At Rush Hour, they're full. Midnight Tuesday when the late shift goes home, not so much. Is it really going to cost that much more to run them empty than if they're full?

      I think if you'd have taken public transport recently, you wouldn't have brought up that "unnecessary movements" bit. These systems are more than capable of discouraging such activity all by themselves. I've lived here for about four months now and I've not yet found it necessary to use them. I'd rather walk, anyday.

      --
      "Tongue tied and twisted, just an Earth bound misfit ..." -- Pink Floyd.
    6. Re:Re public transport for free? by hairyfish · · Score: 1

      I don't think you've thought that through. What exactly is an unnecessary movement?The whole point pf is to get people moving as freely and as often as they want since this inevitablly improves everyone's lives, AND helps the overall economy. The cost will only rise to the real actual cost of moving people, and that will always be cheaper to do in bulk than some illusion of ubiquitous private transport.

  9. They did have some other priorities... by pdcull · · Score: 1

    Although there is no excuse for lousy security, the "security hobbyist" did fail to mention in the article that the city was hit by an earthquake in February 2011, which mostly destroyed the central city. I suspect that might have more to do with Ecan's delay in implementing a new system, rather than just "they wanted a new flashy-looking website".

  10. Phew by rueger · · Score: 1

    Thankfully the new "Compass" card being forced onto Vancouver transit users will absolutely, positively have none of these problems.

    --
    Three Squirrels
  11. MiFare classic was shown to be vulnerable long ago by Anonymous Coward · · Score: 0

    MiFare classic was shown to be vulnerable long ago. What was it, 10 years ago? Transit systems with half a brain upgraded to newer versions back then!