backtop


Print 21 comment(s) - last by plinkplonk.. on Jul 1 at 6:35 AM

Rides Free on the London Underground for a day

What does it take to force the Dutch government to deploy armed guards at its public access buildings? How hard is it to hop a free ride on the London Underground?

If you're Radboud University's Bart Jacobs, all that's required is a laptop and a bit of RFID know-how.

Jacobs says that he and his team used a "commercial laptop" to crack the encryption of and clone a widely-deployed Mifare Classic RFID smartcard. Classic cards are often found in office-building access control systems, wireless payment cards, and public transportation ticketing systems used by a number of municipalities worldwide, including the London Underground.

Using a circular antenna and data receiver hooked up to a standard laptop, Jacobs' team was able to download encryption keys from Mifare RFID scanners stationed for ordinary use. They were then able to steal smartcard data by waving the antenna -- which looks like a loopy wand -- within a couple of inches of a legitimate card carrier, a process called "skimming". Using sleight-of-hand techniques usually practiced by pickpockets, the process of scanning a victim with the wand can be done without their knowledge.

RFID smartcards transmit data wirelessly over a low-strength signal usually limited to a couple of feet. A video describing the process used for the Classic cards, originally discovered in April, was posted to YouTube.

Jacobs' team tested the hack in two scenarios: entering restricted-access areas of public-access, government buildings in the Netherlands and hopping a day's worth of free rides on London's subway system. Both tests ended successfully.

The Dutch government says it has embarked on a campaign to replace the smartcards of its entire workforce since learning of the attack, and stationed armed guards outside all its buildings. Over 120,000 smartcards will have to be replaced, at a cost of "about €5 ($8 USD) for each card."

"We take this extremely seriously," said a spokesman for the Dutch Interior Ministry. "It’s a national security issue."

The Times Online notes that over ten million of the Mifare smartcards are sold in the UK each year, including six million given to pensioners for free access to public transportation. CNET's Defense in Depth says that the same model smartcards are used in Boston transit's CharlieCard reusable ticket system, as well as public transportation systems in Beijing, Madrid, Hong Kong, Bangkok, and New Delhi. While newer, more secure systems are out, writes blogger Robert Vamosi, there are still half a billion Classic smartcards in use worldwide.

The team's page on Radboud University's website says that they are not aware of any technical solutions, short of replacing applicable systems, for fixing the Classic's vulnerabilities.

"The cryptography is simply not fit for purpose," said security researcher Adam Laurie. "It’s very vulnerable and we can expect the bad guys to hack into it soon, if they haven’t already."

"You only have to walk down the street to see contactless access control systems everywhere ... it used to be a magnetic strip, now it’s a card held up to a reader on the wall. A large percentage of these will have Mifare technology and are very vulnerable to attack. They should all be replaced."

With RFID finding an increasing amount of use worldwide -- including in the United States, where it's seeing use in the next and latest generations of U.S. passports -- privacy advocates are voicing their concern over the technology, which can often be read at distances over 20 feet and can contain sensitive biometric data. Recent legislation in the state of Washington outlawed the practice of "skimming" for the purposes of identity theft and fraud, but critics argue that the law will do little to actually stop the practice.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Solution is very inexpensive
By TSS on 6/27/2008 7:20:09 PM , Rating: 3
no see, the solution isn't inexpensive. first, a commitee has to be appointed to find out whats wrong with the current system, then a comittee has to be appointed to appoint the new order to a company (which *will* be given to a friend of the chairman via some way), as there are multiple company's gunning for the order they haved to be screened and determined by said comittee(s), by which time enough money will have been burned to replace the system 3 times.

and once a company has been decided upon, usually several so that everybody get's a piece, the project will be delayed several times due to internal miscommunication until it's considered a faillure and will be replaced by the next project.

the dutch, though i'm proud to be one, aren't good at managing big projects. the betuwelijn is a railroad from the west of holland to germany, calculated cost 1 billion, final cost 5 billion. today there was a news message on a dutch techsite about the UWV, the orginazation that handles unempoyment and such, had burned 87 million euro's on a system which was eventually to complex to be used and had to be abandoned. and this hacked news, isn't news to us. these things have been hacked through several times now, yet the dutch goverment will still implement this technology for our public transportation, like in london (called the OV chipkaart). within a timeframe which guarrantee's faillure.

only thing where good at is making money, not spending it :P


"And boy have we patented it!" -- Steve Jobs, Macworld 2007

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki