FREE NEWSLETTER - EVERY WEEKDAY FROM 16:00
weather forecast Tuesday: An overcast and misty start but sunny spells in most places later. Similar on Wednesday
 
Home| News| Dictionary| Features| International| Expats| RSS| Newsletter
Search

Comment
Going, going, gone

Three down and who's next?

Family Guys

Rotterdam is counting again

Iceland says ‘no’

...more comments

What's On
Matisse to Malevich

Lissitzky +

Edward and Nancy Kienholz

Household Textiles

Katie Melua

...more events

Jobs in Holland
Visual/Web Designer

Secretary / Office Assistant - Dutch

Finance & Quality Manager

Sales Support Representative- Fluent French & Fluent English

Customer Service Representative - Native German, Fluent French and English

...more jobs


 
««« previousnext »»»

Transport smart card hacked again (update)

Tuesday 15 January 2008

Transport users watchdog Rover and the government’s privacy council both again criticised the introduction of a transport smart card on Tuesday following news that hackers had broken into the disposable card system.

Rover spokesman Rikus Spithorst told BNR radio that trials should be halted immediately. ‘One skeleton after another is coming out of the cupboard,’ Spithorst said. He urged central government to intervene and take over the development process.

On Monday evening it emerged that students from Radboud university in Nijmegen had succeeded in hacking into the disposable version of the new transport smart card (ov-chipkaart).

Smart cards are due to replace paper tickets on all trams, buses and trains in 2009 and are currently being trialed in Rotterdam and Amsterdam.

Last week it emerged that German hackers had broken into part of the system used to protect the permanent smart card. That incident is currently being investigated by researchers from the TNO institute.

The privacy watchdog CBP said its research showed the cards broke privacy regulations. Information on passenger behaviour is being stored for almost seven years and personal details are too easy to read, the CBP said.

© DutchNews.nl


Get the DutchNews.nl newsletter in your mailbox: Click here to subscribe



Print-version

Readers' comments

It is not surprising that the these disposable cards can be hacked. They do not have any “buried secret”, so they are wide open to cloning and data reading, no better than bank credit cards.

Regarding the mifare Standard cards, as used in the Netherlands transit system,, what has not been published is the major risk or replay attacks, where a purse transaction can be easily be replayed to “top-up” a card ePurse. This is because the random number generator on the card, used for security operations, has many weaknesses which have now been exposed.

OK, so a well-designed transit system has other security checks to stop this, but what happens if everybody is able to easily hack their transit cards?

In any case, the mifare Standard card was a very poor choice for a large multi-modal, multi-operator transit such as proposed for Netherlands. While this card is suitable for small transit systems, it old design and lack of on-card transaction “anti-tear” mechanism makes it totally unsuitable for large-scale transit systems. There were far better cards available, such as the mifare DESFire, for very little extra cost.

By Graeme Grieve | January 17, 2008 11:48 AM


Place your comments:

*
* (will not be published)

Postings which contain racist, sexist or homophobic language or which insult other correspondents will not be published. Publication is at the discretion of the editor and DutchNews.nl reserves the right to edit or shorten comments.

Click here
 
 
Click here
 
 
Click here
 
Advertising| Business services| Mobile| Tell a Friend| Donate| Contact| About us
Webdesign
Stammeshaus.com
Click here
  
Click hereClick hereClick here
Hosted by Qweb.nl
Click here
FREE NEWSLETTER - EVERY WEEKDAY FROM 16:00