Not really a classic

[Dave Birch] The ramifications of the MiFare classic shenanigans that we have discussed here before continue to widen.

NXP said that the decision meant that affected parties such as system integrators and operators using MIFARE chips would likely want to review their systems, but that October was not long enough to deal with the problem properly.

[From Oyster card ‘free travel’ hack to be released | IT PRO]

NXP were right to point out that not every single card everywhere in the world needs to be replaced instantly, but our original conclusion that many schemes would need to start planning their upgrade route right away has turned out to be entirely justified. The story is a salutary parable about the benefits of “open” versus “closed” security, with a dash of hubris thrown in, and the need for long-term planning with these kinds of secure transaction systems. You might, by the way, be interested in this Channel 4 News segment on the Oyster card in London, which includes interviews with our friends from Royal Holloway and The Smart Card Group.

Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
Verified by MonsterInsights