wrote in message
...
On Jul 22, 9:40 am, wrote:
On Jul 21, 6:25 pm, Tom Barry wrote:

Adrian wrote:
"Batman55" gurgled happily, sounding much
like
they were saying:

"Details of how to copy the Oyster cards used on London's transport
network can be published, a Dutch judge has ruled. "

Seehttp://news.bbc.co.uk/1/hi/technology/7516869.stmMaxB

And quite right too. Security by obscurity is a laughable farce.

Indeed. What NXP were trying to do smacks of claiming you can walk
safely off Beachy Head after banning the teaching of the Theory of
Gravity.

I notice LUL are still claiming Oyster security is perfectly ok. Do
they live in a parallel universe or something?
The sooner this whole Oyster card b0ll0cks is blown apart the better ,
then we can get back to normal tickets without any you-forgot-to-touch-
out scams.

We don't know what the technique is yet.

Given that the Oyster central database knows how much money you have on you
card, I assume that it's going to work by adding more virtual money to the
card, but not to the database. This will enable you to use the card for
journeys on a part of the system that is not permanently online (which I
guess means only buses).

ISTM that this will only work until the remote machine syncs up with the
central database, when the fraud will be recognised, the card blocked and
the journey analysed to see if there are people making the same journey on
hacked cards.

Methinks no-one will get away using a hacked card for long enough before
they are nabbed, for it to be worth the criminal penalty that they will
receive.

BICBW


tim

Methinks no-one will get away using a hacked card for long enough before
they are nabbed, for it to be worth the criminal penalty that they will
receive.

BICBW


The ideal cards to clone would be the staff gate passes.

"Matthew Dickinson" wrote in message
...

Methinks no-one will get away using a hacked card for long enough before
they are nabbed, for it to be worth the criminal penalty that they will
receive.

BICBW


The ideal cards to clone would be the staff gate passes.

Do they open any station, or just the one that they are located at?

tim

On Tue, 22 Jul 2008 19:55:17 +0100, "tim....."
wrote:

The ideal cards to clone would be the staff gate passes.

Do they open any station, or just the one that they are located at?

And no use if a grip is carried out because they aren't valid for
travel (or I don't think so anyway).

Even easier would be to clone a magstripe gate pass, but you'd still
be stuck if you got caught.

Neil

--
Neil Williams
Put my first name before the at to reply.

On Tue, 22 Jul 2008 18:18:08 +0100,
tim..... wrote:

Methinks no-one will get away using a hacked card for long enough before
they are nabbed, for it to be worth the criminal penalty that they will
receive.

I agree. There's "pickpocketing" a card as someone exits the gate.
But it's still not going to work very well if the "pickpocket" makes a
regular journey. It might take a couple of weeks rather than a couple of
days before red flags come up. And it seems unlikely that any casual
user is going to go to all the trouble to save a few pounds - they're
far more likely just to sneak through the gates behind someone else.

Then there's sharing a card to only have one cap. But I wonder how many
people are going to make a journey, then phone their accomplice "Ok, I'm
out. Now you make the journey." It's the sort of thing some university
students might do to prove it can be done but it seems unlikely there
are many other people who will bother. (It would already probably be
possible to do this where there's mobile reception - person 1 makes the
journey as normal. Then then have a laptop with 3G modem and card
transponder. Other person also has a card transponder also wired up to a
laptop. Second person touches with transponder - data is transmitted
from laptop to laptop and the signals replayed to the card. If you were
really careful you might even be able to fool a train inspector with
this technique on the overground.)

Perhaps the biggest threat is from the people who enter at an ungated,
distant station and have a zone 1&2 travelcard. Currently they can just
"forget" to touch out - I don't know what systems are in place to detect
that - but now they can potentially have a fake card that appears to
have a valid touch in if they are inspected on the train. (And is there
anywhere in Z1&2 where you can enter or exit without going through a
gateline? That would be an obvious way to detect cards being used like
this if every Z1&2 station has a gateline)

I suppose the other possibility is to have two fake cards, put a few
(fake) pounds on each, touch in on one and out on the other. (maybe even
have a fake entry on the "out" card). That way, if the system spots the
fake entry while you're travelling it can't block the card before
attempting to exit with it because it will never be used again. But
again, you'd better not have a regular journey doing this because it's
still going to be noticed, just not necessarily easy to automatically
block.


Tim.

--
God said, "div D = rho, div B = 0, curl E = - @B/@t, curl H = J + @D/@t,"
and there was light.

http://www.woodall.me.uk/ http://www.locofungus.btinternet.co.uk/

Tim Woodall gurgled happily, sounding much like
they were saying:

(And is there
anywhere in Z1&2 where you can enter or exit without going through a
gateline?

Yes, at least one - Kensington Olympia.

On Jul 22, 9:39 pm, Adrian wrote:
Tim Woodall gurgled happily, sounding much like
they were saying:

(And is there
anywhere in Z1&2 where you can enter or exit without going through a
gateline?

Yes, at least one - Kensington Olympia.

Plus Finsbury Park and Waterloo W&C.

--
John Band
john at johnband dot org
www.johnband.org

If the encryption really has been cracked and the protocol documented
then it should be straightforward construct a device that can
impersonate a legit card, with a random-but-plausible serial number
and balance and journey history, and make it indistinguishable from
the real thing. The Oyster technology is low tech enough that it
should be possible to do with cheap off the shelf parts, or by
repurposing an existing mass-produced device (possibly even Oyster
cards). If it didn't have a fixed serial number there'd be no way to
block it, short of catching someone in the act.

That said, how widespread are fake magstripe tickets? They don't have
any encryption as far as I know.

U

--
http://londonconnections.blogspot.com/
A blog about transport projects in London

On 22 Jul, 21:28, Tim Woodall wrote:
And is there anywhere in Z1&2 where you can enter or exit without going through a
gateline?

Finsbury Park, Essex Road, Drayton Park (I assume) all DLR stations
except Bank, various NLL stations, Upper Holloway, Paddington H&C if
the concourse gateline is left open, and probably others.

U

--
http://londonconnections.blogspot.com/
A blog about transport projects in London

Tim Woodall wrote:

Then there's sharing a card to only have one cap. But I wonder how
many people are going to make a journey, then phone their accomplice
"Ok, I'm out. Now you make the journey." It's the sort of thing some
university students might do to prove it can be done but it seems
unlikely there are many other people who will bother.

There were people who shared paper travelcards by hiding them on the system,
for instance someone who commutes from zone 6 to zone one sharing tickets
with someone who commutes from zone 1 to zone 6. I know because I saw one of
them hiding his ticket.