Additional info: Translink Systems BV, who have developed the system behind our OV chipkaart, claim the hackers have only penetrated the outermost layer of security of the card; yet I’m obliged to believe the claims of the hackers who say they have succeeded in tampering with all information stored in the RFID-chip and in the system through the unmodified card but with a modified reader/writer. It could all be done with about €100 of equipment and a few lines of code!
They tell us the credit on the card can be increased and the personal data can be stolen from the card; both are severe issues which should be addressed before a public rollout of the system in the entire country.
It being already postponed from januari 2008 to sometime in 2009 is not providing a certain future for the system.
Please do not misunderstand my point: I’m in favor of introducing such a system: the current implementation however is awful.
Heh. Excuse my use of such internet slang, but:
“LoL”
Is that comment related to my post, or the fact that obscurity is used to ‘secure’ the card? 😉
The latter.
Additional info: Translink Systems BV, who have developed the system behind our OV chipkaart, claim the hackers have only penetrated the outermost layer of security of the card; yet I’m obliged to believe the claims of the hackers who say they have succeeded in tampering with all information stored in the RFID-chip and in the system through the unmodified card but with a modified reader/writer. It could all be done with about €100 of equipment and a few lines of code!
They tell us the credit on the card can be increased and the personal data can be stolen from the card; both are severe issues which should be addressed before a public rollout of the system in the entire country.
It being already postponed from januari 2008 to sometime in 2009 is not providing a certain future for the system.
Please do not misunderstand my point: I’m in favor of introducing such a system: the current implementation however is awful.