funsec mailing list archives
RFID insecurity cover-up attempt
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Tue, 8 Jul 2008 08:48:15 -0400
NXP sues to silence Oyster researchers http://www.theregister.co.uk/2008/07/08/nxp_sues_oyster_researchers/ Chipmaker NXP, formerly Philips Semiconductors, is taking Dutch Radboud University to court on Thursday to prevent researchers publishing their controversial report on the Mifare Classic chip. Recently researchers from Radboud University in Nijmegen revealed they had cracked and cloned <http://www.ru.nl/english/general/radboud_university/vm/security_flaw_in/> London's Oyster travel card. Earlier this year the researchers did the same to the Dutch MIFARE travel card. This card is to replace paper tickets on all trams, buses, and trains and is already undergoing trials in Rotterdam. The Dutch researchers are planning to publish their scientific paper, appropriately named Dismantling MIFARE Classic, in October in Spain at Esorics, the European computer security conference. It will contain details not found in a preliminary report that is already available (pdf) <http://www.cs.virginia.edu/~kn5f/pdf/Mifare.Cryptanalysis.pdf> . Earlier, Dutch secretary of state Tineke Huizinga urged the university to not publish any secrets that may lead to abuse. Spokesperson for NXP Martijn van der Linden told Dutch news site Webwereld that publishing the report is 'irresponsible'. NXP was sent a copy of the report for review. In a statement (Dutch only <http://www.ru.nl/home/nieuws/item_686512/radboud_universiteit> ) the university says it will not retract its publication, "as it is our duty to publish scientific research that could lead to better security technology". R
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RFID insecurity cover-up attempt Richard M. Smith (Jul 08)