Deepcool AS500 air cooler review
Leven JS600 1 TB SATA3 SSD review
ClockTuner for Ryzen v1.1 (CTR) Guide by 1USMUS
Colorful GeForce RTX 3080 iGAME VULCAN review
Corsair HS60 Haptic Headset review
Corsair K60 RGB Pro keyboard review
Deepcool Macube 110 chassis review
Leven JPR600 2 TB NVMe SSD Review
ASUS GeForce RTX 3090 STRIX OC Review
AMD Announces Ryzen 5000 processors - preview
Academics hack London's transport payment system
A computer hack that makes it possible to defraud London's transport
payment system can be made public, according to a court ruling in the
Netherlands.
Researchers at the Radboud University
in Nijmegen planned to publish details in October on how to hack a chip
used in millions of electronic passes for entering buildings and public
transport systems, including London's.
The
chip is used in the city's Oyster cards that are used to pay for
journeys by pressing them against a card reader at the beginning and,
sometimes the end of journeys.
But
the chip's manufacturer, NXP based in the Netherlands, argued that it
would make it easy for criminals to break into security systems and
commit fraud on public transport systems.
Prior warning
NXP,
founded by electronics company Philips, fears substantial damage and
security risks for its clients worldwide, the court in Arnhem in the
east of the Netherlands said.
But
the court ruled that the university's right to publish was part of the
freedom of speech and that the publication of scientific research on
the chip's faults could help to take appropriate countermeasures.
"Damage
to NXP is not the result of the publication of the article, but of the
production and sale of a chip that appears to have shortcomings," the
court said.
The university had first informed the Dutch government and NXP in March that it had developed a method to crack NXP's Mifare Classic chip with widely available commercial components and at low cost, but delayed publication of details.
'Damage to customers'
Christophe
Duverne, a senior vice president at NXP, said it would take months or
even years for some users of the chip to adapt their systems, and that
the publication was therefore different from software hacks for which
manufacturers can issue a patch much more quickly.
"What we are doing is defending our customers," Duverne said.
"We
don't mind them publishing the effects of what they have discovered to
inform society, I think this is absolutely fine, but disclosing things
in detail including the algorithm ... is not going to benefit society,
it will create damage to society."
A spokesman for the university did not want to discuss consequences for the chip's users.
Transport for London, which runs London's public transport system, had no immediate comment.