Termin:Chaotic-Congress-Cinema Nr. 5

Aus Attraktor Wiki

Wechseln zu: Navigation, Suche

Chaotic-Congress-Cinema Nr. 5


09.02.2011 20:00


09.02.2011 23:00

Needs to be there, but does not need to be seen by a visitor Yes Wir schauen uns die Aufzeichnung von Congress Vorträgen an. Du bist herzlich eingeladen, in den Clubräumen im Mexikoring 21 aufzutauchen und mit uns die Talks anzuschauen und zu diskutieren. Es wird Getränke und Knabberkram zu moderaten Preisen geben. Falls Du kein CCC-, CCCHH- oder Attraktor e.V.-Mitglied bist, macht das überhaupt nichts: Alle Gäste sind gern gesehen. :-)

Weitere Informationen unter Chaotic Congress Cinema.

Reverse Engineering a real-world RFID payment system

How to reverse engineer the data format of a real-world RFID based debit card system.

One of Asia’s most popular electronic payment systems uses insecure technology. The EasyCard

system, established in 2001, is the most popular stored-valued card in Taiwan. With more than 18 million issued cards, it is the predominant means of paying for public transportation services in the capital Taipei. In 2010, use of the EasyCard was extended beyond transportation. Card holders can now pay in all major convenience stores like 7eleven, coffe shops like Starbucks and and major retail companies like SOGO. Despite the large fraud potential, the EasyCard system uses the MIFARE Classic RFID technology, whose proprietary encryption cipher CRYPTO1 relied on obscurity and was first publicly broken several years ago at 24C3 This presentation analyzes the results of combining the practical attacks on the MIFARE Classic CRYPTO1 system in the context of the EasyCard payment system. It describes the process of reverse- engineering the actual content of the card to discover the public transportation transaction log, the account balance and how the daily spending limit work. Furthermore, the talk will present how fundamentally flawed the system is, and how easy it is to add or subtract monetary value to/from the card. Cards manipulated as described in the talk have been accepted by the payment system.



Starting in the beginning of August 2010 and lasting until the mid of November, the project AllColoursAreBeautiful by the Munich chapter of the Chaos Computer Club was serving as a platform for interested people on the world to illuminate, animate and interact with the front of a vacant department store in Munich.

The windows were illuminated by remotely controllable, networked RGB LEDs in colorfully light the facade. A web editor was developed to ease the creation of animations at home or in front of the building with a laptop or mobile phone. Furthermore, animations could be put in a queue by sending a simple text message (SMS). Running animations could be viewed with a client program or by a webcam stream. Over 400 animations were created by the public. Next year another, bigger installation in Munich is planned.

The purpose of our talk is to outline the infrastructure we built for this project and inspire other hackers to use it for rolling their own installation in their hometown. We will explain our open hardware and software design in the background and talk about our rationale behind our design decisions and comment on possible improvements in future iterations. We won't forget to include the biggest fails, fnords and pitfalls concering funding, authorizations and communication.

At the Congress we will rebuild our installation using boxes. Interested hackers are very welcome to play with this colorful blinkenwall by writing animations and games.


Diese Seite wurde zuletzt am 1. Februar 2011 um 10:14 Uhr geändert. Diese Seite wurde bisher 1.861 mal abgerufen.