Hacking Oyster cards?

[sk8terg1rl]

Hey guys. I was curious whether it is possible to hack the
authentication process of Oyster cards, simply out of academic
interest. Sorry if this is off topic but I don't know where else to
ask, and I thought this group would at least have a few technologically
inclined people who could point me in the right direction.

First off, the legalities:
I fully intend to pay my fares but I am against the Big Brother
monitoring system. So if I go from A -} B, both in Zone 1, I can just
check in/out at A before starting my journey. That way I still pay the
money that is due but frustrate the monitoring system.

AIUI we are required to pay the fares due, and passengers are under no
obligation to provide further information that is frankly none of TfL's
business.

Is what I am suggesting illegal?

Now, the technicalities:
Does the Oyster card work by storing the amount of £££ stored on the
RFID chip on it, or does it work by storing a unique ID code that is
cross-referenced with a central database recording how much fare money
that ID number has left?

Theoretically:
If it is the former, I will need to double the amount of money I have
and use two Oyster cards, one with a hacked £££ and one with the
actual £££. So at A I use the actual £££ one twice while at B I
used the hacked £££ one as a "Get out of Jail" card.

If it is the latter, then I use the real one at A twice and spoof some
other ID at B. I will probably need to get the ID of a Freedom Pass,
e.g. by going near a Senior Citizen or bobby and reading their RFID
chip with a portable RFID reader...lol!

Thanks

 

[Conor]

Hey guys. I was curious whether it is possible to hack the
authentication process of Oyster cards, simply out of academic
interest. Sorry if this is off topic but I don't know where else to
ask, and I thought this group would at least have a few technologically
inclined people who could point me in the right direction.

First off, the legalities:
I fully intend to pay my fares but I am against the Big Brother
monitoring system. So if I go from A -} B, both in Zone 1, I can just
check in/out at A before starting my journey. That way I still pay the
money that is due but frustrate the monitoring system.

AIUI we are required to pay the fares due, and passengers are under no
obligation to provide further information that is frankly none of TfL's
business.

Is what I am suggesting illegal?

Yes under the Computer Misuse Act.

 

[sk8terg1rl]

Yes under the Computer Misuse Act.

Ah, thanks.
http://www.opsi.gov.uk/acts/acts1990/Ukpga_19900018_en_1.htm

Are RFIDs classified as Computers? According to the dictionary, storage
%and% processing of data are part of the definition. RFIDs just store
data. So the Act may not be applicable.

In any case...none of these 3 clauses are broken:
(a) to impair the operation of any computer;
The ticket barriers would still work fine. And the acid test is passed:
TfL still gets its due fare from me, they just get it in an anonymised
way.

(b) to prevent or hinder access to any program or data held in
any computer; or
The RFID on the Oyster card still reads fine.

(c) to impair the operation of any such program or the
reliability of any such data.
The system still works and the fares are still paid, so the operation
is not impaired in any way. The data is still utterly reliable from an
accounting point of view.

 

[John Doe]

Hey guys. I was curious whether it is possible to hack the
authentication process of Oyster cards, simply out of academic
interest. Sorry if this is off topic but I don't know where else to
ask,

A hacker group?

 

[sk8terg1rl]

A hacker group?

Tend to have low activity and non-UK, I'm afraid. I've noticed many £
signs in this group

Why are you quoting my full Usenet headers anyway? My IP is masked as
anonymity is the only true guarantee of free speech.

 

[Don Freeman]

Tend to have low activity and non-UK, I'm afraid. I've noticed many £
signs in this group

Why are you quoting my full Usenet headers anyway?

..
Because he is a twit, and that's what twits do.

 

[John Doe]

Troll


Path: newssvr12.news.prodigy.com!newsdbm05.news.prodigy.com!newsdbm04.news.prodigy.com!newsdst01.news.prodigy.net!prodigy.com!newscon04.news.prodigy.net!prodigy.net!news.linkpendium.com!news.linkpendium.com!news.glorb.com!postnews.google.com!news3.google.com!border1.nntp.dca.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!novia!news-xfer.nntp.sonic.net!posts.news.sonic.net!nnrp0.nntp.sonic.net!not-for-mail
From: "Don Freeman" <freemand sonic.net>
Newsgroups: alt.comp.hardware.pc-homebuilt
References: <1157655196.227265.8890 i42g2000cwa.googlegroups.com> <KF_Lg.10802$q63.5578 newssvr13.news.prodigy.com> <1157658526.855934.292850 d34g2000cwd.googlegroups.com>
Subject: Re: Hacking Oyster cards?
Date: Thu, 7 Sep 2006 12:52:23 -0700
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
X-RFC2646: Format=Flowed; Original
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
Lines: 29
Message-ID: <45007878$0$96222$742ec2ed news.sonic.net>
Organization: Sonic.Net
NNTP-Posting-Date: 07 Sep 2006 19:52:24 GMT
NNTP-Posting-Host: f376f248.news.sonic.net
X-Trace: DXC=_o4h8_OhQc0]Z1VK=nh^<5m4K\QM1CV^01OYf0H`?;X1U<Y=LdhY3Y?f5<9:`hbVo0JBSiUnkkjg8=IMQTL?>>e9jAJhVi0G1m7
X-Complaints-To: abuse sonic.net
Xref: prodigy.net alt.comp.hardware.pc-homebuilt:474573

Tend to have low activity and non-UK, I'm afraid. I've noticed many £
signs in this group

Why are you quoting my full Usenet headers anyway?

..
Because he is a twit, and that's what twits do.

 

[John Doe]

Tend to have low activity and non-UK, I'm afraid. I've noticed
many œ signs in this group

So you know a lot about USENET.

This thread is the first instance of "sk8terg1rl" in over 25 years
of USENET history.

Why are you quoting my full Usenet headers anyway? My IP is masked
as anonymity is the only true guarantee of free speech.

If it works, why are you concerned?

I couldn't care less whether you are anonymous. I do want to know
what your normal mode of operation is here on USENET. Why are you
nym shifting?

Why would you assume a female identity and act like a female
when you want to remain anonymous? Are you just trying to get a
balls-first reaction from a Neanderthal like Don Freeman?

 

[sk8terg1rl]

So you know a lot about USENET.

This thread is the first instance of "sk8terg1rl" in over 25 years
of USENET history.

Chill dude. Nothing wrong with knowing a lot about Usenet, it just
means I pay attention in class . Nothing wrong with having a new
account either.

If it works, why are you concerned?

"Nothing to hide, nothing to lose" attitudes like yours sell away the
freedoms we fight so hard to protect.

I actually value my freedom & privacy and would rather busybodies just
mind their own bloody business.

I couldn't care less whether you are anonymous. I do want to know
what your normal mode of operation is here on USENET. Why are you
nym shifting?

Why have you assumed this isn't a new account and not a nym shift?

I think you're being overzealous in trying to fend off trolls, to the
point that you've become a pseudo-troll yourself.

"Whoever fights monsters should see to it that in the process he does
not become a monster. And if you gaze long enough into an abyss, the
abyss will gaze back into you." - Friedrich Nietzsche

Why would you assume a female identity and act like a female
when you want to remain anonymous?

Why are you assuming girls can't talk tech like boys? You can just be
as much of a troll being a chauvinist than you can by spouting insults
like the usual variety, c.f. Freddy above again.

Do you think your technical inclination comes from that organ between
your legs?

Are you just trying to get a
balls-first reaction from a Neanderthal like Don Freeman?

I haven't done anything which warrants any valid accusation of
trolling. You will be hard pressed to even demonstrate (let alone
prove) mens and actus rea.

 

[John Doe]

Nym shifting troll


Path: newssvr13.news.prodigy.com!newsdbm04.news.prodigy.com!newsdst01.news.prodigy.net!prodigy.com!newscon04.news.prodigy.net!prodigy.net!newshub.sdsu.edu!postnews.google.com!h48g2000cwc.googlegroups.com!not-for-mail
From: "sk8terg1rl" <sk8terg1rl_2006 yahoo.co.uk>
Newsgroups: alt.comp.hardware.pc-homebuilt
Subject: Re: Hacking Oyster cards?
Date: 7 Sep 2006 14:26:16 -0700
Organization: http://groups.google.com
Lines: 67
Message-ID: <1157664376.083470.177980 h48g2000cwc.googlegroups.com>
References: <1157655196.227265.8890 i42g2000cwa.googlegroups.com> <KF_Lg.10802$q63.5578 newssvr13.news.prodigy.com> <1157658526.855934.292850 d34g2000cwd.googlegroups.com> <Hv%Lg.2247$MF1.571 newssvr25.news.prodigy.net>
NNTP-Posting-Host: 198.142.76.162
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Trace: posting.google.com 1157664381 32018 127.0.0.1 (7 Sep 2006 21:26:21 GMT)
X-Complaints-To: groups-abuse google.com
NNTP-Posting-Date: Thu, 7 Sep 2006 21:26:21 +0000 (UTC)
In-Reply-To: <Hv%Lg.2247$MF1.571 newssvr25.news.prodigy.net>
User-Agent: G2/0.2
X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; FDM; .NET CLR 2.0.50727),gzip(gfe),gzip(gfe)
Complaints-To: groups-abuse google.com
Injection-Info: h48g2000cwc.googlegroups.com; posting-host=198.142.76.162; posting-account=Mb4I8Q0AAACZWnfzrgi2Y63Mp7QYNLXj
Xref: prodigy.net alt.comp.hardware.pc-homebuilt:474584

So you know a lot about USENET.

This thread is the first instance of "sk8terg1rl" in over 25 years
of USENET history.

Chill dude. Nothing wrong with knowing a lot about Usenet, it just
means I pay attention in class . Nothing wrong with having a new
account either.

If it works, why are you concerned?

"Nothing to hide, nothing to lose" attitudes like yours sell away the
freedoms we fight so hard to protect.

I actually value my freedom & privacy and would rather busybodies just
mind their own bloody business.

I couldn't care less whether you are anonymous. I do want to know
what your normal mode of operation is here on USENET. Why are you
nym shifting?

Why have you assumed this isn't a new account and not a nym shift?

I think you're being overzealous in trying to fend off trolls, to the
point that you've become a pseudo-troll yourself.

"Whoever fights monsters should see to it that in the process he does
not become a monster. And if you gaze long enough into an abyss, the
abyss will gaze back into you." - Friedrich Nietzsche

Why would you assume a female identity and act like a female
when you want to remain anonymous?

Why are you assuming girls can't talk tech like boys? You can just be
as much of a troll being a chauvinist than you can by spouting insults
like the usual variety, c.f. Freddy above again.

Do you think your technical inclination comes from that organ between
your legs?

Are you just trying to get a
balls-first reaction from a Neanderthal like Don Freeman?

I haven't done anything which warrants any valid accusation of
trolling. You will be hard pressed to even demonstrate (let alone
prove) mens and actus rea.

 

[sk8terg1rl]

I have taken the pains to defend my position coherently and reasonably.
You, OTOH, have resorted to unsubstantiated, one liner name calling
like a bull in a china shop.

Any unbiased observer would be able to draw their own conclusions.

 

[Don Freeman]

I have taken the pains to defend my position coherently and reasonably.
You, OTOH, have resorted to unsubstantiated, one liner name calling
like a bull in a china shop.

Any unbiased observer would be able to draw their own conclusions.

Which is why most of us have learned to filter his messages out so that we
don't even see them. Except when someone new comes along and quotes his
useless rants in their messages.

 

[John Doe]

A not quite grown-up "old fart" who hasn't figured out how useless a
kill file is without the ability to ignore subthreads (a thread
branch), so admittedly he is forever stumbling over replies to my
posts.

See also:

"Cosmo" <cosmo cosmoslair.com>

Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!headwall.stanford.edu!newshub.sdsu.edu!cyclone.bc.net!in.100proofnews.com!in.100proofnews.com!prodigy.com!newsmst01.news.prodigy.com!prodigy.com!postmaster.news.prodigy.com!newssvr31.news.prodigy.com.POSTED!168710f4!not-for-mail
From: "Don Freeman" <freeman.REMOVE smrn.com>
Newsgroups: alt.folklore.urban
References: <3f4c0546.14050626 library.airnews.net> <biig45$9m9tm$1 ID-135123.news.uni-berlin.de> <3f4cf215 212.67.96.135> <nfb3b.16078$Ih1.5566512 newssrv26.news.prodigy.com> <8sb3b.1721$5V5.1189 newssvr33.news.prodigy.com> <Xns93E4F18F785Dspblt 130.133.1.4> <LBr3b.2266$Mz3.1796 newssvr31.news.prodigy.com> <LWOdnV5DkfZI0NOiU-KYgg comcast.com>
Subject: HTML posting; Was: Songs like Black Sabbath's N.I.B
Lines: 26
Organization: Department of Redundancy Dept.
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <A_t3b.2296$FY3.1748 newssvr31.news.prodigy.com>
NNTP-Posting-Host: 209.77.137.4
X-Complaints-To: abuse prodigy.net
X-Trace: newssvr31.news.prodigy.com 1062104096 ST000 209.77.137.4 (Thu, 28 Aug 2003 16:54:56 EDT)
NNTP-Posting-Date: Thu, 28 Aug 2003 16:54:56 EDT
X-UserInfo1: TSU[ IONQZUOBQQY\JJN_PP [JT QDDMEPWXODMMHXMTWA]EP]RAQFW[ML\THRCKV^GGZKJMGV^^_JSCFFUA_QXFGVSCYRPILH]TRVKC^LSN DX_HCAFX__ J\DAJBVMY\ZWZCZLPA^MVH_P \\EOMW\YSXHG__IJQY_ M[A[[AXQ_XDSTAR]\PG]NVAQUVM
Date: Thu, 28 Aug 2003 20:54:56 GMT

Path: newssvr13.news.prodigy.com!newsdbm04.news.prodigy.com!newsdst01.news.prodigy.net!prodigy.com!newscon04.news.prodigy.net!prodigy.net!news.linkpendium.com!news.linkpendium.com!news.glorb.com!postnews.google.com!news4.google.com!border1.nntp.dca.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!novia!news-xfer.nntp.sonic.net!posts.news.sonic.net!nnrp0.nntp.sonic.net!not-for-mail
From: "Don Freeman" <freemand sonic.net>
Newsgroups: alt.comp.hardware.pc-homebuilt
References: <1157655196.227265.8890 i42g2000cwa.googlegroups.com> <KF_Lg.10802$q63.5578 newssvr13.news.prodigy.com> <1157658526.855934.292850 d34g2000cwd.googlegroups.com> <Hv%Lg.2247$MF1.571 newssvr25.news.prodigy.net> <1157664376.083470.177980 h48g2000cwc.googlegroups.com> <6U0Mg.11024$q63.1238 newssvr13.news.prodigy.com> <1157667738.284894.205670 p79g2000cwp.googlegroups.com>
Subject: Re: Hacking Oyster cards?
Date: Thu, 7 Sep 2006 15:28:45 -0700
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
X-RFC2646: Format=Flowed; Original
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
Lines: 24
Message-ID: <45009d1d$0$96162$742ec2ed news.sonic.net>
Organization: Sonic.Net
NNTP-Posting-Date: 07 Sep 2006 22:28:45 GMT
NNTP-Posting-Host: 967814b6.news.sonic.net
X-Trace: DXC=fKjc<J<P75H11;PU^oNaf m4K\QM1CV^ 1OYf0H`?;XA<EhYE72WJfCf5<9:`hbVo JBSiUnkkjgH]1>];h\Pi GmSOgLjd;L7N
X-Complaints-To: abuse sonic.net
Xref: prodigy.net alt.comp.hardware.pc-homebuilt:474590

I have taken the pains to defend my position coherently and reasonably.
You, OTOH, have resorted to unsubstantiated, one liner name calling
like a bull in a china shop.

Any unbiased observer would be able to draw their own conclusions.

Which is why most of us have learned to filter his messages out so that we
don't even see them. Except when someone new comes along and quotes his
useless rants in their messages.

 

[sk8terg1rl]

Which is why most of us have learned to filter his messages out so that we
don't even see them. Except when someone new comes along and quotes his
useless rants in their messages.

Sorry about that, Don. I will ignore him in the future. Thank you for
your support.

I will try uk.legal after this. I think the legality of what I am
proposing needs to be cleared up as I have been in enough trouble with
the authorities before and don't want any repeat episodes (hence my
desire for anonymity).

 

[John Doe]

Don Freeman wrote:

<Snipped garbage>

Sorry about that, Don.

You're just a troll.

I will ignore him in the future.

You aren't even going to stay in this group. If you did, you
wouldn't ignore me anyway.

Thank you for your support.

Are you still expecting someone here to help you hack into the
London transport system?

I will try uk.legal after this.

And the cow jumped over the moon.

I think the legality of what I am
proposing needs to be cleared up

The same with whatever it is you're smoking.

as I have been in enough trouble with
the authorities before

That sounds a lot like the truth (it would explain your
defensiveness), but who knows.

and don't want any repeat episodes (hence my
desire for anonymity).

Sounds like you have some serious antisocial tendencies, still
unremedied.

Why exactly do you want to hack into and defeat London's transport
monitoring system? I'm sure they are doing that to help prevent
terrorists from terrorizing people and to reduce terrorism.

Are you planning to plant a bomb or blow up something there in
London? Are you familiar with weapons of mass destruction (WMD)? Are
you a suicide bomber waiting to happen?

Inquiring minds need to know.

 

[sbb78247]

Tend to have low activity and non-UK, I'm afraid. I've noticed many £
signs in this group

Why are you quoting my full Usenet headers anyway? My IP is masked as
anonymity is the only true guarantee of free speech.

don was too nice - john is a grade a cockbiter and gets his jollies this
way.

 

[John Doe]

An insulting, tough guy wanna-be troll, usually at home in
alt.os.windows-xp


Path: newssvr14.news.prodigy.com!newsdbm05.news.prodigy.com!newsdst01.news.prodigy.net!prodigy.com!newscon04.news.prodigy.net!prodigy.net!news.linkpendium.com!news.linkpendium.com!news.glorb.com!news.bananasplit.info!nym2news
From: "sbb78247" <nospam professionalprick.com>
Newsgroups: alt.comp.hardware.pc-homebuilt
References: <1157655196.227265.8890 i42g2000cwa.googlegroups.com> <KF_Lg.10802$q63.5578 newssvr13.news.prodigy.com> <1157658526.855934.292850 d34g2000cwd.googlegroups.com>
Subject: Re: Hacking Oyster cards?
Date: Thu, 7 Sep 2006 22:11:32 -0500
Lines: 21
X-RFC2646: Format=Flowed; Original
Message-Id: <20060908031135.638893EE5D smtp4.wanadoo.nl>
X-Abuse-Contact: abuse bananasplit.info
Organization: Bananasplit - Mail2News
Xref: prodigy.net alt.comp.hardware.pc-homebuilt:474610

Tend to have low activity and non-UK, I'm afraid. I've noticed many £
signs in this group

Why are you quoting my full Usenet headers anyway? My IP is masked as
anonymity is the only true guarantee of free speech.

don was too nice - john is a grade a cockbiter and gets his jollies this
way.

 

[Paul]

Hey guys. I was curious whether it is possible to hack the
authentication process of Oyster cards, simply out of academic
interest. Sorry if this is off topic but I don't know where else to
ask, and I thought this group would at least have a few technologically
inclined people who could point me in the right direction.

First off, the legalities:
I fully intend to pay my fares but I am against the Big Brother
monitoring system. So if I go from A -} B, both in Zone 1, I can just
check in/out at A before starting my journey. That way I still pay the
money that is due but frustrate the monitoring system.

AIUI we are required to pay the fares due, and passengers are under no
obligation to provide further information that is frankly none of TfL's
business.

Is what I am suggesting illegal?

Now, the technicalities:
Does the Oyster card work by storing the amount of =A3=A3=A3 stored on the
RFID chip on it, or does it work by storing a unique ID code that is
cross-referenced with a central database recording how much fare money
that ID number has left?

Theoretically:
If it is the former, I will need to double the amount of money I have
and use two Oyster cards, one with a hacked =A3=A3=A3 and one with the
actual =A3=A3=A3. So at A I use the actual =A3=A3=A3 one twice while at B I
used the hacked =A3=A3=A3 one as a "Get out of Jail" card.

If it is the latter, then I use the real one at A twice and spoof some
other ID at B. I will probably need to get the ID of a Freedom Pass,
e=2Eg. by going near a Senior Citizen or bobby and reading their RFID
chip with a portable RFID reader...lol!

Thanks

You can find a lot of public information on these systems on the web.

According to the first article, you have the option of not using
the Oyster card, and paying for a paper ticket. In that way, you
can maintain your anonymity.

http://en.wikipedia.org/wiki/Oyster_card

http://mifare.net/showcases/london.asp
http://www.nxp.com/products/identification/mifare/index.html
http://www.nxp.com/acrobat/other/identification/m001051.pdf (the chip)

http://en.wikipedia.org/wiki/Contactless_smartcard

Paul

 

[WooHoo2You]

Way to go, you can use a search engine. Now, lets learning to play nice
with others after that...nap time!

--
WooHoo2You

"People do not seem to realize that their opinion of the world is also a
confession of character."

-Ralph Waldo Emerson



(John Doe, take note to this quotation)

 

[WooHoo2You]

Anyone who uses the word 'troll' more then any other may just be one
himself.