On 02/08/2011 02:05 PM, Martin Gaedke wrote: > Sorry for being silent this morning, I just bought one of those simple and > insecure readers to play with. It is a REINER SCT cyber Jack RFID basis > Contactless Smartcard Reader. Our good friends at the Chaos Computer Club have already played with the system for quite a while: http://www.h-online.com/security/news/item/CCC-reveals-security-problems-with-German-electronic-IDs-1094577.html They forced the german ministry to pull back the official application as it lacked some fundamental security stuff (they didn't check the cert chain when connecting to https, allwoing MITM to be performed in very simple ways etc.) JanReceived on Tuesday, 8 February 2011 13:24:23 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:41 UTC