Re: [89attendees] Oyster card balance

Mikael Abrahamsson <swmike@swm.pp.se> Wed, 12 March 2014 07:15 UTC

Return-Path: <swmike@swm.pp.se>
X-Original-To: 89attendees@ietfa.amsl.com
Delivered-To: 89attendees@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AC4B1A0659 for <89attendees@ietfa.amsl.com>; Wed, 12 Mar 2014 00:15:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.398
X-Spam-Level:
X-Spam-Status: No, score=-4.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OV7aL1ttVUCw for <89attendees@ietfa.amsl.com>; Wed, 12 Mar 2014 00:14:59 -0700 (PDT)
Received: from uplift.swm.pp.se (swm.pp.se [212.247.200.143]) by ietfa.amsl.com (Postfix) with ESMTP id 21EC41A08FD for <89attendees@ietf.org>; Wed, 12 Mar 2014 00:14:58 -0700 (PDT)
Received: by uplift.swm.pp.se (Postfix, from userid 501) id 0848AA1; Wed, 12 Mar 2014 08:14:52 +0100 (CET)
Received: from localhost (localhost [127.0.0.1]) by uplift.swm.pp.se (Postfix) with ESMTP id 039E59C; Wed, 12 Mar 2014 08:14:52 +0100 (CET)
Date: Wed, 12 Mar 2014 08:14:51 +0100
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: Stefan Winter <stefan.winter@restena.lu>
In-Reply-To: <532002D0.6030205@restena.lu>
Message-ID: <alpine.DEB.2.02.1403120812220.747@uplift.swm.pp.se>
References: <AE6329C4-4FBF-467C-8CDC-1069153607AA@juniper.net> <531EBBEE.2070105@restena.lu> <CA+qGm=_g6pWc6h2rWmAfw_7oCSE5VW0hvcO=SopvuGhy0JQSjA@mail.gmail.com> <531EE043.1080205@restena.lu> <1394538516.30828.39.camel@localhost> <2C30003C-5BFD-4BC4-B426-D32AF70D19B5@fugue.com> <CA+qGm=8i47qjdeondA9_yEHt1bVfeQSUxsqszkC9COuW1zm4dw@mail.gmail.com> <532002D0.6030205@restena.lu>
User-Agent: Alpine 2.02 (DEB 1266 2009-07-14)
Organization: People's Front Against WWW
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/89attendees/lHUq23Mr_d23K7RlJjFkIfqn2P4
Cc: 89attendees@ietf.org
Subject: Re: [89attendees] Oyster card balance
X-BeenThere: 89attendees@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list of IETF 89 attendees that have opted in to the list." <89attendees.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/89attendees>, <mailto:89attendees-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/89attendees/>
List-Post: <mailto:89attendees@ietf.org>
List-Help: <mailto:89attendees-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/89attendees>, <mailto:89attendees-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Mar 2014 07:15:01 -0000

On Wed, 12 Mar 2014, Stefan Winter wrote:

> Well except that your bank always has an authoritative view on your 
> balance; if the Oysters don't phone home every time there is no such 
> central view.

Well, actually they don't. Terminals can do offline transactions with 
credit cards, which is then bulk uploaded once connectivity is available. 
Also remember the stencil paper machines of old? Definitely offline, 
delayed days until paperwork has come to the bank.

> So one could tamper with the balance arbitrarily so long as one avoids 
> travelling through those stations?

>From what I've heard it's possible to tamper with the amount of money 
available on these kinds of cards, but after a while the system detects 
the desync between the system and the card, and blacklists the card.

-- 
Mikael Abrahamsson    email: swmike@swm.pp.se