An Austrian researcher has succeeded to, by a rfid-chip to reprogram, to enter in Viennese apartment buildings. In 43 percent of the cases was he successful with the help of the ski pass.
Dabrowski knew the contents of the card to clone a rfid-scanner by mail to himself to send. Because the postman that the package gave a Begeh-only used for its apartment complex to enter, he could the contents of the pass with the scanner in the package on the remote copy. “Anyone can be a copy of a card without the user of the only the sense,” says Dabrowski. Moreover, it takes a hack little: “The hacking of the system costs less than 20 euro.” Moreover, a possible intruder, then probably not within the resident themselves; this is probably still an additional key required.
When the researcher once saw how the cards in each other were, he could be a special test version of the map, which he did almost all of the apartment complexes managed to enter. By the card, to emulate, he could in 93 percent of the tested cases, a complex entry, though it is unclear as to how many apartment complexes. By a counterfeit Begeh-only way to write to a standard ski pass, which in Austria is used for ski slopes to be able to enter, he knew that in 43 percent of the cases.
Technically it is possible to abuse cards to block, but according to Dabrowski, is that blacklist with the hand updated and that only happens one time per year. “It is 2013, a gsm module cost a few tens”, does the researcher. The rfid cards were meant as a safe alternative to the old system of physical tokens with which the police, the hulpdienesten and pakketbezorgers apartment complexes could enter. It was relatively easy to get to those keys. “But the new system provides no additional security,” concludes the researcher.