Showing posts with label london transport. Show all posts
Showing posts with label london transport. Show all posts

09 June 2008

RMS Adds a Little Oyster Sauce

A few weeks back, there was much rejoicing in the open source world over the following story:


Open-source software helped London's Oyster card system move past a proprietary roadblock, an open-source conference in London was told last week.

The Oyster contactless card system, which handles payments for travel on London's buses and Tube system, suffered from lock-in to proprietary systems, which hindered developments to the online payment systems, said Michael Robinson, a senior consultant with Deloitte, at the Open Source Forum event in London. "The hosting was on a proprietary system, centred on one application," he said. "It demanded certain hardware, and was locked into one design of infrastructure."

I refrained from commenting because I have big problems with the Oyster system. It seems I'm not the only one:

After our coverage of London's Oyster card, which uses Linux for its online payment system, we had a response from Richard Stallman, head of the Free Software Foundation.

RMS explains why he is/I am unhappy:

Each Oyster card has a unique ID, which it transmits when it is used. So if you make the mistake of connecting the card with your name, then Big Brother knows exactly when and where you enter the tube, system and where you leave. For the surveillance-mad government of the UK, this is like a dream come true. Since the card contains an RFID, it can be scanned any time, anywhere - not just when you think you are using it.

Moreover, trying to ban such uses of free software would be futile:

Some have proposed that free software licenses such as the GNU General Public License should restrict use of the software to do unethical things. (Military use was the one most often suggested.) I've concluded that this would be misguided. A general tool will inevitably be used for all sorts of things. We cannot prevent surveillance, or wars of aggression, [by] trying to prohibit the use of certain operating systems for these purposes, any more than we could do so by putting restrictions on the use of pens or chairs. The worst evils are committed by governments, and since they make the copyright laws on which free software licenses are based, they could always vote themselves an exception -- or use non-free software.

He does, however, have some practical suggestions for users of London Transport:

To protect yourself from surveillance, you must pay cash. It is also a good idea to swap empty Oyster cards with other people from time to time. That way, even if Big Brother finds out which card you have today, he can't use its number to look up all your movements for the past N years. And keep the card in aluminum foil whenever you are not using it -- that way it can't be scanned when it shouldn't be.

Ah yes, the aluminium foil - never leave home without it....

20 April 2008

Oyster Is...Toast

As Ben Laurie so eloquently puts it:

The MiFare stream cipher, as used in Oyster cards, has been comprehensively cracked. The researchers claim they can recover the key in well under 5 minutes after observing a single transaction.