hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.

Administered by:

Server stats:

8.2K
active users

David Andersen

I love it. The manufacturer info page for the contactless card for the lock system where I'm staying now:

> For security-relevant applications, customers should refer to our MIFARE® DESFire® and MIFARE Plus® product families.

(It's using mifare classic, which seems to have more security holes than sendmail.)

The reason I checked it:
wired.com/story/saflok-hotel-l

WIRED · Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in SecondsBy Andy Greenberg

(do I care? No, not individually. Far more risk from an employee. Or falling and killing myself skiing some run off the cirque traverse. And what are they going to steal, our pile of dirty ski clothes? But as a bigger picture thing, I do care, because we should get these systems right to prevent abuse in higher-risk circumstances. Ask the owner of a late model Kia ...)

@dave_andersen I f you ever see me in person I have some funny stories about the use of that protocol.

@dave_andersen Mifare is as the name suggests pretty much the standard for contactless transit fare media (and is also used by many ski areas too). The MBTA is still on Mifare Classic; the ARTM in Montreal (where I am this week) is Mifare Ultralight EV1.