[Gllug] Oyster cards vulnerable?
Richard Jones
rich at annexia.org
Thu Jan 24 19:57:50 UTC 2008
On Thu, Jan 24, 2008 at 12:18:18PM +0000, Ryan Cartwright wrote:
> That was why I thought it didn't quite work as centralised as Bruce
> suggests. I always assumed (dangerous I know) that the card contained
> some kind of total itself and this updated the centralised system when
> you next touched it to a connected swipe device (tube station.
> newsagents etc.).
Store the cash on the card or in a central database? The two are not
mutually exclusive. You can permit the card to make small (under some
limit) purchases while disconnected from the network, and the card
reader can transmit those back to the central point when it next gets
network access. The risk is very low, and it's easy to find out after
the fact if someone cheated.
What do you think the penalty would be for someone who was found to
have made a fake Oyster card? Consider this penalty versus
insignificant loss (probably under a tenner) for TFL.
Rich.
--
Richard Jones
Red Hat
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list