[128231] in cryptography@c2.net mail archive
Re: =?utf-8?Q?=E2=80=9CA?= Practical Attack on the MIFARE
daemon@ATHENA.MIT.EDU (Florian Weimer)
Wed Jul 16 16:20:44 2008
From: Florian Weimer <fw@deneb.enyo.de>
To: Karsten Nohl <honk98@web.de>
Cc: cryptography@metzdowd.com
Date: Wed, 16 Jul 2008 22:06:31 +0200
In-Reply-To: <0623817A-A78C-4470-AB2E-B0C063E2871C@web.de> (Karsten Nohl's
message of "Tue, 15 Jul 2008 20:10:03 +0200")
* Karsten Nohl:
> The benefits clearly outweigh the risks since half a year after
> announcing the vulnerabilities, Mifare Classic is hopefully not used
> in any high security application anymore.
Isn't this a bit of wishful thinking?
The dynamics are probably very involved because you usually don't buy
from NXP, but an integrated product from a reseller. An upgrade isn't a
free patch, either, so it needs some sort of budgeting and planning.
That being said, the chip should have been phased out years ago. But
within half a year? No way.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com