@343max Wir haben sie in die Pleite getrieben: 36C3 – #mifail oder: Mit Gigaset wäre das nicht passiert!

https://media.ccc.de/v/36c3-10576-mifail_oder_mit_gigaset_ware_das_nicht_passiert

😭 this moment where I analyze yet another card and I have no keys of this other card.

Two hypothesis:
1. They have a pool of random keys
2. They have change keys randomly per card, to avoid having master keys in the wild ("No master key, no problem :blobthinksmart:"). In this case, I'll try to guess keys (e.g. a bad random number generator)

I'll try to collect a bunch of card near me (friends and colleagues), attack the cards, and try to get evidence of the first hypothesis. Meanwhile, I'll try to see if their random key generator is really random... 🤷‍♀️

Any other idea?

#Mifare #MifareClassic #MiFail #ovchipkaart

Ages after deDECTed, the abandoned OsmocomDECT and #mifail, some folks have started to play with DECT hardware again: https://osmocom.org/news/202 - congrats to @manawyrm, tobleminer, steve-m and others involved.