Tap On to Reverse Engineering

Presented by Michael Farrell
Thursday 2:35 p.m.–3:20 p.m. in Great Hall CB01.05.009
Target audience: Developer

Abstract

Since 2015, I've been working on reverse engineering different public transit smartcards around Australia, with the goal of producing open source software to be able to read and interpret them, any where, any time, without an internet connection or requiring registration of the card in the user's name. The fruit of this labour has been Metrodroid, a single Android application that allows you to read many smartcards in use around Australia and the world. I've written support for Sydney's Opal card, Manly Fast Ferry's smartcard, Brisbane's Go card, Canberra's MyWay card, Perth's Smartrider card, and Tasmania's Greencard, as well as a couple of overseas cards -- Hong Kong's Octopus card and Los Angeles' TAP card. Along the way, I learned about RFID standards, its (lack of) security, analytics opportunities and privacy issues in smartcard ticketing, open data, and challenges resurrecting an open source project. I will take the audience on a journey through these challenges to access, read and understand around 1 kilobyte of data stored in most people's wallets that is normally off-limits.

Presented by

Michael Farrell

Michael first came to linux.conf.au in 2004, where someone convinced him it would be a good idea to install Gentoo. Once `emerge` finished, he came back in 2011 as a regular member of the AV team. In his day job, he keeps large scale distributed applications running. In his spare time, he enjoys taking on too many projects, automating all the things, writing in the third person, pulling things apart, and thinks that feature lists on hardware products are just a suggestion.