EFF: MIT Students Gagged by Federal Court Judge

Some things aren't clear to me from this.

Cloning of mag-stripe tickets isn't very interesting, it's not novel and after all that's not
one reason why transport agencies are keen to phase them out - so I concentrated on the latter
part of the story.

The MiFare proximity card security seems more vulnerable than intended but it's not clear
whether they broke it in a "useful" way. That is to say, would a criminal who had done this
same work now be able to

• Travel toll free for a one time investment of (to pick a number out of the air) $1000 in the
hardware and software ?

• Permit any number of other people to travel toll free for no further investment, or some
trivial investment (e.g. $10 per traveller for a genuine MiFare card to be reprogrammed) ?

• Charge credit onto a MiFare card which was indistiguishable from genuine credit, ie allowing
the criminal to conveniently sell "discounted" travel credit, e.g. $50 of credit for $5 ?

It's also not clear how "fixable" this is. For example, a 48-bit key restriction in the MiFare
system as shipped might be something that its vendors could fix in an upgrade over the course
of the next year or two, allowing transport agencies to phase in a replacement, or it might be
very close to the heart of the system in which case such an "upgrade" would be a very
disruptive long-term project. Factors which were designed to be random but aren't can often be
improved (since the engineers assumed they were random they won't have depended on them being
unvarying) on the other hand bad crypto hardware may not be fixable at all, short of replacing
all the hardware in the system.