home.social

#smartcard — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #smartcard, aggregated by home.social.

  1. After circumventing the country block to add my Glasgow Subway smartcard to a ZoneCard account, I was wondering: what happens to the remaining subway credit on my card if I load a weekly ticket onto it, and I then take the subway?
    I’d hope the credit remains untouched during that week, but I thought I’d better check…
    #Glasgow #PublicTransport #SmartCard #ZoneCard #GlasgowSubway

  2. After circumventing the country block to add my Glasgow Subway smartcard to a ZoneCard account, I was wondering: what happens to the remaining subway credit on my card if I load a weekly ticket onto it, and I then take the subway?
    I’d hope the credit remains untouched during that week, but I thought I’d better check…
    #Glasgow #PublicTransport #SmartCard #ZoneCard #GlasgowSubway

  3. After circumventing the country block to add my Glasgow Subway smartcard to a ZoneCard account, I was wondering: what happens to the remaining subway credit on my card if I load a weekly ticket onto it, and I then take the subway?
    I’d hope the credit remains untouched during that week, but I thought I’d better check…
    #Glasgow #PublicTransport #SmartCard #ZoneCard #GlasgowSubway

  4. After circumventing the country block to add my Glasgow Subway smartcard to a ZoneCard account, I was wondering: what happens to the remaining subway credit on my card if I load a weekly ticket onto it, and I then take the subway?
    I’d hope the credit remains untouched during that week, but I thought I’d better check…
    #Glasgow #PublicTransport #SmartCard #ZoneCard #GlasgowSubway

  5. After circumventing the country block to add my Glasgow Subway smartcard to a ZoneCard account, I was wondering: what happens to the remaining subway credit on my card if I load a weekly ticket onto it, and I then take the subway?
    I’d hope the credit remains untouched during that week, but I thought I’d better check…
    #Glasgow #PublicTransport #SmartCard #ZoneCard #GlasgowSubway

  6. Hello and welcome to the #nakeddiefriday again. This one will be a continuation of the previous one with the same exhibit but in more depth. :-)

    To remind you, this is the unnamed smartcard IC, which I believe was fabbed by Samsung.

    Let's try removing some metal from the top. 🧵

    #electronics #reverseengineering #smartcard

  7. Hello and welcome to the #nakeddiefriday again. This one will be a continuation of the previous one with the same exhibit but in more depth. :-)

    To remind you, this is the unnamed smartcard IC, which I believe was fabbed by Samsung.

    Let's try removing some metal from the top. 🧵

    #electronics #reverseengineering #smartcard

  8. Hello and welcome to the #nakeddiefriday again. This one will be a continuation of the previous one with the same exhibit but in more depth. :-)

    To remind you, this is the unnamed smartcard IC, which I believe was fabbed by Samsung.

    Let's try removing some metal from the top. 🧵

    #electronics #reverseengineering #smartcard

  9. Hello and welcome to the #nakeddiefriday again. This one will be a continuation of the previous one with the same exhibit but in more depth. :-)

    To remind you, this is the unnamed smartcard IC, which I believe was fabbed by Samsung.

    Let's try removing some metal from the top. 🧵

    #electronics #reverseengineering #smartcard

  10. Hello and welcome to the #nakeddiefriday again. This one will be a continuation of the previous one with the same exhibit but in more depth. :-)

    To remind you, this is the unnamed smartcard IC, which I believe was fabbed by Samsung.

    Let's try removing some metal from the top. 🧵

    #electronics #reverseengineering #smartcard

  11. And that's about it for this issue, dear friends. A lot of images with not a lot of analysis. I hope that's okay.

    As you might have noticed, I have a particular interest in #smartcard chips. :-) And I always appreciate donations. ;-) Whether you send in your old SIM cards or grab some from "gold recovery" lots on eBay, everything is welcome. Or you can also join my Patreon so I can buy them myself.

    On that positive note, thanks for looking at my images and I hope to entertain you again next Friday. Have a nice rest of the week!

  12. And that's about it for this issue, dear friends. A lot of images with not a lot of analysis. I hope that's okay.

    As you might have noticed, I have a particular interest in #smartcard chips. :-) And I always appreciate donations. ;-) Whether you send in your old SIM cards or grab some from "gold recovery" lots on eBay, everything is welcome. Or you can also join my Patreon so I can buy them myself.

    On that positive note, thanks for looking at my images and I hope to entertain you again next Friday. Have a nice rest of the week!

  13. And that's about it for this issue, dear friends. A lot of images with not a lot of analysis. I hope that's okay.

    As you might have noticed, I have a particular interest in #smartcard chips. :-) And I always appreciate donations. ;-) Whether you send in your old SIM cards or grab some from "gold recovery" lots on eBay, everything is welcome. Or you can also join my Patreon so I can buy them myself.

    On that positive note, thanks for looking at my images and I hope to entertain you again next Friday. Have a nice rest of the week!

  14. And that's about it for this issue, dear friends. A lot of images with not a lot of analysis. I hope that's okay.

    As you might have noticed, I have a particular interest in #smartcard chips. :-) And I always appreciate donations. ;-) Whether you send in your old SIM cards or grab some from "gold recovery" lots on eBay, everything is welcome. Or you can also join my Patreon so I can buy them myself.

    On that positive note, thanks for looking at my images and I hope to entertain you again next Friday. Have a nice rest of the week!

  15. And that's about it for this issue, dear friends. A lot of images with not a lot of analysis. I hope that's okay.

    As you might have noticed, I have a particular interest in #smartcard chips. :-) And I always appreciate donations. ;-) Whether you send in your old SIM cards or grab some from "gold recovery" lots on eBay, everything is welcome. Or you can also join my Patreon so I can buy them myself.

    On that positive note, thanks for looking at my images and I hope to entertain you again next Friday. Have a nice rest of the week!

  16. Greetings and welcome to today's #nakeddiefriday installment.

    Today's guest is a smartcard chip, for which I do not know the actual p/n -- only it's die marking: M7690-G1, by Infineon. This came from a SIM card. The chip had polyimide on top which had to be stripped off, hence the damage on some top metal.

    Unfortunately, power distribution routing and CMP dummy fill obstructs the majority of the detail. 🧵

    #electronics #reverseengineering #icre #smartcard

  17. Greetings and welcome to today's #nakeddiefriday installment.

    Today's guest is a smartcard chip, for which I do not know the actual p/n -- only it's die marking: M7690-G1, by Infineon. This came from a SIM card. The chip had polyimide on top which had to be stripped off, hence the damage on some top metal.

    Unfortunately, power distribution routing and CMP dummy fill obstructs the majority of the detail. 🧵

    #electronics #reverseengineering #icre #smartcard

  18. Greetings and welcome to today's #nakeddiefriday installment.

    Today's guest is a smartcard chip, for which I do not know the actual p/n -- only it's die marking: M7690-G1, by Infineon. This came from a SIM card. The chip had polyimide on top which had to be stripped off, hence the damage on some top metal.

    Unfortunately, power distribution routing and CMP dummy fill obstructs the majority of the detail. 🧵

    #electronics #reverseengineering #icre #smartcard

  19. Greetings and welcome to today's #nakeddiefriday installment.

    Today's guest is a smartcard chip, for which I do not know the actual p/n -- only it's die marking: M7690-G1, by Infineon. This came from a SIM card. The chip had polyimide on top which had to be stripped off, hence the damage on some top metal.

    Unfortunately, power distribution routing and CMP dummy fill obstructs the majority of the detail. 🧵

    #electronics #reverseengineering #icre #smartcard

  20. Greetings and welcome to today's #nakeddiefriday installment.

    Today's guest is a smartcard chip, for which I do not know the actual p/n -- only it's die marking: M7690-G1, by Infineon. This came from a SIM card. The chip had polyimide on top which had to be stripped off, hence the damage on some top metal.

    Unfortunately, power distribution routing and CMP dummy fill obstructs the majority of the detail. 🧵

    #electronics #reverseengineering #icre #smartcard

  21. I take "completely deranged file formats for 500 please"

    *scrolls*
    *rubs eyes*
    *pours double shot*
    *downs shot*

    "what is pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist?"

    #pcsc #ccid #smartcard #omgwhyIsItSoTerrible

  22. I take "completely deranged file formats for 500 please"

    *scrolls*
    *rubs eyes*
    *pours double shot*
    *downs shot*

    "what is pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist?"

    #pcsc #ccid #smartcard #omgwhyIsItSoTerrible

  23. I take "completely deranged file formats for 500 please"

    *scrolls*
    *rubs eyes*
    *pours double shot*
    *downs shot*

    "what is pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist?"

    #pcsc #ccid #smartcard #omgwhyIsItSoTerrible

  24. I take "completely deranged file formats for 500 please"

    *scrolls*
    *rubs eyes*
    *pours double shot*
    *downs shot*

    "what is pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist?"

    #pcsc #ccid #smartcard #omgwhyIsItSoTerrible

  25. I take "completely deranged file formats for 500 please"

    *scrolls*
    *rubs eyes*
    *pours double shot*
    *downs shot*

    "what is pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist?"

    #pcsc #ccid #smartcard #omgwhyIsItSoTerrible

  26. I ran into a weird edge case where the openpgp-card-ssh-agent Rust crate panics when encountering a non-OpenPGP smartcard (in my case, a corporate MyEID card for Kerberos). This bricked my SSH agent setup whenever both cards were inserted.

    Instead of waiting for an upstream patch, I wrote a quick LD_PRELOAD hook to intercept the PC/SC API (winscard.h). It wraps SCardListReaders and filters out the problematic reader ID from the multi-string buffer before returning it to the application.

    It’s a rather dirty hack, but it allows two incompatible security stacks to coexist perfectly. Write-up and C code here:

    blog.hofstede.it/card-wars-hid

    #linux #smartcard #nitrokey #devops #security #programming

    //cc @hko -- Maybe you find that interesting as well :)

  27. I ran into a weird edge case where the openpgp-card-ssh-agent Rust crate panics when encountering a non-OpenPGP smartcard (in my case, a corporate MyEID card for Kerberos). This bricked my SSH agent setup whenever both cards were inserted.

    Instead of waiting for an upstream patch, I wrote a quick LD_PRELOAD hook to intercept the PC/SC API (winscard.h). It wraps SCardListReaders and filters out the problematic reader ID from the multi-string buffer before returning it to the application.

    It’s a rather dirty hack, but it allows two incompatible security stacks to coexist perfectly. Write-up and C code here:

    blog.hofstede.it/card-wars-hid

    #linux #smartcard #nitrokey #devops #security #programming

    //cc @hko -- Maybe you find that interesting as well :)

  28. I ran into a weird edge case where the openpgp-card-ssh-agent Rust crate panics when encountering a non-OpenPGP smartcard (in my case, a corporate MyEID card for Kerberos). This bricked my SSH agent setup whenever both cards were inserted.

    Instead of waiting for an upstream patch, I wrote a quick LD_PRELOAD hook to intercept the PC/SC API (winscard.h). It wraps SCardListReaders and filters out the problematic reader ID from the multi-string buffer before returning it to the application.

    It’s a rather dirty hack, but it allows two incompatible security stacks to coexist perfectly. Write-up and C code here:

    blog.hofstede.it/card-wars-hid

    #linux #smartcard #nitrokey #devops #security #programming

    //cc @hko -- Maybe you find that interesting as well :)

  29. I ran into a weird edge case where the openpgp-card-ssh-agent Rust crate panics when encountering a non-OpenPGP smartcard (in my case, a corporate MyEID card for Kerberos). This bricked my SSH agent setup whenever both cards were inserted.

    Instead of waiting for an upstream patch, I wrote a quick LD_PRELOAD hook to intercept the PC/SC API (winscard.h). It wraps SCardListReaders and filters out the problematic reader ID from the multi-string buffer before returning it to the application.

    It’s a rather dirty hack, but it allows two incompatible security stacks to coexist perfectly. Write-up and C code here:

    blog.hofstede.it/card-wars-hid

    #linux #smartcard #nitrokey #devops #security #programming

    //cc @hko -- Maybe you find that interesting as well :)

  30. I ran into a weird edge case where the openpgp-card-ssh-agent Rust crate panics when encountering a non-OpenPGP smartcard (in my case, a corporate MyEID card for Kerberos). This bricked my SSH agent setup whenever both cards were inserted.

    Instead of waiting for an upstream patch, I wrote a quick LD_PRELOAD hook to intercept the PC/SC API (winscard.h). It wraps SCardListReaders and filters out the problematic reader ID from the multi-string buffer before returning it to the application.

    It’s a rather dirty hack, but it allows two incompatible security stacks to coexist perfectly. Write-up and C code here:

    blog.hofstede.it/card-wars-hid

    #linux #smartcard #nitrokey #devops #security #programming

    //cc @hko -- Maybe you find that interesting as well :)

  31. What a project. Did configure StepCA in my home-lab with a real physical HSM for the CA's private key. Using a SmartcardHSM (smartcard-hsm.com) from CardContact Systems.

    Now I have acme (automated cert provisioning) working internally as long as the HSM is plugged into my server.

    All running in an isolated FreeBSD 15-RELEASE jail (StepCA compiled from source with added PCSC-Lite support and usb device passed through by devfs rules).

    Yay! It works!

    #freebsd #stepca #devops #acme #certificates #tls #smartcard #hsm

  32. What a project. Did configure StepCA in my home-lab with a real physical HSM for the CA's private key. Using a SmartcardHSM (smartcard-hsm.com) from CardContact Systems.

    Now I have acme (automated cert provisioning) working internally as long as the HSM is plugged into my server.

    All running in an isolated FreeBSD 15-RELEASE jail (StepCA compiled from source with added PCSC-Lite support and usb device passed through by devfs rules).

    Yay! It works!

    #freebsd #stepca #devops #acme #certificates #tls #smartcard #hsm

  33. What a project. Did configure StepCA in my home-lab with a real physical HSM for the CA's private key. Using a SmartcardHSM (smartcard-hsm.com) from CardContact Systems.

    Now I have acme (automated cert provisioning) working internally as long as the HSM is plugged into my server.

    All running in an isolated FreeBSD 15-RELEASE jail (StepCA compiled from source with added PCSC-Lite support and usb device passed through by devfs rules).

    Yay! It works!

    #freebsd #stepca #devops #acme #certificates #tls #smartcard #hsm

  34. What a project. Did configure StepCA in my home-lab with a real physical HSM for the CA's private key. Using a SmartcardHSM (smartcard-hsm.com) from CardContact Systems.

    Now I have acme (automated cert provisioning) working internally as long as the HSM is plugged into my server.

    All running in an isolated FreeBSD 15-RELEASE jail (StepCA compiled from source with added PCSC-Lite support and usb device passed through by devfs rules).

    Yay! It works!

    #freebsd #stepca #devops #acme #certificates #tls #smartcard #hsm

  35. What a project. Did configure StepCA in my home-lab with a real physical HSM for the CA's private key. Using a SmartcardHSM (smartcard-hsm.com) from CardContact Systems.

    Now I have acme (automated cert provisioning) working internally as long as the HSM is plugged into my server.

    All running in an isolated FreeBSD 15-RELEASE jail (StepCA compiled from source with added PCSC-Lite support and usb device passed through by devfs rules).

    Yay! It works!

    #freebsd #stepca #devops #acme #certificates #tls #smartcard #hsm

  36. Yay!

    I got SmartCard authentication with PKINIT/Kerberos working in my home-network/home-lab 🙂

    RSA key safely stored on the smartcard, getting a ticket granting ticket (TGT) from the KDC and then authenticating to an SSH host via GSSAPI/Kerberos..

    Total overkill for a home-lab? Absolutely! But it's always amazing to learn something new and to have hands-on experience.

    Client: Fedora 43 KDE Edition
    KRB Realm: FreeIPA on Fedora Server

    Remote-Server: FreeBSD 15.0-RELEASE machine (krb5 enrolled).

    #linux #smartcard #authentication #ssh #gssapi #kerberos #crypto #freebsd