Police are investigating the sale of a digital camera said to contain MI6 images of terror suspects, the Foreign Office has said.

The camera was bought for £17 on auction website eBay by a 28-year-old from Hemel Hempstead, Hertfordshire, the Sun newspaper reported.

The pictures were also said to include rocket launchers and missiles.

Hertfordshire Police said intelligence officers were investigating after a camera was seized.

Holiday photos

A Foreign Office spokeswoman said: "We can confirm a police investigation is under way."

However, she refused to comment on the report that the camera was sold by an MI6 agent.

The newspaper said the man only discovered the pictures when he downloaded his holiday photographs from the Nikon Coolpix camera.

A friend of the man is quoted as saying: "He flew home early this month and downloaded his holiday pictures and saw some of rocket launchers and missiles.

"He knew he hadn't taken them so he asked his friends about it and they suggested going to the police."

*Source BBC NEWS

Details of how to hack one of the world's most popular smartcards have been published online.

The research by Professor Bart Jacobs and colleagues at Radboud University in Holland reveals a weakness in the widely used Mifare Classic RFID chip.

This is used in building entry systems and is embedded in the Oyster card used on London's transport network.

Publication of the research was delayed by legal action taken by the chip's manufacturer.

Paper chase

Prof Jacobs and his team first identified the vulnerability in a research paper that was due to be published in March 2008.

However, the release of the article was delayed after chip manufacturer NXP attempted to secure a court injunction against its publication.

The paper was finally released on Monday at the European Symposium on Research in Computer Security (Esorics) 2008 security conference held in Malaga, Spain.

Sensitive data stored on the Mifare Classic chip is protected by a unique number that acts as a key. When the chip, or a card bearing it, is placed near a reader it transmits and receives information based on its key. The security of the system depends on the key remaining secret.

In March Prof Jacobs and his colleagues discovered a flaw in the chip's design which makes those keys easy to calculate and copy.

"Once we knew how the system worked and what the vulnerabilities were, it turned out to be very simple to actually clone cards, steal someone's identity and enter a building as someone else", he said.

After making the discovery the researchers informed the Dutch government and the chip's manufacturer, NXP.

When it knew about the research NXP moved to delay publication by seeking an injunction.

Steve Owen, vice president of sales and marketing - identification at NXP Semiconductors, told the BBC's Click programme that it was motivated to take legal action to give its customers time to update their systems.

"We sought the injunction to cause a delay, not to completely stop the publication," he said.

Mr Owen recommends that the card alone should not be relied upon for secure access to buildings.

"We do not recommend the use of Mifare Classic for new installations," said Mr Owen. "We are working with customers to review their security."