Security News > 2008 > August > MIT Subway Hack Paper Published on the Web
http://www.pcmag.com/article2/0,2817,2327898,00.asp By Chloe Albanesius PCMag.com 08.12.08 Massachusetts transit officials were skeptical that three MIT students were providing them with their complete presentation prior to Defcon, but an analysis by a security consultant said that the conference presentation alone was not enough to help someone hack the Boston subway system and get free rides for life, according to court documents. Zack Anderson, R.J. Ryan and Alessandro Chiesa, undergraduate students at the Massachusetts Institute of Technology, were scheduled to present their paper about vulnerabilities within the Boston transit system at Defcon on Sunday, but the Massachusetts Bay Transit Authority (MBTA) successfully secured a 10-day restraining order against the trio on Saturday, and their presentation was cancelled. Specifically, the students had uncovered vulnerabilities within the magnetic stripe and RFID card payment systems used for Boston Charlie Cards and Charlie Tickets. The MBTA's "Charlie Ticket" is vulnerable to cloning and forgery attacks, according to a summary of the project submitted to the MBTA. [...] __________________________________________________ Visit Defcon Pics - Defcon Memory Repository http://www.defconpics.org