http://www.pcmag.com/article2/0,2817,2327898,00.asp



By Chloe Albanesius

PCMag.com

08.12.08



Massachusetts transit officials were skeptical that three MIT students 

were providing them with their complete presentation prior to Defcon, 

but an analysis by a security consultant said that the conference 

presentation alone was not enough to help someone hack the Boston subway 

system and get free rides for life, according to court documents.



Zack Anderson, R.J. Ryan and Alessandro Chiesa, undergraduate students 

at the Massachusetts Institute of Technology, were scheduled to present 

their paper about vulnerabilities within the Boston transit system at 

Defcon on Sunday, but the Massachusetts Bay Transit Authority (MBTA) 

successfully secured a 10-day restraining order against the trio on 

Saturday, and their presentation was cancelled.



Specifically, the students had uncovered vulnerabilities within the 

magnetic stripe and RFID card payment systems used for Boston Charlie 

Cards and Charlie Tickets.



The MBTA's "Charlie Ticket" is vulnerable to cloning and forgery 

attacks, according to a summary of the project submitted to the MBTA.



[...]





__________________________________________________      

Visit Defcon Pics - Defcon Memory Repository 

http://www.defconpics.org



Received on Tue Aug 12 2008 - 12:25:00 PDT