mbed is a next-generation 32-bit microcontroller platform. It’s a prototyping and teaching tool somewhat along the lines of Arduino. On steroids. With claws and fangs. Other contenders in this class include the MAKE Controller, STM32 Primer and Primer 2, Freescale Tower, and Microchip’s PIC32 Starter Kit. The mbed hardware has a number of advantages (and a few disadvantages) compared to these other platforms, but what really sets it apart is the development environment: the entire system — editor, compiler, libraries and reference materials — are completely web-based. There is no software to install or maintain on the host system.
Read the rest of this entry »

Popular Mechanics has an interview with [Zach Anderson], one of the MIT hackers that was temporarily gagged by the MBTA. The interview is essentially a timeline of the events that led up to the Defcon talk cancellation. [Zach] pointed out a great article by The Tech that covers the vulnerabilities. The mag stripe cards can be easily cloned. The students we’re also able to increase the value of the card by brute forcing the checksum. There are only 64 possible checksum values, so they made a card for each one. It’s not graceful, but it works. The card values aren’t encrypted and there isn’t an auditing system to check what values should be on the card either. The RFID cards use Mifare classic, which we know is broken. It was NXP, Mifare’s manufacturer, that tipped off the MBTA on the actual presentation.