The Massachusetts Bay Transit Authority (MBTA) has dropped its federal case against three MIT researchers, “the subway hackers”. This happened in October and now the EFF brings news that the students will be working with the MBTA to improve their system. The overall goal is to raise security while keeping expenses minimal.
This whole mess started in August when a gag order was issued against the students’ presentation at Defcon. It’s a shame no one ever saw it because it covers a lot of interesting ground. A PDF of the banned slides is still online. They performed several attacks against both the subway’s fare system and physical security. Our favorites by far were using GNU Radio to sniff the RFID card’s transaction and bruteforcing Mifare Classic with an FPGA.
From what I remember, the students went to the MBTA and they didn’t want to listen to them in the first place. Now they want to work together and improve the security. Finally the MBTA woke up and got their heads out of the sand.
@aaron: Much more diplomatic about cranial location than I would have been.
:-)
When I heard MIT students where being threatened I knew the EFF would be all over it. Good thing they didn’t go to a state university(sarcasm.)
I wonder where all the non-commercial-interest digital rights advocates that supported the eff went.
I won’t list all the cases the eff has completely ignored over at least the past two and a half years. There execs must of done lunch with the prosecutions execs during the trials.
The system was pathetically covered. If you read the slides it is obvious that the co that build it halfassed it. For instance, the top secret checksum was only 5 bits with a whopping 64 possible permutations. Could brute force that with Legos.
I read some of these cards when they first came out in ’06 and thought it looked simple. The barn door was freaking wide open and the just happened to be the ones to tell the world.
Read up, it is a great hoot, especially the gag request court papers. Starts out with an entire page of credentials by the MBTA security head. Then says the system is supersecure and that no one could easily break in. Even says cards were heavily encrypted. False on all counts when you look at the decon report.
MBTA is a mess, and likely will continue to be. let them blame it all on those insanely smart kids in Cambridge. Who else could pull it off? Its too bad they had to be “MIT” kids to do it, which makes people think that it was very complex, but the folks down at Bunker Hill Community College could have done most of it too.
@joe: Anyone could do it based off the information in the PDF, and probably without it. It would of been cool if it used some type of self modifying code and obfuscation though to make the attack seem sophisticated.
Most people ignored I think because nobody cares about public transit that much.
Could brute force that with Legos. = lulz
Not just could have, but probally did. All the did was expose and fed up system, whereas someone else would have just used the info and said nothing. Sometimes it takes threat to get people to fis there problems. I had to pen test my bank and show the branch manager the results in non-geek to get them to upgrade security, same deal.
The MBTA should have just used custom diversified keys. 192 bit key with diversification would be fine most likely.