Public transit seats have a rough life. Enduring a number of wear cycles that would make your sofa weep, they take a beating and have to keep looking presentable. When trains and buses are retired, where do the old seats go? A team from the MIT Hobby Shop investigated what was happening to the seats from retiring MBTA Red Line cars and recycled them into stylish chairs.
After some sleuthing and many emails, the MBTA relinquished a number of old subway seats to the team. Since the subway seats didn’t have legs, wood from old church pews was used to create bases. It took one pew end support to create each set of legs, which were cut out on a bandsaw. The old dark stain was sanded off, and the bases were finished with three coats of gel topcoat, letting the natural beauty of the old oak shine through.
We love seeing old things given new life here at Hackaday. If you want to see some more recycled furniture, check out this tire table, this upcycled jeans chair, or these best practices for making box forts.
The Massachusetts Bay Transit Authority (MBTA) has dropped its federal case against three MIT researchers, “the subway hackers”. This happened in October and now the EFF brings news that the students will be working with the MBTA to improve their system. The overall goal is to raise security while keeping expenses minimal.
This whole mess started in August when a gag order was issued against the students’ presentation at Defcon. It’s a shame no one ever saw it because it covers a lot of interesting ground. A PDF of the banned slides is still online. They performed several attacks against both the subway’s fare system and physical security. Our favorites by far were using GNU Radio to sniff the RFID card’s transaction and bruteforcing Mifare Classic with an FPGA.
Popular Mechanics has an interview with [Zach Anderson], one of the MIT hackers that was temporarily gagged by the MBTA. The interview is essentially a timeline of the events that led up to the Defcon talk cancellation. [Zach] pointed out a great article by The Tech that covers the vulnerabilities. The mag stripe cards can be easily cloned. The students we’re also able to increase the value of the card by brute forcing the checksum. There are only 64 possible checksum values, so they made a card for each one. It’s not graceful, but it works. The card values aren’t encrypted and there isn’t an auditing system to check what values should be on the card either. The RFID cards use Mifare classic, which we know is broken. It was NXP, Mifare’s manufacturer, that tipped off the MBTA on the actual presentation.