SEARCH RESULTS
 
Showing 1-10 of 10 records
1
 
Expand article

MBTA vs MIT students case continues

2008-08-13 22:47:34 by Chris Wysopal in Zero in a bit
 
...MBTA disclosed the Confidential memo from the MIT students in their court filings, they are seeking a permanent speech injunction. An august group of computer scientists has signed a letter which will be entered into the record for the case. This list includes: Dave Farber of Carnegie Mellon University, Steve Bellovin from Columbia...
 
Tags: technologies flaws, flaws, vulnerabilities, technologys vulnerabilities, mifare card vulnerabilities, students, security vulnerabilities, mit students, mbta
 
 
 
 
Expand article

MBTA vs MIT Students Case Continues

2008-08-13 22:47:34 by Chris Wysopal in Zero in a bit
 
...MBTA disclosed the Confidential memo from the MIT students in their court filings, they are seeking a permanent speech injunction. An august group of computer scientists has signed a letter which will be entered into the record for the case. This list includes: Dave Farber of Carnegie Mellon University, Steve Bellovin from Columbia...
 
Tags: technologies flaws, flaws, vulnerabilities, technologys vulnerabilities, mifare card vulnerabilities, students, security vulnerabilities, mit students, mbta
 
 
 
 
Expand article

MBTA Hacking Injunction Lifted

2008-08-20 05:49:55 by Chris Eng in Zero in a bit
 
...MBTA hackers and the EFF, lifting the injunction issued on August 9th to prevent the three MIT students from presenting their findings at DEFCON 16 . In summary The lawsuit claimed that the students planned presentation would violate the Computer Fraud and Abuse Act (CFAA) by enabling others to defraud the MBTA of transit fares. A different...
 
Tags: mbta, students, students publicly, defcon presentation, defcon, mbta hackers, presentation, mit students, judge
 
 
 
 
Expand article

MBTA Hack - Is it really this easy?

The Article has images
2008-08-15 13:19:29 by Chris Wysopal in Zero in a bit
...MBTA vs MIT case has been discussion of the CharlieCards . These are MiFare classic cards which have been known to be broken earlier this year . There is also a paper disposable card called the CharlieTicket that uses a magnetic stripe. The MIT students presentation states that these are cloneable and forgeable using a $150 magnetic stripe...
 
Tags: massachusetts taxpayer, taxpayer, system, fraud detection system, system costs, public system, massachusetts taxpayer money, charlieticket system, charlieticket
 
 
 
 
Expand article

MBTA Hack: Is It Really This Easy?

The Article has images
2008-08-15 13:19:29 by Chris Wysopal in Zero in a bit
...MBTA vs MIT case has been discussion of the CharlieCards . These are MiFare classic cards which have been known to be broken earlier this year . There is also a paper disposable card called the CharlieTicket that uses a magnetic stripe. The MIT students presentation states that these are cloneable and forgeable using a $150 magnetic stripe...
 
Tags: massachusetts taxpayer, taxpayer, system, fraud detection system, system costs, public system, massachusetts taxpayer money, charlieticket system, charlieticket
 
 
 
 
Expand article

3 takeaways from security-flaw legal flap between MBTA, MIT students

2008-08-22 13:00:00 by Editor in Computerworld Security News
 
IT managers can learn some lessons from the legal case in which Boston's MBTA tried and ultimately failed to stop three MIT students from discussing security flaws that they found in its fare-payment system
 
Tags: mit students, fare-payment system, mbta, security flaws, legal, ultimately, boston, stop, lessons
 
 
 
 
Expand article

Sorry CharlieCard, Your Security Model Is Broken

2008-08-09 14:57:40 by Chris Wysopal in Zero in a bit
 
...MBTA has sued 3 MIT students to stop them from giving a planned talk at DEFCON Doesnt this seem backwards to you? Shouldnt the MBTA be suing the vendor who sold them the flawed system? Security problems go away by mandating independant security testing before a product is accepted, not by trying to get security researchers to be quiet. This...
 
Tags: security, security researchers, valid security approach, system, encryption system, boston subway system, discuss security issues, court system, security systems
 
 
 
 
Expand article

Sorry CharlieCard, Your Security Model Is Broken

2008-08-09 14:57:40 by Chris Wysopal in Zero in a bit
 
...MBTA has sued 3 MIT students to stop them from giving a planned talk at DEFCON Doesnt this seem backwards to you? Shouldnt the MBTA be suing the vendor who sold them the flawed system? Security problems go away by mandating independant security testing before a product is accepted, not by trying to get security researchers to be quiet. This...
 
Tags: security, security researchers, system, independant security, boston subway system, security weakness, researchers, reactive approach, mit students
 
 
 
 
Expand article

3 takeaways from MBTA, MIT student legal flap

2008-08-23 00:00:00 by HASH0x8472bf8 in Network World on Security
 
Earlier this week, a federal judge in Boston lifted a gag order that had blocked three MIT students them from publicly discussing security flaws they discovered in the fare-payment system used by the city's mass-transit agency
 
Tags: mass-transit agency, mit students, fare-payment system, security flaws, federal judge, boston, week, gag, publicly
 
 
 
 
Expand article

MBTA Hack shows security hasnt improved in 10 years

2008-08-25 20:46:11 by Chris Wysopal in Zero in a bit
 
One of my old L0pht collegues, Peiter Mudge Zatko, is featured in Mass High Tech today in anarticle titled Bay State hackers find security holes in defibrillators, RFID Hackers getting a free T pass may be the least of our worries local hackers-turned-security experts suggest RFID keycards, wireless networks and medical devices implanted in the...
 
Tags: security, security holes, security acceptance, security testingneeds, systems, digital systems, independent security research, highway transponder systems, social security