U.S. court ordered the three students at the Massachusetts Institute of Technology (MIT) to cancel his speech at the conference Defcon, which was held this weekend in Las Vegas. Visitors ' hacker ' rally and have not heard about what vulnerabilities were found in the e-tickets for public transportation in Boston.
Learning about the forthcoming report, the company managing the transport system, Massachusetts Bay Transit Authority (MBTA) went to court, and he turned on her side. The prohibition on disclosure of information imposed by 10 days, but the fact of such a relationship to ' scientific research ' MIT students has drawn criticism from human rights organizations.
In particular, expressed Electronic Frontier Foundation (EFF). According to the organization, the court decision goes against the First Amendment to the U.S. Constitution, which guarantees the right to discuss the results of scientific research.
The funny thing about this story is that the fight is around the data, the principal part of which became public before the trial and before the conference, Defcon. According to The Register, I've found a description of the vulnerabilities and advice on their elimination MBTA officials attached to the court application, and slides to the future performance are on CD, copies of which were 7-8 thousand participants Defcon.
From the materials to be, anyone can order a $ 150 Internet programmer for magnetic card reader, compatible with those used in Boston CharlieTicket, buy some tickets cost less than a dollar on them and overwrite the new value of prices - up to $ 655.36 per. There is no centralized system does not use the MBTA, so the values are stored in the prices of each ticket, and nowhere else.
Bad things are not only the protection of tickets, but also with the security of the transportation. The authors found a considerable number of control panels and open office space, and the online auction site eBay - some of the forms of the Boston subway employees.
According to Wired, the authors instead of a controversial study on the Defcon spoke Danish journalist and consultant in information security Brenna de Winter (Brenno de Winter). His report was devoted to the safety of transport cards in general, without emphasis on the situation in Boston.
If you recall the history of Defcon, we can assume that MIT students are lightly. In 2001, the FBI arrested a Russian programmer Dmitry Sklyarov after a speech at the conference Defcon c scientific report, which is part of his dissertation. At that time the topic - hacking protection of electronic books - has affected the interests of the Adobe.
No comments:
Post a Comment