Find all your DIY electronics in the MakerShed. 3D Printing, Kits, Arduino, Raspberry Pi, Books & more!

Make Pt0895
Now this is an exciting DEFCON! I didn’t go this year, but this talk was one of the ones I was eyeing! And it’s gone total bonkers!

The Massachusetts Bay Transportation Authority has sued three MIT students — Zackary M. Anderson ’09, Russel J. Ryan ’09, and Alessandro Chiesa ’09 — and MIT to prevent the disclosure of security weaknesses in subway ticketing systems. The students, who were working under EECS Professor Ronald L. Rivest, were planning to give a talk titled “The Anatomy of a Subway Hack: Breaking Crypto RFID’s and Magstripes of Ticketing Systems” at the DEFCON security conference Sunday. District Judge Douglas P. Woodlock issued a temporary restraining order earlier today enjoining MIT students from “assist[ing] in any material way to circumvent or otherwise attack the security of the Fare Media System.”

A copy of the presentation, which was distributed at DEFCON, is available here: Defcon Presentation (PDF).

WOW! The WarCart rules!

Phillip Torrone

Editor at large – Make magazine. Creative director – Adafruit Industries, contributing editor – Popular Science. Previously: Founded – Hack-a-Day, how-to editor – Engadget, Director of product development – Fallon Worldwide, Technology Director – Braincraft.


Related

Comments

  1. figgalicous says:

    I mooninites cause panic, pushing this thing around is likely to get you a trip to Guantanamo. Can’t this setup be slimmed down or spit up to fit into multiple communicating containers (backpack, suitcase, etc) for team play. I know that it won’t get through turnstiles or down stairs, so I guess that it is supposed to sniff & clone RFIDs of passing transport users? It wasn’t clear in the PDF.

  2. zof says:

    Someone will mistake you for a homeless guy with a bunch of junk in his cart if you dress right. Fact is most of the public/law enforcement doesn’t know what any of that stuff is and will just assume you had a good dumpster dive and are on the way to the recyclers. Heck you might even get hand outs from the same people you steal data from :D

  3. Jon Anderson says:

    Looking through the presentation, you see that everything can be done subtly. Once they discovered that you could enter restricted areas and interact with equipment you shouldn’t even with actual workers around, they brought up the cart as a way to see how far you could push it.