So everybody knows kids from MIT are wicked smart. And when they hack systems, they usually like to brag about it and get as many eyes on the security flaw (embarrassing the architect) as possible. But these three kids who hacked the MBTA fare system? They're holding a conference on their hack. DefCon, the world's largest "hacker conference," which takes place in Las Vegas this week, is host to the planet's most brilliant minds in computers. Late last week, Zack Anderson, R.J. Ryan and Alessandro Chisea announced they were holding a talk entitled "The Anatomy of a Subway Hack: Breaking Crypto RFIEDs & Magstripes of Ticketing Systems." Unfortunately, they hadn't quite warned the Massachusetts mass transit system authority--who operates the fifth largest transit system in the US--about their intentions. So they were essentially going to teach people how to hack their way out of subway fares, and not give the transit boys enough time to reengineer their system.
How did they halt the talk? Not through circuits and internet connections, but through a restraining order limiting their physical presence. Pretty sneaky, even for government boys.
According to Wired's Threat Level blog, the three students had figured out a way to reverse engineer the magnetic stripe on paper passenger tickets (called the CharlieTicket), and cracked the smartcard tickets, or CharlieCards (which accounts for almost $500,000 in revenue per weekday).
Maybe the kids shouldn't have taglined the talk "Want free subway rides for life?" Slightly conspicuous. Sidenote: the NY Transit Authority just upped the fine for jumping turnstiles to $200 (up from $100).