So you have a system that is easily hacked. You have a group of students who have presented the information to the government agency, which seems to be now running to the courts to stop them for presenting their findings to a conference, which is basically a hackers convention. Interesting. From C/Net we have this story:
LAS VEGAS–A federal judge on Saturday granted the state of Massachusetts’ request for an injunction preventing three MIT students from giving a presentation about hacking smartcards used in the Boston subway system.
The undergraduate students were scheduled to give a presentation Sunday afternoon at the Defcon hacker conference here that they had said would describe “several attacks to completely break the CharlieCard,” an RFID card that the Massachusetts Bay Transportation Authority uses on the Boston T subway line. They also planned to release card-hacking software they had created.
U.S. District Judge Douglas Woodlock on Saturday ordered the students not to provide “program, information, software code, or command that would assist another in any material way to circumvent or otherwise attack the security of the Fare Media System.” Woodlock granted the MBTA’s request after a hastily convened hearing in Massachusetts that took place at 8 a.m. PDT on Saturday.
The suit, filed a day earlier, also names the Massachusetts Institute of Technology as a defendant. Neither MIT nor the students–Zack Anderson, R.J. Ryan, and Alessandro Chiesa–could immediately be reached for comment. Anderson said in an e-mail that “it has been (a) disappointment how this whole situation was handled from their end.”
Bottom line: The government agency doesn’t want anyone to know how screwed up their system is. 🙂
One would think the agency could use this information to secure the holes that have been discovered.
What do you think?