MBTA Will Work With MIT Students, Rather Than Suing Them, To Improve Security

from the a-good-move,-a-little-late dept

You may recall, back in August, that the Massachusetts Bay Transportation Authority convinced a judge to ban the Defcon presentation by three MIT students, showing how weak the security was on the Boston transit system, and how easy it was to get past it. Of course, in trying to ban the talk, the MBTA only succeeded in getting a lot more attention for its own security vulnerabilities -- and, in the end, the judge lifted the gag order anyway, allowing the students to present their research.

The good news is that the MBTA has now dropped the lawsuit and done what it should have done in the first place: agreed to work with the students to come up with ways to improve security. It's good that they eventually came to this conclusion -- though still mind-boggling that they went down the legal route first.

10 Comments | Leave a Comment..

Legal Issues

by Mike Masnick

Mon, Aug 11th 2008 2:13am

Boston Subway System Stops Defcon Talk; But Paints Security Target On Its Back

from the yeah,-that'll-work dept

You would think after years and years of it backfiring every time some scared organization tries to shut down a talk concerning their security vulnerabilities, that people wouldn't even bother any more. But never underestimate the short-sightedness of some execs. The Massachusetts Bay Transportation Authority uses a magnetic strip card system to access the subway system in Boston. That system is not particularly secure, and some enterprising MIT students planned to demonstrate just how weak the security was on the system this weekend at the Defcon conference... until the MBTA convinced a judge to ban the presentation and demand that all copies of the presentation not be released -- which is problematic since all attendees at the conference already obtained CDs with a copy of the presentation. Also, somewhat ironically, a copy of the presentation was entered in as evidence in the case, and that copy is now publicly available as part of the court records system. Oops.

Of course, even if the court had actually been able to stop the distribution of the presentation, it's silly to think that this would have stopped the dissemination of the methods for hacking the system. The truth is that the MBTA's system uses woefully weak security, and rather than doing anything to strengthen it, it has to threaten some bright MIT students and get a court order to pretend the such security vulnerabilities don't exist. And, of course, in doing this, all the MBTA has really done is painted a huge target on its back. Perhaps it should have just focused on making its system a bit more secure instead.

25 Comments | Leave a Comment..

Search Techdirt

And now, a word from our Sponsors..

15% off discount for Techdirt Readers

Popular Posts

Poll

Add Techdirt RSS To Your Reader

Subscribe to Techdirt's Daily Email Newsletter

Older Stuff

Wednesday
4:01pm:	Funny How Those In Favor Of ACTA Are Against Treaty Providing More Access To Content For Vision Impaired (6)
3:15pm:	Advertising As Content: Newspaper Raising Newsstand Prices For Thanksgiving Papers With Black Friday Ads (11)
2:14pm:	Are Entertainment Industry Tactics Working? (50)
1:00pm:	Photographer Compares Microstock Sites To Pollution And Drug Dealing (45)
11:48am:	If Movie Piracy Is Really A Problem, It's Hollywood's Fault (77)
10:27am:	If Google Visitors Are Worthless, It's Only Because Newspaper Execs Don't Know What They're Doing (37)
9:01am:	Multitasking Is Our Main Activity (15)
7:33am:	Greed vs. Due Diligence: Another Case Of Startup Fraud? (4)
6:01am:	Anti-Piracy Group In Spain Fined For Bad Faith Actions Against File Sharing Systems (13)
3:55am:	ABA Journal's Patent Application To Score Interview With USPTO Boss David Kappos (18)
1:44am:	Can Universities Make Sure That Drugs Based On Their Research Are Licensed Reasonably? (19)
Tuesday
9:21pm:	Companies Realizing That Content Is Advertising Via Web Series (12)
7:01pm:	Could You Prove That The Government Was Watching You Illegally? (38)
4:56pm:	Reuters, AP Refuse To Cover Cricket Matches Over Restrictive Press Accreditation Rules (21)
3:21pm:	Comparing File Sharing To Payola: Could Have Had That Promotion For Free (34)
1:56pm:	Jury Says Fictional Character Can Be Libelous (28)
12:44pm:	Spam King Alan Ralsky Gets Four Years In Jail (28)
11:39am:	Publishers Getting The Wrong Message Over eBook Piracy (39)
10:28am:	Calling For An Independent Invention Defense In Patents (27)
9:12am:	Microsoft Tries To Silence Revelation Of Bing Cashback Flaws; Leads To Revelation Of Other Problems (43)
8:03am:	Don't Blame Facebook For Some Kids Beating Up Another Student (61)
6:46am:	Hulu Telling Sites To Stop Embedding So Much (44)
5:00am:	Once Again, If The Gov't Has Data, It Will Be Abused (42)
2:53am:	As Expected, Social Networking Generation Running For Office Face Their Permanent Record Online (32)
12:55am:	IMAX Sues Cinemark For Building Competing System... While Being An IMAX Customer (14)
Monday
10:26pm:	Filmmaker Allowed To Use The Name Rin Tin Tin To Describe Rin Tin Tin (6)
8:25pm:	Senators Begin Questioning ACTA Secrecy (32)
6:34pm:	Brazil E-Voting Machines Not Hacked... But Van Eck Phreaking Allowed Hacker To Record Votes (15)
5:08pm:	FCC Doesn't Think The Lack Of Competition Is A Major Barrier To Broadband? (36)
3:49pm:	Heads Of Major Movies Studios Claiming They Just Want To Help Poor Indie Films Harmed By Piracy (47)

Quick Links

Current Insight Community Cases

MBTA Will Work With MIT Students, Rather Than Suing Them, To Improve Security

from the a-good-move,-a-little-late dept

Boston Subway System Stops Defcon Talk; But Paints Security Target On Its Back

from the yeah,-that'll-work dept

Which Internet Concern Worries You The Most?

Techdirt's Daily Email Newsletter

Wednesday

Tuesday

Monday

More