MBTA Will Work With MIT Students, Rather Than Suing Them, To Improve Security
from the a-good-move,-a-little-late dept
You may recall, back in August, that the Massachusetts Bay Transportation Authority convinced a judge to ban the Defcon presentation by three MIT students, showing how weak the security was on the Boston transit system, and how easy it was to get past it. Of course, in trying to ban the talk, the MBTA only succeeded in getting a lot more attention for its own security vulnerabilities — and, in the end, the judge lifted the gag order anyway, allowing the students to present their research.
The good news is that the MBTA has now dropped the lawsuit and done what it should have done in the first place: agreed to work with the students to come up with ways to improve security. It’s good that they eventually came to this conclusion — though still mind-boggling that they went down the legal route first.
Filed Under: bans, defcon, mit, obscurity, security, subway
Companies: mbta
Comments on “MBTA Will Work With MIT Students, Rather Than Suing Them, To Improve Security”
Lazy
Thats because the lazy poop heads who work for the transit authority didn’t want to have to get off their lazy butts to fix an issue, instead they’d rather waste tax money going the law route to stop people from knowing about the insufficient security which potentially puts all of the boston areas citizens in danger. But, hey; its not like they are any different from any other govt. entity.
Only in a government bureaucracy could this conversation occur:
“Hey boss, great news, some MIT students want to help us fix our security issues.”
“Damn them to hell, we’re going to sue their asses.”
Fire
A least MBTA seems to be learning a thing or two. Bash them if you want, but it is a giant step forward. Perhaps they will begin to appreciate their local assets as something more than an animal house frat.
I'd be pissed
If I did some work revealing security flaws, got sued over it, then the suit was dropped and they asked me to help them fix their system … I’d tell them to go to hell unless I was desperate for some paid work
Im am sincerely hoping that our 3 letter agencies have hackers employed trying to constantly gan access to our secured sites. It woudl also be nice to have a group of goverment people testing various other enteties like Social security and health care institutions to see if they are hardened against attacks. What about our power grid for instance? If i where to attack the US id attack the poer grid first and then go after other assets. no epxensive bombs needed, just a person wiht skillz and a grudge.
Now don’t be putting me on the list now boys. you hear?
The MBTA had better move quick and hire this kids. They seem to be doing a better job than than thier own IT Dept. LOL.
RE: Lazy
I do applaud them for finaly doing the right thing and turning to them for help with fixing the system. (after wasting some tax money doing the wrong thing) At least the system will be fixed now. Most stubborn Govt. Authority’s would probably continue on the court rout. (maybe if it wasn’t for this judge it still would be in the courts-props to the judge too) anyway, this is hopefully a step towards a more secure network, however small the step may be. I for one am not a hacker or a programmer but I do see the big picture clear enought to see the worth of exploiting the loop holes in a non-destructive matter so that the loop holes get closed. Someones gotta point out the breaks before someone else with less desirable intentions exploits them.
MBTA: We’re sorry, would you help us plug these flaws, please?
MIT Students: Why sure we will (wink, wink)..:)
Hope they leave some backdoors for themselves for when and if the MBTA has another genius attack…
Re: Other possible responses.
“Sure. Our presentation will be available at http://…. From there, your technical staff should be able to work out a solution to the loophole described in the document.”
“We would like meet in order to discuss the terms of the contract and your organization’s contractor pay rates.”
My Book On How To Assassinate The President - Tips For Terrorists
Old News. The Secret Service and Homeland Security Depts went to court and obtained a restraining order prohibiting me from publishing my book way back in 2004.
The restraining order is active until January 20, 2009, but there won’t be a market for my book after that date, except for maybe a few racists, and MY book was written specifically to appeal to Moslems and Arabs.
Our government claims to be FOR private enterprise and to reward initiative, but see what four years of hard labor on my book got me? A restraining order.
I empathize with those MIT students. Let those terrorists fend for themselves. We certainly don’t want to give them a roadmap to make it easy for them to bring us to our knees. That is one reason why mass transit systems run at irregular times, to keep them off balance.
Terrorists would not have had to resort to shoe throwing if they had been allowed access to my book. They would have found out that the best way to remove the incumbent President would be to encourage him to go hunting with his Vice President.
Just sue em, they deserve it!