Legal Issues

by Mike Masnick

Filed Under:
bans, defcon, mit, obscurity, security, subway


MBTA Will Work With MIT Students, Rather Than Suing Them, To Improve Security

from the a-good-move,-a-little-late dept

You may recall, back in August, that the Massachusetts Bay Transportation Authority convinced a judge to ban the Defcon presentation by three MIT students, showing how weak the security was on the Boston transit system, and how easy it was to get past it. Of course, in trying to ban the talk, the MBTA only succeeded in getting a lot more attention for its own security vulnerabilities -- and, in the end, the judge lifted the gag order anyway, allowing the students to present their research.

The good news is that the MBTA has now dropped the lawsuit and done what it should have done in the first place: agreed to work with the students to come up with ways to improve security. It's good that they eventually came to this conclusion -- though still mind-boggling that they went down the legal route first.

Reader Comments (rss)

(Flattened / Threaded)

  1. identicon
    ExGovernmentWorker, Dec 23rd, 2008 @ 5:08am


    Thats because the lazy poop heads who work for the transit authority didn't want to have to get off their lazy butts to fix an issue, instead they'd rather waste tax money going the law route to stop people from knowing about the insufficient security which potentially puts all of the boston areas citizens in danger. But, hey; its not like they are any different from any other govt. entity.

    reply to this | link to this | view in thread ]

  2. identicon
    Ima Fish, Dec 23rd, 2008 @ 5:21am

    Only in a government bureaucracy could this conversation occur:

    "Hey boss, great news, some MIT students want to help us fix our security issues."

    "Damn them to hell, we're going to sue their asses."

    reply to this | link to this | view in thread ]

  3. identicon
    Trial, Dec 23rd, 2008 @ 5:29am


    A least MBTA seems to be learning a thing or two. Bash them if you want, but it is a giant step forward. Perhaps they will begin to appreciate their local assets as something more than an animal house frat.

    reply to this | link to this | view in thread ]

  4. identicon
    Anonymous Coward, Dec 23rd, 2008 @ 7:59am

    I'd be pissed

    If I did some work revealing security flaws, got sued over it, then the suit was dropped and they asked me to help them fix their system ... I'd tell them to go to hell unless I was desperate for some paid work

    reply to this | link to this | view in thread ]

  5. identicon
    SeaTec, Dec 23rd, 2008 @ 8:18am

    Im am sincerely hoping that our 3 letter agencies have hackers employed trying to constantly gan access to our secured sites. It woudl also be nice to have a group of goverment people testing various other enteties like Social security and health care institutions to see if they are hardened against attacks. What about our power grid for instance? If i where to attack the US id attack the poer grid first and then go after other assets. no epxensive bombs needed, just a person wiht skillz and a grudge.
    Now don't be putting me on the list now boys. you hear?

    reply to this | link to this | view in thread ]

  6. identicon
    You never know, Dec 23rd, 2008 @ 9:16am

    The MBTA had better move quick and hire this kids. They seem to be doing a better job than than thier own IT Dept. LOL.

    reply to this | link to this | view in thread ]

  7. identicon
    ExGovernmentWorker, Dec 23rd, 2008 @ 10:25am

    RE: Lazy

    I do applaud them for finaly doing the right thing and turning to them for help with fixing the system. (after wasting some tax money doing the wrong thing) At least the system will be fixed now. Most stubborn Govt. Authority's would probably continue on the court rout. (maybe if it wasn't for this judge it still would be in the courts-props to the judge too) anyway, this is hopefully a step towards a more secure network, however small the step may be. I for one am not a hacker or a programmer but I do see the big picture clear enought to see the worth of exploiting the loop holes in a non-destructive matter so that the loop holes get closed. Someones gotta point out the breaks before someone else with less desirable intentions exploits them.

    reply to this | link to this | view in thread ]

  8. identicon
    smackemgood, Dec 23rd, 2008 @ 12:14pm

    MBTA: We're sorry, would you help us plug these flaws, please?

    MIT Students: Why sure we will (wink, wink)..:)

    Hope they leave some backdoors for themselves for when and if the MBTA has another genius attack...

    reply to this | link to this | view in thread ]

  9. identicon
    Mark Regan, Dec 23rd, 2008 @ 1:55pm

    My Book On How To Assassinate The President - Tips For Terrorists

    Old News. The Secret Service and Homeland Security Depts went to court and obtained a restraining order prohibiting me from publishing my book way back in 2004.

    The restraining order is active until January 20, 2009, but there won't be a market for my book after that date, except for maybe a few racists, and MY book was written specifically to appeal to Moslems and Arabs.

    Our government claims to be FOR private enterprise and to reward initiative, but see what four years of hard labor on my book got me? A restraining order.

    I empathize with those MIT students. Let those terrorists fend for themselves. We certainly don't want to give them a roadmap to make it easy for them to bring us to our knees. That is one reason why mass transit systems run at irregular times, to keep them off balance.

    Terrorists would not have had to resort to shoe throwing if they had been allowed access to my book. They would have found out that the best way to remove the incumbent President would be to encourage him to go hunting with his Vice President.

    reply to this | link to this | view in thread ]

  10. identicon
    Anonymous Coward, Dec 23rd, 2008 @ 3:46pm

    Other possible responses.

    "Sure. Our presentation will be available at http://.... From there, your technical staff should be able to work out a solution to the loophole described in the document."

    "We would like meet in order to discuss the terms of the contract and your organization's contractor pay rates."

    reply to this | link to this | view in thread ]

  11. icon
    sprearson81 (profile), Jun 9th, 2012 @ 6:28am

    Just sue em, they deserve it!

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.