MIT Kids: Please come hack us!

Posted on August 11th, 2008 by The SUBWAYblogger in Crime, Transit Failures

Who knew all we needed was some MIT kids to help us get around any future fare hikes.

Apparently, some students at MIT made it a class project to hack the Boston subway system (aka the T).  As a matter of fact, the title of the project is: “The Anatomy of a Subway Hack: Breaking Crypto RFIDs & Magstripes of Ticketing Systems.”

Now, the students are computer security majors, so you can see the fit.

They planned to give their 80+ slide presentation at Defcon, a very large security conference.

However, the MTBA sued to have the presentation stopped.  A judge ordered a temporary restraining order keeping the presentation quiet.

The EFF (Electronic Frontier Foundation) got involved to fight the order.

Anyway, the kids had successfully shown how to generate and reverse engineer CharlieCards and CharlieTickets, the Boston version of Metrocards.

They basically did in a semester what any professional hackers could do, but planed to use it as an educational tool.  Sure, stealing rides is illegal, but the bigger issue is that some students were able to beat a system pretty easily.

Makes me wonder what kind of havoc they could wreak with the Metrocard system.

  1. Mike said on August 11th, 2008 at 1:36 pm

    It’s been done. Read here:
    http://events.ccc.de/congress/2005/fahrplan/attachments/594-paper_MagneticStripeTechnology2.pdf

    Basically, MetroCards (unlike CharlieCards) store their information in an unencrypted, but completely non-standard format. Because of this you’ll need to construct a custom card reader (off the shelf one won’t work). but once that has been completed you can read and rewrite your card including the card value.

    But there’s a catch: The MTA stores your fare in a central database. To speed up fare collection, the turnstile “trusts” your card at face value, but every few minutes it will update its information with the central DB. So you can use your hacked card once, but once the turnstile “phones home” it will notice the difference and add your card to a list of invalid cards. This list is pushed to the turnstiles and stored locally, so you will be rejected next time you try to swipe.

    So the question becomes, how can you trick the central DB into believing your hacked card is valid? The MIT presentation doesn’t seem to address this issue.
    http://www-tech.mit.edu/V128/N30/subway/Defcon_Presentation.pdf
    Perhaps because CharlieCards are encrypted the central DB trusts their value, although this seems unlikely.

    Reply
  2. CD Junior said on August 11th, 2008 at 1:57 pm

    These kids were exposing stupidity on the part of a large mass transit management team. They did good. When you slam students or hackers for good hacks, you force them below ground. Narrow minded idiots will prosecute non-malicious hacking because they need to prove they are worthy of their pay and the fact is they could not catch a serious hacker to begin with so they pick the low hanging fruit. We as a nation have to support good hacks. Sooner or later a good hacker will save us in a way nobody can even imagine yet.

    Reply
  3. todd said on August 11th, 2008 at 2:22 pm

    Nothing. The Metrocard system is entirely different. The cards sync with the master computer every 7 minutes. THe master computer understands the balance of each card. The metrocard is broken into three “stripes” on the magnetic strip. It records date and time of purchase, original amount, current amount, number of times swiped, time of last swipe, location of last swipe and amount removed in last swipe.

    You could alter this data (I seem to remember the encoding scheme is the same as they used to use on older airline tickets) and add extra money, but after the central computer was updated 7 minutes later it’d notice the anomoly of your card (more money than it shouold have had) and just disable it. So, at most, you can get $2 extra from a card. Being that you need to spend at least $4 to buy one, you’ll break even.

    Reply
  4. Todd said on August 11th, 2008 at 7:57 pm

    Very cool stuff!

    Reply
  5. www.myspace.com said on November 11th, 2010 at 11:22 pm

    Every time I read on this, it usually is the same. At long last somebody has presented a unique and meaningful perspective.

    Reply
  6. Tarah Hildman said on November 29th, 2010 at 3:45 pm

    It’s trivial toward without hesitation finally locate a website where the blogger really knows what he is talking about.

    Reply
  7. power balance band test said on January 23rd, 2011 at 8:57 am

    This is really a extremely interesting post, thank you for sharing! There are many blogs on this topic but this 1 states precisely what I believe also.

    Reply
  8. Santo Gonyea said on January 25th, 2011 at 8:53 am

    Considerably, the post is actually the freshest on that worthy topic. I concur with your conclusions and definitely will eagerly look forward to your incoming updates. Saying thanks can not just be enough, for the fantasti c lucidity in your writing. I definitely will promptly grab your rss feed to stay informed of any updates. Pleasant work and much success in your business efforts!

    Reply
  9. Frame Mats said on January 26th, 2011 at 10:02 am

    Intimately, the post is actually the freshest on this laudable topic. I match in with your conclusions and definitely will thirstily look forward to your approaching updates. Just saying thanks will certainly not simply just be enough, for the outstanding lucidity in your writing. I can without delay grab your rss feed to stay informed of any kind of updates. Solid work and also much success in your business enterprize!

    Reply
  10. Picture Framing Tools said on January 27th, 2011 at 6:47 am

    Considerably, the article is actually the sweetest on that deserving topic. I match in with your conclusions and also will thirstily look forward to your next updates. Saying thanks can not simply just be acceptable, for the amazing lucidity in your writing. I will certainly instantly grab your rss feed to stay informed of any updates. Authentic work and also much success in your business dealings!

    Reply
  11. Marybeth Sibert said on January 30th, 2011 at 4:50 am

    I have been looking for this information for a while now, thank you.

    Reply
  12. yard swings said on February 4th, 2011 at 10:32 pm

    Easily, the post is really the greatest on that precious topic. I harmonise with your conclusions and also will certainly thirstily look forward to your incoming updates. Just saying thanks will not just be enough, for the extraordinary lucidity in your writing. I will promptly grab your rss feed to stay abreast of any updates. Genuine work and much success in your business endeavors!

    Reply
  13. Cardboard Gift Box said on February 5th, 2011 at 3:50 pm

    Wonderful stuff as common…

    Reply
  14. Freight Forwarding Services said on February 8th, 2011 at 11:55 pm

    With ease, the post is really the greatest on this precious topic. I harmonise with your conclusions and will thirstily look forward to your incoming updates. Just saying thanks will certainly not simply be sufficient, for the extraordinary lucidity in your writing. I will certainly quickly grab your rss feed to stay abreast of any kind of updates. Genuine work and also much success in your business endeavors!

    Reply
  15. seo services delhi said on February 16th, 2011 at 10:35 am

    My spouse and I absolutely love your blog and find a lot of your post’s to be precisely what I’m looking for. can you offer guest writers to write content in your case? I wouldn’t mind composing a post or elaborating on some of the subjects you write concerning here. Again, awesome blog!

    Reply
  16. boaz-bagbag said on March 17th, 2011 at 9:16 am

    Really amazing read ! I will try to visit your blog again and again in the need of such content provided by you.

    Thanks

    Reply
  17. card sleeves said on March 25th, 2011 at 10:31 am

    Good post. I very interested in the article.

    Reply
  18. card sleeves said on March 25th, 2011 at 7:16 pm

    Wonderful site, where did you come up with the information in this article? I’m happy I found it though, ill be checking back soon to see what other articles you have.

    Reply
  19. condensation pump said on March 27th, 2011 at 11:43 pm

    Nice post. Thanks for sharing this precious information. I simply bookmarked this site. I will verify on future post.

    Reply
  20. tramadol generic said on April 9th, 2011 at 9:08 am

    You completed several good points there. I did specific searches about the issue and located nearly all people is going along with with your blog.

    Reply
  21. Epifania Plimpton said on April 9th, 2011 at 6:30 pm

    Thanks , I have recently been looking for information about this topic for ages and yours is the best I have discovered so far. But, what about the bottom line? Are you sure about the source?

    Reply
  22. Aquaponic-How To said on April 12th, 2011 at 11:05 pm

    There are some attention-grabbing closing dates on this article however I don’t know if I see all of them heart to heart. There’s some validity however I’ll take maintain opinion until I look into it further. Good article , thanks and we want extra! Added to FeedBurner as effectively

    Reply
  23. ncaa said on April 16th, 2011 at 11:50 pm

    I have noticed that fixing credit activity has to be conducted with tactics. If not, it’s possible you’ll find yourself damaging your standing. In order to reach your goals in fixing your credit rating you have to ensure that from this moment in time you pay your entire monthly costs promptly prior to their timetabled date. It is really significant simply because by not really accomplishing so, all other steps that you will decide to use to improve your credit ranking will not be efficient. Thanks for giving your tips.

    Reply
  24. Reta Bickel said on April 17th, 2011 at 1:57 am

    I see something really interesting about your site so I saved to favorites .

    Reply
  25. tv armoire said on April 17th, 2011 at 6:10 pm

    I have noticed that in video cameras, unique receptors help to target automatically. These sensors with some digital cameras change in in the area of contrast, while others utilize a beam of infra-red (IR) light, specifically in low lumination. Higher standards cameras often use a combination of both models and could have Face Priority AF where the camera can ‘See’ a face while keeping your focus only on that. Thanks for sharing your opinions on this blog site.

    Reply
  26. desk clock said on April 20th, 2011 at 2:58 pm

    Through my investigation, shopping for electronic devices online can for sure be expensive, yet there are some tips and tricks that you can use to obtain the best bargains. There are always ways to uncover discount promotions that could make one to possess the best electronic devices products at the lowest prices. Interesting blog post.

    Reply
  27. velcro fastener said on April 26th, 2011 at 9:12 pm

    Thanks for your article on the traveling industry. I’d personally also like to add that if you are a senior taking into consideration traveling, it can be absolutely crucial to buy travel cover for senior citizens. When traveling, senior citizens are at biggest risk being in need of a health-related emergency. Obtaining the right insurance policies package on your age group can look after your health and provide you with peace of mind.

    Reply
  28. tier said on April 27th, 2011 at 9:41 pm

    Thanks for the thoughts you are revealing on this weblog. Another thing I would really like to say is getting hold of some copies of your credit report in order to inspect accuracy of each and every detail will be the first step you have to perform in credit score improvement. You are looking to clean your credit profile from damaging details errors that mess up your credit score.

    Reply
  29. get adwords unbanned said on April 29th, 2011 at 2:43 pm

    Heya i’m for the primary time hereI came across this board and I to find It really helpful & it helped me out muchI hope to give one thing again and help others such as you helped me.

    Reply
  30. Whitt said on May 1st, 2011 at 1:44 pm

    Thanks for writing this good article.

    http://techcovery.com/

    Reply
  31. foldg said on May 5th, 2011 at 8:16 pm

    I have discovered some points through your blog post. One other thing I would like to state is that there are numerous games on the market designed mainly for preschool age small children. They consist of pattern identification, colors, animals, and models. These often focus on familiarization as opposed to memorization. This makes little children occupied without experiencing like they are learning. Thanks

    Reply
  32. scratch resistance said on May 7th, 2011 at 7:27 pm

    I have learned new things by your site. One other thing I would really like to say is newer computer system operating systems usually allow additional memory to use, but they furthermore demand more memory space simply to run. If a person’s computer can’t handle much more memory along with the newest software package requires that ram increase, it might be the time to shop for a new PC. Thanks

    Reply
  33. watch holder said on May 7th, 2011 at 8:10 pm

    Well, the article is really the freshest on that notable topic. I agree with your conclusions and will thirstily look forward to your approaching updates. Saying thanks definitely will not simply just be acceptable, for the tremendous clarity in your writing. I can instantly grab your rss feed to stay privy of any kind of updates. Pleasant work and also much success in your business efforts!

    Reply
  34. tailgate protectors said on May 10th, 2011 at 1:20 pm

    Thanks for your tips on this blog. A single thing I would want to say is that purchasing electronic products items in the Internet is not something new. In truth, in the past 10 years alone, the market for online electronic devices has grown a great deal. Today, you’ll find practically just about any electronic unit and devices on the Internet, which include cameras and camcorders to computer components and gaming consoles.

    Reply
  35. Antone Lexer said on July 7th, 2011 at 8:46 pm

    The Steelers always beat the Bengals, and whenever they somehow manage to lose, its always via self-inflicted injury or turnovers. I dont remember the last time the Bengals straight up beat the Steelers. Could happen this year, you never know. But Cincy has the offense that SHOULD be able to beat us. Running teams dont do well against our defense, but passing teams do.

    Reply

Have something to say? Here's your chance. Post it for all of us to read.

How do I change my avatar?

Go to gravatar.com and upload your preferred avatar.

Flash Back

Categories

Tag Cloud

air conditioning apps blackberry board budget bullshit congestion cop doors drunks escalators fare fare hike free ads game girls grand central terminal iphone ipod metrocard MetroCards money mta new york city new york city subway new york times nyc nyc subway nypd open seat subway subway cars subway fares subway platform subways subway service subway station times square Tourists tracks train trains transit transit system turnstile

ss_blog_claim=e1b9eeb8c6812ce0414a86d1c7c3a36d ss_blog_claim=e1b9eeb8c6812ce0414a86d1c7c3a36d