Hot Topics:
See All Topics

“Banned” slides — The Anatomy of a Subway Hack: Breaking Crypto RFID’s and Magstripes of Ticketing Systems

Make Pt0895
Now this is an exciting DEFCON! I didn’t go this year, but this talk was one of the ones I was eyeing! And it’s gone total bonkers!

The Massachusetts Bay Transportation Authority has sued three MIT students — Zackary M. Anderson ’09, Russel J. Ryan ’09, and Alessandro Chiesa ’09 — and MIT to prevent the disclosure of security weaknesses in subway ticketing systems. The students, who were working under EECS Professor Ronald L. Rivest, were planning to give a talk titled “The Anatomy of a Subway Hack: Breaking Crypto RFID’s and Magstripes of Ticketing Systems” at the DEFCON security conference Sunday. District Judge Douglas P. Woodlock issued a temporary restraining order earlier today enjoining MIT students from “assist[ing] in any material way to circumvent or otherwise attack the security of the Fare Media System.”

A copy of the presentation, which was distributed at DEFCON, is available here: Defcon Presentation (PDF).

WOW! The WarCart rules!

In the Maker Shed

Cube 3D Printer

Cube 3D Printer

BrushBots

BrushBots

Brooklyn Aerodrome Flying Wing Kit

Brooklyn Aerodrome Flying Wing Kit

Brooklyn Aerodrome Flying Wing Kit

Raspberry Pi Starter Kit - Includes 512MB Raspberry Pi

3 Responses to “Banned” slides — The Anatomy of a Subway Hack: Breaking Crypto RFID’s and Magstripes of Ticketing Systems

  1. figgalicous on said:

    I mooninites cause panic, pushing this thing around is likely to get you a trip to Guantanamo. Can’t this setup be slimmed down or spit up to fit into multiple communicating containers (backpack, suitcase, etc) for team play. I know that it won’t get through turnstiles or down stairs, so I guess that it is supposed to sniff & clone RFIDs of passing transport users? It wasn’t clear in the PDF.

    Reply
  2. zof on said:

    Someone will mistake you for a homeless guy with a bunch of junk in his cart if you dress right. Fact is most of the public/law enforcement doesn’t know what any of that stuff is and will just assume you had a good dumpster dive and are on the way to the recyclers. Heck you might even get hand outs from the same people you steal data from :D

    Reply
  3. Jon Anderson on said:

    Looking through the presentation, you see that everything can be done subtly. Once they discovered that you could enter restricted areas and interact with equipment you shouldn’t even with actual workers around, they brought up the cart as a way to see how far you could push it.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Join the MAKE Forum

// What's Trending

Raspberry Pi Design Contest
Raspberry Pi Design Contest
  • By: Nick Normal
  • Hits: 28228
Seventeen Sneaky Secret Hides
Seventeen Sneaky Secret Hides
  • By: Sean Michael Ragan
  • Hits: 3588
Maker Faire: Day Two
Maker Faire: Day Two
  • By: MAKE Editors
  • Hits: 3469
10 Things to Connect to Your Raspberry Pi
10 Things to Connect to Your Raspberry Pi
  • By: Alasdair Allan
  • Hits: 2788
47 Raspberry Pi Projects to Inspire Your Next Build
47 Raspberry Pi Projects to Inspire Your Next Build
  • By: Nick Normal
  • Hits: 1860
I Have a (Puzzling) Dream
I Have a (Puzzling) Dream
  • By: Gareth Branwyn
  • Hits: 1795
Animatronic Beaker Puppet Lip-Syncs to Tunes
Animatronic Beaker Puppet Lip-Syncs to Tunes
  • By: John Baichtal
  • Hits: 1706

// What's Shared

A better way to slice a pumpkin
A better way to slice a pumpkin
  • By: Sean Michael Ragan
  • Shares: 42287
DIY Nerf Darts
DIY Nerf Darts
  • By: Adam Flaherty
  • Shares: 26601
In the Maker Shed: Minty Boost USB Charger
In the Maker Shed: Minty Boost USB Charger
  • By: Maker Shed
  • Shares: 22029
100 Dollar Store Organization Ideas for Craft Rooms and Beyond
100 Dollar Store Organization Ideas for Craft Rooms and Beyond
  • By: Haley Pierson-Cox
  • Shares: 22013
Mad’s Mouse House
Mad’s Mouse House
  • By: Meg Allan Cole
  • Shares: 13801
Lace Princess Crowns
Lace Princess Crowns
  • By: Meg Allan Cole
  • Shares: 13075
I Have a (Puzzling) Dream
I Have a (Puzzling) Dream
  • By: Gareth Branwyn
  • Shares: 10480
Play the Rings of a Tree Trunk Like a Record
Play the Rings of a Tree Trunk Like a Record
  • By: Matt Richardson
  • Shares: 10250

// Most Commented

Jason Poel Smith Picture
DIY Hacks & How To’s: Get Emergency Power from a Phone Line
  • By: Jason Poel Smith
  • Comments: 39
sample parts
Resin Casting: Going from CAD to Engineering-Grade Plastic Parts
  • By: Michal Zalewski
  • Comments: 34
Don't get me wrong, they're cheap and often get the job done, but they were made to not drive well. They were designed specifically in the early 20th century to cam out when too much force was applied. Now that we have torque-limiting drills this isn't a problem anymore, yet somehow we still use them.
Ten Tips for Screws and Screwdrivers
  • By: Michael Colombo
  • Comments: 27
We use the phrase "two by four" in common parlance, but did you know it's actually 3.5 inches wide? Don't make assumptions on size; always measure first.
Ten Tips for Better Measurement
  • By: Michael Colombo
  • Comments: 19
E59A0674
Makers on TV: Big Brain Theory
  • By: Sabrina Merlo
  • Comments: 13
Arduino Yun
Arduino Announces New Wireless Linux Board
  • By: Andrew Terranova
  • Comments: 12
IMG_4400
Tool Review: BioLite CampStove
  • By: Keith Hammond
  • Comments: 10
Screen shot 2013-05-08 at 12.56.44 PM
Grow: A Portable CNC Router System
  • By: John Baichtal
  • Comments: 10
Makershedad_DOTW_%20Makershields
MAKE
Trending Topics
About Maker Media

Make on Twitter Make on YouTube Make on Pintrest Make on Flickr Make on Facebook Stumble Make Magazine MAKE on Instagram MAKE on Google+

%d bloggers like this: