MA Court blocks MIT students from showing MBTA hack

A U.S federal judge in Massachusetts has ordered three MIT students to cancel a presentation for Sunday (8/11) at the infamous Defcon hackers’ conference in Las Vegas.  The students planned to show security flaws in the automated fare system used by Boston’s very own Massachusetts Bay Transit Authority (MBTA) subway system (called the Charlie Card). The MBTA sued the students and MIT in United States District Court in Massachusetts on Friday, claiming that the students violated the Computer Fraud and Abuse Act (CFAA) by delivering information to conference attendees that could be used to defraud the MBTA of transit fares.  (We will talk about the CFAA more in class)

The temporary restraining order (full text pdf), issued by a Massachusetts U.Sdistrict court judge prevented the college students from demonstrating how to use the vulnerabilities to get free rides. 

The Electronics Frontier Foundation (EFF), which is representing MIT students Zack Anderson, R.J. Ryan and Alessandro Chiesa, plans to fight the order, said Jennifer Granick, the group’s civil liberties director.  Granick also said that that the students were simply trying to share their research and planned to omit key information that would make things easier for anyone who actually wanted to hack the payment system.  More coverage. 


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s