Network devices

If MIT students ride your subway system, you’d better beef up network security

Shocking news: The RFID fare card system that the Massachusetts Bay Transportation Authority (MBTA) uses on its buses and subway is totally hackable.

This past weekend, three Massachusetts Institute of Technology (MIT) students (Alessandro Chiesa, RJ Ryan, and Zack Anderson) were supposed to deliver a presentation at Defcon, a hacker conference in Las Vegas, about how they hacked the MBTA’s “Charlie Card” fare card system. They created software that allowed them to create clones of the RFID cards that could allow them to ride for free on the transit system forever.

They made one mistake. Before delivering their presentation, they met with MBTA officials to warn them about the transit system’s insecurity and to offer tips on how to protect it. The MBTA responded by seeking and winning a court injunction, preventing the students from presenting their findings.

However, the injunction didn’t come through until after the students had already distributed copies of their PowerPoint presentation to all Defcon attendees. Those slides are now available online via The Tech, MIT’s student newspaper.

The slides reveal some very disturbing but unsurprising pieces of information. For instance, the turnstile control boxes in Boston’s subway stations are often unlocked and wide open. High-tech surveillance stations are often left unattended (I’ve seen this myself many times at the Back Bay T station.). Official MBTA materials, such as MBTA inspector coat patches, MBTA hats and MBTA license plates are available on eBay. The students were even able to find an unlocked room where the network switches that connect fare card vending machines to the MBTA’s internal network are located.

Was the MBTA trying to get hacked? Look at the photographs and see for yourself.

This should come as no surprise. After all, this is an organization that is running a $75 million deficit, despite a 27% fare increase in January 2007 and a 6.1% increase in ridership during the last fiscal year. Does anyone expect them to run a tight ship?

Any organization in Boston should be on its toes at all times. MIT is known for its hacking hijinx. Just look at the school’s own website, where you can find a gallery of Interesting Hacks to Fascinate People.

Open mobile devices get the most market penetration

To be a player in the mobile device or network appliance game, having an open platform is a must, according to MLB.com CEO Robert Bowman at the Mobile & Wireless World conference keynote last week.

In a closed device platform, content providers have to go through a carrier to get to the pipe to get to their consumers. In an open device platform, the content providers go straight to the pipe which goes to their consumers — and this eliminates the middle man.

Take the two most popular enterprise and consumer devices right now: the BlackBerry and the iPhone. It’s not a mistake that they’re popular. Bowman explained that the “iPhone and BlackBerry are considered the most open devices,” and that plays a factor in which devices will live longer.

In addition to a longer shelf-life, these devices also have the potential for greater market penetration in coming years. According to Bowman, by 2013, 3G phone penetration will rise from 9% to 27% in the U.S.

Along with this, average revenue per user (ARPU) for data will rise 21% to 75% in the next five years — so after your kid graduates high school, you’ll no longer be talking on your device; texting will take over the majority of your communication.

As mobile devices grow stronger in their coverage and market share, they’ll grow proportionately in the stronghold of our lives.

“How many times do you think you will look at this device?” Bowman asked, holding up a gleaming BlackBerry to his audience. It’s shiny; it’s aesthetically pleasing…

“It’s like your watch,” he explains: It will catch your eye, so you’ll look down at it. You’ll be bored, so you’ll look down at it. When someone asks you what time it is, you’ll have to look back down at it even though you’ve just looked at it because you didn’t think to read it…and this is how it will be with your BlackBerry he says.

The BlackBerry will be something you will look at 500 times a day,” Bowman calculated.

Think of all that face value time you’ll have with your device! I can only imagine what Craig Raine (author of “A Martian Sends A Postcard Home“) would have to say about our phones now:

“In homes [briefcases?], a haunted apparatus sleeps,
that snores [lights up??] when you pick it up.

If the ghost cries, they carry it
to their lips and soothe it to sleep

with sounds. And yet, they wake it up
deliberately, by tickling with a finger. “