"“We have lent a huge amount of money to the U.S. Of course we are concerned about the safety of our assets. To be honest, I am definitely a little worried.” "

Chinese premier Wen Jiabao 12th March 2009

""We have a financial system that is run by private shareholders, managed by private institutions, and we'd like to do our best to preserve that system."

Timothy Geithner US Secretary of the Treasury, previously President of the Federal Reserve Bank of New York.1/3/2009

Sunday, August 10, 2008

Massachusetts Bay Transportation Authority get injunction to prevent hackers disclosure of Charlie Card security flaws at DEFCON show in Las Vegas

The Massachusetts Bay Transportation Authority (The T)uses a Charlie Card for their touch free payment electronic payment systems. This uses the NXP/Philips' MIFARE standard 1k chips provided by G&D and Schlumberger - Sema and the card is a contactless radio transmitter / receiver. Nearly half a million dollars are collected every weekday by riders on the subway using these cards.

This RFID chip has been hacked by Dutch academics and recent failures of Transport for London's Oyster card may be the result of hackers exploiting the architecture and systems that have been revealed by them.

There is a DEFCON hacker convention due today. DEFCON , founded in 1993, has a website and claims on its website, http://www.defcon.org/ to be the oldest continuously running hacker convention in the world, drawing 3,000 to 5,000 people annually. It began Friday at the Riviera Hotel & Casino in Las Vegasand runs through to today.

They have advertised a presentation by 3 Massachussets Institute of technology students (Zack Anderson, R.J. Ryan, and Alessandro Chiesa) initially on the DEFCON site - "Want free subway rides for life?" T officials then contacted the students and the university, arranging a meeting last week. After the meeting, In which it appears it was stated that the FBI were also inviolved, in an apparent conciliatory gesture, the students changed the first line of the posting to read, "The anatomy of a subway hack." See below for details.

The T is sueing the named students claiming their plan to unmask potential security flaws in the CharlieCard and Charlie- Ticket systems at a Las Vegas computer conference would cause "significant damage to the transit system."

The T was granted a 10 day injunction yesterday in the US District Court in Boston by Judge Douglas Woodlock at 8 am Saturday that barring the 3 named students from presenting their methods and findings at the DEFCON hacker convention today. He ordered them not to provide "program, information, software code, or command that would assist another in any material way to circumvent or otherwise attack the security of the Fare Media System."

The MBTA allege in documents presented to the court that the trio claimed to have circumvented the security protocols of the electronic ticketing system. The suit alleges the students publicly offered "free subway rides for life" to people over the Internet, and planned to show others how to duplicate their methods at a DEFCON presentation.

The lawsuit was also spreading their flak by naming MIT as a defendant, saying the school failed to "instruct and guide the MIT undergraduates to responsibly disclose information concerning perceived security flaws."

A computer security researcher, Eric Johanson, defended the students in a statement filed in court by and on behalf of MIT, saying none of the information they were planning to disclose was new.

Johanson also said that computer security researchers need to openly discuss the flaws they find in real-world systems so better ones can be built.

He added that "prohibition of open discussion of security vulnerabilities greatly harms the ability of researchers to function and has a chilling effect not only on publication, but on whether some important research is done in the first place, greatly stifling scientific advancement."

The T is seeking , as yet unspecified financial damages , plus an extended injunction to prevent the trio from releasing their findings until it can plug any possible security holes - if there are any.

The T is not sure there is a security problem (Oh yes there is !!) , but the 10-day injunction will provide time to find out. Lydia Rivera, a T spokeswoman says "The injunction is allowing us to review the research that they have and see if there is any validity to their findings, and take corrective action, if any is even necessary."

The injunction was a bit late as every person registering for Defcon (several thousand) received a CD with the students' 87-page presentation titled "Anatomy of a Subway Hack." It recounts, in detail, how they wrote code to generate fake magcards. Also, it describes how they were able to use software they developed and US$990 worth of hardware to read and clone the RFID-based CharlieCards. This apparently enables cloning of cards with a value up to US$655.36.

The distribution of the CD's commenced on Thursday evening, meaning the injunction arrived nearly two days late. (On the other hand, the source code to the utilities--not included on the CD--was removed from www.web.mit.edu/zacka/www/subway/ by Saturday morning.)

The whole 87 page document is available (Sunday night 1500 EST) here as a pdf file
http://www-tech.mit.edu/V128/N30/subway/Defcon_Presentation.pdf it really is a remarkable document - better than the Da Vinci code and probably in the wrong hands is a recipe for all sorts of naughty games. No doubt there will be foolish people who will make copies and distribute them. Likely available on e-bay already. Mirrors have already popped up at

There are more mirrors over at Cryptome

This is what DEFCON advertised as at the top of the post - click as Gemma advises to enlarge

The Anatomy of a Subway Hack:
Breaking Crypto RFID's and Magstripes of Ticketing Systems

Zack AndersonStudent, MIT
RJ RyanStudent, MIT
Alessandro ChiesaStudent, MIT

In this talk we go over weaknesses in common subway fare collection systems. We focus on the Boston T subway, and show how we reverse engineered the data on magstripe card, we present several attacks to completely break the CharlieCard, a MIFARE Classic smartcard used in many subways around the world, and we discuss physical security problems. We will discuss practical brute force attacks using FPGAs and how to use software-radio to read RFID cards. We survey 'human factors' that lead to weaknesses in the system, and we present a novel new method of hacking WiFi: WARCARTING. We will release several open source tools we wrote in the process of researching these attacks. With live demos, we will demonstrate how we broke these systems.

Zack Anderson is studying electrical engineering and computer science at MIT. He is an avid hardware and software hacker, and has built several systems such as an autonomous vehicle for the DARPA Grand Challenge. Zack is especially interested in the security of embedded systems and wireless communications. He has experience building and breaking CDMA cellular systems and RFID. Zack has worked for a security/intelligence firm, and has multiple patents pending. He enjoys building systems as much as he enjoys breaking them.

R J Ryan is researcher at MIT. His longtime passion for security has resulted in a number of hacks and projects, including a steganographic cryptography protocol. RJ works on a number of technical projects ranging from computer security to operating systems, distributed computation, compilers, and computer graphics. He enjoys learning how things work, and how to make things work for him.

Alessandro Chiesa is a Junior at MIT double majoring in Theoretical Mathematics and in Electrical Engineering and Computer Science. Born and raised in Varese,Italy, he came to MIT with interests in computational algebraic geometry, machine learning, cryptography, and systems security. He has authored papers such as "Generalizing Regev's Cryptosystem", which proposes a new cryptosystem based on shortest vector problems in cyclotomic fields. He is currently working with Oracle's Database Security group.

These guys are not crooks.

Public Transport systems relying on the Mifare chip had better get their act together - fast. This is their wake - up call. Anyone listening at TfL ?

MIT students R.J. Ryan, Alessandro Chiesa and EFF attorney Marcia Hofmann talk about the injunction.


Anonymous said...

There was a small column inch or 2 in Saturday's Guardian that said that the Oyster system is being discontinued on London Underground.

Does anyone know when Oyster was first implemented in London Underground?

ziz said...

The Contract with Transys was about 2000 as it is being cut off after 10 years in 2010. IT has been going citywide on tubes for 5/6 years and is still being implemented on buses.

The Barclay smart card is still on very limited trials.

The Kids free card has just started - before that they paid standard fares.

(C) Very Seriously Disorganised Criminals 2002/3/4/5/6/7/8/9 - copy anything you wish