Transparency On The Bailout? Banks: No Thanks!

MBTA Will Work With MIT Students, Rather Than Suing Them, To Improve Security

from the a-good-move,-a-little-late dept

Tue, Dec 23rd 2008 3:57am — Mike Masnick

You may recall, back in August, that the Massachusetts Bay Transportation Authority convinced a judge to ban the Defcon presentation by three MIT students, showing how weak the security was on the Boston transit system, and how easy it was to get past it. Of course, in trying to ban the talk, the MBTA only succeeded in getting a lot more attention for its own security vulnerabilities -- and, in the end, the judge lifted the gag order anyway, allowing the students to present their research.

The good news is that the MBTA has now dropped the lawsuit and done what it should have done in the first place: agreed to work with the students to come up with ways to improve security. It's good that they eventually came to this conclusion -- though still mind-boggling that they went down the legal route first.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: bans, defcon, mit, obscurity, security, subway
Companies: mbta

11 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

ExGovernmentWorker, 23 Dec 2008 @ 5:08am

Lazy
Thats because the lazy poop heads who work for the transit authority didn't want to have to get off their lazy butts to fix an issue, instead they'd rather waste tax money going the law route to stop people from knowing about the insufficient security which potentially puts all of the boston areas citizens in danger. But, hey; its not like they are any different from any other govt. entity.
[ link to this | view in chronology ]
Ima Fish, 23 Dec 2008 @ 5:21am

Only in a government bureaucracy could this conversation occur:

"Hey boss, great news, some MIT students want to help us fix our security issues."

"Damn them to hell, we're going to sue their asses."
[ link to this | view in chronology ]
Trial, 23 Dec 2008 @ 5:29am

Fire
A least MBTA seems to be learning a thing or two. Bash them if you want, but it is a giant step forward. Perhaps they will begin to appreciate their local assets as something more than an animal house frat.
[ link to this | view in chronology ]
Anonymous Coward, 23 Dec 2008 @ 7:59am

I'd be pissed
If I did some work revealing security flaws, got sued over it, then the suit was dropped and they asked me to help them fix their system ... I'd tell them to go to hell unless I was desperate for some paid work
[ link to this | view in chronology ]
SeaTec, 23 Dec 2008 @ 8:18am

Im am sincerely hoping that our 3 letter agencies have hackers employed trying to constantly gan access to our secured sites. It woudl also be nice to have a group of goverment people testing various other enteties like Social security and health care institutions to see if they are hardened against attacks. What about our power grid for instance? If i where to attack the US id attack the poer grid first and then go after other assets. no epxensive bombs needed, just a person wiht skillz and a grudge.
Now don't be putting me on the list now boys. you hear?
[ link to this | view in chronology ]
You never know, 23 Dec 2008 @ 9:16am

The MBTA had better move quick and hire this kids. They seem to be doing a better job than than thier own IT Dept. LOL.
[ link to this | view in chronology ]
ExGovernmentWorker, 23 Dec 2008 @ 10:25am

RE: Lazy
I do applaud them for finaly doing the right thing and turning to them for help with fixing the system. (after wasting some tax money doing the wrong thing) At least the system will be fixed now. Most stubborn Govt. Authority's would probably continue on the court rout. (maybe if it wasn't for this judge it still would be in the courts-props to the judge too) anyway, this is hopefully a step towards a more secure network, however small the step may be. I for one am not a hacker or a programmer but I do see the big picture clear enought to see the worth of exploiting the loop holes in a non-destructive matter so that the loop holes get closed. Someones gotta point out the breaks before someone else with less desirable intentions exploits them.
[ link to this | view in chronology ]
smackemgood, 23 Dec 2008 @ 12:14pm

MBTA: We're sorry, would you help us plug these flaws, please?

MIT Students: Why sure we will (wink, wink)..:)

Hope they leave some backdoors for themselves for when and if the MBTA has another genius attack...
[ link to this | view in chronology ]
- Anonymous Coward, 23 Dec 2008 @ 3:46pm
  
  Other possible responses.
  "Sure. Our presentation will be available at http://.... From there, your technical staff should be able to work out a solution to the loophole described in the document."
  "We would like meet in order to discuss the terms of the contract and your organization's contractor pay rates."
  [ link to this | view in chronology ]
Mark Regan, 23 Dec 2008 @ 1:55pm

My Book On How To Assassinate The President - Tips For Terrorists
Old News. The Secret Service and Homeland Security Depts went to court and obtained a restraining order prohibiting me from publishing my book way back in 2004.

The restraining order is active until January 20, 2009, but there won't be a market for my book after that date, except for maybe a few racists, and MY book was written specifically to appeal to Moslems and Arabs.

Our government claims to be FOR private enterprise and to reward initiative, but see what four years of hard labor on my book got me? A restraining order.

I empathize with those MIT students. Let those terrorists fend for themselves. We certainly don't want to give them a roadmap to make it easy for them to bring us to our knees. That is one reason why mass transit systems run at irregular times, to keep them off balance.

Terrorists would not have had to resort to shoe throwing if they had been allowed access to my book. They would have found out that the best way to remove the incumbent President would be to encourage him to go hunting with his Vice President.
[ link to this | view in chronology ]
sprearson81 (profile), 9 Jun 2012 @ 6:28am

Just sue em, they deserve it!
[ link to this | view in chronology ]