Massachusetts Bay Transportation Authority v. Anderson et al
Filing
20
EXHIBITS one thru eight re 2 MOTION for Temporary Restraining Order by Massachusetts Bay Transportation Authority. (Attachments: # 1 Exhibit Two, # 2 Exhibit Three, # 3 Exhibit Four, # 4 Exhibit Five, # 5 Exhibit Six, # 6 Exhibit Seven, # 7 Exhibit Eight)(Edge, Eugenia)
<![CDATA[
Massachusetts Bay Transportation Authority v. Anderson et al
Doc. 20
EXHIBIT 1
Dockets.Justia.com
Page 1 of2
From: Sent: To: Cc:
Manuel Albers [manuel.albers@nxp.com] Wednesday, July 30, 2008 5:53 PM shenderson@mbta.com Fluegge.Wolfgang@Scheidt-Bachmann.de; bhoene@scheidt-bachmann-usa.com
Subject: Boston Charlie Card Hack Demo subject at speach at upcoming Defcon conference in August Scott,
FYI: Today we learned about a conference (Defcon) at which a team of MIT students intends to demo a Charlie Card Hack. Of special concern is the announced intent to release open source tools required to perform the attacks: http://defcon.org/html/defcon-16/dc-16-speakers.html#Anderson
The Anatomy of a Subway Hack:
Breaking Crypto RFID's and Magstripes of Ticketing Systems
Zack Anderson
Student, MIT RJ Ryan Student, MIT Alessandro Chiesa Student, MIT
Want free subway rides for life? In this talk we go over weaknesses in common subway fare collection systems. We focus on the Boston T subway, and show how we reverse engineered the data on magstripe card, we present several attacks to completely break the CharlieCard, a MIFARE Classic smartcard used in many subways around the world, and we discuss physical security problems. We will discuss practical brute force attacks using FPGAs and how to use software-radio to read RFID cards. We go over social engineering attacks we executed on employees, and we present a novel new method of hacking WiFi: WARCARTING. We will release several open source tools we wrote to perform these attacks. With live demos, we will demonstrate how we broke these systems. Zack Anderson is studying electrical engineering and computer science at MIT. He is an avid hardware and software hacker, and has built several systems such as an autonomous vehicle for the DARPA Grand Challenge. Zack is especially interested in the security of embedded systems and wireless communications. He has experience building and breaking CDMA cellular systems and RFID. Zack has worked for a security/intelligence firm, and has multiple patents pending. He enjoys building systems as much as he enjoys breaking them. RJ Ryan is researcher at MIT. His longtime passion for security has resulted in a number of
7/31/2008
Page 2 of2
hacks and projects, including a steganographic cryptography protocol. RJ works on a number of technical projects ranging from computer security to operating systems, distributed computation, compilers, and computer graphics. He enjoys learning how things work, and how to make things work for him. Alessandro Chiesa is a Junior at MIT double majoring in Theoretical Mathematics and in Electrical Engineering and Computer Science. Born and raised in Varese,Italy, he came to MIT with interests in computational algebraic geometry, machine learning, cryptography, and systems security. He has authored papers such as "Generalizing Regev's Cryptosystem", which proposes a new cryptosystem based on shortest vector problems in cyclotomic fields. He is currently working with Oracle's Database Security group.
Please let me know if we can support you in any way. Best regards, -Manuel Albers Director, Regional Marketing Americas & BU A&I - Sales & Marketing - Identification & NXP Semiconductors (P) +1.802.497.0888 & (C) +1.401.359.4999 & (F) +1 866.333.2976 & http://www.NXP.com & ( f o u n d e d by Philips) The information contained in this message is confidential and may be legally privileged. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, dissemination, or reproduction is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
7/31/2008
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
