Business - Written by Ian Da Silva on Monday, August 11, 2008 19:20 - 1 Comment
Hacking the hack – missed opportunity or just doing the “right” thing?
Late last week, newly-famed MIT students Zack Anderson, R.J. Ryan and Alessandro Chiesa were court-ordered to cancel their Sunday presentation entitled “Anatomy of a Subway Hack” at DEF CON , the world’s largest hacker conference. The banned presentation highlighted security weaknesses in the Massachusetts Bay Transportation Authority’s fare system that would potentially allow enterprising individuals with the appropriate technology and process (as intricately outlined in the presentation) to add monetary value to their existing CharlieCard or CharlieTicket to receive free transportation.
The injunction has ignited a debate over the ruling’s merit, which names each of the students as well as MIT in the temporary restraining order. The MBTA has taken issue with the fact that the “students offered to show others how to use the hacks before giving the transit system a chance to fix the flaws”, while the students’ representative from the Electronics Frontier Foundation (EFF) says “the students were simply trying to share their research and planned to omit key information that would make things easier for anyone who actually wanted to hack the payment system.”
In banning the presentation, which had already been distributed to conference attendees, and managed to make its way online, (go figure – handed out at a hacker conference and quickly made its way online) many have questioned whether the ruling has actually made things “worse”, helping the Hack gain increased publicity. According to EFF representative, Jennifer Granick, the ruling also leads down a “dangerous” path whereby “If you prevent legitimate researchers from talking about their findings, it’s not going to stop people from finding vulnerabilities. It’s going to stop the good guys from talking about them and from learning from each other.”
While I’m certainly not proposing anarchy here, I can’t help but wonder – with the knowledge of savvy individuals like Anderson, Ryan and Chiesa, does it make sense to alienate them with such court injunctions? As a result, has the MBTA missed an important opportunity, suppressing potentially valuable conversation that could/would have been a natural follow-on to the presentation, helping improve the MBTA and potentially other systems?
1 Comment
Camilla
Coming soon in paperback! Help rename the paperback version of Macrowikinomics and win a one-hour webinar for you and your colleagues with Don Tapscott. Ends 5:00pm ET, August 31. Learn more.
Business - Oct 5, 2010 12:00 - 0 Comments
DRM and us
More In Business
- Facebook, Facebook, Facebook
- Survey: How are you using Facebook, Twitter, smart phones, and other technology platforms?
- Will Facebook be your CRM provider?
- Wiki Banking
- The importance of being competent
Entertainment - Aug 3, 2010 13:14 - 2 Comments
Want to see the future? Look to the games
More In Entertainment
- Lessons in collaboration from B.B. King’s
- CL!CK – LEGO’s fun social product development platform
- Peer Pressure 2.0: Farmville
- Online gaming more than just fun
- The NFL – The most protective league, attempting to control the uncontrollable
Society - Aug 6, 2010 8:19 - 4 Comments
The Empire strikes a light
More In Society
- Balance: customer receptivity vs. customer revulsion
- The Net Gen: Too plugged-in for parenting?
- Are you addicted to social media?
- The privacy discussion we need to have
- “The Data-Driven Life”: Who’s not interested in discovery?
I suspect the MBTA suppressed the presentation because they either didn’t have or didn’t want to have the money or resources available to fix the bug.