I’m Shocked! The MBTA Tried To Use The Courts To Cover Up A Security Failure?!

MBTA admits ticket not secure (pdf)

The MBTA acknowledged in court yesterday that its CharlieTicket system is vulnerable to fraud, validating a key finding of three MIT students who drew attention to the security problems as part of a class project.

The admission came during a hearing at which a federal judge lifted a 10-day order barring the students from talking about their findings and denied the MBTA’s request to keep them silent about the most sensitive parts of their research for five months.

[…] “I hope it gives people comfort that they can do security research . . . without fear that they’re going to be dragged into federal court and gagged,” said Cindy Cohn, legal director for the Electronic Frontier Foundation, which is representing the students.

The MIT student paper, The Tech, has a sizeable repository of court documents. See also the EFF MBTA v Anderson page