Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
A Judge has granted a restraining order against three students who were due to present a talk detailing vulnerabilities in the electronic ticketing system of the Massachusetts Bay Transportation Authority at the Defcon 16 hacker conference over the weekend...
The annual Defcon security and hacking conference can always be pretty
much guaranteed to cause some kind of media stir. Usually down to the
nature of the exploits being demonstrated by 'security researchers'
during the event.
Defcon 16, however, is unique as far as I can
tell in that the big controversy is about a demonstration that did not
happen.
On Friday, the Massachusetts Bay Transportation Authority filed a legal
suit in a federal court to get a temporary restraining order preventing
a bunch of Massachusetts Institute of Technology students from detailing
security vulnerabilities in the mass transit system ticketing
technology.
The filing sought to prevent the students from 'publicly stating or
indicating' that electronic passenger tickets were compromised until
such a time as the transportation authority had a chance to fix those
same flaws. The argument being that the transit system would be
irreparably harmed otherwise.
Zack Anderson, Alessandro Chiesa and RJ Ryan were to give their talk
"The Anatomy of a Subway Hack: Breaking Crypto RFIDs & Magstripes
of Ticketing Systems" on Sunday. This would have discussed how they
reverse engineered the fare collection system, specifically the
magnetic stripe on tickets as well as the smartcard ticket used in
Massachusetts.
However, District Judge Douglas P. Woodlock granted the temporary
restraining order preventing them from giving the speech and
demonstration. In fact, the order prevents them from disclosing any
information that could be used by others to get a free subway ride for
a period of ten days.
The decision has been described by the Electronic Frontier Foundation, which is representing the
students, as "an illegal prior restraint on legitimate academic
research in violation of the First Amendment" and goes on to warn that
"squelching research and scientific discussion won't stop the
attackers."
Zack Anderson says "We wanted to share our academic work with the
security community and had planned to withhold a key detail of our
results so that a malicious attacker could not use our research for
fraudulent purposes. We're disappointed that the court is preventing us
from presenting our findings even with this safeguard."
The daft thing is that the kind of vulnerabilities that were to be
discussed are fairly well known within both the security research and
hacking communities. Indeed, the vacant Defcon speaking slot was
quickly filled by a Dutch security consultant.
His topic? Vulnerabilities in transit fare cards...
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
LATEST HEADLINES FROM YOUR IT
