Blown To Bits

Federal Judge Gags MIT Students — and MIT

Sunday, August 10th, 2008 by Harry Lewis

US District Judge Douglas P. Woodlock has issued a temporary restraining order (pdf¬†here) to MIT students to prevent them from speaking at the DEFCON Conference in Las Vegas about how cracking the fare card systems used by our local mass transit system, the MBTA. According to the MBTA‚Äôs complaint (pdf¬†here), the students were working under the supervision of Professor Ron Rivest of MIT, a pioneering figure in the the modern development of cryptography. The complaint and the restraining order are directed against MIT as well as the three undergraduates, because ‚ÄúMIT has been unwilling to set limits on the MIT Undergrads‚Äô activities.‚Äù Imagine — a university not telling its students to hold their tongues about their discoveries.

The story is covered in the Boston newspapers (Herald story here, Globe story here). The most complete account is in the UK Tech site, The Register.

Prior restraint of speech is serious business, especially for the press and for academic researchers. A quick reading of the documents in this case suggests that this order is wrong. No human lives are at stake here, just the revenues of the MBTA, which are threatened not by the students’ acts but by the MBTA’s technical incompetence.

Ironically, the court has made public a document the students submitted in response to the complaint. This document (PDF here, courtesy of Wired) reveals a great deal of what the students were going to say. Similar information was apparently included in a class presentation that has been publicly available for weeks, and in materials thousands of conference registrants received on checking in. The injunction against speech is, if nothing else, moot.

Though details matter, the students seem fundamentally to have discovered a hole in the security fence and now are being taken to court for their plan to tell people about it. The most gaping hole the students report in the MBTA’s security system is that Charlie Tickets (paper tickets with a magnetic stripe) use a laughably weak form of security, which does not deserve to be called encryption. To guard against someone altering a few bits on the card to increase its value, the card includes a “checksum,” just a sum of all the bits, keeping only the lowest-significance six bits of the sum. If you imagine the data being in decimal rather than binary, this is equivalent to adding up a column of numbers and appending to the column the last two digits of the sum. Then if you wanted to check whether any of the numbers had been altered, you could compute the sum yourself and see that the last two digits matched what was on the card. Of course, if you knew how to alter the checksum too, you could easily defeat this crude check. And with only a hundred possibilities, it’s pretty easy to figure out how the checksum is computed and to forge it as well. (With six bits of checksum, there are only 64 possibilities to test.)

There will be a lot of fallout from this case. To be sure, the students might have used a more academic tease than “Want free subway rides for life?” to draw in an audience. And they may be in hot water for going into the MBTA’s network control rooms in the course of discovering that they were routinely left unlocked — a huge security problem. On the other hand, the statute the MBTA complains the students have violated — the Computer Fraud and Abuse Act — hardly seems applicable. The MBTA is claiming that the transmission of the vulnerability from the lips of the students to the ears of the listeners falls under a statute designed to outlaw fraudulent electronic attacks over computer networks.

At its core, the situation has arisen because the MBTA violated one of the basic principles explained in Chapter 5 of Blown to Bits: Kerckhoffs’s Principle. A security system is more likely to be secure if everyone knows what it is. Keeping the design secret is an invitation to crack it — if the students hadn’t done it, then criminals would. History has countless examples. What the MBTA should have done is to post its security design on its Web site and challenge all the world’s students to crack it. Technologies exist for secure data encryption. Keeping your bright idea on how to do it secret is not the way to get a good design.

The Electronic Frontier Foundation is defending the students. In the meantime, I would note one interesting detail. According to the Register’s report, when the students met with an MBTA representative earlier this week, “The MBTA official made clear the level of concern reached all the way up to the governor’s office.” Governor Patrick has styled himself a champion of personal freedom. Mr. Governor, you can call off the dogs. This is not the way to solve the state’s problems.

2 Responses to “Federal Judge Gags MIT Students — and MIT”

  1. Blown to Bits » Blog Archive » The MBTA Goes High-Tech Says:

    […] publicly the security ¬†deficiencies of the T’s fare card system. (See my previous blog posts here, here, and here.) Last week,the T finally admitted that the students were right: the security of […]

  2. Heartburn Home Remedy Says:

    The style of writing is quite familiar . Did you write guest posts for other blogs?