EmailSafety.net - Gag order against MIT students gets another day in court

Gag order against MIT students gets another day in court

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Recent News

A federal judge in Boston will decide on Tuesday whether to extend or let expire a restraining order enjoining three students at MIT from publicly speaking about security flaws they discovered in the electronic fare-payment system used by the city's mass transit agency.

The 10-day gag order was imposed by another judge on Aug. 9, one day before the three students were scheduled to detail the flaws in a presentation at the Defcon hacker convention in Las Vegas. The order was issued in response to a motion by the Massachusetts Bay Transportation Authority (MBTA), which sued both MIT and the students, claiming that they hadn't given it enough time or information to assess and mitigate the vulnerabilities.

The agency argued that the presentation would cause "significant damage to the MBTA's transit system" by describing a variety of techniques that could be used to ride for free ? for instance, by adding fares to the MBTA's smart cards and electronic tickets without paying for them.

The Electronic Frontier Foundation, a high-tech civil rights group that is representing the three students, last week filed a motion asking U.S. District Judge George O'Toole to lift the restraining order, which the EFF said violated the students' First Amendment rights to free speech. But O'Toole, who will preside over Tuesday's 10:30 a.m. EDT hearing, refused to lift the order and instead asked the three students to submit additional information related to their research, as requested by the MBTA.

Related Content

Among the arguments that attorneys at the EFF are likely to make for lifting the order are the following:

Much of the vulnerability information is already in the public domain and common knowledge within the security community. The slides that the students put together for their aborted Defcon presentation were included on a CD given to Defcon attendees and have been posted online. And the MBTA itself released many of the details in a court document as part of its lawsuit against the students.

The three undergrads, who discovered the security holes in independent penetration tests that they did as part of a class project, have repeatedly assured the MBTA that they won't publicly disclose the level of detail needed for anyone to actually take advantage of the vulnerabilities.

For more enterprise computing news, visit For more gaming news, visit GamePro. http://www.gamepro.com/ Story copyright GamePro Media."http://www.computerworld.com/">Computerworld. Story copyright Computerworld, Inc.

Recent News:

· McColo takedown: Vigilantism or Neighborhood Watch?
· Spam drop could boost Trojan attacks
· Hosting firm shutdown forces botnets to relocate
· ISP cut off from Internet after security concerns
· Spam plummets after hosting service shuttered

Site Map | Recent News | Related Sites