login join help ad

September 01, 2008

PEER REVIEW OF THE MIT/MBTA "HACK" - PART 1

I asked The Goose to comment on this story and on my comments. Here's his reply:

Steve Wozniak and Steve Jobs once used a Blue Box to get a free long distance phone call to the Vatican. Woz then impersonated Henry Kissinger and asked to speak with the Pope.

Shouldn't they both be arrested for stealing and harassment? Shouldn't Woz be arrested for impersonating a diplomat? Shouldn't Joe "Joybubbles" Engressia and John "Cap'n Crunch" Draper also be convicted for developing and distributing this technology? Probably not.

The key difference between now and then is the internet. Back then, information about hacks and exploits traveled very slowly. You either had to know somebody directly or be subscribed to local electronic magazines. In today's world, these three students can instantly reach an audience of millions. The MBTA is worried about the speed with which this information will spread. Of course, the MBTA shot themselves in the foot. From the article:

"Ironically, the document reveals more about the vulnerability in the MBTA system than the slides that the restraining order sought to suppress contain. The vulnerability assessment report is now available for anyone to download from the Massachusetts court's electronic records system."

I will agree that this is not really protected under Free Speech. That is a pretty flimsy and rushed defense. But I believe the MBTA should have been much more discreet about this. They have only succeeded in propagating the Streisand Effect. There is a bunch of "he said, she said" in the Wired article, but it seems that the trio of students were trying to cooperate with the MBTA. Making a big stink of this has brought the EFF and a host of others to the defense of the students.

So while the students' actions are unfavorable, I think this whole thing has been blow out of proportion. The only punishable action, I think, was the social engineering they committed. Unfortunately, the handful of articles I read regarding this court case were quite vague on what actions constituted "social engineering". Some say they broke into secure areas; others say they distracted guards while another student scanned a turnstile. Breaking and entering is not tolerated, even for student shenanigans.

So, to summarize, I don't think the students actions were particularly bad or evil (except for the supposed breaking and entering). I think the MBTA could have handled this better. I also think the Free Speech defense is bologna and be should thrown out (which it won't because Free Speech cases always take forever).

That is what I think.

Part 2 here

Posted by: JBD at 01:37 PM | No Comments | Add Comment
Post contains 432 words, total size 4 kb.

Post is locked.
8kb generated in CPU 0.01, elapsed 0.0516 seconds.
23 queries taking 0.0434 seconds, 28 records returned.
Powered by Minx 1.1.6c-pink.