Massachusetts Sues to Halt Defcon Subway Hacking Talk

According to CNET, "The state of Massachusetts has asked a federal judge for a temporary restraining order preventing three MIT students from giving a presentation on Sunday about hacking smartcards used in the Boston subway system." It'll be interesting to see whether Dutch-style openness or Soviet-style secrecy prevails in Las Vegas. Update: 08/09 20:57 GMT by T : "Too late," says reader Bluey: "Injunction was already granted."

Re:oh good... let's all bury our heads...

[CastrTroy]

What I want to know is how a system like this is even possible. Why should the value available on a smart card actually be something that can be changed by the person holding the card. Shouldn't the card just have an ID, and that ID is tied to an account, which is tied to a person. Maybe put the amount on the card, so the bus doesn't have to call home every time someone steps on a bus, but at least keep all transactions in a database so they can check for fraud after the fact. It seems like the way they have it set up, would be the equivalent of having your bank account balance completely controllable by modifying the information on your bank card. Even retail stores have this figured out so that their gift cards only hold a number, and the actual value on the card is stored in some computer database.