ACM TechNews
Judge Refuses to Lift Gag Order on MIT Students in Boston Subway-Hack Case
Computerworld (08/14/08) Vijayan, Jaikumar
A trio of Massachusetts Institute of Technology (MIT) students discovered
several security vulnerabilities in the electronic ticketing system used by
Boston's mass transit authority, but they are not allowed to publicly
discuss these vulnerabilities because of a temporary restraining order that
U.S. District Judge George O'Toole refused to lift at the latest hearing on
Aug. 14. The gag order will remain in effect until at least Aug. 19, when
O'Toole is scheduled to hold another hearing on the case. The Electronic
Frontier Foundation (EFF) says O'Toole asked the students to submit a copy
of a class paper in which they detailed the vulnerabilities, along with
copies of the programming code that they included in a planned presentation
to demonstrate how the Massachusetts Bay Transportation Authority's
(MBTA's) e-ticketing system could be hacked. The gag order was granted
when the MBTA filed suit to prevent the disclosure of the vulnerabilities,
arguing that it was forced to seek court intercession because neither MIT
nor the students had provided it with sufficient information to evaluate
the vulnerabilities that were about to be publicly revealed at the Defcon
hacker convention. The EFF filed a motion in court requesting that O'Toole
lift the order, contending that it constitutes a violation of the students'
First Amendment rights as well as a prior restraint on free speech. The
decision to issue the restraining order was sharply criticized by Carnegie
Mellon University professor David Farber, who says he found the move
especially deplorable in view of the fact that the students' paper was
vetted by MIT professor Ron Rivest.
http://www.computerworld.com/action/
article.do?command=viewArticleBasic&art icleId=9112641&intsrc=hm_list
© Copyright 2008 Information, Inc. This service may be reproduced for internal distribution.