Announcement

Collapse
No announcement yet.

MBTA and MIT

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    MBTA and MIT

    http://www.groklaw.net/article.php?story=20080811193752264

    http://www.groklaw.net/article.php?story=2008081309502119


    The Massachusetts Bay Transportation Authority is trying to CYA with respect to "computer security." This will be an interesting case to follow.
    But here's the kicker. The MBTA filed the students' report as an exhibit with PACER, which included the confidential information the students had deliberately excluded from their presentation, thus making it publicly available to the world. The students' attorney, Jennifer Gralnik, writes to the MBTA suggesting they urgently remove it. Which they have, from all I see. You can read her email in this exhibit [PDF] on the last two pages. :lol:

    The MBTA website is http://www.mbta.com/. The TRO is http://www.groklaw.net/pdf/MAMITTRO.pdf. The clueless judge is Doug Woodlock. My guess is that this TRO is overturned on appeal. (Who needs the First Amendment anyway?)


    The MIT Students have now filed their response to the Massachusetts Bay Transportation Authority's Motion to Modify the terms of the temporary restraining order it got from the court. There is also a letter from a group of computer science professors and computer scientists in support, along with two declarations and exhibits. They ask that the court reconsider and vacate the TRO to allow the students to publish their research for three reasons, which could be summed up as on the basis of "changed facts and manifest errors of law":
    (1) the order is an unconstitutional prior restraint on First Amendment protected speech about their academic research,
    (2) the Computer Fraud and Abuse Act does not prohibit communication of information about computers or computer security, and
    (3) the MBTA's publication of the defendants' research and presentation slides undermines its claim to injunctive relief.
    Some posts are not visible to me. :peaceful:
    Don't worry too much about it. Just do all you can do and let the rough end drag.
    Tags: None
  • #2
    In addition, the MBTA issued a statement today to the Boston Globe:
    "There have been claims in the past that have been made against our card or other cards, and, happily, they've all been able to be dismissed or dealt with," said Daniel A. Grabauskas, general manager of the Massachusetts Bay Transportation Authority. "I'm confident it will be the same thing here."
    This statement illustrates the First Amendment problems of the temporary restraining order. Due to the unconstitutional prior restraint obtained by the MBTA, the students are unable to respond substantively to this statement and meaningfully participate in the public debate over whether the MBTA uses adequate security measures.
    MIT Students' Response to MBTA Statements
    http://www.eff.org/deeplinks/2008/08/mit-students-response-mbta-statements
    Yesterday, the Massachusetts Bay Transportation Authority issued a statement to CNET that misrepresents the facts leading up to the MBTA's lawsuit against three MIT students. The statement said: A week ago, the MBTA learned about the presentation to be made at the conference, and immediately...



    Computer security is important. Many companies would rather hide their heads in the sand than actually fix problems.
    Some posts are not visible to me. :peaceful:
    Don't worry too much about it. Just do all you can do and let the rough end drag.

    Comment

    • #3
      http://www.groklaw.net/article.php?story=20080819142913408

      "Kurt Opsahl of EFF has just announced that the restraining order on the MIT students has been lifted:"

      So the attempt to stretch the Computer Fraud and Abuse Act has failed. Please read the statute for yourself, and ask yourself: do you want talking about computers and security to become a crime punishable by fines and imprisonment and subject to FBI and Secret Service oversight? That's what almost just happened. You can find the documents in MBTA v. Anderson here. If you read the MBTA's complaint, you'll find the allegations of violations of the CFAA on page 12. I think you'll find the MBTA interpretation of the statute shocking ("... the damage constitutes a threat to public health and safety... affects a computer system used by a government entity for national security purposes..."). The research was about getting a ride on a subway for free. In any case, the judge didn't buy it, with respect to the restraining order.
      Some posts are not visible to me. :peaceful:
      Don't worry too much about it. Just do all you can do and let the rough end drag.

      Comment

      • #4
        [Update: The MBTA had sought to convert the temporary restraining order into a preliminary injunction to last for five months, to give them time to fix the vulnerabilities -- here's the motion [PDF] -- and that was denied. It's worth reading, this motion, if only to see why this thing swirled out of logical bounds. One issue is that when the MBTA hears the word hacker, they seem to think it means cracker, and they viewed the DefCon conference as a meeting where people go to learn how to break in to other people's stuff, which naturally panicked them. And they seem to imagine that using Wireshark, which used to be called Ethereal, is "illegal activity", as you can read on page 25. Nor did they understand geek humor. Just a real culture clash, with misunderstandings that led to litigation that now seems to be resolvable, now that the MBTA's attorney says he wants to meet with the students, to learn more about their research findings.]
        http://www.groklaw.net/article.php?story=20080819142913408
        Some posts are not visible to me. :peaceful:
        Don't worry too much about it. Just do all you can do and let the rough end drag.

        Comment

        Previous template Next
        Working...
        X