Mobile security company Intrepidus Group presented evidence during the EUSecWest security conference potentially identifying a major flaw in at least two US transit systems. Creating an Android app named "UltraReset" and using it in tandem with an NFC-enabled Android phone (a Nexus S, in this case), security researchers Corey Benninger and Max Sobell were able to reset and reuse -- free of charge -- transit access cards in both San Francisco's MUNI system and New Jersey's PATH system. Before you go getting any bad ideas, know that Benninger and Sobell haven't released the app for public use, and warned both transit systems in late 2011 (though neither region has fixed the exploit, the duo claim). PATH and MUNI share a common chip access card -- the Mifare Ultralight -- which can apparently be reset for 10 extra rides (as demonstrated on video below) via Android phones with NFC, an OS newer than 2.3.3 (Gingerbread). Starting to sound familiar?
Intrepidus is, however, releasing a modified version of the app, named "UltraCardTester." The modified app functions just like its nefarious progenitor, except it can't add time to cards (see it in action below). The app can tell you how many rides you have left, and if a system is open to exploit, but it won't assist you in the act of exploiting. We reached out to both New Jersey's PATH and San Francisco MUNI on the issue, but have yet to hear back as of publishing.
Continue reading Security researchers identify transit system exploit in San Fran and New Jersey, create app to prove it
Filed under: Cellphones, Transportation, Wireless, Software, Mobile
Security researchers identify transit system exploit in San Fran and New Jersey, create app to prove it originally appeared on Engadget on Sun, 23 Sep 2012 19:48:00 EDT. Please see our terms for use of feeds.
Permalink |
IDG News Service |
Email this |
Comments
Lyft's public transit directions are available on the company's home turf. Its app now includes routes, schedules and trip planning for public transportation in the San Francisco Bay Area, giving you an easier way to minimize car use. You can grab...
Over the weekend, San Francisco's transit system was hacked by an individual (or group) going by the name Andy Saolis. The attack forced the city to offer Muni rides for free while its staff raced to rectify the breach on its servers. But while Saoli...
Looks like San Francisco refused to give in to transit system hackers trying to hold the city for ransom. In a conversation with Motherboard, the attackers (still going by "Andy Saolis") have threatened to expose 30GB of Muni databases and documents...
San Franciscans just got an all-too-real demonstration of what it's like when hackers attack urban infrastructure. The city's Municipal Transportation Agency has confirmed that the Muni station computer system was hacked, leading officials to open f...