CharlieCards

CharlieCard Discount Book.

Via BostonTweet.

The Executive Office of Transportation says that, effective immediately, student CharlieCards on the T are now good until 11 p.m. on weekdays - three hours longer than before, in a program aimed at letting kids participate in after-school programs that run late.

The office also says it is looking at creation of a new Youth Pass - available to anybody through age 21.

The T reports CharlieCard users can now renew or replenish their cards online, by setting up a MyCharlie account.

The new system lets monthly pass holders have their cards get renewed automatically and lets users get replacement CharlieCards for lost or stolen cards. T General Manager Dan Grabauskas said:

With this new technology, customers who register their CharlieCard receive a replacement free of charge. That was a legitimate customer concern that today is an issue of the past.

Doug reports how he got two monthly express-bus passes for the price of one, thanks to a quirky card vending machine.

Let's say you're using the toilet and as you get up, but before you flush, you realize your CharlieCard has somehow fallen into the bowl. Do you retrieve it?

ArsTechnica reports Dutch researchers claim to have broken the encryption used to protect information on CharlieCards and similar systems:

... The group at Radboud carried out its investigation with the help of Ghost, a tag emulator, reader, and eavesdrop device that they built for around 40 euros. ...

The company that makes the CharlieCard system has come out with a more secure encryption system, but it's more expensive and making it backwards compatible with older readers actually introduces more vulnerabilities, ArsTechnica writes.

Seems the software behind CharlieCard readers was built in Microsoft Visual C++. And guess what? It's not immune from crashing. Zeroday posts the photographic proof from the Central Square station.

Associated Press reports they can now talk about their own documents, the ones the MBTA put into the public record, on insecurity at T stations and with the CharlieCard and CharlieTicket system.

Via Dave Wieneke.

Electronic Frontier Foundation: The Court found that the MBTA was not likely to prevail on the merits of its claim under the federal Computer Fraud and Abuse Act.

Dan Kennedy: [N]ot much of a victory for the First Amendment:

... It makes a mockery of the principle that prior restraint is to be reserved only serious issues of national security, obscenity and incitement to violence.

EVIL MIT HACKER steathily infiltrates the T with EVIL MIT HACKER SHOPPING CART (Source).

In focusing on the OMG EVIL MIT HACKERS angle (but also, to give them credit, the First Amendment/prior restraint angle), the media are completely overlooking the first part of the students' presentation, which discusses how easy it is to get on the T for free without using EVIL MIT HACKER WAREZ, such as, for example: Walking through unattended Charliegates and Green Line rear doors, looking through the windows in those high-tech all-seeing security kiosks, walking into unlocked rooms at Park Street that house switches connecting Charliegates to the MBTA network, etc. In case you missed it, Kaz has more.

For some reason, Dan Grabauskas doesn't seem upset about this, or maybe reporters just aren't asking him about it, because it's not as sexay as OMG EVIL MIT HACKERS or they haven't actually read the presentation themselves, or both.

UPDATE: The MBTA won a temporary restraining order that will keep the students from discussing their findings. Read the judge's order (in PDF). Read the MBTA complaint (in PDF).

Wired reports the T wants to stop three MIT students from giving a talk at a hacker convention this weekend on their efforts to crack the CharlieCard system.

The transit authority, known as the MBTA, is also seeking to prevent the students from "publicly stating or indicating" that electronic passenger tickets used on the transit system have been compromised until the MBTA can fix security flaws in the system. It further seeks to bar the students from releasing any tools or providing any information that would allow someone to hack the transit system and obtain free rides.

A hearing is scheduled for 11 a.m. in U.S. District Court in Boston on the T's request for a temporary restraining order to keep Zack Anderson, RJ Ryan and Alessandro Chiesa from giving a talk at the DefCon conference in Las Vegas on Sunday on The Anatomy of a Subway Hack: Breaking Crypto RFID's and Magstripes of Ticketing Systems:

In this talk we go over weaknesses in common subway fare collection systems. We focus on the Boston T subway, and show how we reverse engineered the data on magstripe card, we present several attacks to completely break the CharlieCard, a MIFARE Classic smartcard used in many subways around the world, and we discuss physical security problems. We will discuss practical brute force attacks using FPGAs and how to use software-radio to read RFID cards. We survey 'human factors' that lead to weaknesses in the system, and we present a novel new method of hacking WiFi: WARCARTING. We will release several open source tools we wrote in the process of researching these attacks. With live demos, we will demonstrate how we broke these systems.

Human factors? So they managed to sweet-talk some T employees to inadvertently help them out.

Anderson told the Register the trio initially contacted the T to offer their help in fixing the vulnerabilities and that they weren't planning to release specific enough details to let somebody else replicate their feats.

Montreal's transit authority is replacing its paper tickets with a CharlieCard-like system. Chris DeWolfe, a reporter at the Montreal Gazette, is writing a story about the new Opus Card (OK, I really have no clue if it'll feature a penguin):

Part of my story will look at how the names of smart cards in other cities have been derived from or have become part of the local pop culture. Naturally, I'm very interested by the CharlieCard.

So, what do you think about the T naming its pass after a character in a song protesting the T's predecessor? I told him the song is such a part of local character, the question is almost more how could the T even think of naming it anything else, but what do I know? You can e-mail Chris with your thoughts on the name or post them here.

Dee Cee reports she and other people who use WageWorks cards (sort of debit cards handed out by their employees) to add value to their CharlieCards haven't been able to do so this month:

... I have been calling every other day to WageWorks and MBTA. WageWorks is apologetic, and tell me there was a system issue with the T kiosks. Hundreds of people have been calling, asking for their money back. The MBTA is denying any fault, saying this is WageWorks' problem. One "customer service" (I use that term loosely, due to the rudeness I got) rep told me it was my own fault for a)using a WageWorks card, and b)waiting for the 1st of the month to update my Charlie Card. ...

Boblothrope reports trying to convert some CharlieTickets into CharlieCards only to be told he couldn't because they were already marked as discounted or something (he got them as not-on-time reimbursements). But he discovered a quick workaround involving adding all of five cents to the tickets, then trading in the new ones you get:

... Maybe if I really want to waste the T's money I'll put each 5 cent transaction on a credit card. ...

Meanwhile, in the "You're kidding, right?" department, state Rep. Denis Guyer wants a law forcing the T to return dollar bills rather than coins to people who put cash in CharlieMachines. Guyer, D-Boonies, could care less that $18 worth of Sacageweas are annnoying - he's looking out after the interests of Crane & Co., a company in his district that makes the paper used to print dollar bills.

If you've been reading UniversalHub for a while, you may remember the Subway Knitter's CharlieCard mittens, which let you magically tap your hands at the gate to make it open.

Someone recently mentioned the pattern for these mittens on a knitting site called Ravelry. And you should see the discussion that this caused: Read more

Some chromedomes report they've figured out how to break the encryption used by CharlieCards and other "smart cards" that rely on wireless RFID connections to exchange information, such as account balances.

The trio say they are using their knowledge for Good, rather than Evil, by publicizing the possible flaw so that companies can do something about it before evil hackers start churning out zillions of counterfeit cards. One of the three is currently working on a PhD thesis titled Implementable Privacy for RFID Systems (that page also has a video of a talk on the issue).

Nohl and his colleagues "dissected" the MiFare chip to reveal each of the five layers of circuitry that make up the chip and produce the encryption. To do so, they looked at the chip under a conventional optical microscope, and used micro-polishing sandpaper to remove a few microns of material at a time to reveal each layer of circuitry, which then was digitally photographed.

Via Hiawatha Bray.

Jason reports on his futile effort to put a monthly pass on his CharlieCard on the Orange Line this morning, starting at Green Street:

... I made it to Ruggles and tried to buy my pass there. The machines at Ruggles were also not taking credit/debit. I asked the CSA what the problem was. She told me I shouldn't have waited until 2/1 to buy my pass and that the system was "overloaded" on the whole system. Translated: "You should have known that the MBTA would not be able to make this work and are an idiot for assuming it would. You are more of a fool for asking me about it, and I am going to treat you like shit because you deserve it for assuming that the MBTA or its staff should do their jobs." ...

He also has some advice on whom to call if you can't get into a station because of the problem.

Next March, Montreal will move its public transportation to a smartcard-based fare system. To see what it might be like, Christopher DeWolf drove down to Boston to take the CharlieCard out for a spin:

... What's most remarkable about the CharlieCard is that it's easy and secure. ...

Bill compiles quite a list of outstanding issues, from the T's continued inability to figure out how to get them to work on commuter rail to the amazing way they've made fare evasion so easy:

... Fare evasion was somewhat of a rare sight for prior to the introduction of the AFC system, but now it's something you don’t have to look around to find. Three, four or five people going through a gate at once on a single tap of a single card occurs constantly. Evaders forcing their way past people as they open a gate to exit is something that happens frequently as well. ...

Other cities have implemented gate systems that have successfully kept fare evasion under control. The T spent millions on a custom solution that has turned evasion into an epidemic.

He also discusses ongoing delays in station reconstruction projects along the Green Line.

Hondo reports on a fun little incident yesterday morning at Haymarket: A guy scoots through a CharlieGate without paying, under the watchful eye of a T employee, who refuses to call T police even when a paying customer asks him to:

... The other passenger basically lit into the T employee. All he had to do was call it in. But he openly said that he didn't care. ...

It's morning rush hour on the first of the month at Green Street, people are lined up at the CharlieCard machines buying new passes and the machines suddenly stop taking credit cards. You're an MBTA customer service agent, so what do you do?

A. Tell people to use cash or wait the two hours until the machines come back online.
B. Refuse to wave anybody through who doesn't have cash.
C. Get angry at people who refuse to admit the problem is their own damn fault.
D. All of the above.

Lucky Stroke provides the answer.

For a system represented by the visage of a man who couldn't afford to pay his fare, the advent of the CharlieCard and AFC presents an ironic victory. For if the subject of the classic song were to board today, he would find that his inability to pay would present no obstacle to getting on and off the T as he pleased.

Nearly eight months after Automated Fare Collection appeared, it's time to examine fare evasion. The problem that the MBTA claims isn't a problem.

Joshua Ledwell grumps:

... It's so bad that I've cynically begun to think it was built unintuitively on purpose, to preserve or expand the T workforce. ...

Break the CharlieCard machines but don't tell anybody, then station creepy plainclothes workers next to them to "help" people trying to refill their cards, which will so weird them out they'll give up and buy a more expensive CharlieTicket.