blog Forget Black Hat in Las Vegas. Australia’s Ruxcon is where it’s at, complete with public transport ticketing hacks and shadow figures involved in advanced network security exercises. SC Magazine reports from the sidelines of the conference over the weekend, where a number of Australian students demonstrated how they had hacked an un-named public transport ticketing system. The publication reports (we recommend you click here for the full article):
“An Australian state public transport system has been cracked by a group of security researchers who were able to replicate cards to enable free travel.”
The Ruxcon precis of the group’s speech (they describe themselves under the team name ‘Trainhack’) states: “This talk will look at different techniques used in black-box reverse engineering of data storage formats, focusing on a case study of an outdated mass transit ticketing system which employed custom cryptography.”
Trainhack describes itself as “a group of security hobbyists currently studying computer science” … who enjoy “sunsets, French films, and coding in dark rooms while listening to repetitive electronic music”. Sounds like the ideal renaissance geek lifestyle partner. One only hopes that the public transport organisation with the weak security has patched its holes following the responsible disclosure of this issue. And that Trainhack stays out of the hands of law enforcement so that it can enjoy the odd Jean-Pierre Jeunet.