New appication for USRP+GNU radio, free subway rides 
http://www-tech.mit.edu/V128/N30/subway/Defcon_Presentation.pdf
Well, at least until people learn to deploy secure systems.
Philip
Hello,
Wow, a very interesting set of slides. BTW this is the talk that the
MBTA got a temporary injunction over so it may not get presented at
Defcon.
http://www.pcworld.com/businesscenter/article/149646/eff_to_appeal_court_order_halting_subway_hacker_talk.html
I am not surprised about anything dealing with the MBTA. They spent
millions on a new multiple site trunked radio system back in 2003 and it
is just getting into service this year. They are putting in a new data
network in the subway tunnels to support the new radio system. The
system is a Ma/Com EDACS ProVoice system that uses Internet Protocols to
link sites together.
Besides the card hacking aspects, this shows how physical security is
also important.
73 Eric
----- Start Original Message -----
Sent: Mon, 11 Aug 2008 08:45:46 -0400
From: “Philip B.” [email protected]
To: “[email protected]” [email protected]
Subject: [Discuss-gnuradio] GNU Radio mention in DEFCON subway
presentation
Discuss-gnuradio mailing list
[email protected]
Discuss-gnuradio Info Page
----- End Original Message -----
On Mon, 11 Aug 2008, Philip B. wrote:
New appication for USRP+GNU radio, free subway rides
http://www-tech.mit.edu/V128/N30/subway/Defcon_Presentation.pdf
Well, at least until people learn to deploy secure systems.
There’s also…
A bit more scary 
On Aug 11, 2008, at 2:45 PM, Philip B. wrote:
New appication for USRP+GNU radio, free subway rides
http://www-tech.mit.edu/V128/N30/subway/Defcon_Presentation.pdf
Well, at least until people learn to deploy secure systems.
Anyway manage to find the code they did for the usrp?
(and everything else by the way…)
–
Best Regards,
ChoJin
On Tue, 12 Aug 2008, Dan H. wrote:
-your-pacemaker/
A bit more scary
Please please please don’t be scared by this. Yet :). We believe that
the risk to patients with today’s technology is basically nil. Our
attacks took tens of seconds to minutes and required very close
range. From there it’s much easier just to punch you.
Well, I don’t have a pacemaker so punching would be your only method 
The range issue could be ‘improved’ with a better antenna though, right?
The sentence that the article misquotes was closer to “With today’s
hardware, these attacks are mostly academic. We need to develop
effective security solutions now before these types of attacks become
easier to mount.”If I needed a pacemaker/cardiac defibrillator, I would get one
without hesitation – including the model we investigated.
Maybe you could start wearing chainmail
It certainly looks like it was an interesting project 
Do you have a paper on it? I had a google but the top hits are “ZOMG
HACKERS WILL KILL US ALL” :-/
----- Start Original Message -----
Sent: Mon, 11 Aug 2008 17:12:43 -0700
From: Dan H. [email protected]
To: [email protected]
Subject: Re: [Discuss-gnuradio] GNU Radio mention in DEFCON subway
presentation
Well, at least until people learn to deploy secure systems.
From there it’s much easier just to punch you.The sentence that the article misquotes was closer to “With today’s
hardware, these attacks are mostly academic. We need to develop
effective security solutions now before these types of attacks become
easier to mount.”If I needed a pacemaker/cardiac defibrillator, I would get one without
hesitation – including the model we investigated.
- -Dan
----- End Original Message -----
Hello,
Yet another interesting application for the USRP and GNURadio.
Yeah the victim has to have the same model of pacemaker/cardiac
defibrillator and not notice the guy next to him with all this
radio/computer equipment. I have heard the same concern about bad
people using the ADS-B position for targeting aircraft. It is possible,
like turning off the pacemaker, but there are simpler and easier methods
similar to just punching the person.
I heard that some Remote Keyless Entry Systems have been compromised as
well. I heard stories of Mercedes-Benz owners sitting in a coffee shop
in Europe next to a guy with a laptop and when they leave their car is
gone. This is due to the feature that the key only has to be in the
person’s pocket to unlock and start the car. So the security of having
to use a real physical key in a lock is gone.
73 Eric
On Aug 12, 2008, at 1:53 AM, Michael O. wrote:
I checked the defcon cd, and it contains the slides but no code.
I’m guessing we won’t see any code until the legal challenge is
resolved (unless someone has a mirror?). Of course, with the slides
and information from other researchers, it might not be difficult to
recreate the MIT code.
By the way, I have the LFTX/LFRX daughterboard, but I’m not very
familiar with RFID.
As far as I understand, passive RFIDs communicate backs to the reader
by consuming more or less power from the incoming radio wave (please
correct me if I’m wrong). How one would therefore implement a reader
using these daughter boards and gnuradio?
–
Best Regards,
ChoJin
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Aug 11, 2008, at 4:58 PM, Daniel O’Connor wrote:
A bit more scary
Please please please don’t be scared by this. Yet :). We believe that
the risk to patients with today’s technology is basically nil. Our
attacks took tens of seconds to minutes and required very close range.
From there it’s much easier just to punch you.
The sentence that the article misquotes was closer to “With today’s
hardware, these attacks are mostly academic. We need to develop
effective security solutions now before these types of attacks become
easier to mount.”
If I needed a pacemaker/cardiac defibrillator, I would get one without
hesitation – including the model we investigated.
- -Dan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
iEYEARECAAYFAkig1XsACgkQy9GYuuMoUJ7SIQCfbzcDsw48+rm6QdRaNBRFmxc+
DM8AoNZMCyMPUBz56Vv8lMbapUQOuivP
=E36k
-----END PGP SIGNATURE-----
On Aug 16, 2008, at 10:52 PM, Michael O. wrote:
On Sat, Aug 16, 2008 at 08:44:56PM +0200, [email protected]
wrote:As far as I understand, passive RFIDs communicate backs to the
reader by consuming more or less power from the incoming radio
wave (please correct me if I’m wrong). How one would therefore
implement a reader using these daughter boards and gnuradio?I have only worked with low frequency (125 kHz) RFID tags so far,
but this is what has worked for me.
[the explanations]
Cryptographic RFID tags require some particular signal (not just a
sine wave) to be transmitted by the reader. Details vary depending
on the kind of tag, so you’ll need documentation or you’ll have to
reverse engineer the signal produced by a reader.
Thank you very much that was very helpful. I’ll give it a try.
–
Best Regards,
ChoJin