August 19, 2008, 3:06 PM — A U.S. District Court judge on Tuesday dissolved a gag order against a trio of MIT students who said they found flaws in the Massachusetts transit authority's ticketing system.
Zack Anderson, Russell "RJ" Ryan and Alessandro Chiesa had planned to present details of their findings at the Defcon hacker conference before a judge imposed the gag on Aug. 8 following a motion by the Massachusetts Bay Transportation Authority.
The students are being represented by the Electronic Frontier Foundation, a San Francisco organization that advocates for civil rights in the high-tech world.
EFF legal director Cindy Cohn argued Tuesday that the federal Computer Fraud and Abuse Act concerns the transmission of information to protected computers, not speech to other people, in this case the students' planned speech at Defcon.
In addition, the students have no intention of releasing "key" pieces of information that would allow others to hack the system, Cohn said.
MBTA attorney Ieuan-Gael Mahoney had asked for a five-month continuation of the restraining order, saying that was how long the MBTA has determined it will take for the organization and its vendor to fix vulnerabilities in the MBTA Charlie Ticket system.
Mahoney praised a security analysis the students had prepared for the agency, saying the information in it convinced them of the vulnerability.
But U.S. District Judge George O'Toole sided with Cohn following a roughly 90-minute hearing.
While the 10-day temporary restraining order was set to expire Tuesday, O'Toole said that under the law, weekends do not count, meaning it is still in effect until Friday.
