These kids are fucking brilliant and inspiring. I saw this talk live and they blew me away. Unfortunately the system in my city uses DESFire which is a lot more secure, but a lot less fun. All these comments about the AV glitches are burying the lead.
Here they used to have DESFire on the more expensive cards, but mifare classic on the cheapo prepaid tickets. Made the reverse process a lot cheaper ;) No longer though, thanks to mobile apps becoming so prevalent and them axing the non secure tickets.
@@hank10111111 Impossible ? What is this strange magic unknown to man ? Give nerds infinite time and resources and they'll get into everything eventually, the fact no one got in YET is not a guarantee no one can get in. Especially if something gets a reputation of being impossible, that's your fastest ticket to getting it hacked the next afternoon because you just motivated them all to get the title of defeating the undefeatable.
I hope they get some great college scholarships as a result of this hack. They deserve it... Though I imagine they will probably hack the meal plan software/database at their colleges as well. 😝
@@jayschafer1760 At this point college would just might slow them down. If they are into cryptography The best hope is that they bump up to quamtum cryptography cyphers. Then patten their own quantam algorithm.
Ok, so... This is power point made by some students set up by volunteers at a conference and who know who's computer is running what. Having done conferences before, unless you are having every slide show be delivered on a USB in a set format where only one person operates you will have issues... Even with this you will still have issues... This is def con. Ain't no one is touching your USB, no you can't share a network. You are lucky we are letting you plug in an HDMI... Tech issues fall on the presenter...
@@JimmyLucas-ev1hpjust Google it: "Matthew Harris Zachary Bertocchi Scott Campbell Noah Gibson - Boston Infinite Money Glitch Hacking Transit Cards Without Ending Up In Handcuffs.pdf" it's on the defcon site.
Ok but hacking mifare classic isnt anything new, this was done like 10 years ago or even older than that. I dont get how this is worthy of becoming a talk at defcon in 2024. Mifare classic were hacked ages ago, am I wrong? Eu used these types of cards 10-20 years ago but they got deprecated and replaced by more modern stndards because of the weak security. Why are USA using public transport cards with tech that is 10-20 years old?
as someone not super into tech & watches these every once in a while, it blows my mind that these are some really techy people but they cant get the slideshow running for their event lol
The conference venues are handled by teams that are more video/audio savy than IT savy. Having on stage computer is not the defaut mode for them. Having tens of meters of HDMI cables neither.... So extenders failure ? Wireless dongle failure ? What is surprising is the no immediate plan B situation. When doing a presentation, always have your own plan B like an old chromecast 😊
For events, we always have secondary and tertiary devices during presentations for exactly this reason. The demo gods and spiteful and cruel. They come out often.
Wow do y'all need an A/V tech? It burns my toast to see this. I really want to see the presentation, like with my eyes. As a professional audio engineer seeing egregious things like this happen at a large scale event I was tentatively excited to attend in the future makes me question how much of a priority I want to make this.
This is typical for hacker gatherings. They can figure out how to take control of a spy satellite, one year they got like 11 dominion voting machines and had the all of them hacked in under an hour and was basically playing doom on them. But cant figure out how to make the 1k tin can feedback stop every time they get close to a mic. 😂. But i cant knock them too hard. They aren’t audiophiles, in the day, they could break VST serial keys and make protools work without hardware back when that was thing. Lol. I don’t think they ever broke Ilok tho.
Sometimes venues like this are understaffed and under-prepared. I think it would be best if they hire someone in particular to hire in A/V techs and manage them. Most of this conference's content is heavily reliant on that stuff. Maybe they already do have an A/V captain and crew. 😛 It gets a lot more complicated when it comes down to brass tacks on resources and budgeting for staff. But definitely should not be so frugal on the AV side if that is what is happening.
My mind is blown. Especially because I’m based in New England and the T well haha. Well done kids. We need more of you in this world! Good kids doing great things!
Great upload! Currently studying DFIR, and it's amazing what one discovers hidden in the binary of images across the internet. And I'm not even talking lsb/msb steg tactics. Basic obfuscated encoded strings for extraction. Makes me wonder why server-side code was never developed to a greater depth in relation to image parsing. Perhaps AI will fix this in gradual stages going forward, because we're obviously speaking of billions of images of various formats that will need to be revisited. Some even holding personal info in reversed Base64/58/32 strings, which to the unsuspecting on a basic decode appears as unintelligible garbage. Would Iike to see a conference on this some time...
that was fun, imagine a world where they stay together the next ten years and grow closer and grow into a multi-headed monster! But sadly, they will likely all go different directions, ending what might have been another new discovery. Or is this just a launching pad, and the beginning of multiple geniuses emerging, who knows, it def was fun to watch, hope there is more in the coming years! Woo Hoo!
Wow. The concern I see more than the money is ability to switch card to employee at any level thus giving bad actor access to possibly MTBA network or facilities.
I doubt that other offices/facilities would use the same transit cards. They would be more likely to use another facilities management platform and other NFC technologies.
@@cottsak I think you really underestimate the capitalist urge to have everything in one cheap and easily accessible system. See Facebook/Meta locking itself out of HQ with one bad code push for further evidence.
far as i know most if not all of the important things. like telecomms are behind passcoded scan doors. not that you said it, but i think it would be a stretch to not have thought of that and set the doors to only be opened by employee uid's that they specifically set and not a would be saboteur. though the cloning thing would definitely still apply.
Wait the T cards actually have data on them. Bro I gave up on this idea years ago when I tried seeing if you can add mote money to an arcade card, and it didn't have any data except a user id 🙃. I figured the T cards would have better security than that, but congrats on the using a true Defcon virtue, attack on every vector
Great presentation, even without a presentation. At 28:00 I can't help but think that when I had a similar problem with checksum I just used the card a few times to see what changed in the hexdump. edit: Yep, did that at 31:30. xD
On a side note, they may want to consider maybe vhs tapes for the video portion of the presmtation. And pretty obvious that its not gonna need to be hunted down in sa pc.....you just hafta rememmber one thing with vhs tapes. BE KIND. REWIND. AND ERBODY BUT ME LIVED HAPPILY FOREVER AFTER.....YES. YES I WAS BORN THIS LEVEL OF AWESOMENESS. YOURE WELCOME.
Has there ever been a single DEFCON presentation in the history of the con that hasn't been riddled with technical problems? Absolutely insane that after three decades they still haven't figured out how to run a god damn PowerPoint slideshow properly.
"Remember the MBTA Hack! It was a long time ago back when dinosaurs roamed the earth when we were 2 years old!" It was 2008 and I was in college. Guess I need to start drinking Ovaltine and drive a Corvette. 👴
Guys are incredible : next time check for IA noise cancelling in your mic because the 90's are no more ... Damn these crappy mics remember me the good old (odd) dayz ...
as far as the presentations go, next year, if DEF CON wants to fly me out, put me up, and give me a food stipend, i can check out a projector from my local library and make sure this sort of thing doesn't happen, AGAIN.
Screens wouldn't broadcast WiFi details to mirrored device, 😅 the worst part is a screen unplugged power down would have fixed this. I base this on the murmur along the lines of, "it just won't detect it" yay hisense 🙆♂️
DEFCON? bruh, you guys need to think about putting hacking aside for a while and getting back to basics like setting up your A/V for a presentation. You know, the shit corporate clerks manage to pull off before a budget meeting.
These guys are bright, and they didn't give up when they hit a wall. I wish I knew my capabilities back when I was in high school. I didn't know I was good at anything yet, and when I tried something technical and failed, I just assumed I wasn't smart enough because that's what was drilled into me. I was scared to death that I would do horribly out in the real world until I found out that I'm actually very talented. Sometimes, I still can't believe it to this day, but the results don't lie. Encourage your kids or other people's kids that you mentor. They might not know how talented they are until they're encouraged to ignore the naysayers and toxic, disparaging people in their lives and just go for it. If you're a kid or a young adult and you're reading this, don't believe the people that say you're a failure or you're not capable. Being good or bad at school is not necessarily an indicator of intelligence or what you can contribute to humanity. You'll amaze yourself with what you're capable of if you know you have intrinsic value and dignity, that no one can take that from you, and you refuse to take no for an answer. You can do this.
I wish i had the smarts, or even the ability to use tech like this back when i was in high school. I know that's just an excuse though. there was tons of other tech i couldve learned
The tickets have seemingly imho been driven up in relation to bad (imperial) actors opsec is paramount right after dissemination but $460 makes me really want to ask.. why not $450?
it's good to see that there are still skript kiddies. I thought that era was gone with the death of forums, promising to see young people can still get into hacking.
@@cix9420 certainly not, but a huge chunk of people moved to other communication channels like discord; forums are not as populated as they once were. i wouldn't call them dead, but pretty much comparable to a zombie, yes
I can see these kids having a huge exit after a Y Combinator presentation....with no slides of course. Pitch - "No slides AI startup to replace PowerPoint"
The irony that DEFCON can hack into pretty much anything known, but can't run a slide show....
Standard IT issues. It's expected.
I do wonder, every year, what does that AV setup look like?
You can NEVER have it all, and thats ok no, sey ? ^^
the podium was so tacky the computer died of cringe
If slideshows were banned they would find a way!
Absolute ballers for carrying on with their technical speech with no slides for 20 minutes.
fix attention span its interesting
Ballers? WTF does that mean? What is a baller?
@@dr.barrycohn5461 someone who balls ⛹️♂️
These kids are fucking brilliant and inspiring. I saw this talk live and they blew me away.
Unfortunately the system in my city uses DESFire which is a lot more secure, but a lot less fun.
All these comments about the AV glitches are burying the lead.
Here they used to have DESFire on the more expensive cards, but mifare classic on the cheapo prepaid tickets. Made the reverse process a lot cheaper ;) No longer though, thanks to mobile apps becoming so prevalent and them axing the non secure tickets.
Isn’t desfire damn near impossible to crack?
@@hank10111111 Impossible ? What is this strange magic unknown to man ?
Give nerds infinite time and resources and they'll get into everything eventually, the fact no one got in YET is not a guarantee no one can get in.
Especially if something gets a reputation of being impossible, that's your fastest ticket to getting it hacked the next afternoon because you just motivated them all to get the title of defeating the undefeatable.
@@hank10111111 that’s my understanding. But it’s always a matter of time, right?
@@hank10111111seems like a challenge for a defcon presentation
A room full of hackers that can’t get a slideshow to work is literally a family guy scene
A room full of hackers is going to have someone who wants to hack the slideshow. It’s basically asking for trouble
They didn’t wanna try hard enough
@@TheOnlyONeill this is pure cope. Nobody hacked the slideshow
@@ClowdyHowdy I just wanna believe ok? 😤
These are the most composed high schoolers I have ever listened to.
I hope they get some great college scholarships as a result of this hack. They deserve it... Though I imagine they will probably hack the meal plan software/database at their colleges as well. 😝
(╬≖_≖) Not really
Afaik the tools to hack mifare classic have been around for decades. They made a gui for it and chose not to publish it.
@@jayschafer1760 At this point college would just might slow them down. If they are into cryptography The best hope is that they bump up to quamtum cryptography cyphers. Then patten their own quantam algorithm.
I wish i got to do this stuff in high school instead of being told I’d be nothing in life.
Great talk! A shame that defcon cant get their infrastructure tech together, even at $460/ticket.
They were too busy making the podium look nice 😅
that mic doubling situation over the slides is horrible, seems like a choice... seeing as defcon ended 2 weeks ago.
They spent all the money on the badges! Can't you tell? 😆
Jeez, the price has gone up drastically over the last few defcons.
Ok, so... This is power point made by some students set up by volunteers at a conference and who know who's computer is running what. Having done conferences before, unless you are having every slide show be delivered on a USB in a set format where only one person operates you will have issues... Even with this you will still have issues...
This is def con. Ain't no one is touching your USB, no you can't share a network. You are lucky we are letting you plug in an HDMI... Tech issues fall on the presenter...
32:25 the values aren’t in half pennies, they just aren’t aligned properly when being checked. Shifting right 1 bit is needed to align.
Hope this gets rerecorded by the students and put online in a non panicked manner and with working slides throughout.
You can find the full pdf on their site brother
Site? What is this site you behold of? Let me know these guys are awesome
@@JimmyLucas-ev1hpjust Google it: "Matthew Harris Zachary Bertocchi Scott Campbell Noah Gibson - Boston Infinite Money Glitch Hacking Transit Cards Without Ending Up In Handcuffs.pdf" it's on the defcon site.
what site?@@Kashubialover
@@Kashubialoverwhere??
im 40 yo and i need to say this is super inspirational, because young people like that it's a reference! incredible job guys congratulations 🎉
I felt so bad for those kids with all the technical difficulties. They did awesome tho! ❤
not really
It’s good to see the worlds most fitting edge hackers still have problems displaying power point. 😂
thats a feature of powerpoint. it detects live events then decides to fail
🤣@@iWhacko
@@iWhacko I expect there's a Gremlin who attends DEFCON each year.
powerpoint is made by Microsoft. A company that has no idea how to make a user interface work.
Ok but hacking mifare classic isnt anything new, this was done like 10 years ago or even older than that. I dont get how this is worthy of becoming a talk at defcon in 2024. Mifare classic were hacked ages ago, am I wrong? Eu used these types of cards 10-20 years ago but they got deprecated and replaced by more modern stndards because of the weak security. Why are USA using public transport cards with tech that is 10-20 years old?
Loved how they broke down how they discovered the vulnerability and cudo's for helping them fix it. Great job guys!
as someone not super into tech & watches these every once in a while, it blows my mind that these are some really techy people but they cant get the slideshow running for their event lol
Reliable slideshows and working printers are the two unsolvable challenges of digital technology.
all the kings horses and all the kings men couldn't get the codebase to compile again...
The conference venues are handled by teams that are more video/audio savy than IT savy. Having on stage computer is not the defaut mode for them. Having tens of meters of HDMI cables neither.... So extenders failure ? Wireless dongle failure ? What is surprising is the no immediate plan B situation. When doing a presentation, always have your own plan B like an old chromecast 😊
You would be surprised, I work with wealthy ( 7 figure ) people who can’t tell me the difference between a PDF and potato.
For events, we always have secondary and tertiary devices during presentations for exactly this reason. The demo gods and spiteful and cruel. They come out often.
Wow do y'all need an A/V tech? It burns my toast to see this. I really want to see the presentation, like with my eyes. As a professional audio engineer seeing egregious things like this happen at a large scale event I was tentatively excited to attend in the future makes me question how much of a priority I want to make this.
💯🎯
right? like couldn't just pan to left or right over the slides and make the audio mono?
This is typical for hacker gatherings. They can figure out how to take control of a spy satellite, one year they got like 11 dominion voting machines and had the all of them hacked in under an hour and was basically playing doom on them. But cant figure out how to make the 1k tin can feedback stop every time they get close to a mic. 😂. But i cant knock them too hard. They aren’t audiophiles, in the day, they could break VST serial keys and make protools work without hardware back when that was thing. Lol. I don’t think they ever broke Ilok tho.
I would love to hear a talk from you ! Maybe how this stuff gets prevented in a professional setting ^^
Sometimes venues like this are understaffed and under-prepared. I think it would be best if they hire someone in particular to hire in A/V techs and manage them. Most of this conference's content is heavily reliant on that stuff. Maybe they already do have an A/V captain and crew. 😛 It gets a lot more complicated when it comes down to brass tacks on resources and budgeting for staff. But definitely should not be so frugal on the AV side if that is what is happening.
These guys have the right spirit mixed with great humor.
Choo choo!! 🚂
Great work guys! I would have had a nervous breakdown trying to get those slides working 😅
The MBTA strikes again! Sabotaged!
I wish cybersecurity was available to me in high school! So cool to see this
Oh nice to see you here. 👋
They are not cybersecurity students! They are skilled hobbyists
Applause for how articulate these fellas are!! Great research!!
Everytime I tap into defcon or the 'darkside', I realize how uncreative I am!! I am so limited and its wildly frustrating. I am such a dunce.
Great talk exemplifying the best Defcon has to offer. Enthusiasm and technical skill. Keep it up, hope to see y'all come back with more exploits.
theyll need a new wiki for that
My mind is blown. Especially because I’m based in New England and the T well haha. Well done kids. We need more of you in this world! Good kids doing great things!
I have to admit, that is a fucking NICE podium. Props to the fabricator.
@steviewolfe666 made the podium.... heh, jk, seriously it is pretty bad ass isn't it!? Thought that too, why aren't they all cool like this one!?
is pretty
for real really fitting for def con!
Thanks!
Amazing work. You guys have a bright future ahead.
Can't wait for your next talk.
Was gonna say a room full of hackers that cant get a laptop to a projector but i dont want all my accounts hijacked so epic job guys 👍
You guys are the best! All of us involved with MATE are proud of you. There is no limit to what you will achieve in this world! Stay in touch!
Thanks Eben! Without MATE we probably wouldn't have done the project!
A room full of hackers and they can't get the projector to work, or hide the mouse pointer, or turn off the powerpoint slide transition sound 😂😂😂
Great upload!
Currently studying DFIR, and it's amazing what one discovers hidden in the binary of images across the internet. And I'm not even talking lsb/msb steg tactics.
Basic obfuscated encoded strings for extraction.
Makes me wonder why server-side code was never developed to a greater depth in relation to image parsing. Perhaps AI will fix this in gradual stages going forward, because we're obviously speaking of billions of images of various formats that will need to be revisited.
Some even holding personal info in reversed Base64/58/32 strings, which to the unsuspecting on a basic decode appears as unintelligible garbage.
Would Iike to see a conference on this some time...
I hope they record it in private again. Its a shame its so rushed.
Still, awesome talk !
Hearing this guy talk is like listening to young Zoz Brooks. Made my day. Long live free fares on the MBTA!
that video describe "we know only what we know" that programmers know well but folks around the world don't haha great presentation!
that was fun, imagine a world where they stay together the next ten years and grow closer and grow into a multi-headed monster! But sadly, they will likely all go different directions, ending what might have been another new discovery. Or is this just a launching pad, and the beginning of multiple geniuses emerging, who knows, it def was fun to watch, hope there is more in the coming years! Woo Hoo!
To see the youth make power moves like this makes me sooo soooo happy! props to the squad!!!!!!!!! I wish them the very best in life.
Loved seeing this live and love re-watching it now! Great talk
Fantastic job to you all! This was fun to watch especially all of the fun technical difficulties!
Well done for keeping going despite everything. 😀👍
Awesome job! Learned a lot from this presentation. You did a great job and great soft skills! You're going places.
Defcon has the worst powerpoint setup, the most silent crowds, and the best speakers.
which is exactly why i love it
Would really like to see it in more detail, with no time limit, is there an extended version?
It's crazy they store value on the card! MiFare Classic is so old too
Wow. The concern I see more than the money is ability to switch card to employee at any level thus giving bad actor access to possibly MTBA network or facilities.
I doubt that other offices/facilities would use the same transit cards. They would be more likely to use another facilities management platform and other NFC technologies.
@@cottsak I think you really underestimate the capitalist urge to have everything in one cheap and easily accessible system. See Facebook/Meta locking itself out of HQ with one bad code push for further evidence.
far as i know most if not all of the important things. like telecomms are behind passcoded scan doors. not that you said it, but i think it would be a stretch to not have thought of that and set the doors to only be opened by employee uid's that they specifically set and not a would be saboteur.
though the cloning thing would definitely still apply.
Brilliant work, lads, fantastic team work.
Wait the T cards actually have data on them. Bro I gave up on this idea years ago when I tried seeing if you can add mote money to an arcade card, and it didn't have any data except a user id 🙃. I figured the T cards would have better security than that, but congrats on the using a true Defcon virtue, attack on every vector
Even at DEFCON filled with computer whizzes, there’s still problems getting the slide show to play
Room full of hackers and its still takes 20 minutes to get a power point running 😔
Halfpennies "for some reason" makes me think of Office Space... For some reason😂
wouldnt be defcon without the awkward technical issues
Absolutely amazing. Would have loved to hear the story about the cops being called lol
Great presentation, even without a presentation. At 28:00 I can't help but think that when I had a similar problem with checksum I just used the card a few times to see what changed in the hexdump.
edit: Yep, did that at 31:30. xD
hope they re do it because their slide presentations are always the best
I love the energy! fun project guys
Poor kid, you can feel the anxiety just pouring off him
On a side note, they may want to consider maybe vhs tapes for the video portion of the presmtation. And pretty obvious that its not gonna need to be hunted down in sa pc.....you just hafta rememmber one thing with vhs tapes. BE KIND. REWIND.
AND ERBODY BUT ME LIVED HAPPILY FOREVER AFTER.....YES. YES I WAS BORN THIS LEVEL OF AWESOMENESS. YOURE WELCOME.
i'd like to see more, there's more content made by or about them online?
Nice talk. I just wished they had more time though.
I been thinking about doing the same for the MTA for years now!
We can give you the protocol for your public transit card, but showing a powerpoint on an external display is not part of our qualifications
Has there ever been a single DEFCON presentation in the history of the con that hasn't been riddled with technical problems? Absolutely insane that after three decades they still haven't figured out how to run a god damn PowerPoint slideshow properly.
Sorry guys I was there and was using my flipper zero to mess wit the projector ..😂 that ir blaster really worked...
sadly london oyster card and the itso smartcards here in the uk both store data in a database
“2004, before any of us were born” damn
What a great bunch of kids! The guy with the beard was funny!
The ghost of Longmont potion castle was alive that day!!
The slideshow not working is the transport companies fighting back
"Remember the MBTA Hack! It was a long time ago back when dinosaurs roamed the earth when we were 2 years old!"
It was 2008 and I was in college.
Guess I need to start drinking Ovaltine and drive a Corvette. 👴
This was nice, but one must admit that security was just terrible ahah!
Defcon! Awesome! One day i plan on attending.
Guys are incredible : next time check for IA noise cancelling in your mic because the 90's are no more ...
Damn these crappy mics remember me the good old (odd) dayz ...
as far as the presentations go, next year, if DEF CON wants to fly me out, put me up, and give me a food stipend, i can check out a projector from my local library and make sure this sort of thing doesn't happen, AGAIN.
Amazing work on the charlie card
there was a restraining order on the A/V equipment
Screens wouldn't broadcast WiFi details to mirrored device, 😅 the worst part is a screen unplugged power down would have fixed this.
I base this on the murmur along the lines of, "it just won't detect it" yay hisense 🙆♂️
Love the unreadable fine prints.
DEFCON? bruh, you guys need to think about putting hacking aside for a while and getting back to basics like setting up your A/V for a presentation. You know, the shit corporate clerks manage to pull off before a budget meeting.
Daaang these kids NAILED this presentation
checksum(a XOR b) = checksum(a) XOR checksum(b)? That linearity along with 16 bits sounds like *some* CRC-16 variant.
Bro read those Laws like he did a million times, Now he's a Rapper
Great presentation! Well done lads!
These guys are bright, and they didn't give up when they hit a wall. I wish I knew my capabilities back when I was in high school. I didn't know I was good at anything yet, and when I tried something technical and failed, I just assumed I wasn't smart enough because that's what was drilled into me. I was scared to death that I would do horribly out in the real world until I found out that I'm actually very talented. Sometimes, I still can't believe it to this day, but the results don't lie. Encourage your kids or other people's kids that you mentor. They might not know how talented they are until they're encouraged to ignore the naysayers and toxic, disparaging people in their lives and just go for it. If you're a kid or a young adult and you're reading this, don't believe the people that say you're a failure or you're not capable. Being good or bad at school is not necessarily an indicator of intelligence or what you can contribute to humanity. You'll amaze yourself with what you're capable of if you know you have intrinsic value and dignity, that no one can take that from you, and you refuse to take no for an answer. You can do this.
That is very cool. Great work guys
Always use backup - backup hardware, software, files - this way a presentation won't have the problems they had during this presentation.
Inspired me a lot. Thanks!
what happened to the audio?
I wish i had the smarts, or even the ability to use tech like this back when i was in high school. I know that's just an excuse though. there was tons of other tech i couldve learned
The tickets have seemingly imho been driven up in relation to bad (imperial) actors opsec is paramount right after dissemination but $460 makes me really want to ask.. why not $450?
"Written in C" Look at this Dennis Ritchie Bro on the Up and Up
They are in highschool??? Imagine being their schools IT department with these kids at your school... I would quit
Time to finally get Charlie off the MTA.
👎 For not enabling PowerPoint until 20:06 .
👍 For the speeches.
These kids are legends
26:14 'but I still passed' what a modern day era chad
The audio on this horrendous.
it's good to see that there are still skript kiddies. I thought that era was gone with the death of forums, promising to see young people can still get into hacking.
forums havent died haha
@@cix9420compared to 2000s they are super dead.
@@cix9420 certainly not, but a huge chunk of people moved to other communication channels like discord; forums are not as populated as they once were. i wouldn't call them dead, but pretty much comparable to a zombie, yes
Why is the checksum modifier at 33:30 0x149c? Shouldnt it be the same one from the previous slide?
Just checked and the first checksum modifier was wrong. 0x6422 xored with 0x70BE gives 0x149C not 0x275B
4:44 Very professional 😂😂
When did Greg Roy start hacking transit cards?
Bro how are there no slides working at defcon of all places? So annoying
Would love to see this done with Ventra cards in Chicago
ב''ה, the ones that are full PCI, you say?
Now that this is patched, are you guys going to release the code?
its not patched 🫣
@@zackbertocchi6239 ... Oh god. LOL
I can see these kids having a huge exit after a Y Combinator presentation....with no slides of course. Pitch - "No slides AI startup to replace PowerPoint"
You know these guys are gonna go places
this kids can hack the public transportation system but they cant fix monitors not displaying? what’s the catch?