http://www.veracode.com/blog/2008/08/sorry-charliecard-your-security-model-is-broken/ Application security testing, analysis, and metrics Tue, 06 Jan 2009 18:56:28 +0000 http://wordpress.org/?v=2.6.5 http://www.veracode.com/blog/2008/08/sorry-charliecard-your-security-model-is-broken/#comment-2028 MBTA Put Profit Before Security? | theReformed Mon, 25 Aug 2008 12:54:02 +0000 http://www.veracode.com/blog/?p=189#comment-2028 [...] Chris stated in his own article, “…Doesn’t this seem backwards to you? Shouldn’t the MBTA be suing the vendor who [...] [...] Chris stated in his own article, “…Doesn’t this seem backwards to you? Shouldn’t the MBTA be suing the vendor who [...]

]]> http://www.veracode.com/blog/2008/08/sorry-charliecard-your-security-model-is-broken/#comment-2021 Zero in a bit » MBTA Hacking Injunction Lifted Wed, 20 Aug 2008 05:49:58 +0000 http://www.veracode.com/blog/?p=189#comment-2021 [...] Chris Wysopal pointed out last week, the MBTA’s ire is misdirected. Rather than suing the vendor who sold them the defective [...] [...] Chris Wysopal pointed out last week, the MBTA’s ire is misdirected. Rather than suing the vendor who sold them the defective [...]

]]> http://www.veracode.com/blog/2008/08/sorry-charliecard-your-security-model-is-broken/#comment-2013 Catching up… | Mike Andrews Sun, 17 Aug 2008 07:01:03 +0000 http://www.veracode.com/blog/?p=189#comment-2013 [...] example that I’ve seen lots of posts about.  The best intro is from Chris at Veracode here and here.  Basically, the Massachusetts Bay Transportation Authority (MBTA) is (was?) suing [...] [...] example that I’ve seen lots of posts about.  The best intro is from Chris at Veracode here and here.  Basically, the Massachusetts Bay Transportation Authority (MBTA) is (was?) suing [...]

]]>