A trio of MIT students planned to talk about the Boston subway's inherent problems with its payment card system, but an injunction took their presentation off the Defcon slate of topics.&ltbr>&ltbr&gtIt seems like an annual event in the world of security conferences. A high-profile enterprise catches wind of a proposed talk about vulnerabilities in their services, and they race to the courtroom to stop the presentation.&ltbr />&ltbr />Conferences like Black Hat and Defcon virtually court that kind of response through the nature of their content and audience. The latest kerfuffle stems from Massachusetts, where a group of MIT students &lta href=http://defcon.org/html/defcon-16/dc-16-speakers.html#Anderson&gtplanned to discuss breaking the smartcard used for subway payment systems.&ltbr />&ltbr />Boston is among several places using the particular card, and the prospect of being the topic of conversation alarmed city subway officials. &lta href=http://www.theregister.co.uk/2008/08/09/defcon_talk_halted/&gtThe Register noted the filing of an injunction to halt the talk.&ltbr />&ltbr />The effect of the lawsuit, which included a request to stop the speakers from suggesting the security of the payment system was insecure, essentially ensured plenty of people would learn exactly that about the CharlieCard. &ltbr />&ltbr />As The Register noted, attorneys for the Massachusetts Bay Transit Authority helpfully &lta href=http://blog.wired.com/27bstroke6/files/vulnerability_assessment_of_the_mtba_system.pdf&gttacked on an overview of how the CharlieCard can be forged or cloned. The students also planned to discuss how to mitigate such problems.&ltbr />&ltbr />MBTA's lawsuit smacks more of ego and embarrassment than of actual concern about security issues. Discussions between the students, their instructor, and the MBTA last week failed to find a compromise; all MBTA accomplished was gaining more publicity for issues that need to be fixed.&ltbr>&ltbr>&ltcenter>&lta href="http://aj.600z.com/aj/9395/0/ccz=1&amppos=1">&ltimg src="http://aj.600z.com/aj/9395/0/vcz=1&ampdim=9392&amppos=1" height="75" border="0">&ltdiv class="feedflare">&lta href="http://feeds.feedburner.com/~f/SecurityProNews/internetsecuritya=kmd60K">&ltimg src="http://feeds.feedburner.com/~f/SecurityProNews/internetsecurityi=kmd60K" border="0"> &lta href="http://feeds.feedburner.com/~f/SecurityProNews/internetsecuritya=K7eoPK">&ltimg src="http://feeds.feedburner.com/~f/SecurityProNews/internetsecurityi=K7eoPK" border="0"> &lta href="http://feeds.feedburner.com/~f/SecurityProNews/internetsecuritya=vGuJeK">&ltimg src="http://feeds.feedburner.com/~f/SecurityProNews/internetsecurityi=vGuJeK" border="0"> &lta href="http://feeds.feedburner.com/~f/SecurityProNews/internetsecuritya=Smpf4K">&ltimg src="http://feeds.feedburner.com/~f/SecurityProNews/internetsecurityi=Smpf4K" border="0">