Jump to content

Attention: In order to reply to messages, create topics, have access to other features of the community you must sign up for an account.


Veteran Member
  • Content Count

  • Joined

  • Last visited

  • Days Won


itmaybeokay last won the day on May 22 2018

itmaybeokay had the most liked content!

Community Reputation

959 Excellent

About itmaybeokay

  • Rank
    Attorney at Dog

Profile Information

  • Location

Recent Profile Visitors

1,257 profile views
  1. itmaybeokay

    SUBWAY - Random Thoughts Topic

    I didn't say the machines shouldn't be replaced. They should be, and they are being replaced as I noted. I just said that the age of the physical hardware is not an indication of it's security. The age of the physical machine is not an attack vector. Literally the only attack vector you reasonably have on an MVM would be if you could somehow maliciously craft a magnetic card to overflow a buffer and deploy a malicious payload. You have 97 bytes to work with. Godspeed. As for the signals, Hilariously we've taken inverse positions on the whole topic as I had a different thread. They explain it better than I would.
  2. itmaybeokay

    SUBWAY - Random Thoughts Topic

    Yes, they have upgraded the software on the machines. It's a little more than an off-the-shelf computer in there. Note the reference to FPGA on that bios screen. That means there's a custom chip involved somewhere. As it happens, they're in the process of replacing the metrocard with a whole contactless solution - whether that is good or bad remains to be seen but yeah, they're changing the whole fare collection system, let alone the MVMs. But no - just because a machine is physically old doesn't inherently make it insecure. Give me any computer ever made and I'll make it the most secure known to mankind. Just unplug it and encase it in concrete. Problem solved. Oh, you want it to work, too? MVMs aren't connected to the internet and they're about as physically restrictive to intrusion as an ATM so I think you're fine. If you're worried about the security of your credit card information, make sure there's not a skimmer over the card reader and check your statements carefully. More likely you got skimmed at a restaurant than anything else.
  3. Thanks for your whole reply but that is a very key takeaway. It looked like in the fast-forward deck that byford was going to try to attack some of that, but entrenched culture is, well, entrenched. We'll see. pics or it didn't happen. 😂
  4. Interesting. In my head I had figured that the mechanical relays and timers had on the whole aged to such a point that it had become nigh-impossible to entertain a preventative maintenance regimen on them and thus, the failures that cause delays due to "signal problems" were so prevalent. I'm curious, is there a specific element that fails most often? I had assumed that most of the time signal problems were a track circuit failing to clear or worse, flashing signals to danger and tripping trains, and I had assumed that problem to be sticky, scored or otherwise janky relays - I had wondered if engineering a drop-in replacement for a mechanical relay with solid state parts that would trigger at the same levels blah blah blah would help?
  5. ^^ I think that's the key message here. I agree SAP was questionable investment at best, and honestly that was probably simply the result of Cuomo deciding it needed to look like he was doing something immediately. I don't think the question is that of "is the work being done" it's "is the work being done actually accomplishing anything". By the MTA's own numbers, SAP doesn't seem to have improved anything - http://dashboard.mta.info/ Byford's Fast Forward looks better, and indeed would address the core issue, but who knows. If only a certain governor had spent a billion dollars on that and not "enhancing" stations.
  6. itmaybeokay

    Data Flow

    This project isn't dead! In fact the sign works fine. I have two of them in my apartment that survived a move and work for a new station now. The issue is, I'd like this to be more of a "look what you can make!" than a "look what I made" so, I'd like this to be a standalone project that can be built by anyone. Right now, the sign relies upon an external server feeding it data by looking at the subway real time feed, parsing and interpreting the data and sending information through various MQTT topics to the sign itself which listens for them. The image is the node-red flow that does this. So, it's a little complex right now, though functional.
  7. itmaybeokay

    SUBWAY - Random Thoughts Topic

    Hackaday posted a few days ago a little article on the subway signalling systems, it's a pretty cursory rundown but interesting nonetheless. revelatory part for me is the view of the parts that physically interlock in a mechanical interlocking. https://hackaday.com/2019/01/11/low-tech-high-safety-and-the-nyc-subway-system/
  8. itmaybeokay

    SUBWAY - Random Thoughts Topic

    As I understand it, the concept was that this platform would be used for unloading passengers from the express trains, with the standard island platforms used only for the locals and boarding the expresses. In some respects, that does make sense - as passengers can board and disembark at the same time without mashing into each other - but in practice, significant numbers of express passengers want to transfer to the local, and it's a substantial pain to open doors on both sides of the train (and close doors on both sides of the train). Edit: Brennan says similarly - but notes it was actually used until 1981. http://www.columbia.edu/~brennan/abandoned/59st.html It does make a very tiny bit of sense in terms of transfers, if, say, you were on an uptown 6th ave express and you wanted a downtown 8th ave express - but like - those seem like outlier trips. anyway check that link he has fun photos of when the platform was half-heartedly closed with a plastic chain, before they built that little fenced in underpass for the 1 riders.
  9. Am I the only one who doesn't think that any of these amount to palpable "Cuts"? I mean - the elevator operators for instance - like at 168 street - at present only one elevator of the four has an operator, and they're literally just pressing the buttons that a passenger would press. If something happens to the elevator, they're using the same intercom as a passenger to call someone to fix it. Outside of allaying the fears of I don't even know who, that is the most useless staffing possibly in the city. Correct me if I'm missing something. I know i'm gonna get attacked as an MTA apologist here, but I do think the headline of "subway, bus cuts" is somewhat of an exaggeration.
  10. No. It isn't. Track 2 magstripe data can't on it's own be used for online purchases, because it lacks the CVC code - which is neither stored on the magstripe nor transmitted via NFC, and is printed on the card non-embossed letters - the concept here is this code, only needed for "card not present" transactions - is not 'Skimmable'. It's an attempt to increase security to ensure that intercepted card data cannot be used to make card-not-present transactions. Read carefully. "The captured data, which is sent unencrypted, can then be used to create a normal magstripe card for use on older, offline systems." Also, that article is 2 years old - note I said "EMV can be encrypted if the card supports it". I'm not denying the existence of security holes - I'm saying many of the concerns you denounced are already - or in the process of - being addressed. Establishments which accept contactless cards, in so much as I've seen, are steadily increasing in number. I am not sure I understand the question here. Removing the card from the wallet rather than tapping the wallet doesn't seem like a huge burden. I guess there's a space in the market for a "mostly faraday" wallet that lets one card sit in the readable position and shields the rest. But in reality, most people will probably use their phones, and have the card which is on the phone also in their wallet as a backup. Heaven forfend their lithium polymer runs shy on electric potential, they can take their card out of their wallet. Seems pretty simple to me.
  11. So I know the timers were originally physical clockwork timers (not unlike old traffic light controllers that would make the distinctive "kaCHUNK" when the light cycled) - but I had imagined that these would have been replaced with solid state systems. I know I know old analog signals but - we're talking about closing a relay here. Even if I'm ultimately just using a MOSFET to translate logic level to something that will close the original relay - the timer can be done solid state. For like $200 In the same physical space that the mechanical timer took up I could have 3 discrete, redundant solid-state timer circuits with TXCO oscillators running the clocks that would be - and would always be, accurate within 10ms over the timer interval. Hell - it could radio in if it has a problem. I bet the thinking is like "why bother we'll have CBTC soon enough" but - no we won't. Having accurate solid state timers would really smooth out the transition. Edit: Alstom makes a drop-in replacement so - damn. http://docplayer.net/46175216-Microchron-ii-timer-relays.html
  12. Actually I made an error in my assessment before - NFC is basically a Subset of RFID. NFC is a set of specifications for 13.56 high frequency passive RFID meant to pass fairly high-bandwidth data over a short distance. I had assumed that NFC required an "active" tag, as it requires processing to be done on the tag, not just transmission of a number - but as it happens, NFC credit cards, while wirelessly energized by the reader, do that processing on board. Neat stuff. Incidentally, one of the the things that's happening amongst that processing on board is verification of the reader. Modern EMV credit cards actually encipher their communications and cryptographically check the reader. As I understand it: Any contactless credit card that also works in a chip reader can - even in mag emulation mode - dynamically generate cryptographically secure mag emulation data - so long as it's programmed to do so. The only way to clone an NFC credit card is to happen upon one that indeed does broadcast it's raw magstripe data when challenged by a false reader that claims not to support EMV - and even then, you're only getting a clone of the mag stripe data, and most NFC payment terminals are gonna want EMV... TL;DR - contactless payment is way more secure than I had assumed.
  13. itmaybeokay

    R179 Discussion Thread

    Indeed - fully agree, education is the long term solution. I'm not even sure protectionist trade practices are a short term solution. Even assuming they have the intended effect of bringing production onshore, until new lines spool up, Tarrifs are passed on to sticker price, the consumer price index goes up, spending goes down, as do profits, hiring, investment and the economy. Don't argue with me, just watch it happen - if it doesn't i'll be the first to admit that I was wrong. But that's really besides the point. Manufacturing jobs aren't the answer, but it's true - lose them and there's little to replace them with besides service industry unless you increase the overall education level of the population. Add a 13th grade where kids spend the year becoming proficient in Python (or whatever) and watch over decades as the workforce changes and everything is good even as we wave bye bye to the assembly lines. Maybe that scenario is all kinds of impractical - but the answer, the long term sustainable answer is education, and that's what steers my votes - not low-skill dead-end manufacturing jobs.
  14. itmaybeokay

    MTA to begin retiring MetroCards in May 2019

    Actually, "metrocard gold" was when they switched the color scheme and started allowing on-card bus-subway transfers. The original metrocards were gold text on blue field.
  15. itmaybeokay

    NYC Moves to Restrict Parking For Residents Only

    I'm not defending the practice, but it's not uncommon for residents with property in other states or relatives in other states to register and insure their cars in states with cheaper rates.


Important Information

By using this site, you agree to our Terms of Use.