The important distinction isn't really the frequency. It's that the card has an actual circuit that performs some crypto handshake with the reader. It's not just static information encoded that anyone can just read and duplicate.
Clipper cards use NFC, and there's at least some encryption protecting them - I don't believe they can be copied and spoofed the way common RFID tags can.
BART doesn't have that type of ticket. You tag your Clipper card (or insert your BART ticket, if you're not a frequent rider) upon entering a station, and again when exiting at your destination.
It's been a few years since I've used it, and that was only a couple of times between going between a couple of stations, but that's not how I remember it. Some stations had ticket scanners at the entrance to the platform but some didn't.
I remember the Palo Alto station very clearly because I got on once thinking I had grabbed my ticket from the vending machine when I had actually grabbed the previous person's receipt because I was in a hurry. I got on the train and once I realized I was worried about the fare inspectors coming on and catching me, so that station definitely does not require a ticket to get on the platform. Maybe that's just classism with respect to Palo Alto?
One final note before I dive in: this algorithm is essentially large scale ticket swapping, which is obviously illegal and unethical. I don’t believe that it would be ethical to use this in the real world... and since Clipper cards are not cloneable, this work can’t be used to facilitate this large-scale theft.
Unfortunately I don't know enough about the hardware or encryption used in the Clipper Card to say whether that sort of attack is feasible. It's interesting but ultimately I'm not looking to execute this sort of attack!
When you are some kid in their parents basement and figure out ways to scam money from public transit you are rebelling as a natural part of childhood.
When you are a well skilled and very well payed employee of a high profile tech company you are essentially having fun at the expense of the public servants who work(for a lot less money) to provide essential services to the public.
Maybe those reading this can take this as a lesson in tone and tact.
> you are essentially having fun at the expense of the public servants
The author never actually went out and fraudulently saved money by implementing his idea, so I fail to see how his actions are "at the expense of the public servants". To quote him,
> One final note before I dive in: this algorithm is essentially large scale ticket swapping, which is obviously illegal and unethical. I don’t believe that it would be ethical to use this in the real world. I value safe and smooth travel more than I value the 20-40% of my fare I could save by stealing from
> The author never actually went out and fraudulently saved money by implementing his idea
nope, it's just a big mental wank designed to show the world that the author is medium clever and knows how to write down an ILP problem, make pretty graphs, and something about NFC.
I am of the view that anyone who finds an exploit should (generally) do what they feel would have the best result. This would incentivize organisations to create payouts (prizes) for non-public exploits, and it would allow concerned citizens to force a change from generally unmovable bureaucracies.
This is just the latest justification among security people to not having acknowledge their own incompetency in things like risk management. Since when was "doing what you feel" considered a reasoned solution? Many times these things aren't even weaknesses as such, just loose tolerances in the system and exposing them under great fanfare just making the system less flexible. Which is pretty ironic if you think about it.
This is a silly objection. If you can clone clipper cards, you don't need special software to cheat the system. The software here is just an academic exercise in optimization algorithms.
The technical component of the post is really interesting and indeed it's a more general problem, but I had a similar reaction to the framing: spending time figuring out how to reduce revenue on public transportation isn't the right problem. That same time 'hacking' could have been spent thinking how to genuinely improve a public service.
It is a fun "what if" problem you might think about if you spend a lot of time on public transit and realize that the system is less than ideal. Of course, no systems are fraud proof, as doing so would usually require more resources than could be justified.
Thinking about the system at all is also a nice way of getting started with thinking about how to solve its real problems. Creative juice priming. This is why persecution of thought crimes isn't the right approach either.
Personally this is my least favorite artifact from hacker culture. Not necessarily thinking about these things, but the embellishing of it. There used to be a time where information was scares so it was hard to learn thing, today that isn't the case so one should pivot form reverse engineering the system to improving it fairly quickly. Instead people spend a lot of time formalizing how "smart" their hack was. The greater damage is of course that when a lot of people is ready to point out and celebrate inconsistencies it's hard to foster a culture of proposing improvements.
How many corporates have you seen not do something like this in some capacity but at a larger scale?
Something or the other was exploited (like natural resources, human resources) as money certainly didn't print itself.
Public transport is built at a great cost to income tax payer's money and subsequent subsidy to ensure the tax payers could afford it and prefer it. Usually, the only ones making money are the builders and manufacturers who were contracted to construct it, and other corporates and vested interests that are probably the 1%
As the author said, Clipper Cards aren't cloneable, so this is impractical because it would require physically swapping BART tickets. It's just a theoretical mental exercise, not some kind of anti-government rebellion. And given the number of people I see each day simply jumping over the fare gates (very common in stations where there's no station agent booth next to all of the gates, and not uncommon even in stations where the agent is right there) this hack is hardly the biggest threat to BART revenue.
It's already pretty shitty. Have you tried traveling from downtown SF through the Mission stops? The tunnel is incredibly loud with screeching/scraping noises, and it's been that way a long time, apparently a product of how the rail is designed.
In the original manual formulation, I don't understand how the paths of these two travelers cross in Oakland. It looks like they'd only be able to take their quite short section. Unless they both stayed on their trains past the points where they where supposed to exit, but I don't see how you can do that if they scan your ticket when exiting the train.
This will probably attract downvotes, but I'd call it an algorithm for collective, mass fraud.
One might find it surprising, but I've seen people do this several years back. The only difference being that it was on a much smaller scale, with only a handful of friends involved.
Was trying to think of a real world problem that this could solve. Basically you want multiple entities to peform tasks for each other (tagging) at multiple destinations at a minimal cost.
One possibility is the taxi/uber/lyft hailing problem. Instead of stations, you have rider and car locations. Time and distance is the ticket cost.
Of course the discount would only apply only as long as BART doesn't realize people were doing it, at which point they would likely just increase all fares to a flat rate (like Muni) of "a little more than $7" :-P
Although I don't know if there is a time limit, it is possible to exit the same station as you enter for no fee with the standard BART card. e.g. in case you realize you've forgotten something in your car after you pass the turnstiles. Therefore it should be possible to save 100% of fares for people leaving/arriving at opposite stations, respectively.
System-wide savings would then be proportional to directionality on a station by station basis - optimizing by zeroing out trips by longest first.
Dunno if this works with the clipper cards though, so everyone might need a magnetic card writer and blanks...
If you enter/exit via the same station, BART charges $5.75 (Search for 'excursion' at https://www.bart.gov/guide/faq) unless you talk with a Station Agent.
I've never understood why they charge this fee when it would be possible to get a lower fare by going a station further, exiting, and entering again but I haven't had a problem if I talk with the Station Agent.
Presumably they charge the fee because it would be inconvenient and time-consuming for at least some to take a train a stop, exit, re-enter and take the train back for a few bucks.
Another Bart hack; If you fly in to SFO and don't mind walking a few blocks to the San Bruno Bart station you can save about $4.60 each way. For some reason the SFO stop costs a lot extra. The easiest way is to continue on the sky tram to the rental car place. When you get off its a quick half a mile walk over San Bruno ave to Huntington.
If you ask Google maps for walking directions from the rental car station to Bart, it says it's 1.9 miles and 39 minutes. Presumably there are significant shortcuts one can make?
Reminds me of a time in Hong Kong when I accompanied a friend buy or trade used games at the train station. We were outside of the paid area and the other guy was inside the paid area of the concourse. It seems to be common practice there.
Yep, happens all the time in HK. [1] The MTR (metro system) charges based on the station where you enter and the station where you exit. The ticket is valid for 150 minutes after you enter, which is plenty of time to take a train to a distant station and come back again. As long as you don't actually leave the distant station, the fare system has no idea where you went. :)
53 comments
[ 2.8 ms ] story [ 84.1 ms ] threadhttps://en.wikipedia.org/wiki/Clipper_card#Technology
https://en.wikipedia.org/wiki/Clipper_card#Technology
I remember the Palo Alto station very clearly because I got on once thinking I had grabbed my ticket from the vending machine when I had actually grabbed the previous person's receipt because I was in a hurry. I got on the train and once I realized I was worried about the fare inspectors coming on and catching me, so that station definitely does not require a ticket to get on the platform. Maybe that's just classism with respect to Palo Alto?
Edit: never mind, it was Caltrain not BART.
Caltrain is POP.
Could probably do this with a group of cooperating people if you really wanted to trade time for a little bit of money.
When you are a well skilled and very well payed employee of a high profile tech company you are essentially having fun at the expense of the public servants who work(for a lot less money) to provide essential services to the public.
Maybe those reading this can take this as a lesson in tone and tact.
The author never actually went out and fraudulently saved money by implementing his idea, so I fail to see how his actions are "at the expense of the public servants". To quote him,
> One final note before I dive in: this algorithm is essentially large scale ticket swapping, which is obviously illegal and unethical. I don’t believe that it would be ethical to use this in the real world. I value safe and smooth travel more than I value the 20-40% of my fare I could save by stealing from
nope, it's just a big mental wank designed to show the world that the author is medium clever and knows how to write down an ILP problem, make pretty graphs, and something about NFC.
I'm not sure which I find less appealing, really.
Thinking about the system at all is also a nice way of getting started with thinking about how to solve its real problems. Creative juice priming. This is why persecution of thought crimes isn't the right approach either.
Something or the other was exploited (like natural resources, human resources) as money certainly didn't print itself.
Public transport is built at a great cost to income tax payer's money and subsequent subsidy to ensure the tax payers could afford it and prefer it. Usually, the only ones making money are the builders and manufacturers who were contracted to construct it, and other corporates and vested interests that are probably the 1%
On the BART system you scan your tickets while entering/exiting the station, not the train
One might find it surprising, but I've seen people do this several years back. The only difference being that it was on a much smaller scale, with only a handful of friends involved.
One possibility is the taxi/uber/lyft hailing problem. Instead of stations, you have rider and car locations. Time and distance is the ticket cost.
System-wide savings would then be proportional to directionality on a station by station basis - optimizing by zeroing out trips by longest first.
Dunno if this works with the clipper cards though, so everyone might need a magnetic card writer and blanks...
I've never understood why they charge this fee when it would be possible to get a lower fare by going a station further, exiting, and entering again but I haven't had a problem if I talk with the Station Agent.
[1] http://www.urbanphoto.net/blog/2010/12/06/online-shopping-in...