Yesterday while sipping my morning coffee I found an interesting post “Activists release code to generate free public transportation tickets”. It links to a Tor onion service where the “Public Transport Pirate Association of the United Kingdom” claims to have reverse engineered transportation ticketing software of most major UK cities. The link was later removed, but was possible to recover using Snew.

The Pirate Association is “focus[ing] on the Greater Manchester area”, by reproducing the style of mobile tickets used in apps of major transport providers there. The apps were built by ticketing company Corethree which has a market share of 70% of the UK bus sector. I decided to read through the code, learn how the tickets are generated and authorised, and try to understand the motivations behind this shadowy activist organisation.

The files

The activists provide for download an archive, buspiraten_v1.0.zip, and its corresponding GPG signature. A GPG public key is displayed further down the page, along with a Bitcoin address which has received no donations so far.

The GPG signature doesn’t mean much at this point because the public key and downloads are all being served from the same untrusted page. However, if the activists release more in future, signatures can prove that later releases originated from the same source.

The main contents are two relatively modern and well-written JavaScript projects, which produce valid tickets for Transport for Greater Manchester and First Bus. The code is almost identical for both, with mostly cosmetic differences.

Code demo

Yes, ‘WEED’ really is the word of the day

Code review

We first look at the library function which creates the large word and colourful animated background. A number which changes each 24 hours is appended to a hardcoded seed string. From this is derived one of 4 background colours and one of 256 four-letter words, which happens to be “orange-green” and “weed” today. This means that each day, every passenger’s ticket will display the same one of 1024 different combinations, facilitating visual verification by bus drivers and ticket inspectors.

The barcode, meanwhile, is formed of a bunch of different fields concatenated with some padding in between. The first field is a base64 string including name of the passenger and type of ticket, along with some binary data. Next is the timestamp the ticket was created (to second precision), and the timestamp that it will expire. The fields are signed using an included RSA key and this signature is appended. The barcode is then generated from all this data.

The activists say they pulled the private key straight out of the First Bus app, hinting that there was some form of obfuscation but it was easy to reverse. Note that it’s a tiny 512-bit key, so signature verification should be fast even on low-grade ticket reader hardware. However 512 bits of security in RSA is extremely insecure; even if you weren’t able to get the private key from the client app, you could easily factorise it out of the public key which is presumably stored in every ticket reader. These days a 512-bit RSA key takes around £50 to crack, less than a train ticket from London to Manchester.

That’s pretty much the core of the apps. The rest is all frontend code, fonts and images to make them look as close to the real thing as possible.

Motivation

The Public Transport Pirate Association endorses two websites, Free Public Transport, a Manchester-based campaign, and Planka.nu, a Swedish group which encourages people to fare-dodge and covers their fines if they get caught. Most of the campaign’s goals are reasonable enough, such as “defend and extend the availability and reliability of public transport”. The bigger and more controversial goal is that public transport should be free for all.

Wikipedia has a fairly positive article on free public transport. Apparently Luxembourg is already committed to make all public transport free in March 2020. The main benefits are less pollution, better mobility for people on lower incomes, and faster boarding times.

On the other hand, it appears that there were mixed results when it was actually tried in the US, with an increase in driver complaints and staff turnover. Furthermore, how would free public transport be funded? The Wikipedia article on farebox recovery ratio is insightful, showing that most metro systems’ operating expenses are fully covered by their fares, so to make the London Underground free for instance, taxes would have to be raised to cover the ~£4bn costs.

Closing thoughts

While this release is giving exposure to the cause of free public transport, surely very few people have both the skills and the nerve to try using the tickets in real life. For me the main takeaway is how much companies like Corethree cut corners, which shouldn’t be surprising—and yet it is because doing tickets right is literally their business. I wonder if they will invest a little more in their security after this.