I noticed the same phenomena occurring a number of times and then realized that people were using timing attacks to get free rides on the train.
The attack works as follows:
- The train arrives at the station
- The attacker boards the train and immediately enters the nearest railroad car bathroom
- The train leaves the station
- The conductor walks from car to car taking the tickets of the just boarded passengers
- The attacker waits until the conductor passes bathroom and begins to collects tickets in the adjoining car
- The attacker exists the bathroom and walks into the adjoining car in the opposite direction from the path of the conductor
This attack is normally good for only one or two stops because each time the train leaves a station, the conductor usually walks though their assigned cars taking the tickets of the new passengers.
Doing a cost/benefit analysis, certain solutions should immediately be ruled out since an extremely high percentage of people purchase tickets and do not hide in the bathroom:
- hire a conductor for every car or
- restructure each platform to prevent passengers from boarding the train platform without having already purchased a ticket
A much simpler way to help partially mitigate this issue without much cost overhead would be:
Have each conductor sweep their cars a second time after they are finished punching the tickets.
On the second round, if the conductor notices the bathroom light is still on, continue sweeping the remaining cars and then return to the car with the bathroom. The conductor waits in the car with the bathroom until the upcoming stop. When the person leaves the bathroom, check the ticket (for a legitimate fare), have the person purchase a new ticket (if they were trying to skip) or have them arrested if they are skipping the fare and refuse to purchase a ticket. If they notice the bathroom is empty upon their return, finish sweeping the cars a third time.
The major drawback to this issue is time between stations. It may take longer to sweep than travel from one station to another. In this case, we reduce the number of sweeps to that which makes sense and then accept the residual risk.