Polish Hackers Repaired Trains the Manufacturer Artificially Bricked. Now The Train Company Is Threatening Them (www.404media.co)
from btp@kbin.social to technology@lemmy.ml on 13 Dec 2023 17:04
https://kbin.social/m/technology@lemmy.ml/t/700738

In one of the coolest and more outrageous repair stories in quite some time, three white-hat hackers helped a regional rail company in southwest Poland unbrick a train that had been artificially rendered inoperable by the train’s manufacturer after an independent maintenance company worked on it. The train’s manufacturer is now threatening to sue the hackers who were hired by the independent repair company to fix it.

After breaking trains simply because an independent repair shop had worked on them, NEWAG is now demanding that trains fixed by hackers be removed from service.

#drm #technology

threaded - newest

Blizzard@lemmy.zip on 13 Dec 2023 17:16 next collapse

“You wouldn’t pirate a train”

milicent_bystandr@lemm.ee on 14 Dec 2023 07:04 next collapse

Is this a robbery?

No! It’s a science experiment… computer science!

ours@lemmy.world on 14 Dec 2023 08:24 collapse

The robbery is what the train manufacturer did.

WolfhoundRO@lemmy.world on 14 Dec 2023 08:39 collapse

Then the hackers did a train robbery on the train robbery

Blizzard@lemmy.zip on 14 Dec 2023 09:31 collapse

Their leader, ‘Dutch’, had a good plan.

WolfhoundRO@lemmy.world on 15 Dec 2023 13:40 collapse

He also screamed at the screen “ONE! MORE! SCORE!”

Malgas@beehaw.org on 14 Dec 2023 15:51 collapse

“Train pirate” has got to be one of the steampunkiest job titles I’ve ever heard.

Blizzard@lemmy.zip on 13 Dec 2023 17:17 next collapse

I wonder if they’ll be able to overclock those trains or install some mods.

JillyB@beehaw.org on 13 Dec 2023 19:46 next collapse

I’m now imagining rgb trains. Mechanical turn styles, high refresh rate info screens, giant AIO coolers.

SomeoneSomewhere@lemmy.nz on 13 Dec 2023 21:52 collapse

Plenty of modern rolling stock already has water cooled power electronics, oil-cooled transformers, and I’m sure there’s RGB passenger information displays.

They also laugh at your little 120/140/200mm fans.

SkaveRat@discuss.tchncs.de on 14 Dec 2023 06:32 collapse

Okay, but now we need to upgrade those industrial fans to noctua

SomeoneSomewhere@lemmy.nz on 16 Dec 2023 04:36 collapse

Let me introduce you to ebm-pabst.

Sotuanduso@lemm.ee on 13 Dec 2023 22:14 next collapse

The trains run DOOM.

i_am_not_a_robot@discuss.tchncs.de on 13 Dec 2023 22:15 collapse

Maybe they can put some of these in www.youtube.com/watch?v=hmrQ-xm546o

PipedLinkBot@feddit.rocks on 13 Dec 2023 22:16 collapse

Here is an alternative Piped link(s):

https://www.piped.video/watch?v=hmrQ-xm546o

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I’m open-source; check me out at GitHub.

WashedOver@lemmy.ca on 13 Dec 2023 17:30 next collapse

I wonder if they were taking notes from John Deere and the automotive industry or will it be the reverse here soon?

Just imagine all these vehicles that could be bricked for not going back to the stealerships for outrageous prices on parts and incompetent service.

Also the vehicles that could be disabled for not paying for device protection plan that allows your vehicle to operate safely. It would be a shame if your vehicle stopped working on your way to work or the hospital.

I suspect Tesla, BMW, and John Deere are the closest to this reality.

I sure hope the government doesn’t help with another great cash for clunkers national program to get rid of more cars too old for these measures. Sure is a great way to drive new car sales though…

RustedSwitch@lemmy.world on 14 Dec 2023 10:41 collapse

Add Mercedes to that list of companies close to doing this

KingThrillgore@lemmy.ml on 13 Dec 2023 17:55 next collapse

It would be interesting to see if Alstom, Hyundai Rotem, and Stadler Rail are doing the same. They are sitting on billions in public sector contracts.

relevants@feddit.de on 14 Dec 2023 02:47 collapse

Stadler (sic)

?

davel@lemmy.ml on 13 Dec 2023 18:00 next collapse

The European Union is an antidemocratic corporate cartel.

Quacksalber@sh.itjust.works on 13 Dec 2023 18:16 next collapse

The EU is in a constant struggle for its direction. Discounting it as a lost cause only allows malicious actors free reign. On the one hand, EU regulators take on tech monopolies, like forcing Microsoft to un-bundle Windows and Edge/Bing. And european courts have repeatedly struck down legislation that would allow for indiscriminate data retention.
On the other hand, the EU politicians are currently trying to sneak through a law that would force browsers to accept state-issued root certificates, allowing them to spy on and alter any and all internet communication, basically upending the trust-based system that keeps the internet secure currently. This law is part of the eIDAS initiative.
And I’m sure that with the new, EU-driven right to repair initiative, the train manufacturer will be forced to back down soon too.

flambonkscious@sh.itjust.works on 14 Dec 2023 01:18 next collapse

Interesting, this needs some reading

Quacksalber@sh.itjust.works on 14 Dec 2023 01:30 collapse

Here is a link detailing the issues concerning root certificates in the eIDAS legislation, as it currently written and about to be voted on: www.theregister.com/2023/…/europe_eidas_browser/

flambonkscious@sh.itjust.works on 14 Dec 2023 01:46 collapse

Thanks! I stumbled across the Mozilla blog on it, too

blog.mozilla.org/…/mozilla-publishes-position-pap…

kilgore_trout@feddit.it on 14 Dec 2023 08:12 collapse

The right to repair proposal will sure have a list of exemptions, not to hurt the feelings of big commercial conglomerates.

onlinepersona@programming.dev on 13 Dec 2023 18:57 next collapse

Good thing it wasn’t the EU that made the trains 👌

Illuminostro@lemmy.world on 13 Dec 2023 19:11 next collapse

#fuckyourdividends

Diplomjodler@feddit.de on 13 Dec 2023 19:16 next collapse

Maybe you should stop huffing Orban’s farts.

davel@lemmy.ml on 13 Dec 2023 20:41 collapse

No, I huff Marxist economist and ex-Greek Minister of Finance Yanis Varoufakis’ farts.

Diplomjodler@feddit.de on 13 Dec 2023 22:24 next collapse

Ah, those are extra spicy.

WolfhoundRO@lemmy.world on 14 Dec 2023 08:41 collapse

Basically the wrong exhaust fumes.

Implying there are also the right exhaust fumes smh

PanArab@lemmy.ml on 14 Dec 2023 01:59 collapse

True, but that’s why it is somewhat functional. Otherwise it would be a mess, swinging back and forth between contradictory short term thinking.

The Arabian Gulf states are not democratic at all, and sometimes the governments go against the wishes of the people -mostly US-aligned foreign policies and social and economic liberalization-. But they sure can get shit done and massively. Kinda like China but on a smaller scale because all together the Arabian Gulf -without the foreigners- adds up to the population of one Chinese city.

hexloc@feddit.nl on 13 Dec 2023 18:33 next collapse

lmao.

onlinepersona@programming.dev on 13 Dec 2023 18:48 next collapse

The government better sue the train manufacturer and protect these hackers. The hackers saved the state millions - possibly hundreds of millions.

Diplomjodler@feddit.de on 13 Dec 2023 19:17 next collapse

Good opportunity for the new polish government to show that they’re actually sane.

duncesplayed@lemmy.one on 14 Dec 2023 01:51 next collapse

Holy shit. If I understand correctly, the trains were programmed to use their GPS sensors to detect if they were ever physically moved to an independent repair shop. If they detected that they were at an independent repair shop, they were programmed to lock themselves and give strange and nonsensical error codes. Typing in an unlock code at the engineer’s console would allow the trains to start working normally again.

If there were a corporation-sized mirror, I don’t know how NEWAG could look at itself in it.

Archpawn@lemmy.world on 14 Dec 2023 03:34 next collapse

They weren’t doing anything smartphone manufacturers haven’t been doing for years. Or those guys that make McDonalds ice cream machines.

kilgore_trout@feddit.it on 14 Dec 2023 08:10 collapse

With the difference that a government agency is operating these trains and that repairs are not cheap.

gomp@lemmy.ml on 14 Dec 2023 09:11 collapse

Governments (and the public sector in general) are treated way worse by companies than private customers who can far more easily switch to a competitor or influence others to do so

[deleted] on 14 Dec 2023 12:48 collapse

.

Moonrise2473@feddit.it on 14 Dec 2023 08:14 collapse

“The president of Newag contacted me,” Cieszyński wrote. "He claims that Newag fell victim to cybercriminals and it was not an intentional action by the company

Yes, those cybercriminals that once infiltrated in a business network, instead of stealing data or holding ransoms, hide multiple iterations in the code of a snippet that only benefits the corp. Sure, they exist

Malgas@beehaw.org on 14 Dec 2023 15:48 collapse

Also taking legal action against people who helped your customers resolve the consequences of such an attack seems perfectly normal and not at all contrary to that narrative.