Polish Train Maker Is Suing the Hackers Who Exposed Its Anti-Repair Tricks
Polish Train Maker Is Suing the Hackers Who Exposed Its Anti-Repair Tricks
www.ifixit.com
Polish Train Maker Is Suing the Hackers Who Exposed Its Anti-Repair Tricks
48 comments
-
-
For what? Being decent human beings?
-
Yeah apparently that's a crime nowadays.
-
-
They should be being sued for doing anti repair tricks.
The guys exposing the anti repair tricks are the heroes here.
-
Don't you love the anti-circumvention clause?
-
I couldn't tell better. "The sheep are made to be sheared". Each day, critical thinking fades a little more, leading people into a spiral of submission that has never been as swift and humiliating.
-
Hopefully Newag (the manufacturer) loses this case. This is malicious design on Newag's part.
-
Malicious design is putting it mildly. This is fraud with a bit of blackmail sprinkled in. They bricked perfectly functioning trains that their customers already had paid for, because another workshop was chosen for servicing them after the warranty period of the train ended. Then they charged over 20k € to unlock trains they deliberately locked before. The unlocking itself took them 10 minutes.
In a just world the Newag CEOs would go to jail for this, but sadly we all know this won't happen.
-
fraud
Sabotage. Property made unusable. Passengers were literally stranded in the middle of a journey.
-
This and many other things is why I always thought that even from the viewpoint of "common good" reverse engineering, copying and disassembly and whatever else of everything digitally stored should be absolutely immune to the law. Otherwise it's illegal to know if the other side is breaking the law to sue it.
-
-
-
Every potential buyer of trains should ban this company from new sales.
-
Yeah. I’m not buying another train from them ever again
-
Same. My personal Home <-> Work line will never see a Newag train.
-
Same here. Fucking train makers.
-
Good for you! I'm going to boycott them, too.
-
-
I was just thinking this. I imagine that there is only a few hundred train operators in the world, so they can all be reached easily, and would pay attention to the Polish rail operator.
Simply explain the whole ordeal and bullshittery, and let them know what will happen to them.
It's unlikely that Newag would get another sale. They are fucking with mainly state operator, who have a LOT of time and resources.
If I were the Polish operator, I would have found a new hobby.
-
Operator in my country luckily ordered a bunch of Škodas to complement and replace the old Stadlers, so I don't think we're gonna be using Newag any time soon.
-
-
-
I keep a small list titled "illegal heroes", and these hackers are on that list. It's bullshit that they're being hounded like this.
-
They are not illegal heroes, they are pentesters and were paid by train company SPS who were using these trains.
https://media.ccc.de/v/37c3-12142-breaking_drm_in_polish_trains
They had a talk at CCC 2 years ago, and last one too I think. It's pretty funny.
-
-
Newag executives should be in jail for fraud
-
When corporation does crime and has the balls to sue the victims
EU companies are learning well from the US!
-
Newag [train maker] claims that the Dragon Sector [whitehat hacker] team endangered passengers’ safety by modifying the software without proper experience. But Newag then turns right around and claims that Dragon Sector did not modify the software at all. They point out that EU law only allows reverse engineering of software in order to fix bugs. And if Dragon Sector did not actually modify the software, it cannot have fixed any bugs, in which case their reverse-engineering must be illegal.
-
So if they just say they were gonna get to the bug fixing part but haven't yet they're in the clear. Boom, another decisive victory for the Dragon Sector.
-
Train company response: it's a feature, not a bug, so you're still guilty
-
-
Do they... not know what reverse engineering means?
-
It's worse. They are saying that the EU copyright law, as written, only allows decompiling/reverse engineering to "fix bugs". A bug fix would involve a software patch of some sorts. But the security researchers did not have time to write a patch yet, what they did is tell the customer "Yep, it's fucked. Your vendor put in a killswitch to make the trains brick themselves." So that does tell them where the problem is, but it is not a bona fide bug fix from the Bugfix region of France, and therefore illegal.
-
-
-
I am looking forward to their next update:
-
Capitalism is a scourge.
-
You are literally looking at a company trying to prevent competition by doing crime, being caught and trying to use law against those who caught it.
Capitalism is that thing where competition is considered a virtue in the first place.
-
Quote of this century.
-
-
After a bit of digging it looks like Newag has had a steady supply of government contracts:
25.01.2023 - 10,7 billion PLN (2,5bn EUR) for EMUs
24.07.2024 - Newag CEO mentions current contracts with PKP Intercity total 9bn PLN (2bn EUR)
21.11.2024 - 7,7bn PLN (1,8bn EUR) for hybrid MUs
23.06.2025 - most recent one I could find, 270 million PLN, EMUs for a local railway
Stock is up 260% since June 2022
In Poland we don't negotiate with corporate terrorists, we throw money at them. 🙃
-
@Pro #capitalism at its #worst (AGAIN)
2022, members of #DragonSector were called by a train repair shop Serwis Pojazdów Szynowych (#SPS) work out why #trains refusing to run. Digging into the code revealed a #software trap that would disable trains if they were anywhere near a #repair facility that wasn’t run by the manufacturer, Newag. But Newag used a pretty inaccurate way to determine when the trains were in a rival repair shop, which led to some unexpected consequences. #right2repair
-
This is devious.
-
-
Where legal fund
-
CCC was collecting some money for them last year, not sure if this is still active https://www.ccc.de/en/updates/2024/das-ist-vollig-entgleist
Edit: looks like they were past the goal they had then but if this goes on maybe 30k € won't be enough, hopefully someone sets something new up
-
48 comments
I will sue you because you broke my ransomware.
It's the general modus of today, exposing corruption is illegal and extremism, fixing intentional sabotage is illegal and against IP law, catching pedophiles is illegal and a stalking attack on respected people like Sourgay Brin and Mark Suckerberg. Bypassing censorship is illegal and making tools for criminals. Bypassing propaganda is illegal and inciting to violence. Laughing at unsubstantiated demands is illegal and a challenge to elected or other authority.
It's slowly drifting to the point where "illegal" is trying to make sense in what's allowed and what's not, and "legal" is having approval from power.
A mafia world.
Don't forget that saying rich people should obey the law is also illegal.
Keep in mind that legal/illegal can (and often is) be different from ethical/unethical. In a perfect world, laws protect everyone equally from unethical behavior. But nowadays, law is more and more misused to protect the upper class and oppress the lower class. Not saying it wasn't so before already, but it's leaning that way a lot stronger in recent times again.