Post AcXeFcW2YI9XTgSJBg by PurpCat@clubcyberia.co
(DIR) More posts by PurpCat@clubcyberia.co
(DIR) Post #AcVBzJyMXdNuIjDsxs by q3k@social.hackerspace.pl
2023-12-05T13:58:25Z
36 likes, 58 repeats
I can finally reveal some research I've been involved with over the past year or so.We (@redford, @mrtick and I) have reverse engineered the PLC code of NEWAG Impuls EMUs. These trains were locking up for arbitrary reasons after being serviced at third-party workshops. The manufacturer argued that this was because of malpractice by these workshops, and that they should be serviced by them instead of third parties.1/4
(DIR) Post #AcVBzMc8iiOIUfqgF6 by q3k@social.hackerspace.pl
2023-12-05T13:59:13Z
17 likes, 14 repeats
We found that the PLC code actually contained logic that would lock up the train with bogus error codes after some date, or if the train wasn't running for a given time. One version of the controller actually contained GPS coordinates to contain the behaviour to third party workshops.It was also possible to unlock the trains by pressing a key combination in the cabin controls. None of this was documented.2/4
(DIR) Post #AcVBzOrSMjpbSl1wOW by q3k@social.hackerspace.pl
2023-12-05T14:00:09Z
12 likes, 6 repeats
The key unlock was deleted in newer PLC software versions, but the lock logic remained.After a certain update by NEWAG, the cabin controls would also display scary messages about copyright violations if the HMI detected a subset of conditions that should've engaged the lock but the train was still operational.The trains also had a GSM telemetry unit that was broadcasting lock conditions, and in some cases appeared to be able to lock the train remotely.3/4
(DIR) Post #AcVBzQv4iFujqYjrJQ by q3k@social.hackerspace.pl
2023-12-05T14:01:04Z
10 likes, 8 repeats
@redford and @mrtick held an unrecorded talk a bout this at OhMyHack in Warsaw - I unfortunately couldn't make it because of Munich snow.For now this is making the rounds in Polish-speaking sources, but we do have a talk scheduled about this at 37C3, in which we plan to do a deep dive into this and actually publish our findings.@zaufanatrzeciastrona 's article about this: https://zaufanatrzeciastrona.pl/post/o-trzech-takich-co-zhakowali-prawdziwy-pociag-a-nawet-30-pociagow/
(DIR) Post #AcVH6Zfh4U1MmvlikK by mansr@society.oftrolls.com
2023-12-05T15:30:17Z
0 likes, 0 repeats
@q3k Might interest @brucknerite
(DIR) Post #AcVHXyDPvRv0jEbd3I by paco@infosec.exchange
2023-12-05T14:16:32Z
1 likes, 0 repeats
@q3k @redford @mrtick This is straight up amazing. Bad-ass work. Congrats on being allowed to talk about it.
(DIR) Post #AcVHYa0zO6YXxh5ExM by pancake@mastodont.cat
2023-12-05T14:39:35Z
1 likes, 0 repeats
@q3k the XD train
(DIR) Post #AcVHYrNwo01PpoxJbM by ebassi@mastodon.social
2023-12-05T15:26:11Z
8 likes, 4 repeats
@q3k @redford @mrtick I bet the managers and engineers were all proud of this stuff
(DIR) Post #AcVHZuLjGnrxJlPxfU by brucknerite@social.brucknerite.net
2023-12-05T15:35:34Z
0 likes, 0 repeats
@mansr @q3k WOW. Just wow. This is, as Cory Doctorow @pluralistic would put it, the enshittification of trains. These are John Deere-level shenanigans.
(DIR) Post #AcVJYhAH0NDW2pboGG by polarisera@spinster.xyz
2023-12-05T15:57:49.748778Z
0 likes, 0 repeats
@q3k @zaufanatrzeciastrona Cory Doctrow needs to see this!! @pluralistic
(DIR) Post #AcVKIJXRBC5u5cCEzY by ghast@liberdon.com
2023-12-05T16:06:04Z
0 likes, 0 repeats
@ebassi @q3k @redford @mrtick Reminds me a bit of https://www.autoblog.com/2006/08/08/robotic-parking-garage-shuts-down-traps-hundreds-of-cars/
(DIR) Post #AcVMn1Kf7RH2VfzTma by woju@social.hackerspace.pl
2023-12-05T16:03:54Z
4 likes, 3 repeats
@q3k
(DIR) Post #AcVU9LwTs68WTrHAe0 by kirby@lab.nyanide.com
2023-12-05T17:56:16.883223Z
1 likes, 0 repeats
@q3k This is a WGood job!!!!
(DIR) Post #AcVW5nuw7QFvzfzO3U by kkarhan@mstdn.social
2023-12-05T15:26:22Z
0 likes, 0 repeats
@smcl @q3k @BNetzA @EU_Commission That's kinda sad and IMHO a big failure of said regulator.Imagine if car manufacturers were to leverage the same tech to prevent "unauthorized" / 3rd party repair...I'm pretty shure once politicians have their car refuse to start after a tire change at home they'll instantly start acting...
(DIR) Post #AcVW5oqieaTcst1X7Y by jlcrawf@social.librem.one
2023-12-05T18:18:15Z
0 likes, 0 repeats
@kkarhan @smcl @q3k @BNetzA @EU_Commission haha, politicians changing there own tires at home...
(DIR) Post #AcVdKj1hHiXsqcDIHY by goedelchen@mastodontech.de
2023-12-05T19:39:22Z
0 likes, 0 repeats
@jlcrawf @kkarhan @smcl @q3k @BNetzA @EU_Commission Politicians having their tires changed at home, because they can't be bothered to bring their car to a garage and wait.
(DIR) Post #AcVsLOp3O1wzmw4xcW by kkarhan@mstdn.social
2023-12-05T14:30:05Z
1 likes, 0 repeats
@raulinbonn @q3k @BNetzA @EU_Commission I hope so, because they should not get away with 'we did it to enshure train safety and compliance' excuses.This is just flat-out criminal behaviour!Imagine if MAN were to disable trucks if they did get serviced by fire departments or logistics firms onsite instead of driven to a service center...
(DIR) Post #AcVsaUVaWoXDlcAdEG by AlgorithmWolf@ioc.exchange
2023-12-05T14:16:08Z
2 likes, 0 repeats
@q3k @redford @mrtick @zaufanatrzeciastrona is anyone getting sued at least?Because this is ridiculously anticompetitive behaviour.
(DIR) Post #AcVsaVSmyhtEjDruVM by Moon@shitposter.club
2023-12-05T22:30:17.408213Z
6 likes, 2 repeats
@AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona it looks worse to me, it looks like they deliberately sabotaged the operation of public transportation vehicles. I hope it gets elevated to a criminal offense, this is worse than if a passenger got in a train and disabled it, which they would definitely go to jail for.
(DIR) Post #AcVsz8Q5n438V3Lono by adiz@soc0.outrnat.nl
2023-12-05T22:34:44.086Z
0 likes, 1 repeats
@q3k@social.hackerspace.pl Oh my god, companies doing fucked up evil shit for profit and lying about it? No way!
(DIR) Post #AcVt6cCfSF0mtmdeIS by adiz@soc0.outrnat.nl
2023-12-05T22:36:05.965Z
1 likes, 0 repeats
@Moon@shitposter.club Absolutely. Executives and employees overseeing this should face criminal prosecution. @AlgorithmWolf@ioc.exchange @q3k@social.hackerspace.pl @redford@infosec.exchange @mrtick@infosec.exchange @zaufanatrzeciastrona@infosec.exchange
(DIR) Post #AcVtePGK4jkQbnSeLw by Cocoa@nekosat.work
2023-12-05T22:42:14.546024Z
1 likes, 1 repeats
@adiz @q3k just another day at [INSERT MEGACORP HERE]
(DIR) Post #AcVv5P7EpPBDvXeJHc by L29Ah@qoto.org
2023-12-05T22:58:18Z
0 likes, 0 repeats
@q3k Please don't split up your posts.@mrtick @redford
(DIR) Post #AcWsgZhSKlMUlOaAmu by martijn@hachyderm.io
2023-12-05T14:04:26Z
0 likes, 0 repeats
@q3k @redford @mrtick That's some awesome stuff. This kind of behaviour from manufacturers should be illegal - if it isn't already!
(DIR) Post #AcWsgaXZD12tN0xn0q by manawyrm@chaos.social
2023-12-05T14:09:19Z
0 likes, 0 repeats
@martijn @q3k @redford @mrtick I fail to see how this isn't terrorism! Interfering with a states critical infrastructure (like train operations) on purpose? What's the difference between doing this and sabotaging equipment/cutting cables (like has been done in germany recently)?
(DIR) Post #AcWsgbeh40LApPIzlA by manawyrm@chaos.social
2023-12-05T14:14:00Z
0 likes, 0 repeats
@martijn @q3k @redford @mrtick Germany has a law against this, which is pretty clear: https://www.gesetze-im-internet.de/stgb/__88.html Section 88 - Anti-constitutional sabotage(1) Whoever, [...] intentionally causes, [...], enterprises or facilities which provide public postal services or public transportation services, [...] to cease to function [...] incurs a penalty of imprisonment for a term not exceeding five years or a fine.(2) The attempt is punishable.Is there something similar in PL?
(DIR) Post #AcWsgcYLj4rNc1LRVg by seachdamh@101010.pl
2023-12-06T10:06:05Z
0 likes, 0 repeats
@manawyrm @martijn @q3k @redford @mrtick Poland also has it illegal by law:"Art. 254a. Zamach na urządzenia infrastrukturyDz.U.2022.0.1138 t.j. - Ustawa z dnia 6 czerwca 1997 r. - Kodeks karnyKto zabiera, niszczy, uszkadza lub czyni niezdatnym do użytku element wchodzący w skład sieci wodociągowej, kanalizacyjnej, ciepłowniczej, elektroenergetycznej, gazowej, telekomunikacyjnej albo linii kolejowej, tramwajowej, trolejbusowej lub linii metra, powodując przez to zakłócenie działania całości lub części sieci albo linii,podlega karze pozbawienia wolności od 6 miesięcy do lat 8. "I belive it is directly against this law.
(DIR) Post #AcXHbxoPktvix6jdx2 by jomo@mstdn.io
2023-12-05T14:27:28Z
1 likes, 0 repeats
@q3k @redford @mrtick @zaufanatrzeciastrona nice research, really looking forward to this!
(DIR) Post #AcXHcGqB0Zd3y4hops by Dreit@floofy.tech
2023-12-06T14:06:00Z
1 likes, 0 repeats
@jomo @q3k @redford @mrtick @zaufanatrzeciastrona If not, I hope EU will focus on it during this decade
(DIR) Post #AcXeFVuF7uLyyij2RM by dukp@nerdculture.de
2023-12-05T18:15:38Z
1 likes, 1 repeats
@AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona unfortunately, it is usually the security expert detecting the issue, or the whistleblowers who get sued…
(DIR) Post #AcXeFX0J2qnWNoZOWu by AlgorithmWolf@ioc.exchange
2023-12-05T18:16:29Z
0 likes, 0 repeats
@dukp @q3k @redford @mrtick @zaufanatrzeciastrona true indeed...Hopefully the EU cripples this manufacturer somehow.
(DIR) Post #AcXeFY6MxnF3muPkcS by UlrikNyman@mastodon.social
2023-12-06T08:05:18Z
0 likes, 0 repeats
@AlgorithmWolf @dukp @q3k @redford @mrtick @zaufanatrzeciastrona Yes, the manufacturer should be excluded from EU contracts for the next 10 years.
(DIR) Post #AcXeFZ7p9s02xi6QWe by tom_andraszek@mastodon.social
2023-12-06T10:23:33Z
0 likes, 0 repeats
@UlrikNyman @AlgorithmWolf @dukp @q3k @redford @mrtick @zaufanatrzeciastrona - was Volkswagen crippled or excluded from the EU contracts after they cheated on pollution tests?
(DIR) Post #AcXeFaFIzXZuRCbupE by AlgorithmWolf@ioc.exchange
2023-12-06T15:03:47Z
0 likes, 0 repeats
@tom_andraszek @UlrikNyman @dukp @q3k @redford @mrtick @zaufanatrzeciastrona Yes, actually https://www.nbcnews.com/business/autos/judge-approves-largest-fine-u-s-history-volkswagen-n749406The US also fined them. In addition to this fine, they were forced to recall vehicles and fix them for free, which generates additional obvious costs while simultaneously undoing all the damage. Maybe this manufacturer should be fined and forced to physically service every train unit for free to disable their DRM permanently. That would prevent them from having silly ideas in the future.
(DIR) Post #AcXeFb2E3ei4svUz4q by tom_andraszek@mastodon.social
2023-12-06T18:44:41Z
0 likes, 0 repeats
@AlgorithmWolf - the US fined Volkswagen, the EU did not "cripple" Volkswagen or exclude them from contracts, as far as I know.Whoever did this at Newag needs to be charged and servicing companies and customers need to be compensated for the loss of revenue.I wonder if making programmers go through certification/registration process like engineers would limit unethical behaviour. If a programmer was personally responsible for the damage their code does, through negligence or international.
(DIR) Post #AcXeFboRAPH5IS3UDw by AlgorithmWolf@ioc.exchange
2023-12-06T18:51:30Z
0 likes, 0 repeats
@tom_andraszek https://www.ft.com/content/0c594b02-6f91-4b9d-bab7-11992f116316Yes it did.Do you not really think being forced to recall (and fix for free) potentially hundreds of thousands of cars is a punishment?VW made zero money from it, and all their customers now have a less powerful engine.
(DIR) Post #AcXeFcW2YI9XTgSJBg by PurpCat@clubcyberia.co
2023-12-06T18:58:53.811321Z
1 likes, 0 repeats
@AlgorithmWolf @tom_andraszek >less powerfulSlightly less power/mpg is nothing compared to the pages of "my dpf failed and the dealer wants $1,000 to replace it and also its on backorder" complaints on forums. Which was a problem before the scandal even then because vw was trying to use a def free system, which is nowhere near as robust and is notorious for failures compared to the def systems competitors used. The fix really stressed it harder.
(DIR) Post #AcXeiMAiOhvbBaBRLs by PurpCat@clubcyberia.co
2023-12-06T19:04:08.466615Z
0 likes, 0 repeats
@AlgorithmWolf @dukp @q3k @redford @mrtick @zaufanatrzeciastrona they're going to lose so many contract bids from this (this happened to transit companies who delivered substandard busses).https://www.nytimes.com/1984/02/08/nyregion/all-grumman-buses-to-be-put-off-streets-in-city-permanently.html
(DIR) Post #AcXnWcIXVvxZJSJubY by wilmhit@awawa.cat
2023-12-05T17:37:57.105955Z
1 likes, 0 repeats
Polish train manufacturer NEWAG used geolocation to break train controllers if they are repaired in certain locations. Some trains would also break on "time" condition. 13 trains were malfunctioning because of this.
(DIR) Post #AcYAmBQJUzQZXeLdrM by Heil_Honkler@poa.st
2023-12-07T01:03:33.590802Z
0 likes, 0 repeats
@AlgorithmWolf @q3k @redford @mrtick @zaufanatrzeciastrona its john deer levels of bullshit, only with trains.
(DIR) Post #AcYctShQSl8vrkbxiK by icedquinn@blob.cat
2023-12-07T06:18:34.654564Z
5 likes, 0 repeats
> GPS-enabled sabotage:blobcatpolice: guillotines
(DIR) Post #AcaPighC4IdjbJCCOG by rher@mugicha.club
2023-12-08T03:00:25.036043Z
0 likes, 0 repeats
Incredible work, the manufacturers of this EMU endangered lives and should face the full brunt of the law for this antisocial profit-seeking
(DIR) Post #AczMXH9SN7GXlnb5JA by primalmotion@antisocial.ly
2023-12-20T03:52:30Z
0 likes, 0 repeats
@q3k @redford @mrtick @zaufanatrzeciastrona what the actual fuck?!?