this post was submitted on 06 Dec 2023
378 points (99.5% liked)

Europe

8484 readers
1 users here now

News/Interesting Stories/Beautiful Pictures from Europe 🇪🇺

(Current banner: Thunder mountain, Germany, 🇩🇪 ) Feel free to post submissions for banner pictures

Rules

(This list is obviously incomplete, but it will get expanded when necessary)

  1. Be nice to each other (e.g. No direct insults against each other);
  2. No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
  3. No posts linking to mis-information funded by foreign states or billionaires.

Also check out !yurop@lemm.ee

founded 1 year ago
MODERATORS
poVoq@slrpnk.net
378
Polish Trains were equipped with automatic killswitch by manufacturer Newag (social.hackerspace.pl)
submitted 9 months ago* (last edited 9 months ago) by redd@discuss.tchncs.de to c/europe@feddit.de
36 comments fedilink hide all child comments
 

A polish hacker found out why trains did stop working. The manufacterer implemented a hidden electronic switch, which automatically activated after trains were serviced by a different company.

you are viewing a single comment's thread
view the rest of the comments
[–] tal@lemmy.today 34 points 9 months ago* (last edited 9 months ago) (1 children)

The trains also had a GSM telemetry unit that was broadcasting lock conditions, and in some cases appeared to be able to lock the train remotely.

So, it sounds like this remote lock is speculation, so I'm not gonna say that this is actually the case here, and I don't know how trustworthy the source here is.

But, speaking in general: an additional problem with sticking back doors in products is that someone else may discover them and exploit them, and the uses to which they may put them may be considerably less-pleasant than whatever the purpose that the manufacturer had in sticking them in.

Just earlier this year, we had articles about this incident with Polish trains. That wasn't a back door in that it wasn't particularly hidden, but it was a way to do remote radio control of Polish trains, and sure enough, when someone who wanted to create trouble with it discovered it, it got used to cause problems for Polish train operators.

https://www.wired.com/story/poland-train-radio-stop-attack/

The Cheap Radio Hack That Disrupted Poland’s Railway System

The sabotage of more than 20 trains in Poland by apparent supporters of Russia was carried out with a simple “radio-stop” command anyone could broadcast with $30 in equipment.

[–] sanpo@sopuli.xyz 41 points 9 months ago* (last edited 9 months ago)

It wasn't a back door, it was a safety feature working as designed. IIRC it didn't have any modern security implemented, because it's very old.

Also, the link from the OP doesn't mention that, but the trains in this story had locations of competitors' repair centers coded in, and were apparently set to auto-lock if they detected sitting in one for more than 10 days...