Give a warm welcome to Redford (@redford@infosec.exchange)
Q3K (@Q3K@social.hackerspace.pl)
and Mr. Trick (@mrtick@infosec.exchange)
and it's an honour to announce the talk
"Breaking DRM in Polish trains"
Reverse engineering a train
to analyze a suspicious malfunction
(Applause)
Hi, I'm Redford, this is Q3K and
MrTick (not Trick)
and we'll talk today about trains.
We'll do a quick intro,
tell the story and
then go into technical details.
So, we sometimes play CTF's together
with Dragon Sector and Poland Can into space
I work for invisible things lab
I mostly do low level security and reverse engineering
And [the others] will introduce themselves in a few slides
Let's start with the story
As you already know, the story is about trains
and the story actually starts a long time ago, in 2016
when Koleje Dolnoslaskie , a local polish train operator
bought eleven Impulse trains
(of which one of them is on the photo)
Then after some time,
the train started reaching one million kilometer on the odometers
and by this amount, you must do a big maintaince
and because the manufacturers warranty already expired
they started a tender
so to select the best offer for servicing
and the offer was won by SPS
it's an independent train workshop in Poland
And in the first quarter of 2022
the first train reached the workshop
So, let's see the public timeline
The servicing started with train #24
Their workshop took apart the whole train
sent the parts to the manufacturers
and then assembled the train back
But the problem was that
the train didn't start afterwards.
And, then, they took another train for servicing,
and it was the same:
the trains didn't want to start
after servicing.
And, what's even more interesting
is that in the meantime
another workshop
started servicing trains for different train operator
and they run into exact the same problem
So, it's getting a bit suspicious
and the story got noticed by media in Poland
because you had like less trains running