[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:13.99,0:00:20.39,Default,,0000,0000,0000,,Give a warm welcome to Redford (@redford@infosec.exchange)
Dialogue: 0,0:00:29.59,0:00:38.67,Default,,0000,0000,0000,,Q3K (@Q3K@social.hackerspace.pl)
Dialogue: 0,0:00:38.85,0:00:45.45,Default,,0000,0000,0000,,and Mr. Trick (@mrtick@infosec.exchange)
Dialogue: 0,0:00:47.55,0:00:50.59,Default,,0000,0000,0000,,and it's an honour to announce the talk
Dialogue: 0,0:00:50.88,0:00:53.66,Default,,0000,0000,0000,,"Breaking DRM in Polish trains"
Dialogue: 0,0:00:54.56,0:00:59.88,Default,,0000,0000,0000,,Reverse engineering a train \Nto analyze a suspicious malfunction
Dialogue: 0,0:01:00.45,0:01:09.27,Default,,0000,0000,0000,,(Applause)
Dialogue: 0,0:01:09.59,0:01:16.19,Default,,0000,0000,0000,,Hi, I'm Redford, this is Q3K and\NMrTick (not Trick)
Dialogue: 0,0:01:16.66,0:01:19.28,Default,,0000,0000,0000,,and we'll talk today about trains.
Dialogue: 0,0:01:19.29,0:01:21.11,Default,,0000,0000,0000,,We'll do a quick intro, \Ntell the story and
Dialogue: 0,0:01:21.11,0:01:23.15,Default,,0000,0000,0000,,then go into technical details.
Dialogue: 0,0:01:23.85,0:01:30.36,Default,,0000,0000,0000,,So, we sometimes play CTF's together \Nwith Dragon Sector and Poland Can into space
Dialogue: 0,0:01:31.07,0:01:33.30,Default,,0000,0000,0000,,I work for invisible things lab
Dialogue: 0,0:01:33.69,0:01:36.05,Default,,0000,0000,0000,,I mostly do low level security and reverse engineering
Dialogue: 0,0:01:36.65,0:01:40.81,Default,,0000,0000,0000,,And [the others] will introduce themselves in a few slides
Dialogue: 0,0:01:41.40,0:01:43.66,Default,,0000,0000,0000,,Let's start with the story
Dialogue: 0,0:01:44.31,0:01:47.28,Default,,0000,0000,0000,,As you already know, the story is about trains
Dialogue: 0,0:01:48.08,0:01:52.75,Default,,0000,0000,0000,,and the story actually starts a long time ago, in 2016
Dialogue: 0,0:01:53.47,0:01:58.20,Default,,0000,0000,0000,,when Koleje Dolnoslaskie , a local polish train operator
Dialogue: 0,0:01:58.82,0:02:04.03,Default,,0000,0000,0000,,bought eleven Impulse trains \N(of which one of them is on the photo)
Dialogue: 0,0:02:05.59,0:02:07.18,Default,,0000,0000,0000,,Then after some time,
Dialogue: 0,0:02:07.65,0:02:12.12,Default,,0000,0000,0000,,the train started reaching one million kilometer on the odometers
Dialogue: 0,0:02:12.62,0:02:19.78,Default,,0000,0000,0000,,and by this amount, you must do a big maintaince
Dialogue: 0,0:02:20.16,0:02:24.67,Default,,0000,0000,0000,,and because the manufacturers warranty already expired
Dialogue: 0,0:02:25.08,0:02:27.96,Default,,0000,0000,0000,,they started a tender
Dialogue: 0,0:02:27.96,0:02:30.90,Default,,0000,0000,0000,,so to select the best offer for servicing
Dialogue: 0,0:02:31.82,0:02:33.82,Default,,0000,0000,0000,,and the offer was won by SPS
Dialogue: 0,0:02:34.21,0:02:36.85,Default,,0000,0000,0000,,it's an independent train workshop in Poland
Dialogue: 0,0:02:37.09,0:02:41.22,Default,,0000,0000,0000,,And in the first quarter of 2022
Dialogue: 0,0:02:41.44,0:02:43.97,Default,,0000,0000,0000,,the first train reached the workshop
Dialogue: 0,0:02:44.24,0:02:50.80,Default,,0000,0000,0000,,So, let's see the public timeline
Dialogue: 0,0:02:51.03,0:02:57.10,Default,,0000,0000,0000,,The servicing started with train #24
Dialogue: 0,0:02:57.29,0:03:03.18,Default,,0000,0000,0000,,Their workshop took apart the whole train
Dialogue: 0,0:03:03.44,0:03:05.100,Default,,0000,0000,0000,,sent the parts to the manufacturers
Dialogue: 0,0:03:06.38,0:03:08.45,Default,,0000,0000,0000,,and then assembled the train back
Dialogue: 0,0:03:08.62,0:03:10.55,Default,,0000,0000,0000,,But the problem was that
Dialogue: 0,0:03:10.71,0:03:13.61,Default,,0000,0000,0000,,the train didn't start afterwards.
Dialogue: 0,0:03:13.61,0:03:16.68,Default,,0000,0000,0000,,And, then, they took another train for servicing,
Dialogue: 0,0:03:17.11,0:03:19.11,Default,,0000,0000,0000,,and it was the same:
Dialogue: 0,0:03:19.11,0:03:21.02,Default,,0000,0000,0000,,the trains didn't want to start
Dialogue: 0,0:03:21.02,0:03:22.69,Default,,0000,0000,0000,,after servicing.
Dialogue: 0,0:03:22.69,0:03:25.50,Default,,0000,0000,0000,,And, what's even more interesting
Dialogue: 0,0:03:25.50,0:03:27.10,Default,,0000,0000,0000,,is that in the meantime
Dialogue: 0,0:03:27.10,0:03:28.68,Default,,0000,0000,0000,,another workshop
Dialogue: 0,0:03:28.68,0:03:32.06,Default,,0000,0000,0000,,started servicing trains for different train operator
Dialogue: 0,0:03:32.33,0:03:35.94,Default,,0000,0000,0000,,and they run into exact the same problem
Dialogue: 0,0:03:36.17,0:03:38.24,Default,,0000,0000,0000,,So, it's getting a bit suspicious
Dialogue: 0,0:03:38.49,0:03:42.38,Default,,0000,0000,0000,,and the story got noticed by media in Poland
Dialogue: 0,0:03:42.58,9:59:59.99,Default,,0000,0000,0000,,because you had like less trains running