Give a warm welcome to Redford (@redford@infosec.exchange)

Q3K (@Q3K@social.hackerspace.pl)

and Mr. Trick (@mrtick@infosec.exchange)

and it's an honour to announce the talk

"Breaking DRM in Polish trains"

Reverse engineering a train 
to analyze a suspicious malfunction

(Applause)

Hi, I'm Redford, this is Q3K and
MrTick (not Trick)

and we'll talk today about trains.

We'll do a quick intro, 
tell the story and

then go into technical details.

So, we sometimes play CTF's together 
with Dragon Sector and Poland Can into space

I work for invisible things lab

I mostly do low level security and reverse engineering

And [the others] will introduce themselves in a few slides

Let's start with the story

As you already know, the story is about trains

and the story actually starts a long time ago, in 2016

when Koleje Dolnoslaskie , a local polish train operator

bought eleven Impulse trains 
(of which one of them is on the photo)

Then after some time,

the train started reaching one million kilometer on the odometers

and by this amount, you must do a big maintaince

and because the manufacturers warranty already expired

they started a tender

so to select the best offer for servicing

and the offer was won by SPS

it's an independent train workshop in Poland

And in the first quarter of 2022

the first train reached the workshop

So, let's see the public timeline

The servicing started with train #24

Their workshop took apart the whole train

sent the parts to the manufacturers

and then assembled the train back

But the problem was that

the train didn't start afterwards.

And, then, they took another train for servicing,

and it was the same:

the trains didn't want to start

after servicing.

And, what's even more interesting

is that in the meantime

another workshop

started servicing trains for different train operator

and they run into exact the same problem

So, it's getting a bit suspicious

and the story got noticed by media in Poland

because you had like less trains running