< Return to Video

37C3 - Breaking "DRM" in Polish trains

  • 0:14 - 0:20
    Give a warm welcome to Redford (@redford@infosec.exchange)
  • 0:30 - 0:39
    Q3K (@Q3K@social.hackerspace.pl)
  • 0:39 - 0:45
    and Mr. Trick (@mrtick@infosec.exchange)
  • 0:48 - 0:51
    and it's an honour to announce the talk
  • 0:51 - 0:54
    "Breaking DRM in Polish trains"
  • 0:55 - 1:00
    Reverse engineering a train
    to analyze a suspicious malfunction
  • 1:00 - 1:09
    (Applause)
  • 1:10 - 1:16
    Hi, I'm Redford, this is Q3K and
    MrTick (not Trick)
  • 1:17 - 1:19
    and we'll talk today about trains.
  • 1:19 - 1:21
    We'll do a quick intro,
    tell the story and
  • 1:21 - 1:23
    then go into technical details.
  • 1:24 - 1:30
    So, we sometimes play CTF's together
    with Dragon Sector and Poland Can into space
  • 1:31 - 1:33
    I work for invisible things lab
  • 1:34 - 1:36
    I mostly do low level security and reverse engineering
  • 1:37 - 1:41
    And [the others] will introduce themselves in a few slides
  • 1:41 - 1:44
    Let's start with the story
  • 1:44 - 1:47
    As you already know, the story is about trains
  • 1:48 - 1:53
    and the story actually starts a long time ago, in 2016
  • 1:53 - 1:58
    when Koleje Dolnoslaskie , a local polish train operator
  • 1:59 - 2:04
    bought eleven Impulse trains
    (of which one of them is on the photo)
  • 2:06 - 2:07
    Then after some time,
  • 2:08 - 2:12
    the train started reaching one million kilometer on the odometers
  • 2:13 - 2:20
    and by this amount, you must do a big maintaince
  • 2:20 - 2:25
    and because the manufacturers warranty already expired
  • 2:25 - 2:28
    they started a tender
  • 2:28 - 2:31
    so to select the best offer for servicing
  • 2:32 - 2:34
    and the offer was won by SPS
  • 2:34 - 2:37
    it's an independent train workshop in Poland
  • 2:37 - 2:41
    And in the first quarter of 2022
  • 2:41 - 2:44
    the first train reached the workshop
  • 2:44 - 2:51
    So, let's see the public timeline
  • 2:51 - 2:57
    The servicing started with train #24
  • 2:57 - 3:03
    Their workshop took apart the whole train
  • 3:03 - 3:06
    sent the parts to the manufacturers
  • 3:06 - 3:08
    and then assembled the train back
  • 3:09 - 3:11
    But the problem was that
  • 3:11 - 3:14
    the train didn't start afterwards.
  • 3:14 - 3:17
    And, then, they took another train for servicing,
  • 3:17 - 3:19
    and it was the same:
  • 3:19 - 3:21
    the trains didn't want to start
  • 3:21 - 3:23
    after servicing.
  • 3:23 - 3:25
    And, what's even more interesting
  • 3:25 - 3:27
    is that in the meantime
  • 3:27 - 3:29
    another workshop
  • 3:29 - 3:32
    started servicing trains for different train operator
  • 3:32 - 3:36
    and they run into exact the same problem
  • 3:36 - 3:38
    So, it's getting a bit suspicious
  • 3:38 - 3:42
    and the story got noticed by media in Poland
  • 3:43 -
    because you had like less trains running
Title:
37C3 - Breaking "DRM" in Polish trains
Description:
more » « less
Video Language:
English
Duration:
01:01:46

English, British subtitles

Incomplete

Revisions Compare revisions

Our website uses cookies for analysis purposes.