So these trains are exclusively used in Poland by quite a big number of regional train companies. There are 5 servicing levels starting from P1 up to most complex P5. It used to be that only these major companies would do P3+ but since a few years tenders were won by several smaller competitors at much lower prices all thanks to European Union Agency For Railways that opened that market.
It started with 4 trains that were serviced by SPS Mieczkowski and just wouldn't start. The company was forced to pay €0.5m in penalties and trains were sent back to Newag. At the same time several other trains from different companies that didn't even got to service but spent a bit too much time in one place became immobilized. This all led to SPS Mieczkowski hiring Dragon Sector to investigate and they found several separate routines to disable trains.
This case is investigated by Central Anti-Corruption Bureau in Poland but I doubt it'll do much harm to Newag. The Office of Rail Transport of Poland that would spam rail company with complaints and orders for a small mistake in train schedule washed it's hands from intervening in this case and train purchases have highly regulated tender process and very little wiggle room for rail companies.
>This case is investigated by Central Anti-Corruption Bureau in Poland but I doubt it'll do much harm to Newag. The Office of Rail Transport of Poland that would spam rail company with complaints and orders for a small mistake in train schedule washed it's hands from intervening in this case and train purchases have highly regulated tender process and very little wiggle room for rail companies.
It's clearly a crime of sabotage under Art. 254a kk. Tender process does not matter in this case. We just need a competent prosecutor.
It is also investigated by the Agency of Internal Security and I really doubt they don't have huge problems out of this. This is taken extremely seriously internally.
There's a ton of evidence to prove what happened and they have no chance to somehow wiggle out of this. They're trying... by saying they were hacked. Yeah, the hackers somehow flashed firmware of trains services by competition, to brick the trains. GPS coordinates of competition rail segments were literally hardcoded.
Their newer variant, Impuls 2, is actually used outside of Poland too - Italian FSE operates 11 of them.
Though considering they were hoping to continue their expansion into Italy I imagine they might not have sabotaged these trains (but who knows, maybe they're fine with burning even new customers).
Hypotheticals be hypotheticals, but here we don't have a case of the lowest bidder screwing up maintenance of a potentially dangerous piece of infrastructure; instead, we have the incumbent breaking aforementioned hardware on purpose, and blaming it on the lowest bidder.
Honestly, I think China got this right. Business is business, but when you start screwing with critical infrastructure, a firing squad should be on the table. And in this case, at least months to years of prison.
For context: Poland is split into 16 voivodships, and after a reform from early 2000s, pretty much each of them has its own local railway company (which cooperate).
Basically "everyone knew" for over a year something was fishy with Newag trains, after a series of faults in trains owned by different companies which used a 3rd-party service company instead of servicing with Newag, so the service company hired the hacker guys, it took a while for the folks to reverse engineer things and understand what's precisely going on.
Awesome! I had to look the word "voivodship" up. I am Polish, so I knew what województwo meant. But I didn't know there was an English equivalent of that word other than governing state. An interesting read on Wikipedia:
I think the best shot a modern Anglophone has at knowing the word is that it was used in Dracula for the title of Vlad the Impaler. [Voivode, that is, not voivodeship. But if you know the title voivode, the meaning of voivodeship is obvious.]
It is not immediately obvious why the word would have been adopted into English in more or less the native form as opposed to being translated into an equivalent title, the way we talk about German "dukes" and "duchies".
Knowing polish, russian, lithuanian and bits of other related languages, I find it interesting how the word directly assumes military leadership, the medieval feudal kind of way. It can be roughly translated as "led by a voivoda", with "voivoda" here meaning "military leader".
Probably comes from the original Commonwealth times..?
This brought to mind the AARD "crash" which Microsoft used to basically destroy competition from DR-DOS back in the day.
> The AARD code was a segment of code in a beta release of Microsoft Windows 3.1 that would determine whether Windows was running on MS-DOS or PC DOS, rather than a competing workalike such as DR-DOS, and would result in a cryptic error message in the latter case. This XOR-encrypted, self-modifying, and deliberately obfuscated machine code used a variety of undocumented DOS structures and functions to perform its work.
This tracks for Microsoft. The very same company that told Compaq that if they sold any PCs with OS/2 Warp, they would never sell another one with Windows.
Humans are why we can't have nice things. OS/2 Warp was a great OS.
We really need to have much stronger anti trust legislation and enforcement. It is absolutely ridiculous to allow companies to behave this way.
And before someone says that "free market is always good and government is bad", the optimum free market strategy if there is no government is to hire hitmen to assassinate the executives of competidor companies. A real competitive free market will always require the government to prohibit companies from forming artificial mottes around their monopolies.
all this looks like points for open source. You can’t exactly stop someone from putting an open source OS on their hardware, and if the train software was open-source, then this “clawback code” nonsense would have been impossible to keep secret.
and you’re right, OS/2 Warp WAS a great OS. As soon as it started losing market viability, it should have gone open source as a defensive self-preservation tactic.
When LLaMa was released for free, it basically guaranteed it would never die a corporate death
The AARD code (which was a non-fatal warning that didn't stop you from using Windows) never actually shipped. It was patched to be non-reachable in the final release, probably a binary patch to avoid a regression and long build times (including a large packing problem: optimizing floppy disk layout)
FWIW DR-DOS was a dead end product at launch. It was abundantly clear to anyone with two brain cells to rub together that people/OEMs were not going to buy two operating systems: a GUI OS and a DOS that also acted like a bootloader for the GUI OS.
The idea that there would exist, for any significant length of time, a market for a standalone text-only 16-bit DOS was complete and utter fantasy. DR-DOS was never significant in terms of sales. Even if the AARD code had actually shipped in the final Windows 3.x release it wouldn't have mattered.
It first appeared as a product to compete with MS/PC-DOS 3.x releases in the late 1980s. XT-class machines were still on the market, and Windows was far from unchallenged dominance. If you asked in 1989 what computing would look like by 1995, "OS/2", "Unix", or "something we haven't even imagined yet" were viable guesses, probably even more so than "That clunky Windows/386 shell will subsume almost all drivers and functionality, but you'll still need a glorified version of DOS 3.3 as a bootloader."
Aside from whether DR-DOS was a compelling retail product, it served an important market purpose: it forced a price ceiling for MS-DOS. This probably spurred Microsoft's questionably-legal bundling and pricing strategy, but the end result is that OEMs weren't paying $150 for a copy of DOS through the 1990s.
> A rather amusing situation was encountered with another train set that refused to work on November 21, 2022, despite not being in service at the time. The computer reported a compressor failure, although the mechanics determined that there was nothing wrong with the compressor. Unfortunately, the train still did not raise its pantographs. The analysis of the computer code revealed a condition enforcing the failure, which read as follows:
> if the day is greater than or equal to 21, and
> if the month is greater than or equal to 11, and
Also the wrong way to implement an expiry data, since it'd work fine again when the day goes below 21 or month below 11, even if the year is 2021 or greater - which seems to be what happened if they only noticed it in November 2022 rather than 2021.
Very charitable. The "expiry date" was set to the next servicing date and there was no way for competition to fix this hardcoded date and this was not documented in the official documents. Clearly a way to force buyers to use the "official" service.
Yeah, that's not a component expiry date. This reads more like "fire a warning shot in November, and then fuck the operator over during Christmas". It feels like trying to maximize damage, as 21-31 December is exactly where a huge chunk of population travels to visit their family homes, and many of them do so via trains.
This was programmed into a PLC, not traditional code.
PLCs are basically environments designed for mere technicians being able to adjust code in very clear concise fashion. It can be way more verbose, but the logic is clear and solid for decades of operation.
It doesn't require reading an api documentation on version X of a library downloaded from NPM 15 years ago nor rebuilding an entire project to the latest dependencies.
This is a reason why it was detected a year later - the train service was delayed and it spent late November and whole December in service. So the "expiration" intended for 2021 only manifested in 2022.
The world is such a small place--I open HN and read a movie-grade story about trains that I took many times. In fact, it's even possible I was going by one of those grounded trains..
In any case, either there was no code review, or the reviewers accepted that for one reason or another. Not sure which case is more scary..
Code review by a _third party_? Does that usually happen?
It's clear this was intended by the manufacturer of the trains, who directed the writing of the code, it's not like a hacker put this in without their manager knowing, right?
What kind of code review are you thinking of by whom?
[Wait, reading other comments, I'm thinking HN switched the article at the top, and some of these comments were written when the article at the top had much less information? That may explain why these comments are so confusing!]
In aerospace it definitely does happen. For example, NASA, as a customer, has the right to independently review flight software implemented by contractors.
I have no idea how software for trains is (or should be) created.
So I meant a regular code review you would do for anything else.
I can see two scenarios at play:
1. either it's "free for all" and someone (anyone?) can put arbitrary shady stuff in the code
2. or there's a process for adding shady stuff to the codebase (some "stakeholder" creates a ticket, someone creates a PR, and the it's reviewed, etc.)
That should be a basic requirement for any purchase where public funds are involved in any manner. If something is not open source then third party audit should be a bare minimum.
Oh, I bet that code was well reviewed and put through some serious testing. You can guess that from the presence of the geofence with additional trigger condition ;)
It's quite unfortunate as Newag trains are rather higher quality than Pesa (other Polish manufacturer). I suppose so reliable, they needed to generate artificial faults :D
Will be interesting to see the impact of this situation on the contract with European railroad services Akiem - they signed a 164 million euro contract with Newag for services and trains for France. [1]
Depends on country's laws and contracts between parties. If the contract does not mandate service by the manufacturer, only suggests it, this sounds illegal. Not because of hacking, because of not documenting behavior and disturbing state entity hence the people.
Reading decompiled (reverse-engineered) code is not as insanely hard as it sounds. You can usually find functions, and then it's a matter of finding _what_ a function does.
If you can somehow attach a debugger or get breakpoints, it's even easier.
In some cases, oddly, the intent of a function can actually become clearer when the logic gets stripped of all the bad naming protocols and names for the moving pieces have to be reconstructed from only its actions and contexts.
In a perfect world, this shouldn't be true and the content embedded within those symbols in the source code should be an easy lever towards relatively perfect understanding of both intent and implementation; however, software is a relatively young discipline and this is actually a difficult linguistic problem.
On an open source architecture, many eyes hypothetically leave few places for malicious action to hide. This is not always 100% foolproof, but it seems to work out pretty well most of the time.
On a closed source architecture, this sort of thing is generally safeguarded by contract and law. Company can get away with it once, but if the law and contracts were properly crafted there will be fines and jail time that discourages them from doing it again.
I would reach for other laws like sabotage and extortion and something that probably exists specifically for the protection of public infrastructure and charge them criminally and raid the offices and take out the executives in cuffs.
They screwed with the rich and powerful here why not throw the book at them?
Why does about half the country keep voting for a party that is clearly against the EU then? Is it because of their unwavering love of ransomware and other frauds?
Do you think European regulations don't apply to European companies? They do, it just gets less publicity when e.g. Criteo get fined for abusive tracking than when Google do.
I can’t change the 12V lead acid battery in my EV without using a reverse engineered OBD-II dongle. If you don’t use the dongle to reset the charge circuit, it fries the new battery in about a month.
Here are incorrect directions explaining how to do it:
This is actually not specific to the EVs but something all German car brands started doing. They made their alternators/chargers of the 12V battery overtly complicated and you have to use a dongle to tell the car you replaced the battery and with what kind of battery.
My friend once replaced her battery, exact same one in a BMW X3. The car immediately went into a limp mode and would refuse to go faster than 5mph until we connected a dongle and told it that the battery was replaced with the exact model that was already in there.
There's an argument they did it for "battery lifespan optimization" which there is a semblance of truth, because there are different kinds of lead acids. The reality is they found a new way to force the majority of people into dealerships.
Registering batteries has been a thing for BMWs for at least a decade. The dance around keeping windows open etc is a little more annoying, but nothing out of the ordinary.
What a jackass thing to do to vehicle owners. Changing the battery is a normal maintenance action you can do on any competently designed vehicle in less than 20 minutes.
Does anyone know of a sort of "buyer beware" website where these sorts of gotchas are catalogued by users? I don't fully trust any vehicle manufacturers to be beyond pulling this sort of thing.
> I can’t change the 12V lead acid battery in my EV
Aside from that not having anything to do with it being an EV, it's worth mentioning that many newer EVs (most of the ones sold, perhaps) use a lithium 12V battery now, not lead acid. So in general they ought to last longer anyway. Plus Tesla, at least, doesn't 'register' batteries the way BMW does.
What is the story here exactly? Is there an official way to replace the battery that doesn't require a dongle? What does the dongle do exactly? Why does a new battery get drained if you don't follow this process carefully?
It would be so easy to get away with this kind of extortion at my work. Nobody reads my code that carefully, or cares if I don't get it reviewed and just merge it. Only one other person could understand it if he tried, and he has no interest or involvement in it. It could easily look like just a bit of incompetence on my part that requires some additional consulting from me after I have moved on.
That's not how I roll ... or sleep well, so my employer is in no danger from me. But there are many short-term devs who come through here, and I don't have the time to police them in detail.
But conceivably an LLM could do it. It could be just another step in a build pipeline. But, when LLMs can do this well, they can also write most of the code going into the pipeline.
Exactly. This is a company initiative to increase company profits. It's smart business, as long as it's not illegal or the fine is insufficiently high.
The EN50128 safety standard for the European safety critical rail software places great importance on the development process.
Every change to the software has to be based on a defined requirement, and in order to validate the software you have to prevent evidence that every change was approved by a reviewer that is competent for that area of the software. The validation report contains the signature of this person.
If your code passes every test, but it wasn't developed in accordance with the process, it might as well not exist.
Of course I can't say how well this process was followed in NEWAG, but in theory rogue changes shouldn't be possible.
"Last time this failed, Bob was the only one who could fix it."
"Bob resigned a few months ago."
"See if he is willing to do some consulting. We'll pay whatever rate he demands."
I still occasionally have past employers call about things years after I left, and if I'd have been immoral enough to pull something like this, those systems could have been full of time bombs.
The truth is almost stranger than fiction. They are members of a group called Dragon Sector and were brought in by the train operator after 6 of their 12 largest trains became unresponsive after having inspections done at a rail yard owned by not-the-manufacturer of the trains. The manufacturer said the trains became unresponsive because of malpractice at the train repair shop and mentioned some condition that didn't appear to be in the maintenance manual. The train operator made contact with Dragon Sector and asked for their help.
It appears to be malicious code included by the manufacturer to prevent third party repair that at one point included geolocation for triggering. Given that the train operator had to reduce train schedules for this which impacted service and income, it might end up as evidence in a lawsuit against the manufacturer at some point.
I would love to know if the checks were as brazen as presented in that post, or if the coordinate checks were obfuscated in some way. It sounds like they just assumed the operator would fold long before even getting at the code and couldn't even be bothered trying to make it look accidental.
> [...] It was probably the software author's inability to construct IFs that made it necessary to wait until November 21, 2022 for the planned failure.
Well the error message claims that they are infringing copyright. It very well could be that they are within their rights if the initial license/contract stipulated that they would only service the trains in their authorised locations. This should be illegal, but very well might be.
Generally I'm not part of the crowd that wants to send CEO's and management to jail for what are ultimately just bad business decisions.
But this should absolutely result in jail time. This is literally no different from if the managers of the company physically snuck into trainyards and snipped wires and removed valves or whatever.
It's literally just sabotage. It's a crime that should result in years of jail time for everyone in management who participated in this decision.
Yup. And this isn't sabotaging some random webshit SaaS. This is sabotaging critical national infrastructure - infrastructure that's of military relevance, and need I remind anyone, there's a hot war being waged over our eastern border right now.
I feel a good enough prosecutor could pin charges of treason here.
As much as I like to rake the executives over the coal for this, I'm disturbed by the trend of calling anything vaguely against the national interest as "treason". Nowadays if I hear someone is accused of treason absent any context, it could mean anywhere between "knowingly selling nukes to iran" to "lobbied for/against a policy that the accuser thinks is bad". In this case they're arguably scamming the government out of money, but that can hardly be compared to the crime knowingly aiding a known adversary.
There are update logs of the train software. Because of them it is known that workers of the company literally snuck into waiting trains and updated the software without the owners knowing. So really, but far from that.
Oooh, now that's fascinating. What you say is known because of update logs wasn't in the article that I recall. Could you kindly provide a reference to where you learned this part of the story? Thanks!
> Generally I'm not part of the crowd that wants to send CEO's and management to jail for what are ultimately just bad business decisions.
This attitude is rare. Much more common is wanting to send them to jail for deliberately breaking the law -- or presiding over widespread flouting of the law by other management. E.g. The Wells Fargo cross selling scandal created literally millions of fraudulent accounts, and nobody went to jail.
>or presiding over widespread flouting of the law by other management. E.g. The Wells Fargo cross selling scandal created literally millions of fraudulent accounts, and nobody went to jail.
"presiding over widespread flouting of the law" isn't a crime though, and it's difficult to make that a crime without running into due process issues (eg. https://en.wikipedia.org/wiki/Mens_rea)
Another example for firmware manipulation: the Volkswagen emissions scandal (Dieselgate). Some firmware was changed, so that emissions were lower during emission tests.
That was a big scandal some eight years ago, who remembers?
> "The manufacturer argued that this was because of malpractice by these workshops"
Is this intended to say:
- The manufacturer says the locks are caused by malpractice of the 3rd party workshops
or
- The manufacturer says they lock the trains because of past malpractice of the 3rd party workshops
The poster also states
> "One version of the controller actually contained GPS coordinates to contain the behaviour to third party workshops."
This seems oddly specific, there are better ways to determine if the train has been serviced by the manufacturer or not, such as using PKI.
I can imagine a scenario where this isn't for greed of servicing fees, perhaps the brakes need replacing every x miles and if this isn't performed the train locks for safety. If the 3rd party workshops specified thought
"there's more life left in these pads, I'll just reset the counter and make the train think the pads are new"
The manufacturer would have significant backlash should the train then crash and kill people, regardless if the 3rd party workshop was at fault.
I'm all for right to repair for most things, however commercial public transport isn't one of them unless there's some vetting/accreditation process.
I think you're putting very little weight into the ability of government organizations like the NTSB or equivalent to determine root cause of a crash.
Just think of the situation with aircraft crashes. They have to deal with something that smeared into the ground at 400 miles an hour. And they're often still able to root cause with a high degree of confidence.
I have a feeling train crashes are trivial in comparison to root cause (with rare exception).
You either require (and train) your NTSB to be able to independently diagnose accidents (in which case they would be able to tell who fudged the records about the fake brake overhaul) or you rely on the manufacturer for the diagnosis. Which to me is a concerning conflict of interest, since they will invariably want to shift the blame to the operator of the vehicle. I'm sure they could in the most honest case, point to excursions outside of recommended operating conditions during the life of the train and say "see? Your operator has been consistently taking this turn ed 10 mph faster than recommended by the manufacturer. Warranty void".. worst case they fudge the records and you have no competent independent examiner to dispute that.
I think your point is fine, but I don't think we should say a root cause analysis of a rail accident is "trivial".
For example, the most recent serious report from the UK has 113 pages, and detail on technical (friction, braking etc) and organizational issues just like an aircraft accident report:
> I think you're putting very little weight into the ability of government organizations like the NTSB or equivalent to determine root cause of a crash
Not at all, I expect they will know every detail/fault/liability. In the meantime though, 'backlash'
- Manufacture's name is in the headlines
- That model of train may be 'grounded' or receive negative publicity
(We see this often in Air accidents (737 MAX, Ospreys in Japan)
Even if the manufacturer is determined to not be at fault, bad tastes linger..
- greater scrutiny
- % will hear of initial reports but miss later reports exonerating Manufacture
It's certainly reasonable for governments to require some sort of licensing or accreditation to work on safety-critical public infrastructure. It is not reasonable for another service provider to have the final say over that, especially through the use of undisclosed software locks.
> "The company supplies engine parts to several major airlines in the UK and abroad.
> In August. the Civil Aviation Authority announced it was investigating the same company for the "supply of a large number of suspect unapproved parts"."
> I'm all for right to repair for most things, however commercial public transport isn't one of them unless there's some vetting/accreditation process.
That is where you literally have a contract written up, stating this. In some cases that contract is ratified by the parliament (making it effectively the law)
That didn't prevent lots of commercial airliners from flying with potentially dangerous parts but a software restriction would have.
> "In August. the Civil Aviation Authority announced it was investigating the same company for the "supply of a large number of suspect unapproved parts"."
I think the way to fix this is to make sure manufacturers follow certain standards so that the products can be serviced by anyone who holds certificates in those standards.
This is mostly to break the liability/insurance barrier.
That's approximately what the EU forced to happen - third party repair shops were approved and allowed access to the service documentation. But that means nothing when the manufacturer decides to sabotage the trains in firmware and even install an Internet-connected hardware backdoor.
How many similar practices actually get discovered? In a way this is the "right" thing to do in a capitalist society. We are incentivising this behaviour by making it profitable. An honest company cannot compete with a company doing this, unless very rigorous regulations and enforcement of them. This gets harder and harder as tech gets more opaque.
Adding more regulation, auditing, hoping that _all_ entrepreneurs are honest, are crutches trying to patch a fundamentally broken economical system.
If capitalism were a software, we would call practices like this code smell. We can try patching it up with some specific legislation and (costly) enforcement by e.g. code auditing in this case. But the real issue is that our economy is not optimizing for global (national) utility, it is optimizing for profits of individual business owners.
For B2B contracts of this kind of size a solution is to insist on clauses with very steep damages in the event of evidence of specific measures to prevent third party service or similar, coupled with never again dealing with a manufacturer like this.
The bigger problem is when manufacturers pull stunts like this on customers who can't afford and/or don't have sufficient financial incentive to figure out the underlying problem.
Steep damages is in many cases not enough because the likelihood of being found out is so low. The damages then have to be extremely steep for this behavior to not be incentivised. Basically to bring the expectation value negative, the damages has to be larger than the profit gain by this behavior, divided by the probability to be caught. Often this will be more than the value of the company, and then the damages do not matter as they simply bankrupt. In that case, the rational business practice is to go for it and hope to not get caught. Any other behavior will eventually lead to bankruptcy in a competetive market.
The fact that an entity can sometimes benefit from deceit has nothing to do with capitalism, specifically, and capitalism is not the simple proposition that profit justifies anything, even if some people sometimes suggest that it is, in order to advance their agenda - in a rather deceitful manner, I might add!
The pressure to benefit from deceit because outperforming competition is the only way to stay alive is unique to capitalism, though.
"capitalism is not the simple proposition that profit justifies anything" - of course, but it naturally leads to an environment where profit justifies anything. No business leaders avoid money-making immoral behavior unless it is overall unprofitable due to market conditions (a specific well-informed customer base, for example) or regulation.
do you have a counter-argument? because what I’m reading here is “you’re wrong and lying or lied to because of an ‘agenda’” and that’s it
what do you think GP or someone who has lied to GP really thinks?
why are they lying?
what’s their agenda?
do you agree that we (in the West) currently broadly live under Friedman’s version of capitalism, and, if so, do you agree that it broadly follows the mantra of “profit/shareholder value above all else”?
if you don’t think we live under that system, what system do you think we live under, and what differs it from the mantra of “profit/shareholder value above all else”?
this is all true, but what is the better system? Communism has its merits, but it’s extremely reliant on competent, benevolent leadership and struggles to be economically viable in an American-dominated world.
I think that a Keynesian, well-unionised economy with strong regulation is the solution. I’m sure they exist, but I struggle to think of many examples in history of over-regulation leading to a fault, but I can think of many, many examples of under-regulation managing it, and yet largely due to the capitalist-controlled media, over-regulation is the more feared of the two. This isn’t to say that over-regulation isn’t possible, of course it is, but I don’t think it is in tech.
To go on a tangent, I personally don’t believe in the untrammelled progress of tech. I can understand why people are so vehemently against that idea, of course it’s frustrating to restrict human ingenuity, and there’s a lot of money to be made, but tech is quantifiably making people’s lives worse. Smartphones are a fucking travesty. IQ scores are down something like 10% from the 90s. The internet isn’t great, but at least when you had to be at home logged into a desktop there was some friction. Now an entire generation is plugged into it permanently. An entire generation that doesn’t really read books, rarely thinks alone and in many ways hasn’t had to learn organisational or navigational skills.
AI doesn’t look like it’s going to make any of this much better. Even if we don’t achieve AGI, which I hope, neural networks are only going to get better and better, the best and most powerful ones in the hands of the richest people, who will simply use them to worsen inequality even more.
What else is next? Neuralink? Human genetic engineering? You would hope regulation would stand up to them, especially aesthetic genetic engineering, but who knows?
What we need is a nice big solar flare EMP. Something like the Carrington event
What's next is AI operated lethal weapons. You best believe all the elites are racing for those as fast as they can. As soon as those are a reality, all revolution against economic inequality becomes impossible.
The U.S. army wouldn't fire on civilian protestors, regardless of what a general ordered. An AI army would have no such restrictions or be vulnerable to appeals to morality and ethics.
Nope, there was separate tender for just trains, and for the servicing. NEWAG (manufacturer) won the train contract, but lost the servicing contract tender.
Under current rules they had to provide as part of the first contract complete documentation for servicing that any legitimate (vetted & certified) 3rd party company could then use. By servicing I mean literally taking the train apart and handling individual assemblies to original manufacturers at times.
So these trains are exclusively used in Poland by quite a big number of regional train companies. There are 5 servicing levels starting from P1 up to most complex P5. It used to be that only these major companies would do P3+ but since a few years tenders were won by several smaller competitors at much lower prices all thanks to European Union Agency For Railways that opened that market.
It started with 4 trains that were serviced by SPS Mieczkowski and just wouldn't start. The company was forced to pay €0.5m in penalties and trains were sent back to Newag. At the same time several other trains from different companies that didn't even got to service but spent a bit too much time in one place became immobilized. This all led to SPS Mieczkowski hiring Dragon Sector to investigate and they found several separate routines to disable trains.
This case is investigated by Central Anti-Corruption Bureau in Poland but I doubt it'll do much harm to Newag. The Office of Rail Transport of Poland that would spam rail company with complaints and orders for a small mistake in train schedule washed it's hands from intervening in this case and train purchases have highly regulated tender process and very little wiggle room for rail companies.
>This case is investigated by Central Anti-Corruption Bureau in Poland but I doubt it'll do much harm to Newag. The Office of Rail Transport of Poland that would spam rail company with complaints and orders for a small mistake in train schedule washed it's hands from intervening in this case and train purchases have highly regulated tender process and very little wiggle room for rail companies.
It's clearly a crime of sabotage under Art. 254a kk. Tender process does not matter in this case. We just need a competent prosecutor.
https://sip.lex.pl/akty-prawne/dzu-dziennik-ustaw/kodeks-kar...
Being a 40+ year old Pole I am yet to see a single case of corruption in public sector be prosecuted.
11 replies →
Having read only that kk article, I'm not certain if trains are considered parts of the infrastructure?
16 replies →
It is also investigated by the Agency of Internal Security and I really doubt they don't have huge problems out of this. This is taken extremely seriously internally.
There's a ton of evidence to prove what happened and they have no chance to somehow wiggle out of this. They're trying... by saying they were hacked. Yeah, the hackers somehow flashed firmware of trains services by competition, to brick the trains. GPS coordinates of competition rail segments were literally hardcoded.
Their newer variant, Impuls 2, is actually used outside of Poland too - Italian FSE operates 11 of them.
Though considering they were hoping to continue their expansion into Italy I imagine they might not have sabotaged these trains (but who knows, maybe they're fine with burning even new customers).
[flagged]
Hypotheticals be hypotheticals, but here we don't have a case of the lowest bidder screwing up maintenance of a potentially dangerous piece of infrastructure; instead, we have the incumbent breaking aforementioned hardware on purpose, and blaming it on the lowest bidder.
Honestly, I think China got this right. Business is business, but when you start screwing with critical infrastructure, a firing squad should be on the table. And in this case, at least months to years of prison.
In this case the lower offer was 22mln PLN, whereas the manufacturer's offer was 25mln.
2 replies →
It's also great to see others trusting a servicing shop that customers are forced to use no matter how sloppy or incompetent their work.
Buried in the comments are links to longer write-ups with additional details:
Polish:
https://zaufanatrzeciastrona.pl/post/o-trzech-takich-co-zhak...
https://wiadomosci.onet.pl/kraj/awarie-pociagow-newagu-haker...
English:
https://zaufanatrzeciastrona-pl.translate.goog/post/o-trzech...
https://wiadomosci-onet-pl.translate.goog/kraj/awarie-pociag...
For context: Poland is split into 16 voivodships, and after a reform from early 2000s, pretty much each of them has its own local railway company (which cooperate).
Basically "everyone knew" for over a year something was fishy with Newag trains, after a series of faults in trains owned by different companies which used a 3rd-party service company instead of servicing with Newag, so the service company hired the hacker guys, it took a while for the folks to reverse engineer things and understand what's precisely going on.
Awesome! I had to look the word "voivodship" up. I am Polish, so I knew what województwo meant. But I didn't know there was an English equivalent of that word other than governing state. An interesting read on Wikipedia:
https://en.wikipedia.org/wiki/Voivodeship
I think the best shot a modern Anglophone has at knowing the word is that it was used in Dracula for the title of Vlad the Impaler. [Voivode, that is, not voivodeship. But if you know the title voivode, the meaning of voivodeship is obvious.]
It is not immediately obvious why the word would have been adopted into English in more or less the native form as opposed to being translated into an equivalent title, the way we talk about German "dukes" and "duchies".
Knowing polish, russian, lithuanian and bits of other related languages, I find it interesting how the word directly assumes military leadership, the medieval feudal kind of way. It can be roughly translated as "led by a voivoda", with "voivoda" here meaning "military leader".
Probably comes from the original Commonwealth times..?
This brought to mind the AARD "crash" which Microsoft used to basically destroy competition from DR-DOS back in the day.
> The AARD code was a segment of code in a beta release of Microsoft Windows 3.1 that would determine whether Windows was running on MS-DOS or PC DOS, rather than a competing workalike such as DR-DOS, and would result in a cryptic error message in the latter case. This XOR-encrypted, self-modifying, and deliberately obfuscated machine code used a variety of undocumented DOS structures and functions to perform its work.
https://news.ycombinator.com/item?id=36042213
This tracks for Microsoft. The very same company that told Compaq that if they sold any PCs with OS/2 Warp, they would never sell another one with Windows.
Humans are why we can't have nice things. OS/2 Warp was a great OS.
We really need to have much stronger anti trust legislation and enforcement. It is absolutely ridiculous to allow companies to behave this way.
And before someone says that "free market is always good and government is bad", the optimum free market strategy if there is no government is to hire hitmen to assassinate the executives of competidor companies. A real competitive free market will always require the government to prohibit companies from forming artificial mottes around their monopolies.
66 replies →
Google forbids competing android TV OS for their hardware customers. Maybe this happens with every large company?
all this looks like points for open source. You can’t exactly stop someone from putting an open source OS on their hardware, and if the train software was open-source, then this “clawback code” nonsense would have been impossible to keep secret.
and you’re right, OS/2 Warp WAS a great OS. As soon as it started losing market viability, it should have gone open source as a defensive self-preservation tactic.
When LLaMa was released for free, it basically guaranteed it would never die a corporate death
23 replies →
Bill Gates and Steve Ballmer probably can't be classified as humans.
> Humans are why we can't have nice things
MBAs are why we can't have nice things
FTFY
Don't attribute to humans, malice that can be adequately explained by Microsoft.
1 reply →
The AARD code (which was a non-fatal warning that didn't stop you from using Windows) never actually shipped. It was patched to be non-reachable in the final release, probably a binary patch to avoid a regression and long build times (including a large packing problem: optimizing floppy disk layout)
FWIW DR-DOS was a dead end product at launch. It was abundantly clear to anyone with two brain cells to rub together that people/OEMs were not going to buy two operating systems: a GUI OS and a DOS that also acted like a bootloader for the GUI OS.
The idea that there would exist, for any significant length of time, a market for a standalone text-only 16-bit DOS was complete and utter fantasy. DR-DOS was never significant in terms of sales. Even if the AARD code had actually shipped in the final Windows 3.x release it wouldn't have mattered.
DR-DOS was a viable product for many years.
It first appeared as a product to compete with MS/PC-DOS 3.x releases in the late 1980s. XT-class machines were still on the market, and Windows was far from unchallenged dominance. If you asked in 1989 what computing would look like by 1995, "OS/2", "Unix", or "something we haven't even imagined yet" were viable guesses, probably even more so than "That clunky Windows/386 shell will subsume almost all drivers and functionality, but you'll still need a glorified version of DOS 3.3 as a bootloader."
Aside from whether DR-DOS was a compelling retail product, it served an important market purpose: it forced a price ceiling for MS-DOS. This probably spurred Microsoft's questionably-legal bundling and pricing strategy, but the end result is that OEMs weren't paying $150 for a copy of DOS through the 1990s.
1 reply →
It's not really the same, in this case.
The AARD crash was an intentional break in compatibility, while this is more like planned obsoleteness.
Leaving a train stationary for "too long" would disable it? Microsoft would have loved to control the platform to that level :D
Obsolescence*
> This brought to mind the AARD "crash" which Microsoft used to basically destroy competition from DR-DOS back in the day.
Given that, according to the article, the functionality was never enabled, how did it get used to destroy competition from DR-DOS?
$280 million settlement for securing global OS domination for a few years. Pretty cheap.
William Gates was The World's Richest Man for what, twenty years without fail?
1 reply →
DR-DOS must have already been on the brink if some code in a 'beta release of Microsoft Windows 3.1' finished them off.
Why go back so far into history when weeks suffice:
https://news.ycombinator.com/item?id=37897428
You can't eradicate malaria without breaking a few eggs.
Newag stock price falling quite a bit after the post, is that the first Mastodon induced price correction?
https://g.co/kgs/WVku4C
They are still at +10% over 1 month and +25% over 3 months.
This was also reported by the media in Poland, so it's not Mastodon-induced.
> A rather amusing situation was encountered with another train set that refused to work on November 21, 2022, despite not being in service at the time. The computer reported a compressor failure, although the mechanics determined that there was nothing wrong with the compressor. Unfortunately, the train still did not raise its pantographs. The analysis of the computer code revealed a condition enforcing the failure, which read as follows:
> if the day is greater than or equal to 21, and
> if the month is greater than or equal to 11, and
> if the year is greater than or equal to 2021
> then report a compressor failure.
I guess a charitable interpretation is that the compressor manufacturer set an 'expiry date' to ensure replacement of a vital component.
(but it's probably just shady business.)
Also the wrong way to implement an expiry data, since it'd work fine again when the day goes below 21 or month below 11, even if the year is 2021 or greater - which seems to be what happened if they only noticed it in November 2022 rather than 2021.
1 reply →
Very charitable. The "expiry date" was set to the next servicing date and there was no way for competition to fix this hardcoded date and this was not documented in the official documents. Clearly a way to force buyers to use the "official" service.
1 reply →
Yeah, that's not a component expiry date. This reads more like "fire a warning shot in November, and then fuck the operator over during Christmas". It feels like trying to maximize damage, as 21-31 December is exactly where a huge chunk of population travels to visit their family homes, and many of them do so via trains.
7 replies →
broke: the lifespan of this moving part is measured in operational hours
woke: this part will be reported as broken during the last week of november and december, 2022 ONLY.
The real crime is not using a standard date time library and a simple > 2021-11-21
Even being evil requires a certain level of competence. It's how we actually catch any of them.
Can be often problematic on PLCs and the programming environment exposed to programmer.
This was programmed into a PLC, not traditional code.
PLCs are basically environments designed for mere technicians being able to adjust code in very clear concise fashion. It can be way more verbose, but the logic is clear and solid for decades of operation.
It doesn't require reading an api documentation on version X of a library downloaded from NPM 15 years ago nor rebuilding an entire project to the latest dependencies.
This is a reason why it was detected a year later - the train service was delayed and it spent late November and whole December in service. So the "expiration" intended for 2021 only manifested in 2022.
Personally I prefer measuring time as seconds that have passed since January 1st, 1970.
1 reply →
A reason to code it like this is to avoid that specific date to appear in the compiled code.
I’d speculate it’s more likely incompetence than intentional obfuscation
Technically it's a lot of specific dates Nov 21-30 2021, Dec 21-31 2021, Nov 21-30 2022, Dec 21-31 2022, etc...
So these manufacturers literally ransomed Poland by crippling critical infrastructure?
This is an incredibly brazen crime and I’m not so confident they will get away with it.
Manufacturer, not repair workshops - the repair workshops just won the bid and vendor decided to retaliate.
any bridges in Philly available for comparison?
The world is such a small place--I open HN and read a movie-grade story about trains that I took many times. In fact, it's even possible I was going by one of those grounded trains..
In any case, either there was no code review, or the reviewers accepted that for one reason or another. Not sure which case is more scary..
Code review by a _third party_? Does that usually happen?
It's clear this was intended by the manufacturer of the trains, who directed the writing of the code, it's not like a hacker put this in without their manager knowing, right?
What kind of code review are you thinking of by whom?
[Wait, reading other comments, I'm thinking HN switched the article at the top, and some of these comments were written when the article at the top had much less information? That may explain why these comments are so confusing!]
In aerospace it definitely does happen. For example, NASA, as a customer, has the right to independently review flight software implemented by contractors.
1 reply →
I have no idea how software for trains is (or should be) created.
So I meant a regular code review you would do for anything else.
I can see two scenarios at play:
1. either it's "free for all" and someone (anyone?) can put arbitrary shady stuff in the code
2. or there's a process for adding shady stuff to the codebase (some "stakeholder" creates a ticket, someone creates a PR, and the it's reviewed, etc.)
5 replies →
A day has passed and today my comments about code reviews don't really make sense to me anymore. I think I lost forest for the trees :).
So now it makes perfect sense to me that you thought it was about a 3rd party review, or about a rogue developer.
That should be a basic requirement for any purchase where public funds are involved in any manner. If something is not open source then third party audit should be a bare minimum.
I’m sure it was the work of a rogue engineer.
Oh, I bet that code was well reviewed and put through some serious testing. You can guess that from the presence of the geofence with additional trigger condition ;)
It's quite unfortunate as Newag trains are rather higher quality than Pesa (other Polish manufacturer). I suppose so reliable, they needed to generate artificial faults :D
I wonder who coded the malware clauses and who knew about them. Didn't anyone think of whistleblowing?
Btw, here's the page with anonymous opinions about the company from (unvetted) employees https://www.gowork.pl/opinie_czytaj,19587
They seem to have a pretty toxic work environment.
When asked to do this sort of a thing as a software developer, make sure to ask the directions in writing.
Will be interesting to see the impact of this situation on the contract with European railroad services Akiem - they signed a 164 million euro contract with Newag for services and trains for France. [1]
[1] https://biznes.pap.pl/pl/news/all/info/3509606,newag-inks-eu...
i think the remote lock makes it a backdoor and probably criminal?
Only, if you can provide a proof for the train not being a printer or that it cant be used as such. /s
[flagged]
Depends on country's laws and contracts between parties. If the contract does not mandate service by the manufacturer, only suggests it, this sounds illegal. Not because of hacking, because of not documenting behavior and disturbing state entity hence the people.
4 replies →
How can somebody even attempt to find faults like these without being a magician? Are people reading tons of assembly code in the process?
Reading decompiled (reverse-engineered) code is not as insanely hard as it sounds. You can usually find functions, and then it's a matter of finding _what_ a function does.
If you can somehow attach a debugger or get breakpoints, it's even easier.
In some cases, oddly, the intent of a function can actually become clearer when the logic gets stripped of all the bad naming protocols and names for the moving pieces have to be reconstructed from only its actions and contexts.
In a perfect world, this shouldn't be true and the content embedded within those symbols in the source code should be an easy lever towards relatively perfect understanding of both intent and implementation; however, software is a relatively young discipline and this is actually a difficult linguistic problem.
On an open source architecture, many eyes hypothetically leave few places for malicious action to hide. This is not always 100% foolproof, but it seems to work out pretty well most of the time.
On a closed source architecture, this sort of thing is generally safeguarded by contract and law. Company can get away with it once, but if the law and contracts were properly crafted there will be fines and jail time that discourages them from doing it again.
Same guys cracked Toshiba password mechanism hidden inside EC/KBC (Renesas M16C) https://q3k.org/slides-recon-2018.pdf couple of years ago.
q3k was one of the guys involved in this hacking.
Yes, that's exactly what happened. The reference in the article to the tool named Ghidra is the confirmation to your hunch.
This is probably perfect for some EU anti-monopoly lawsuit, am I right?
This should be a standard consumer protection law (right to repair), not a monopoly thing :/
EU consumer protection laws generally do not apply to B2B contracts (although member states can gold-plate them to extend their scope).
1 reply →
More like highly criminal behaviour like fraud and extortion.
1 reply →
If I understand correctly apart from hardcoded `ifs` there was a backdoor as well.
Russian agencies could use it to slow down transit of military aid to Ukraine.
In my book you could argue a criminal case.
Someone’s definitely going to jail for this. I can’t even think of what the defense’s argument could be.
Maybe “I am friends with the Law and Justice party”?
6 replies →
It seems like some mix of vandalism and fraud too.
I would reach for other laws like sabotage and extortion and something that probably exists specifically for the protection of public infrastructure and charge them criminally and raid the offices and take out the executives in cuffs.
They screwed with the rich and powerful here why not throw the book at them?
Who is the rich? The richest man in the picture is Z. Jakubas, who controls Newag. Forbes estimated his net worth for 1.9 mld PLN in 2021.
Help us, European Union. You're our only hope.
Why does about half the country keep voting for a party that is clearly against the EU then? Is it because of their unwavering love of ransomware and other frauds?
It's not a monopoly, so no. Would make just as much sense to ask for a DMCA takedown of the trains.
Do you think anti monopoly legislation only applies when some company controls some market outright?
1 reply →
Seems like the trains were manufactured by a European corporation so probably not lol.
Do you think European regulations don't apply to European companies? They do, it just gets less publicity when e.g. Criteo get fined for abusive tracking than when Google do.
2 replies →
I've honestly wondered for a while how many devices (from phones to cars) have features like this that haven't been documented yet.
Also how many engineers have worked on features like this without whistle-blowing over behavior like this.
I can’t change the 12V lead acid battery in my EV without using a reverse engineered OBD-II dongle. If you don’t use the dongle to reset the charge circuit, it fries the new battery in about a month.
Here are incorrect directions explaining how to do it:
https://www.mybmwi3.com/forum/viewtopic.php?t=17838
Step 14 requires the magic dongle.
Note that they are not disconnecting the main battery, so they are risking electrocution from the >> 100V DC batteries.
There are some comments about not letting the old battery get into a low voltage state.
That’s tricking the charger into not overcharging the new battery to death.
This is actually not specific to the EVs but something all German car brands started doing. They made their alternators/chargers of the 12V battery overtly complicated and you have to use a dongle to tell the car you replaced the battery and with what kind of battery.
My friend once replaced her battery, exact same one in a BMW X3. The car immediately went into a limp mode and would refuse to go faster than 5mph until we connected a dongle and told it that the battery was replaced with the exact model that was already in there.
There's an argument they did it for "battery lifespan optimization" which there is a semblance of truth, because there are different kinds of lead acids. The reality is they found a new way to force the majority of people into dealerships.
Registering batteries has been a thing for BMWs for at least a decade. The dance around keeping windows open etc is a little more annoying, but nothing out of the ordinary.
2 replies →
What a jackass thing to do to vehicle owners. Changing the battery is a normal maintenance action you can do on any competently designed vehicle in less than 20 minutes.
Does anyone know of a sort of "buyer beware" website where these sorts of gotchas are catalogued by users? I don't fully trust any vehicle manufacturers to be beyond pulling this sort of thing.
1 reply →
> I can’t change the 12V lead acid battery in my EV
Aside from that not having anything to do with it being an EV, it's worth mentioning that many newer EVs (most of the ones sold, perhaps) use a lithium 12V battery now, not lead acid. So in general they ought to last longer anyway. Plus Tesla, at least, doesn't 'register' batteries the way BMW does.
What is the story here exactly? Is there an official way to replace the battery that doesn't require a dongle? What does the dongle do exactly? Why does a new battery get drained if you don't follow this process carefully?
3 replies →
.... just imagine how many instructions you can hide in a 64-bit address space (I'm thinking of you intel hacker magic)
It would be so easy to get away with this kind of extortion at my work. Nobody reads my code that carefully, or cares if I don't get it reviewed and just merge it. Only one other person could understand it if he tried, and he has no interest or involvement in it. It could easily look like just a bit of incompetence on my part that requires some additional consulting from me after I have moved on.
That's not how I roll ... or sleep well, so my employer is in no danger from me. But there are many short-term devs who come through here, and I don't have the time to police them in detail.
But conceivably an LLM could do it. It could be just another step in a build pipeline. But, when LLMs can do this well, they can also write most of the code going into the pipeline.
This doesn't sound like the sort of thing some rogue developer secretly slips into the codebase.
Exactly. This is a company initiative to increase company profits. It's smart business, as long as it's not illegal or the fine is insufficiently high.
7 replies →
It's kind of amazing how blatant it was, they weren't even really trying to hide it much.
Similar to the VW emissions thing; if they'd been intentional about it they could have made it look much more like a mistake.
> But conceivably an LLM could do it.
It'd be kind of funny if an LLM did that "unintentionally", and wasn't able to unlock the code it wrote... ;)
The EN50128 safety standard for the European safety critical rail software places great importance on the development process.
Every change to the software has to be based on a defined requirement, and in order to validate the software you have to prevent evidence that every change was approved by a reviewer that is competent for that area of the software. The validation report contains the signature of this person.
If your code passes every test, but it wasn't developed in accordance with the process, it might as well not exist.
Of course I can't say how well this process was followed in NEWAG, but in theory rogue changes shouldn't be possible.
But how would you profit off of it? In the case here the company profits by forcing trains to use first-party workshops.
"Last time this failed, Bob was the only one who could fix it."
"Bob resigned a few months ago."
"See if he is willing to do some consulting. We'll pay whatever rate he demands."
I still occasionally have past employers call about things years after I left, and if I'd have been immoral enough to pull something like this, those systems could have been full of time bombs.
2 replies →
Who are these hackers and how did they get their hands on a train, among all things?
The truth is almost stranger than fiction. They are members of a group called Dragon Sector and were brought in by the train operator after 6 of their 12 largest trains became unresponsive after having inspections done at a rail yard owned by not-the-manufacturer of the trains. The manufacturer said the trains became unresponsive because of malpractice at the train repair shop and mentioned some condition that didn't appear to be in the maintenance manual. The train operator made contact with Dragon Sector and asked for their help.
It's a wild read: https://zaufanatrzeciastrona.pl/post/o-trzech-takich-co-zhak...
It appears to be malicious code included by the manufacturer to prevent third party repair that at one point included geolocation for triggering. Given that the train operator had to reduce train schedules for this which impacted service and income, it might end up as evidence in a lawsuit against the manufacturer at some point.
I would love to know if the checks were as brazen as presented in that post, or if the coordinate checks were obfuscated in some way. It sounds like they just assumed the operator would fold long before even getting at the code and couldn't even be bothered trying to make it look accidental.
2 replies →
> if the day is greater than or equal to 21st and
> if the month is greater than or equal to 11 and
> if the year is greater than or equal to 2021
> then report a compressor failure.
> [...] It was probably the software author's inability to construct IFs that made it necessary to wait until November 21, 2022 for the planned failure.
Oops!
2 replies →
Well the error message claims that they are infringing copyright. It very well could be that they are within their rights if the initial license/contract stipulated that they would only service the trains in their authorised locations. This should be illegal, but very well might be.
4 replies →
The most poetic part is how the train maker are merely looking out for their own profit margins.....
Economic theory(?) would suggest that if they don't do this, their competition eats their lunch and drives them out of business.
heck, Volkswagen did something much shadier to get their vehicle's emissions to comply
2 replies →
Here a comprehensive write-up in Polish in a somewhat sensationalized - but rightly so - tone: https://zaufanatrzeciastrona.pl/post/o-trzech-takich-co-zhak...
https://translate.google.com/?sl=auto&tl=en&text=https%3A%2F...
for those of you who like me can't quite understand literally anything otherwise
As explained by the linked article in Polish, the workshop reached out to them and asked of they could figure out why the train isn't working.
You wouldn’t download a train, would you?
tldr hackers are from DragonSector (one of the top CTF teams) - https://dragonsector.pl/
They were contacted by workshop which was doing maintenance of those trains and had no idea why they stopped working
This answers the question, How can I define corporate level malicious protectionism?
Well, it gives you an example, not quite a definition.
Generally I'm not part of the crowd that wants to send CEO's and management to jail for what are ultimately just bad business decisions.
But this should absolutely result in jail time. This is literally no different from if the managers of the company physically snuck into trainyards and snipped wires and removed valves or whatever.
It's literally just sabotage. It's a crime that should result in years of jail time for everyone in management who participated in this decision.
Yup. And this isn't sabotaging some random webshit SaaS. This is sabotaging critical national infrastructure - infrastructure that's of military relevance, and need I remind anyone, there's a hot war being waged over our eastern border right now.
I feel a good enough prosecutor could pin charges of treason here.
As much as I like to rake the executives over the coal for this, I'm disturbed by the trend of calling anything vaguely against the national interest as "treason". Nowadays if I hear someone is accused of treason absent any context, it could mean anywhere between "knowingly selling nukes to iran" to "lobbied for/against a policy that the accuser thinks is bad". In this case they're arguably scamming the government out of money, but that can hardly be compared to the crime knowingly aiding a known adversary.
10 replies →
It's passenger train. No more "critical national infrastructure" than city bus.
4 replies →
There are update logs of the train software. Because of them it is known that workers of the company literally snuck into waiting trains and updated the software without the owners knowing. So really, but far from that.
Oooh, now that's fascinating. What you say is known because of update logs wasn't in the article that I recall. Could you kindly provide a reference to where you learned this part of the story? Thanks!
> Generally I'm not part of the crowd that wants to send CEO's and management to jail for what are ultimately just bad business decisions.
This attitude is rare. Much more common is wanting to send them to jail for deliberately breaking the law -- or presiding over widespread flouting of the law by other management. E.g. The Wells Fargo cross selling scandal created literally millions of fraudulent accounts, and nobody went to jail.
>or presiding over widespread flouting of the law by other management. E.g. The Wells Fargo cross selling scandal created literally millions of fraudulent accounts, and nobody went to jail.
"presiding over widespread flouting of the law" isn't a crime though, and it's difficult to make that a crime without running into due process issues (eg. https://en.wikipedia.org/wiki/Mens_rea)
1 reply →
Another example for firmware manipulation: the Volkswagen emissions scandal (Dieselgate). Some firmware was changed, so that emissions were lower during emission tests.
That was a big scandal some eight years ago, who remembers?
https://en.wikipedia.org/wiki/Volkswagen_emissions_scandal
Maybe firmware fudging is more frequent than one would assume...
Ugh, please do not give car manufacturers any ideas!
...or Boeing.
> "The manufacturer argued that this was because of malpractice by these workshops"
Is this intended to say:
or
The poster also states
> "One version of the controller actually contained GPS coordinates to contain the behaviour to third party workshops."
This seems oddly specific, there are better ways to determine if the train has been serviced by the manufacturer or not, such as using PKI.
I can imagine a scenario where this isn't for greed of servicing fees, perhaps the brakes need replacing every x miles and if this isn't performed the train locks for safety. If the 3rd party workshops specified thought
The manufacturer would have significant backlash should the train then crash and kill people, regardless if the 3rd party workshop was at fault.
I'm all for right to repair for most things, however commercial public transport isn't one of them unless there's some vetting/accreditation process.
The workshops were already accredited and vetted, and followed official documentation that was supposed to cover the maintenance.
And the intended meaning of the sentence was that NEWAG implied that the workshops "did something wrong" and that's why the train didn't run.
I think you're putting very little weight into the ability of government organizations like the NTSB or equivalent to determine root cause of a crash. Just think of the situation with aircraft crashes. They have to deal with something that smeared into the ground at 400 miles an hour. And they're often still able to root cause with a high degree of confidence. I have a feeling train crashes are trivial in comparison to root cause (with rare exception).
You either require (and train) your NTSB to be able to independently diagnose accidents (in which case they would be able to tell who fudged the records about the fake brake overhaul) or you rely on the manufacturer for the diagnosis. Which to me is a concerning conflict of interest, since they will invariably want to shift the blame to the operator of the vehicle. I'm sure they could in the most honest case, point to excursions outside of recommended operating conditions during the life of the train and say "see? Your operator has been consistently taking this turn ed 10 mph faster than recommended by the manufacturer. Warranty void".. worst case they fudge the records and you have no competent independent examiner to dispute that.
I think your point is fine, but I don't think we should say a root cause analysis of a rail accident is "trivial".
For example, the most recent serious report from the UK has 113 pages, and detail on technical (friction, braking etc) and organizational issues just like an aircraft accident report:
https://www.gov.uk/government/news/report-122023-collision-b...
> I think you're putting very little weight into the ability of government organizations like the NTSB or equivalent to determine root cause of a crash
Not at all, I expect they will know every detail/fault/liability. In the meantime though, 'backlash'
(We see this often in Air accidents (737 MAX, Ospreys in Japan)
Even if the manufacturer is determined to not be at fault, bad tastes linger..
It's certainly reasonable for governments to require some sort of licensing or accreditation to work on safety-critical public infrastructure. It is not reasonable for another service provider to have the final say over that, especially through the use of undisclosed software locks.
I disagree. The owner should be able to get them repaired without needing the manufacturer to approve.
If the Manufacturer doesn't put security systems in place, situations like this are more likely
https://news.sky.com/story/fraud-officers-arrest-one-in-dawn...
> "The company supplies engine parts to several major airlines in the UK and abroad.
> In August. the Civil Aviation Authority announced it was investigating the same company for the "supply of a large number of suspect unapproved parts"."
2 replies →
Any of those reasons should then have been documented in public, which the poster said it was not.
> I'm all for right to repair for most things, however commercial public transport isn't one of them unless there's some vetting/accreditation process.
That is where you literally have a contract written up, stating this. In some cases that contract is ratified by the parliament (making it effectively the law)
That didn't prevent lots of commercial airliners from flying with potentially dangerous parts but a software restriction would have.
> "In August. the Civil Aviation Authority announced it was investigating the same company for the "supply of a large number of suspect unapproved parts"."
https://news.sky.com/story/fraud-officers-arrest-one-in-dawn...
Holy shit those aren't some random ass hackers
They are members of top CTF team of last decade - Dragon Sector
Also, the story is wild as fuck!
I think the way to fix this is to make sure manufacturers follow certain standards so that the products can be serviced by anyone who holds certificates in those standards.
This is mostly to break the liability/insurance barrier.
That's approximately what the EU forced to happen - third party repair shops were approved and allowed access to the service documentation. But that means nothing when the manufacturer decides to sabotage the trains in firmware and even install an Internet-connected hardware backdoor.
How many similar practices actually get discovered? In a way this is the "right" thing to do in a capitalist society. We are incentivising this behaviour by making it profitable. An honest company cannot compete with a company doing this, unless very rigorous regulations and enforcement of them. This gets harder and harder as tech gets more opaque. Adding more regulation, auditing, hoping that _all_ entrepreneurs are honest, are crutches trying to patch a fundamentally broken economical system.
If capitalism were a software, we would call practices like this code smell. We can try patching it up with some specific legislation and (costly) enforcement by e.g. code auditing in this case. But the real issue is that our economy is not optimizing for global (national) utility, it is optimizing for profits of individual business owners.
For B2B contracts of this kind of size a solution is to insist on clauses with very steep damages in the event of evidence of specific measures to prevent third party service or similar, coupled with never again dealing with a manufacturer like this.
The bigger problem is when manufacturers pull stunts like this on customers who can't afford and/or don't have sufficient financial incentive to figure out the underlying problem.
Steep damages is in many cases not enough because the likelihood of being found out is so low. The damages then have to be extremely steep for this behavior to not be incentivised. Basically to bring the expectation value negative, the damages has to be larger than the profit gain by this behavior, divided by the probability to be caught. Often this will be more than the value of the company, and then the damages do not matter as they simply bankrupt. In that case, the rational business practice is to go for it and hope to not get caught. Any other behavior will eventually lead to bankruptcy in a competetive market.
1 reply →
The fact that an entity can sometimes benefit from deceit has nothing to do with capitalism, specifically, and capitalism is not the simple proposition that profit justifies anything, even if some people sometimes suggest that it is, in order to advance their agenda - in a rather deceitful manner, I might add!
The pressure to benefit from deceit because outperforming competition is the only way to stay alive is unique to capitalism, though.
"capitalism is not the simple proposition that profit justifies anything" - of course, but it naturally leads to an environment where profit justifies anything. No business leaders avoid money-making immoral behavior unless it is overall unprofitable due to market conditions (a specific well-informed customer base, for example) or regulation.
do you have a counter-argument? because what I’m reading here is “you’re wrong and lying or lied to because of an ‘agenda’” and that’s it
what do you think GP or someone who has lied to GP really thinks?
why are they lying?
what’s their agenda?
do you agree that we (in the West) currently broadly live under Friedman’s version of capitalism, and, if so, do you agree that it broadly follows the mantra of “profit/shareholder value above all else”?
if you don’t think we live under that system, what system do you think we live under, and what differs it from the mantra of “profit/shareholder value above all else”?
13 replies →
this is all true, but what is the better system? Communism has its merits, but it’s extremely reliant on competent, benevolent leadership and struggles to be economically viable in an American-dominated world.
I think that a Keynesian, well-unionised economy with strong regulation is the solution. I’m sure they exist, but I struggle to think of many examples in history of over-regulation leading to a fault, but I can think of many, many examples of under-regulation managing it, and yet largely due to the capitalist-controlled media, over-regulation is the more feared of the two. This isn’t to say that over-regulation isn’t possible, of course it is, but I don’t think it is in tech.
To go on a tangent, I personally don’t believe in the untrammelled progress of tech. I can understand why people are so vehemently against that idea, of course it’s frustrating to restrict human ingenuity, and there’s a lot of money to be made, but tech is quantifiably making people’s lives worse. Smartphones are a fucking travesty. IQ scores are down something like 10% from the 90s. The internet isn’t great, but at least when you had to be at home logged into a desktop there was some friction. Now an entire generation is plugged into it permanently. An entire generation that doesn’t really read books, rarely thinks alone and in many ways hasn’t had to learn organisational or navigational skills.
AI doesn’t look like it’s going to make any of this much better. Even if we don’t achieve AGI, which I hope, neural networks are only going to get better and better, the best and most powerful ones in the hands of the richest people, who will simply use them to worsen inequality even more.
What else is next? Neuralink? Human genetic engineering? You would hope regulation would stand up to them, especially aesthetic genetic engineering, but who knows?
What we need is a nice big solar flare EMP. Something like the Carrington event
What's next is AI operated lethal weapons. You best believe all the elites are racing for those as fast as they can. As soon as those are a reality, all revolution against economic inequality becomes impossible.
The U.S. army wouldn't fire on civilian protestors, regardless of what a general ordered. An AI army would have no such restrictions or be vulnerable to appeals to morality and ethics.
6 replies →
In this case, they probably got the trains cheaper by agreeing to have them services only at official service stations.
Still a shady practice but not worse than having expiring license keys for unlocking features or similar things
Nope, there was separate tender for just trains, and for the servicing. NEWAG (manufacturer) won the train contract, but lost the servicing contract tender.
Under current rules they had to provide as part of the first contract complete documentation for servicing that any legitimate (vetted & certified) 3rd party company could then use. By servicing I mean literally taking the train apart and handling individual assemblies to original manufacturers at times.
So it is very shady, unethical, and illegal.
Oh you want brakes with that? Sorry you forgot to renew your license.
Tender process does not matter when you do crimes - just like you can't sell yourself to slavery or allow someone to kill you.