Comment by Zigurd
4 hours ago
About a year ago a Polish rail equipment supplier brought a lawsuit over a locomotive because it was serviced by a third-party, and the service was enabled by jailbreaking software in the locomotive.
Surveillance tech in products doesn't necessarily imply grey zone warfare. But that doesn't make it a good thing either.
I'm not sure this comment does justice to the situation.
Poland put out a separate bid for manufacturing and servicing of their locomotives and one company won the manufacturing bid while another won the servicing bid.
The servicing company was unable to get the trains into working order and after hiring hackers accused the manufactoring company of bricking the software on purpose by including geo-fences where the trains would no longer work after arriving at the servicing company's property.
Perhaps the interesting part to me was Dragon Sector's (the hackers) claims that the software needs to be blessed so although they discovered problems they never changed anything because they don't have the authority to bless it and heavily imply that the fact that the manufactoring company is changing the software at will is illegal.
The changes by the manufactoring company had an (undisclosed) activation sequence added to it so you didn't need to modify the software in order to get the train working so the servicing company never actually modified the software.
https://www.youtube.com/watch?v=XrlrbfGZo2k
https://www.ifixit.com/News/112008/polish-train-maker-is-sui...
The jailbreak was necessary because Polish supplier hardcoded location of their service shop and added code which makes train inoperative if serviced elsewhere.