– , Saal 1
Language: English
You've probably already heard the story: we got contracted to analyze a bunch of trains breaking down after being serviced by independent workshops. We reverse engineered them and found code which simulated failures when they detected servicing attempts. We presented our findings at 37C3… and then shit hit the fan.
This talk will be an update about what happened since our 37C3 presentation. We’ll talk about:
- Three parliamentary workgroup sessions with dirty bathroom photos on Newag’s offtopic slides, train operators revealing that they paid Newag more than 20k EUR for unlocking a single train, which Newag was able to unlock in 10 minutes, and at the same time saying that they don’t know anything about the locks.
- 140-page lawsuits, accusing us of copyright violation and unfair competition (sic!) with a lot of logical gymnastics.
- How it’s like to repeatedly explain reverse engineering concepts to journalists.
- 6 official investigations, two of them criminal.
- New cases revealed since then (from different train operators).
- and much more!
A reverse engineer interested in cryptography and low-level hacking, who analyzes random things just to check how they work. Currently works at Invisible Things Lab on SGX-related projects. Vice captain of Dragon Sector CTF team. In the past hacked some satellites with Poland Can Into Space team. Recently mostly known for reverse engineering a bunch of trains in Poland.
A soul stuck between hardware and software. Bottom-half task processor, living somewhere between semiconductor and system APIs.
TODO