We've not been trained for this: life after the Newag DRM disclosure

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
Not yet available
Language
English
Abstract
You've probably already heard the story: we got contracted to analyze a bunch of trains breaking down after being serviced by independent workshops. We reverse engineered them and found code which simulated failures when they detected servicing attempts. We presented our findings at 37C3… and then shit hit the fan.

This talk will be an update about what happened since our 37C3 presentation. We’ll talk about:
- Three parliamentary workgroup sessions with dirty bathroom photos on Newag’s offtopic slides, train operators revealing that they paid Newag more than 20k EUR for unlocking a single train, which Newag was able to unlock in 10 minutes, and at the same time saying that they don’t know anything about the locks.
- 140-page lawsuits, accusing us of _copyright violation and unfair competition_ (sic!) with a lot of logical gymnastics.
- How it’s like to repeatedly explain reverse engineering concepts to journalists.
- 6 official investigations, two of them criminal.
- New cases revealed since then (from different train operators).
- and much more!

Talk ID
38c3-336
Event:
38c3
Day
1
Room
Saal 1
Start
11 p.m.
Duration
01:00:00
Track
Hardware & Making
Type of
Talk
Speaker
Michał Kowalczyk
q3k
Jakub Stepniewicz
Michał Kowalczyk
q3k
Jakub Stepniewicz
Talk Slug & media link
38c3-336-we-ve-not-been-trained-for-this-life-after-the-newag-drm-disclosure

The video is not yet available