Breaking "DRM" in Polish trains (37c3)
Reverse engineering a train to analyze a suspicious malfunction
Chaos Computer Club - archive feed · Redford, q3k, MrTick
December 27, 20231h 1m
Audio is streamed directly from the publisher (cdn.media.ccc.de) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
We've all been there: the trains you're servicing for a customer suddenly brick themselves and the manufacturer claims that's because you've interfered with a security system.
This talk will tell the story of a series of Polish EMUs (Electric Multiple Unit) that all refused to move a few days after arriving at an “unauthorized” service company. We'll go over how a train control system actually works, how we reverse-engineered one and what sort of magical “security” systems we actually found inside of it.
Reality sometimes is stranger than the wildest CTF task. Reality sometimes is running `unlock.py` on a dozen trains.
The talk will be a mix of technical and non-technical aspects of analysis which should be understandable for anyone with a technical background. We’ll briefly explain how modern EMUs look like inside, how the Train Control & Monitoring System works, and how to analyze TriCore machine code.
about this event: https://events.ccc.de/congress/2023/hub/event/breaking_drm_in_polish_trains/
Topics
37c3121422023Hardware & Making