this post was submitted on 13 Dec 2023
1437 points (99.4% liked)

Technology

59466 readers
2965 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

In one of the coolest and more outrageous repair stories in quite some time, three white-hat hackers helped a regional rail company in southwest Poland unbrick a train that had been artificially rendered inoperable by the train’s manufacturer after an independent maintenance company worked on it. The train’s manufacturer is now threatening to sue the hackers who were hired by the independent repair company to fix it.

After breaking trains simply because an independent repair shop had worked on them, NEWAG is now demanding that trains fixed by hackers be removed from service.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 91 points 11 months ago (1 children)

This reminds me of the hacked McDonalds ice cream machines. Except the shitty manufacturers won that one.

[–] [email protected] 26 points 11 months ago (4 children)

Sadly they will probably win this as well. Some claim there could safety concerns and it isn’t certified or could damage their brand… time for people’s manufacturing of products? Hehe

[–] [email protected] 19 points 11 months ago

But if the people controlled the means of production... that would be...

[–] [email protected] 19 points 11 months ago

I think this one might go well. Company preventing a country's trains from being serviced by a third party. I expect that train builder has already tanked their business, but it would be an interesting one to be litigated, the sort of case that can get the law changed

[–] [email protected] 10 points 11 months ago (1 children)

I'm not firm in polish law, do they have the same laws as in the USA? Because that's what you're comparing right?

[–] [email protected] 1 points 11 months ago

As far as I know, there is no such thing as DMCA provisions against working around software protection mechanisms in the EU and in fact at an EU level the direction is to increase ownership rights, not decrease them.

However depending on the contract the train company might not legally own those trains (for example, it's structured as a Lease), but if the hackers can show proof that the train company authorized them to do those changes it would be a case against the train company, not the hackers.

[–] [email protected] 2 points 11 months ago* (last edited 11 months ago) (1 children)

This is an EU country, not the US.

Things like the DMCA provisions forbidding working around IP protection mechanisms (and software is copyrighted) don't apply here.

IANAL (so take this it with a pinch), unless the trains are legally theirs rather than the train company's, it's not hacking, it's just "software maintenance" and the only right this company has here is to withdraw product warranties because of "unauthorized changes".

There might or not be a case against the train company (for example, if the contract forbade this or the train company tried to sell those trains onwards as if they were original) but not against the people who did the software changes on the trains when authorized by the owners of said trains.

[–] [email protected] 1 points 11 months ago (1 children)

I assume EU has safety regulations and if a train suddenly loses its brakes they would be liable wouldn’t they? Now they can say someone has “hacked the train” and they can’t guarantee the brakes will work. I am not sure where the USA argument came from

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

The responsability of circulating with a vehicle that abides by safety regulations is of the owners, not the makers.

You'll notice that even in the consumer auto segment (which, since run-of-the-mill consumers are not expected to be "experts", has lots of of ways to make sure that brand new cars are sold already pre-certified "road-worthy" because normal consumers don't have the know-how to make sure of it themselves), the actual car owners still have the responsability of having a periodic inspection done to the car and repair those things that stop it from being road-worthy and they cannot circulate with it in a public road if it's not compliant (at least that is the case in Europe).

Outside the consumer segment, I expect that the rules for trains are pretty similar to those for commercial aviation: the manufacturer has no responsability beyond a contractual one (i.e. the purchasing entity probably demands contractually that the vehicles they get comply with regulations, the parts they buy obbey certain specifications and maintenance done by a manufacturer-certified shop delivers a compliant vehicle) and all the regulatory responsability is in the hands of the owner (more specifically the "operator", as for example for leased planes the airline doesn't actually own them but they do operate them hence they're the ones with regulatory responsabilities).

The USA argument comes from the anti-circunvention legislation for software being part of the DMCA law, said legislation giving rights to the makers of the software to stop changes to it even in devices they do not own. Where such legislation does not apply there is no law forbidding somebody doing whatever changes they want to software as long as they own the device containing said software or have the authorization of the owner of the device whose software they are changing - the only applicable legislation here is Copyright and that only limits the distribution of the software, not the changing of it.

It's not at all unusual for Americans to argue that people can't legally circumvent software protections even in devices they own, because that is indeed the case in their country thanks to the DMCA, but expecting that to be the case in Poland doesn't make sense as the laws there are not at all the same as in the US.

[–] [email protected] 1 points 11 months ago (1 children)

That’s a whole lot of energy spent based on completely incorrect assumptions about me or what I was saying so your argument can work. But sure whatever makes you feel like you are right.

[–] [email protected] 1 points 11 months ago

That's a very weird take.

You don't know me and went all weirdly personal full of assumptions about me and without making an actual argument.

Whatever is going on there, it's all in your head.