|
14 posts total
 Looks like Newag isn't satisfied with how their civil lawsuit against us in Warsaw is going - because they just filed another one, this time in Gdańsk, and from another corporate entity they manage. And to add to the pile of arbitrary accusations, this time it's about unfair competition (again) and violation of their corporate personality rights (slander?).  ✅ Attend a legal hearing about train hacking certainly one of the most days
Show previous comments
Just two days left until the first hearing in Newag's lawsuit against us (Dragon Sector members) and SPS. It will take place on 28.08.2024 at 10:00. In case you've missed it, we're being accused of infringing upon Newag's intellectual property and unfair competition. This is, of course, bullshit and a great example of a SLAPP case.  The hearing will take place in the 22nd Department of Intellectual Property at Czerniakowska 100 in Warsaw. To those interested are invited to observe on site as audience members, you can refer to the hearing number XXII GW 493/24. Of course, the hearing will be in Polish. Anyone looking to hire a generalist software engineer with a knack for low-level, security and distributed systems? I've been at my job for 5 years, built up a codebase from prototype to a working product with strong foundations. But I think I need a change of scenery now. I feel most comfortable working with Go and Rust, but I'm flexible, as long as there's space for solid engineering practices in your org. CV available on request, email me (q3k@q3k.org). Remote or Munich-based. It's finally happened! NEWAG IP Management just sued us for copyright infringement and unfair competition. This is a civil lawsuit in Warsaw, parallel to a criminal investigation that's happening in Cracow. Of course, they got our postal addresses wrong (they could've just asked!) so we only just got a copy from the court, but hey, we now have 164 pages of content to dive into. 
Show previous comments
„Zainstalowane przez hackerów oprogramowanie” - jak PAP.pl kłamie o aferze z Newagiem https://q3k.org/2024-06-11-pap-newag-pl.html To nie jest to co miałem nadzieję zapostować w najbliższym czasie w sprawie afery z Newagiem... ale tego typu kłamstwa nie powinny pozostać bez odpowiedzi.
Show previous comments
  @q3k władza się zmienia, niezmienne pozostają praktyki niezależnie kto jest u władzy. “Software installed by hackers”- how the Polish Press Agency lies about the Newag scandal https://q3k.org/2024-06-11-pap-newag-en.html Whatever update I was hoping to post about the Newag scandal wasn't this - but this sort of lie has to be corrected.
Show previous comments
  @q3k@social.hackerspace.pl "Software installed by hackers" as in ... the people who were hired by the owners of the trains to fix them and consider themselves "hackers" by trade, not by crime? I would like to thank Jia Tan for authoring the best CTF challenge of the past decade.
Show previous comments
 
Show previous comments
 Re the supposed killswitch: I don't get the point of a killswitch. Where would malware authors use it?  @q3k I could have sent you the abomination of a 30 pin uart cable I made when I was like 10 held together by cold solder joints and hot glue @q3k just one palet more bro they'll skyrocket in value please bro just one truckload more  I can finally reveal some research I've been involved with over the past year or so. We (@redford, @mrtick and I) have reverse engineered the PLC code of NEWAG Impuls EMUs. These trains were locking up for arbitrary reasons after being serviced at third-party workshops. The manufacturer argued that this was because of malpractice by these workshops, and that they should be serviced by them instead of third parties. 1/4 
Show previous comments
 Incredible work, the manufacturers of this EMU endangered lives and should face the full brunt of the law for this antisocial rent-seeking
@q3k pre-installed ransomware. Any clue on the legality of incorporating such a system, either with or without disclosing it to the customer?
Show previous comments
 @q3k oh cool, i really want one of those for some reason, they look tasty Finally put together a full writeup about wInd3x, the iPod Nano 5G bootrom vulnerability I discovered and exploited last year:  |
Gregory's Server
We didn't receive the paperwork yet - we just learned about this through a post on Twitter by someone who happened to look at their executive board report for 2024H1. We'll only know what this is about once we actually receive the lawsuit. Hopefully this time they managed to use our real postal addresses.
https://www.newag.pl/wp-content/uploads/2018/09/SZ-5.pdf (page 26).