this post was submitted on 14 Dec 2023
317 points (99.7% liked)

Right to Repair

1525 readers
1 users here now

Whether it be electronics, automobiles or medical equipment, the manufacturers should not be able to horde “oem” parts, render your stuff useless if you repair it with aftermarket parts, or hide schematics of their products.

I Fix It Repair Manifesto

Summary article from I Fix It

Summary video by Marques Brownlee

Great channel covering and advocating right to repair, Lewis Rossman

founded 1 year ago
MODERATORS
 

The situation is a heavy machinery example of something that happens across most categories of electronics, from phones, laptops, health devices, and wearables to tractors and, apparently, trains. In this case, NEWAG, the manufacturer of the Impuls family of trains, put code in the train’s control systems that prevented them from running if a GPS tracker detected that it spent a certain number of days in an independent repair company’s maintenance center, and also prevented it from running if certain components had been replaced without a manufacturer-approved serial number.

The problem was so bad that an infrastructure trade publication in Poland called Rynek Kolejowy picked up on the mysterious issues over the summer, and said that the lack of working trains was beginning to impact service: “Four vehicles after level P3-2 repair cannot be started. At this moment, it is not known what caused the failure. The lack of units is a serious problem for the carrier and passengers, because shorter trains are sent on routes.”

Very good article, I'd recommend reading it. I hope the court rules against NEWAG and sets a precedent for right to repair.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 21 points 11 months ago* (last edited 11 months ago) (1 children)

~~The mere fact that the manufacturer had a remote kill switch is the safety issue that should have a big spotlight.~~(edit: this is not the case - see the reply below) What if a malicious hacker decides to trigger that kill switch while the train is loaded with people and at a sensitive moment (e.g. on bridge/cliff with a huge drop).

If the kill switch were in place for dealing with hi-jackers, perhaps fair enough. But having it for the purpose of business protectionism is an entirely reckless safety risk.

There’s an overlooked failure here: why doesn’t the Polish transport authority have a clause in their procurement contracts that bans trains with remote-control kill switches that are not under user control? And why wasn’t the code reviewed to catch that in advance? The hackers say they did not alter the code, which somewhat implies that the source code might have been available for inspection.

[–] [email protected] 5 points 11 months ago* (last edited 11 months ago) (1 children)

In the talk they gave yesterday night, Dragon Sector hackers clarified that they are not aware of any remote control available to the manufacturer.

The locks were implemented inside the code both when the trains were first serviced to railway operators by the manufacturer, and any time the manufacturer was given direct on-hand access.

See here to watch their speech: https://feddit.it/post/4391905

[–] [email protected] 5 points 11 months ago* (last edited 11 months ago)

Thanks for the link. Indeed you are correct. The lock only triggers when it’s stopped and it’s hard-coded and not remote. Apparently the only comms involved was the train signalling to the manufacturer that the lock was triggered.