Newag: Difference between revisions
Michal.296 (talk | contribs) Adding info about lawsuit |
Michal.296 (talk | contribs) Adding link to article |
||
| Line 11: | Line 11: | ||
==Incidents== | ==Incidents== | ||
===2023 Anti-competition GPS and time based software lockups [https://zaufanatrzeciastrona.pl/post/o-trzech-takich-co-zhakowali-prawdziwy-pociag-a-nawet-30-pociagow/ <nowiki>[1][pl]</nowiki>]=== | ===2023 Anti-competition GPS and time based software lockups [https://zaufanatrzeciastrona.pl/post/o-trzech-takich-co-zhakowali-prawdziwy-pociag-a-nawet-30-pociagow/ <nowiki>[1][pl]</nowiki>] [[Newag backdoor]]=== | ||
In December of 2023 white-hat hacker group Dragon Sector revealed their findings regarding Newag Impuls rolling stock malfunctions. They were employed by SPS Mieczkowski (Serwis Pojazdów Szynowych Mieczkowski) to investigate issues they were having regarding repair of Newag Impuls trains. After getting access to debug port, copying contents of management computer and reverse engineering the result code, they found multiple flags that were tripped from zeroed values. After correcting those and reinserting the computer to the train it have returned to normal function. Then they proceed with analysis of the code. In their findings they presented multiple instances of GPS coordinates that were pointing to the competing service companies. After detecting extended stay at these coordinates (10 days) the train were to lock up and the only repair option was to send the train for service to producer facility. In the code of different computers the group also found parts serialization and arbitrary timed component malfunction. After these findings investigation and court case was initiated against the company and as of August 2025 they have not yet reached the conclusion. | In December of 2023 white-hat hacker group Dragon Sector revealed their findings regarding Newag Impuls rolling stock malfunctions. They were employed by SPS Mieczkowski (Serwis Pojazdów Szynowych Mieczkowski) to investigate issues they were having regarding repair of Newag Impuls trains. After getting access to debug port, copying contents of management computer and reverse engineering the result code, they found multiple flags that were tripped from zeroed values. After correcting those and reinserting the computer to the train it have returned to normal function. Then they proceed with analysis of the code. In their findings they presented multiple instances of GPS coordinates that were pointing to the competing service companies. After detecting extended stay at these coordinates (10 days) the train were to lock up and the only repair option was to send the train for service to producer facility. In the code of different computers the group also found parts serialization and arbitrary timed component malfunction. After these findings investigation and court case was initiated against the company and as of August 2025 they have not yet reached the conclusion. | ||
Latest revision as of 12:25, 16 August 2025
| Basic information | |
|---|---|
| Founded | 1876 |
| Legal Structure | Public |
| Industry | Railway |
| Official website | https://www.newag.pl/ |
Newag is Polish producer of train rolling stock. Company was founded in 1876 on territory of Austro-Hungarian Empire and named as Imperial–Royal Railway Workshops. After two World Wars company was state owned and changed name to ZNTK Nowy Sącz. After financial troubles in 2001 some of company stocks owned by Polish government was bought in the year 2003. In the year 2005 company changed it's name to Newag.
Incidents[edit | edit source]
2023 Anti-competition GPS and time based software lockups [1][pl] Newag backdoor[edit | edit source]
In December of 2023 white-hat hacker group Dragon Sector revealed their findings regarding Newag Impuls rolling stock malfunctions. They were employed by SPS Mieczkowski (Serwis Pojazdów Szynowych Mieczkowski) to investigate issues they were having regarding repair of Newag Impuls trains. After getting access to debug port, copying contents of management computer and reverse engineering the result code, they found multiple flags that were tripped from zeroed values. After correcting those and reinserting the computer to the train it have returned to normal function. Then they proceed with analysis of the code. In their findings they presented multiple instances of GPS coordinates that were pointing to the competing service companies. After detecting extended stay at these coordinates (10 days) the train were to lock up and the only repair option was to send the train for service to producer facility. In the code of different computers the group also found parts serialization and arbitrary timed component malfunction. After these findings investigation and court case was initiated against the company and as of August 2025 they have not yet reached the conclusion.
2024 Lawsuit against SPS and Dragon Sector on grounds of copyright infringement [2][pl][3][pl][edit | edit source]
In August of 2024 Newag Group launched lawsuit against SPS and Dragon Sector group. In this lawsuit Newag claims Dragon Sector exposed train passengers to danger by modifying code of train computer, while simultaneously claiming that Dragon Sector did not modify the code after reverse engineered it, in which case such action breaks the rule of EU Directive 2009/24/EC thus infringing on copyright of the software developed by Newag. As of August 2025 this lawsuit not yet reached the conclusion.