A Polish teenager allegedly turned the tram system in the city of Lodz into his own personal train set, triggering chaos and derailing four vehicles in the process. Twelve people were injured in one of the incidents. The 14-year-old modified a TV remote control so that it could be used to change track points, The Telegraph …
Give him a job!
OK: he might be a bit young - but he sounds like someone with a brain that works.
and we're all worried about the security of airlines and nuclear powerplants, changing the signals/points for a 60 -> 100mph train would appear a far better terror tactic.
As it gives a quad whammy, train crash means
b: puts a line out of service until fixed and complete investigation done.
c: probably hard to trace if it were possible and the fact that it was intentional may not come to light until it had happend several times.
d: actual fear of using transport network, bombs are far fetched as they're reasonably hard to make and can only be used once, where as a device to change switches or signals, well that'll work as long as you have batteries. You never know when it may go horribly wrong.
Course it may not be possible at all with the UKs aging network, you probably need to move a lever or something.
You mean Łódź. (That's assuming you don't filter extended characters from comments!)
@Give him a job!
Brains that work? Ok he hacked the system, but he derailed 4 trains and hurt a load of people. throw him at an oncoming train more like.
A bloody Nobel I reckon.
Who Built It?
The 14 year old certainly deserves some punishment as the actions were dangerous, although likely not with malice. At 14 I was smart enough to know better, but probably not wise enough to show it, it sounds similiar here and ruining his life for it is just a waste.
How ever I would want to see who ever is responsible for the flawed system being there in the first place charged with criminal negligence.
Nice if this worked on UK traffic lights... I'd go get one of those remote control watches I remember so fondly for causing havoc in schools.
But doesn't anyone else think having a train line controlled by an infra red signal slightly worrying?
Reading your quad whammy list has made me realise that this strategy has been in place for years in the UK.
Why is the system flawed, you cant protect against every and any potential problems that a system may face. Generally you don't expect teenagers to hack into the rail system. I mean who does that? and why?
Brain that works?
Sounds to me like he just programmed a universal remote. Hardly rocket science. And when I was his age my brain did morality too.
Theoretically you could (at least for some of them). Some traffic lights have sensors in them that detect when emergency service vehicles or buses approach and 'green light' them. Never seen a public exploit for it though...
Duncan this is a tram line not a train line, the difference is trams are slow moving and hence can stop very quickly (unlike your average train). Therefore I'd assume that the system is totally decentralized (and so cheaper), I'd guess the tram drivers have infrared controls within their trams which they use to switch the points. Through the use of basic procedures etc that the tram drivers follow I imagine the system works very well with minimal costs. The worst case is that two trams end up on the same track but this isn't a problem as long as the drivers are paying attention as they'll notice the other great big tram and stop in plenty of time. All this saves having complicated computer controlled networks, expensive cabling and computer errors.
I imagine this is what the orginal designers thought and they had a point. Unfortunately for them they didn't consider the security implications. At the end of the day though I'm not sure what a sensible solution is, a set of armed guards at every point maybe? Anything less and there is still plenty of options of physical intervention to manually change the point.
"...doesn't anyone else think having a train line controlled by an infra red signal slightly worrying?"
Yes, I'm happier with the tin cans and wet string in use on the Underground!
lol - all the talk of the wrong kind of leaves makes sense now! They just didn't want us to know that someone had a pocket point remote control.
Perhaps it just looked like a TV remote, and actually used a wireless signal instead? Send the right signal to change the track.
I'll be struck dumb if they do use IR to change track points.
So do Polish tram signal systems work on IR? So anyone with a cheap programmable all-in-one remote could play with trains at will? Blimey.
Traffic Lights - it's been thought of already. A company we used for penetrations tests had a job to try and crack the IP interface of some traffic lights and see what they could do with them. I don't know what they found though.
Trams and trains are on tracks and would rarely go towards financial or military buildings/installations so the powers than be wouldn't really care about the terror threat.
And theres u thinking it was all about your safety, afraid not its the money and big boys toys they're really worried about :)
It's so sad when a promising youngster goes off the rails
The Addams family?
Just a thought. Is he related to Gomez Addams by any chance?
Why isn't it reasonable to take this kid out the back and give him a darn good kicking? Using the trams as a personal train set? Git.
Did he actually hack anything?
Is this a contender for understatement of the year ?
"The apparent ease with which Lodz's tram network was hacked, even by these low standards, is still a bit of an eye opener."
No more esoteric arguments please
@Tom: "Did he actually hack anything?" No, the tram derailed itself.
Too smart or too dumb?
The world is full of kids who are too smart for their own good, and full of systems (and system designers) who are too dumb or too short-sighted for their own good.
"Transport command and control systems are commonly designed by engineers with little exposure or knowledge about security using commodity electronics and a little native wit."
Hopefully the Boeing 787 Dreamliner is built with better security procedures.
Talented = Autistic?
A lot of people are suggesting that the kid should have known better and deserves a kicking or thrown in front of a train.
Maybe they should stop to realise that a number of these "child geniuses" may be autistic and not know any better? I've known a few prodigies like this who are extremely intelligent and gifted yet don't always know the difference between right and wrong because of their condition.
The authorities should be concentrating their efforts on terrorists realising this untapped potential of high intelligence and 'grooming' them to perform terrorist acts.
Give him a job at network rail
He at least will have the trains running on time and better saftey record.
re: Give him a job!
"OK: he might be a bit young - but he sounds like someone with a brain that works."
How do you figure? Because he was able to break into the depots, retrieve the necessary specifications, and was able to read them? I know that both the US and UK have education problems, but certainly the ability to read should not be interpreted as "a brain that works", even by today's standards. Nor should it be reason for praise, awards, or anything else.
His actions were unethical, illegal, and dangerous. He should not be awarded, he should be punished.
@Nick - never seen a public hack of traffic lights?
I thought everyone knew about this one. You just flash your car headlights as you approach (about the same speed as you'd have if it was a police car flashing light) and the light changes to green much quicker.
This works especially well with roadworks at night where there is no one coming the other way, so you don't have to sit at a pointless red light.
how come nobody has asked how the kid was caught?
"oh, the train has derailed... hey that kid has a tv remote - Get him!!!"
the paris icon because it has a question mark ;-)
Security-careless installation engineers
A couple of years ago the powers that be refitted the whole of Clapham Junction train station with new train-information screens. For months after, they helpfully left little stickers bearing their individual IP addresses on each and every one. By itself, this hardly opens a hack, but it does dangle temptation in front of the eyes of potential teenage meddlers...
@ Steve Button
"You just flash your car headlights..." "...and the light changes to green much quicker."
Press F5 fast enough and the 'Stop' icon changes to 'Go'.
Photos of his kit
Miroslaw Micor, spokesman for the Łódź police, contradicts himself:
"He ... built a device that looked like a TV remote control and used it to manoeuvre the trams and the tracks"
"He had converted the television control into a device capable of controlling all the junctions on the line"
So did he build a device or convert a telly remote? The Torygraph story said he trespassed at depots to get info and equipment to build the IR device, the latter. There are also photos on the Torygraph story of some of his kit: a lot of keys, and what looks like a front bicycle light and a calculator, possibly connected.
A photo of one of the tram crashes:
This almost takes me back to the days of hack-tic. I hope there will always be people around that go around looking at things and observing the interesting ways in which they break.
It's do to plonkers like this kid that we have DRM and encryption.
It doesn't seem that out of the question that a tram system may have points that are controlled from the cab of the tram, either by IR or radio. All you need to do is assume that the points aren't switched the way you want them and explicitly switch them to the correct direction whenever you approch. There would be no need for security in the points control system if trams don't go over the maximum safe speed (ie the max speed you can be switched from your current line) for the points when they cross.
I suspect what happened here is that the scrote, sorry teen, switched the points when a tram was halfway over the points, cuasing derailment. It's not too long ago that tram systems had manual points which would have been controlled from the street (IIRC). Trams are not like rail systems in that they don't tend to have signalling systems.
As for giving him a job, a kicking would seem more appropriate.
@ Chris C
Actually, here in the UK, being able to read pretty much does show a brain that works.
The levels of reading and writing really are that bad...
I suspect that the Tram system in Łódź (thanks for the "copy 'n paste" Steve) has been this secure for a looong time.
The only thing that's changed is that, these days, screwing around with it results in arrest, a court case and, probably, a fine. Oh, and a lot of kudos from your mates.
When it was put in, tampering with it would have resulted in some very stern looking people taking you away in the middle of the night, asking you a lot of serious questions in a way that *really* encourages a quick answer. Oh, and your mates will never admit to having ever heard of you ever again.
Deterrence can be just as effective as security.......
after that photo..
If someone I cared about was on one of those trams, injured or not, I'd be looking for the little turd right now........
Will they be in the stores soon?
Universal remotes with a ' tram points ' button between ' TV ' and ' DVD ' ?
Łódź for words
This would be the same Łódź that just paid £10,000 for a website. A website that consists of just one page. A page that consists of just one image and no actual text. Image mapped to link to a bunch of external sites. All paid for by Polish tax payers money...
It sounds to me like Governments are just a waste of taxpayers money. Whereever you are in the world...
"Theoretically you could (at least for some of them). Some traffic lights have sensors in them that detect when emergency service vehicles or buses approach and 'green light' them. Never seen a public exploit for it though..."
Been done, at least once, in the US.
I see the problem
he is a "hoodie" (which my mum thinks is a contraction of hoodlum, bless her)
my hat, my coat, my gloves and my phoney dog poo!
Re. Security-Careless Installation Engineers
Did these IP addresses begin with 192. by any chance? If so those are internal network addresses.
Re: Traffic Lights
The device you want is known as a MIRT, apparantly. Details on building one (against the law, though) are here:
>> "He treated it like any other schoolboy might a giant train set, but it was lucky
>> nobody was killed. Four trams were derailed, and others had to make emergency
>> stops that left passengers hurt. He clearly did not think about the consequences
>> of his actions,"
...a fourteen year-old boy who didn't think about the consequences of his actions. I thought fourteen year-old boys are well known for thinking through their actions.
@ Giles Jones
>> It's do to plonkers like this kid that we have DRM and encryption.
It's plonkers who design systems like this without thought to encryption that are the problem. Designing such a system without thought to security akin to designing such a system without thought to safety.
It is almost as bad as bus designers who design buses which are unlockable and bus drivers who leave the keys in the ignition whilst the driver goes to buy fags whilst at a timed stop. Goodness knows how many double deckers (sometimes full of passengers) have been stolen in this manner.
@ W @ steve
Snopes is wrong on this... One of my college projects was using OpenCV to create a similar system, as well as personal experience with my Motorcycle and Car.
A good majority of intersections work with Camera Vision Systems coupled with Inductive Sensors in the pavement. My small Tiburon (Coupe in the UK) was able to set off inductive sensors, but at night, I would experience problems with intersections that were purely based on camera vision triggered. I saw this 'tip' on snopes and gave it a try. I discovered that turning on my brights (not flashing) would trigger the camera recognition system.
My motorcycle (Honda VTX 1300c) is not able to trigger most inductive systems and has a small profile that very few camera systems would pick up. I discovered tha.the "blaring the higbeam" (again, not flashing) was the only way to trigger some lights.
The CV system works by detecting a change above a certain threshold in it's picture view. Turning on your brights createst a greater change in the picture.
If you happen to live near Overland Park, KS, you can test what I have found at the intersection of College and Nieman in the south left turn lane on Niemen. The intersection would not pick up my bike/car without highbeams (I used to run the light on my motorcycle after sitting for 5-10 mins)
AFAIK, few UK cities have those systems yet- but they rely on a transponder;
Presumably, a grabber is all you need. I doubt they bother with encryption either.
- YARR! Pirates walk the plank: DMCA magnets sink in Google results
- Pics Whisper tracks its users. So we tracked down its LA office. This is what happened next
- OnePlus One cut-price Android phone on sale to all... for 1 HOUR
- UNIX greybeards threaten Debian fork over systemd plan
- MARS NEEDS WOMEN, claims NASA pseudo 'naut: They eat less