{
	"id": "7a1040f5-aa75-44f3-8f8b-3c2d87e74a94",
	"created_at": "2026-04-06T00:19:46.64439Z",
	"updated_at": "2026-04-10T03:30:33.720461Z",
	"deleted_at": null,
	"sha1_hash": "378ac1d51459678b2df14580d4cacd2ac04d027f",
	"title": "Hacking Polish Trams - Schneier on Security",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 32408,
	"plain_text": "Hacking Polish Trams - Schneier on Security\r\nPublished: 2008-01-17 · Archived: 2026-04-05 16:33:49 UTC\r\nA 14-year-old built a modified a TV remote control to switch trains on tracks in the Polish city of Lodz:\r\nTransport command and control systems are commonly designed by engineers with little exposure or\r\nknowledge about security using commodity electronics and a little native wit. The apparent ease with\r\nwhich Lodz’s tram network was hacked, even by these low standards, is still a bit of an eye opener.\r\nProblems with the signalling system on Lodz’s tram network became apparent on Tuesday when a\r\ndriver attempting to steer his vehicle to the right was involuntarily taken to the left. As a result the rear\r\nwagon of the train jumped the rails and collided with another passing tram. Transport staff immediately\r\nsuspected outside interference.\r\nHere’s Steve Bellovin:\r\nThe device is described in the original article as a modified TV remote control. Presumably, this means\r\nthat the points are normally controlled by IR signals; what he did was learn the coding and perhaps the\r\nlight frequency and amplitude needed. This makes a lot of sense; it lets tram drivers control where their\r\ntrains go, rather than relying on an automated system or some such. Indeed, the article notes “a city\r\ntram driver tried to steer his vehicle to the right, but found himself helpless to stop it swerving to the\r\nleft instead.”\r\nThe lesson here is that security by obscurity, combined with physical security of the equipment, wasn’t enough.\r\nThis kid jumped whatever fences there were, and reverse-engineered the IR control protocol. Then he was able to\r\nplay “trains” with real trains.\r\nTags: public transit, spoofing\r\nPosted on January 17, 2008 at 3:43 PM • 30 Comments\r\nSidebar photo of Bruce Schneier by Joe MacInnis.\r\nSource: https://www.schneier.com/blog/archives/2008/01/hacking_the_pol.html\r\nhttps://www.schneier.com/blog/archives/2008/01/hacking_the_pol.html\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://www.schneier.com/blog/archives/2008/01/hacking_the_pol.html"
	],
	"report_names": [
		"hacking_the_pol.html"
	],
	"threat_actors": [
		{
			"id": "75108fc1-7f6a-450e-b024-10284f3f62bb",
			"created_at": "2024-11-01T02:00:52.756877Z",
			"updated_at": "2026-04-10T02:00:05.273746Z",
			"deleted_at": null,
			"main_name": "Play",
			"aliases": null,
			"source_name": "MITRE:Play",
			"tools": [
				"Nltest",
				"AdFind",
				"PsExec",
				"Wevtutil",
				"Cobalt Strike",
				"Playcrypt",
				"Mimikatz"
			],
			"source_id": "MITRE",
			"reports": null
		}
	],
	"ts_created_at": 1775434786,
	"ts_updated_at": 1775791833,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/378ac1d51459678b2df14580d4cacd2ac04d027f.pdf",
		"text": "https://archive.orkl.eu/378ac1d51459678b2df14580d4cacd2ac04d027f.txt",
		"img": "https://archive.orkl.eu/378ac1d51459678b2df14580d4cacd2ac04d027f.jpg"
	}
}