They have not been trained for this

Original Article ↗ Hacker News Discussion ↗

Background and prior coverage

  • Thread discusses Polish train manufacturer Newag allegedly using DRM / “logic bombs” to disable trains serviced by third‑party workshops, and the hackers who reverse‑engineered and disabled these mechanisms now being sued.
  • Multiple prior HN threads and CCC talks are referenced, including the original “breaking DRM in Polish trains” presentation and a new follow‑up talk, which several commenters call outstanding.

Ethics and legality of Newag’s behavior

  • Many see Newag’s conduct as sabotage, extortion, or “ransomware on the PLC,” with some calling it akin to mafia tactics and even a national security risk given the role of trains in food and critical supply chains.
  • Some users argue this is tortious interference and fraud, and say company leadership should face criminal penalties, potentially scaled by the number of affected trains.
  • Others focus on the danger of mixing safety‑critical systems with opaque business‑logic kill switches (e.g., tying lockout resets to toilet SOS buttons and door status).

Government and legal response

  • Commenters note Polish security services and prosecutors have opened investigations under specific penal code articles; there were parliamentary committee hearings, and a parliamentary transport-exclusion committee chair is reportedly being targeted with an immunity‑removal request.
  • Several express frustration that criminal proceedings are slow or possibly politically influenced; others say Poland may simply be “slow” but that investigations are ongoing.
  • Some argue that if authorities fail to act against Newag, it signals tolerance for this behavior.

Support and fundraising for hackers / role of CCC

  • Many express strong support for the hackers and CCC, calling them heroes or at least highly valuable.
  • A fundraising appeal via CCC’s bank account (IBAN/BIC, purpose “Lokomotive”) is promoted; one donor publicly mentions giving 133.7€ and encourages others.
  • Some worry that excess funds will revert to CCC’s general purposes and that CCC is “not formally recognized as non‑profit.” Others explain the German e.V. structure and clarify this is a tax-status nuance; CCC is still non‑profit‑like and seen as worth supporting.

Banking, donations, and cross‑border friction

  • Europeans describe SEPA/IBAN transfers as trivial, fast, and fee‑free, with QR code standards (EPC) making it nearly one‑click.
  • US and non‑EU commenters report difficulty: broken bank international-transfer flows, high fees, and complex SWIFT requirements; several recommend Wise as an intermediary.
  • There is disagreement over whether CCC should add PayPal/Stripe/“3‑click” options despite fees to make global donations easier.

Right to repair, IP, and regulation

  • Strong sentiment that this case underscores the need for robust right‑to‑repair laws for all products, especially vehicles and heavy equipment.
  • Many criticize DRM and copyright/DMCA as enabling manufacturers to control products post‑sale and criminalize “unbricking.”
  • Some propose shortening copyright terms and differentiating rules for software vs. other works, and requiring disclosure so software becomes practically usable when protections expire.
  • Others warn that more regulation can entrench large incumbents via compliance costs and regulatory capture, but still accept that some regulation is necessary here.

Responsibility of software engineers

  • Multiple commenters point out that engineers had to deliberately implement the kill switches; they view the profession as complicit when it accepts such work.
  • Others counter that individual engineers have limited power; companies will find someone somewhere to do it, and real leverage requires technical people to hold board‑level or ownership power.
  • There is mention of the lack of a strong, enforceable ethics regime in software (unlike licensed engineering fields) and skepticism that existing professional codes would bite in a case like this.

Crypto donations

  • A few ask why CCC or the hackers don’t publish Bitcoin/Ethereum/Monero addresses, arguing crypto is ideal for cross‑border support.
  • They note strong anti‑crypto sentiment on HN; no clear answer is given for the absence of crypto options.