Michał Kowalczyk
LightNews LightNews
mkow.bsky.social
Michał Kowalczyk
@mkow.bsky.social
190 followers 46 following 8 posts
reverse-engineering / low-level security
Dragon Sector CTF vice-captain, Invisible Things Lab
Mastodon: @redford@infosec.exchange
Also known as Redford
Posts Replies Media Videos
mkow.bsky.social
Not everything that Newag does is bad.

For instance, we would like to congratulate them on making the shortlist of the European SLAPP Contest 2025!

www.the-case.eu/latest/the-p...
The People’s Choice Award: European SLAPP Contest 2025 – CASE
www.the-case.eu
March 26, 2025 at 2:44 PM
Reposted by Michał Kowalczyk
poliakova.bsky.social
March 11, 2025 at 7:16 AM
Reposted by Michał Kowalczyk
kevincollier.bsky.social
Snooper's Charter realized. "The British government’s undisclosed order, issued last month, requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account, and has no known precedent in major democracies."

Huge story from @joemenn.bsky.social
U.K. orders Apple to let it spy on users’ encrypted accounts
Secret order requires blanket access to protected cloud backups around the world, which if implemented would undermine Apple’s privacy pledge to its users.
www.washingtonpost.com
February 7, 2025 at 11:06 AM
mkow.bsky.social
This looks huge, a bug allows loading custom microcode into AMD CPUs! Great for reversing CPU internals, but also breaks AMD-SEV and others...
February 3, 2025 at 11:48 PM
Reposted by Michał Kowalczyk
gynvael.bsky.social
"Hacker", as we in the bizz know well, carries different meanings for different people, and this can cause hilarious misunderstandings. Yesterday, the second part of an ongoing documentary about issues in NEWAG trains that were analyzed by Dragon Sector was aired. [...] gynvael.coldwind.pl?id=799
"[...] representatives of this group of hackers, commonly referred to as "ethical hackers", though theft and home invasion have nothing to do with ethics—but well, I understand, ethical hackers, because that's what they call themselves [...]" (a certain Polish MP)
January 30, 2025 at 7:28 PM
mkow.bsky.social
The second part of the TVN24 reportage about the train locks will air today 20:30 CET! (Polish only, unfortunately)
www.facebook.com/czarnonabial...
Awaria (nie)kontrolowana | Seria zagadkowych awarii na kolei i równie zagadkowe zachowanie polityków poprzedniej i obecnej władzy. Dlaczego sprawa, która dotyczy bezpieczeństwa... | By Czarno na biały...
Seria zagadkowych awarii na kolei i równie zagadkowe zachowanie polityków poprzedniej i obecnej władzy. Dlaczego sprawa, która dotyczy bezpieczeństwa...
www.facebook.com
January 29, 2025 at 5:17 PM
Reposted by Michał Kowalczyk
gynvael.bsky.social
If you're following NEWAG vs Dragon Sector suits: Citizens Network Watchdog Poland ("independent, apolitical and non-profit organization in the form of a watchdog & think-do-tank") filed an amicus brief with the court urging the court to dismiss the case as a SLAPP
siecobywatelska.pl/od-niedziala...
Od niedziałających pociągów do SLAPP-u - Sieć Obywatelska Watchdog
W grudniu 2023 roku głośno było  o zainstalowanych w pociągach produkowanych przez Newag blokadach, które uniemożliwiały uruchomienie maszyn po naprawach w niezależnych od producenta serwisach. Zaczęł...
siecobywatelska.pl
January 26, 2025 at 1:07 PM
mkow.bsky.social
Sieć Obywatelska Watchdog wydała ciekawy komentarz dotyczący naszej sprawy, analizując ją pod kątem bycia SLAPP-em - siecobywatelska.pl/od-niedziala...
Od niedziałających pociągów do SLAPP-u - Sieć Obywatelska Watchdog
W grudniu 2023 roku głośno było  o zainstalowanych w pociągach produkowanych przez Newag blokadach, które uniemożliwiały uruchomienie maszyn po naprawach w niezależnych od producenta serwisach. Zaczęł...
siecobywatelska.pl
January 26, 2025 at 12:24 PM
Reposted by Michał Kowalczyk
re-verse.io
From sabotaging trains to conquering Tricore: Michał Kowalczyk ( @mkow.bsky.social ) and Jakub Stepniewicz (MrTick) take you on a deep dive into RE challenges—500KB of machine code, Ghidra bugs, and embedded adventures. https://re-verse.sessionize.com/session/778969 #REverse2025 #HardwareHacking
January 22, 2025 at 8:34 PM
mkow.bsky.social
Newag just sued the Polish parliament member who was investigating the train case 🤡
wiadomosci.onet.pl/krakow/nowa-...
Nowa odsłona skandalu na kolei. Newag pozywa posłankę. "Nie możemy dłużej tego tolerować"
Newag Nowy Sącz — jeden z największych producentów taboru kolejowego w Polsce złożył do sądu prywatny pozew przeciwko posłance partii Razem Paulinie Matysiak. Przedsiębiorstwo należące do jednego z na...
wiadomosci.onet.pl
December 9, 2024 at 4:57 PM
mkow.bsky.social
Exact quote of Polish ex-Minister for Infrastructure about Dragon Sector: (translation mine) "representatives of the group of hackers, so called "ethical hackers", despite that stealing and robbing houses has nothing to do with ethics" (???)
mkow.bsky.social Michał Kowalczyk @mkow.bsky.social · Nov 22
Good summary of yesterday's Infrastructure Committee meeting in Polish Parliament (PL only, but translation should work). We were compared to house burglars (because we're **hackers**) and the meeting was closed without giving us and other guests a chance to speak.

[PL] www.onet.pl/informacje/o...
Potężne zamieszanie w Sejmie po skandalu z pociągami Newagu. "Posłowie chcą zamieść temat pod dywan"
Służby specjalne od dwóch lat wiedzą o skandalu z dziwnymi usterkami w pociągach Newagu, firmy kontrolowanej przez biznesmena Zbigniewa Jakubasa. Jednak w czwartek posłowie sejmowej infrastruktury, na...
www.onet.pl
November 22, 2024 at 3:40 PM
mkow.bsky.social
Good summary of yesterday's Infrastructure Committee meeting in Polish Parliament (PL only, but translation should work). We were compared to house burglars (because we're **hackers**) and the meeting was closed without giving us and other guests a chance to speak.

[PL] www.onet.pl/informacje/o...
Potężne zamieszanie w Sejmie po skandalu z pociągami Newagu. "Posłowie chcą zamieść temat pod dywan"
Służby specjalne od dwóch lat wiedzą o skandalu z dziwnymi usterkami w pociągach Newagu, firmy kontrolowanej przez biznesmena Zbigniewa Jakubasa. Jednak w czwartek posłowie sejmowej infrastruktury, na...
www.onet.pl
November 22, 2024 at 3:30 PM
Reposted by Michał Kowalczyk
jay.bsky.team
6. Custom feeds on Bluesky are the first implementation of algorithmic choice. Instead of using a single black-box For You algorithm, you can create and subscribe to your own.

Now, there are over 50k+ custom feeds on the network! Check them out:

bsky.app/feeds
November 19, 2024 at 6:52 PM
Reposted by Michał Kowalczyk
christogrozev.bsky.social
We are kicking things off with a series on the spies, crooks and hit-men released back to Moscow in the recent prisoner swap.
Let's start with the improbable identification process of the Russian illegals posing as an Argentine family in Slovenia: youtu.be/3TTFrYqZFZo?...
The Big Swap: The Russian Spies Posing As an Innocent Argentine Family
YouTube video by M4 Studio
youtu.be
November 18, 2024 at 4:36 PM
Reposted by Michał Kowalczyk
ellenwapo.bsky.social
NEW: Biden's approval for Ukraine to use the powerful ATACMS long-range weapon for limited strikes inside Russia is in response to North Korea's deployment of thousands of troops to aid Moscow's war effort & is a significant reversal of U.S. policy.
www.washingtonpost.com/national-sec...
Biden approves Ukraine’s use of long-range U.S. weapons inside Russia, reversing policy
The Biden administration will allow Kyiv “limited” use of the ATACMS long-range missile system to strike enemy positions in Kursk, a significant reversal of U.S. policy.
www.washingtonpost.com
November 17, 2024 at 6:29 PM
mkow.bsky.social
One of the best summaries of the train case legal proceedings is now available in English!
rys.io/en/175.html
Newag admits: Dragon Sector hackers did not modify software in Impuls
Wednesday, August 28th, marked the beginning of the copyright infringement lawsuit filed by the Polish train manufacturer Newag against train maintenance yard Serwis Pojazdow Szynowych and experts fro
rys.io
November 13, 2024 at 12:43 AM
Reposted by Michał Kowalczyk
zaufana3strona.bsky.social
Chcecie być objęci nadzorem ABW? Zapraszamy na Oh My H@ck 2024! Nie pożałujecie ;)

omhconf.pl

Z pozwu przeciwko członkom Dragon Sector: NEWAG zwrócił się do ABW o usunięcie artykułów oraz "objęcie szczególnym nadzorem wszystkich uczestników konferencji Oh my Hack"
July 13, 2024 at 11:32 AM
Reposted by Michał Kowalczyk
gynvael.bsky.social
Some notes from analyzing the bash part obfuscation of the xz/liblzma part – link leads to the part I found most interesting – it was added in 5.6.1:
gynvael.coldwind.pl?lang=en&id=7...
March 31, 2024 at 9:32 AM
Reposted by Michał Kowalczyk
filippo.abyssdomain.expert
This might be the best executed supply chain attack we've seen described in the open, and it's a nightmare scenario: malicious, competent, authorized upstream in a widely used library.

Looks like this got caught by chance. Wonder how long it would have taken otherwise.
filippo.abyssdomain.expert Filippo Valsorda @filippo.abyssdomain.expert · Mar 29
Woah. Backdoor in liblzma targeting ssh servers.

www.openwall.com/lists/oss-se...

It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…

Now I’m curious what it does in RSA_public_decrypt
oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise
www.openwall.com
March 29, 2024 at 7:29 PM
Reposted by Michał Kowalczyk
jonworth.eu
I've written a piece setting the amazing work by 3 guys investigating NEWAG's digital sabotage of its Impuls trains in the wider railway context.

I try to explain *why* NEWAG behaved as it did, and what the rail industry can learn now the problem has been discovered jonworth.eu/newags-digit...
NEWAG's digital sabotage of Dolny Śląsk's trains - what were they thinking? - Jon Worth
In the past couple of days, my Mastodon feed has been full of astonishment about how three Polish IT specialists discovered digital sabotage attempts in trains built by manufacturer NEWAG. The origina...
jonworth.eu
December 7, 2023 at 1:17 PM