by IAmBroom
18 subcomments
- I work in rail safety. Two major non-Chinese train companies attempted to merge a few years ago, explicitly to build a company that could compete with China's national company, and provide safer alternatives to state-sponsored cyberhacking of Western rail.
It fell down to an anti-monopoly decision by a single person in the EU ministry, who killed the proposal. Several attempts were made to streamline the merger, but she wouldn't budge.
As a result, CRCC continues to win contracts abroad, largely (it is believed) by undercutting competition. IP theft is known to be one objective of their at-loss or low-profit contracts (I've been involved in fighting that, specifically).
It's hardly a stretch to imagine that having control of the rail in countries that might oppose you militarily is strategically huge.
This article is about busways, but the parallels are obvious.
- So... did the Chinese company put Romanian SIMs in the busses? Or was it an importer that installed those? Are there fleet management features enabled by that connectivity or are they actually secret?
Also, why would they purchase busses that they thought couldn't be remotely monitored or controlled?! That seems like a very valuable feature for public transport.
by MisterTea
5 subcomments
- Whats sad is Norway sits right next to the country which manufactures Scania and Volvo Busses, but instead buys busses from thousands of km away. I suppose cost is all that maters these days, even for national infrastructure which must remain in control and secure.
- Whatever happened with the Polish trains that had all the backdoors that were discovered?
by ChrisArchitect
0 subcomment
- Related out of Denmark:
Danish authorities in rush to close security loophole in Chinese electric buses
https://www.theguardian.com/world/2025/nov/05/danish-authori...
- Surprisingly Norway choose this brand, never had a good ride in one, feels like sitting in a water boiler.
by josefritzishere
2 subcomments
- If your transport is accessible remotely, it can be hacked remotely.
This reminds me of that story about Polish Trains. In that case GPS was used to execute a kill code.
https://social.hackerspace.pl/@q3k/111528162462505087
- Ah, and they never review iPhones/Android phones after Israeli companies demonstrated they can backdoor any cellphone on this planet, and especially after they demonstrated they can explode consumer devices and maim 3000+ people overnight.
They don’t review Windows machines either after the Snowden revelations.
How many wars did the Chinese start in the past century?
by RealityVoid
1 subcomments
- All I can say is that shivers go down my spine what could happen if one of those OEM's that have remote updates possible would get their keys compromised. You could brick hundreds of thousands of vehicles. I would be scared shitless to store those things.
- >The transport operator stressed there is no evidence of misuse but said the discovery moves concerns “from suspicion to concrete knowledge”. (...) The case comes as Chinese electric buses are increasingly adopted across global markets,
If a state wants to hide strategic "war/espionage" control, they don't use eSims and open mobile communications, trivially discoverable and traceable. Sounds like some bs "IoT" / telemetry shit manufactures are shoving down our throats for over a decade.
The other side is feigning shock at common industry practices (don't all Tesla's require a net connection for example), to paint it as some unique issue, and kill their sales. In other words , just another episode in the trade war.
Not unlike the DJI drones, which added all kinds of shit because the regulators demanded it, and then they act surprised that it has that shit...
https://uavcoach.com/dji-ban/#7
by hgomersall
1 subcomments
- It should be required that all software running on vehicles should have its source code submitted to the regulators along with the tooling to create reproducible builds, with the expectation that the regulators can audit it for back doors. This should apply to cars, buses trains and planes.
by wood_spirit
1 subcomments
- If these were esims they would be much harder to detect or remove?
BYD electric busses have recently rolled out where I live in Sweden.
- Related:
Why Israel Just Banned 700 Chinese Cars from Its Military—And What It Means for Security - https://securityboulevard.com/2025/11/why-israel-just-banned...
IDF recalls 700 Chinese EVs used by senior officers over security concerns - https://www.thejc.com/news/israel/idf-recalls-chinese-evs-se...
- Duh. What is so surprising here? Is there any serious machinery from any manufacturer that does not have said remote-access feature? For example Deere equipment looted by Russia was remotely disabled by Deere.
- Hospitals all of the world are wholesale switching to chinese equipment - particularly mindray monitors/anaesthetic machines. China could brick all of these hospitals. We are so incredibly dependent on them.
by vintermann
0 subcomment
- It's a bit of a non-issue if you ask me. This remote-access feature sounds like what we usually call a software update feature if it came from a country we weren't scared of.
China disabling our buses? Really? That would be insanely petty and useless.
I think maybe we're straining at gnats and swallowing camels, considering virtually all our phones, computers, TVs etc. come with auto update features, usually giving someone in the US the theoretical capability to brick it. And considering what was done to Karim Khan, I'd say they're far more likely to actually use it.
- I do worry if they are adding this to buses what are they doing to MacBooks and your phone? Do people here think these devices are compromised or should we take Apple’s word for it!?
by cronelius
1 subcomments
- This is exactly why BYD is and should continue to be banned in the US. It’s not that they are doing this, but that they have done it and they have the capability
by throwmeaway307
0 subcomment
- that's why Intelites are more clever. their "easter eggs" aren't so easy to find... deep in the 2^64-bitspace
- This is likely laziness more than malice, but... why are busses connected to the internet?
by hmottestad
0 subcomment
- I hate the new electric busses from China. Their acceleration is much better and braking effect is also stronger.
Bus drivers in Norway are binary people. They either press the accelerator or they press the brake. Most drivers call it leg day, because you spend the entire day pushing on these peddles as hard as you can.
Our existing buses have terrible acceleration, which helps a lot with the comfort of the bus ride. But for some unknown reason someone decided that the bendy busses should have the only wheels with power, in the rear of the bus, after the bend. So any slight hill that is slippery from a bit of snow or frost, now becomes a a comedic video of buses trying to drive up before they flop in the middle of the bend and slide back down again.
- I wonder if something liked this could be found in Teslas.
- Wait until they found out about John Deere, Tesla or any other car with eCall.
- Edward Snowden
by dredmorbius
0 subcomment
- NB: Title shortened for length
- lets see, a modern bus has, woooooo, conectivity, woooooo, on basicly everything, woooooo, so some manager can obsess over oil filters or the voltage on the lighting circuit, and the sixteen antenas advertised in the broshure were,in fact installed
realy, wtf?, it's not like anybody is unaware that something like 10 billion things are conected to the net, and dozens, ? hundreds, of actors are doing there best to slurp up every last scrap of data, ha!, that they can
the worst part is that it would be no surprise to find out that the bus comes with
a monitering contract that is in effect.
next it will be cranes all sensored up to detect cable stretch or who know what
and didn't china just go ahead and hack the pentagon, but wooooo, Norwiegen bus hacking
wooooo
- This is just stupid. All modern vehicles har been fully remote controllable for years.
- You never know when they might need to send the repo man.
Hacker News