I work in rail safety. Two major non-Chinese train companies attempted to merge a few years ago, explicitly to build a company that could compete with China's national company, and provide safer alternatives to state-sponsored cyberhacking of Western rail.
It fell down to an anti-monopoly decision by a single person in the EU ministry, who killed the proposal. Several attempts were made to streamline the merger, but she wouldn't budge.
As a result, CRCC continues to win contracts abroad, largely (it is believed) by undercutting competition. IP theft is known to be one objective of their at-loss or low-profit contracts (I've been involved in fighting that, specifically).
It's hardly a stretch to imagine that having control of the rail in countries that might oppose you militarily is strategically huge.
This article is about busways, but the parallels are obvious.
About a year ago a Polish rail equipment supplier brought a lawsuit over a locomotive because it was serviced by a third-party, and the service was enabled by jailbreaking software in the locomotive.
Surveillance tech in products doesn't necessarily imply grey zone warfare. But that doesn't make it a good thing either.
I'm not sure this comment does justice to the situation.
Poland put out a separate bid for manufacturing and servicing of their locomotives and one company won the manufacturing bid while another won the servicing bid.
The servicing company was unable to get the trains into working order and after hiring hackers accused the manufactoring company of bricking the software on purpose by including geo-fences where the trains would no longer work after arriving at the servicing company's property.
Perhaps the interesting part to me was Dragon Sector's (the hackers) claims that the software needs to be blessed so although they discovered problems they never changed anything because they don't have the authority to bless it and heavily imply that the fact that the manufactoring company is changing the software at will is illegal.
The changes by the manufactoring company had an (undisclosed) activation sequence added to it so you didn't need to modify the software in order to get the train working so the servicing company never actually modified the software.
The jailbreak was necessary because Polish supplier hardcoded location of their service shop and added code which makes train inoperative if serviced elsewhere.
The European champion would still be ten times smaller than the Chinese but would have factual monopoly in Europe. I don’t think blocking the merger was entirely unreasonable.
The parent comment is describing a scenario where the Chinese company may get a factual monopoly in Europe because it can outcompete the two European companies due to economies of scale.
Chinese companies will get a factual monopoly no matter what, as long as they keep comparing imports vs domestics on prices. It's not like East Asian "subsidies" are going to end in 3 to 6 months, years, even decades. The imports from timbuktu will be just perpetually cheaper by being imports.
Wouldn't cases of possible corporate-enabled espionage, like the one being discussed be a big competitive advantage for the European companies, regardless of their pricing or scale?
And that competitive advantage could presumably give them more scale?
So the major, common and probably most destructive, theme is the ecosystem of specialised tender companies. I mostly know this from the software side, but if you start working on such projects, you'll quicky find out that there's a persistent ecosystem of companies which specialize for these tender signups.
People employed there optimize for winning them (at any cost - quid-pro-quo agreements aren't rare in my experience). It's common for several such companies to collude in a way that they get awarded the tenders in a circle ("I get this one, next one is for you.")
Afterwards, they outsource the work to the cheapest lowest bidder (usually IT studends in the cases I've seen for software development, but essentially they'll be bottom of the barrel juniors). The quality of such products is about the same as the quality of any outsourced product which is built only to satisfy a checklist at the end. The US equivalent of that would be a corporation getting a defense contract and then basically have everything built by the cheapest outsourcer in India or similar location.
Funny enough, university labs (or spinoffs) tend to be major part of this ecosystem, using grad students as workforce - their credentials tend to give them legitimacy over smaller companies.
The results are as disastrous as you can expect - companies a HNer could expect to win usually don't (due to lack of specialized knowledge on how to game the tender process, lack of connections and cost) and those that do are really there to do the bare minimum, shed the work as much as possible and deliver something they can't get sued over.
It's also not uncommon to see whole chains of such companies - the winner sometimes shares some outsourcing work with "losers" they outsource work further, skimming the funds on top and essentially outsourcing everything to the cheapest engineer they can find.
Dealing with any public EU project has been nothing but misery for me personally (as you can imagine from this post :) and this environment bred some of the most toxic workplaces I've worked with. The products were universally terrible and rarely actually useful for the purpose.
As much as I want independent EU software ecosystem, I don't think using public funding can breed anything but more corruption.
The system as bad as it is can be good as well. Let some consultants find out how to get the bids, and others how to do it well, and can be a outsourced third party. It gives differentiation without everyone needing to be large enough to actually bid on the contracts.
> As much as I want independent EU software ecosystem, I don't think using public funding can breed anything but more corruption.
Well, you described what happens when you outsource everything.
Governments used to ... gasp ... employ people to do tasks so that you didn't have to outsource every single piddly task. And since those employees could do the tasks, there was a floor such that selecting nobody and doing it in house was always an option.
Yes, that has different failure modes. However, you have more levers over those failure modes as opposed to a single lever of "Head to court and try to win a legal case."
He is describing how bidding for publicly funded projects fails, because the bidding process designed to avoid corruption has been poorly designed (or corrupted by lobbying) such that it effectively sidelines honest and qualified bids.
I would say this is a typical outcome with well meaning bureaucrats in a democracy, not capitalism
I understand what gp is nominally describing; I asked the question, after all. I am just pointing out that the exact same pressures/dynamics that were described also underpin capitalism.
It sounds exactly like how business works in my experience. It’s just the principle agent problem showing up in the government that same way it does in the private sphere.
I mean, if you’re at a place that uses staff aug and managing a project it’s just something you have to watch out from your vendors as table stakes. Whenever a new vendor was hired my fellow low level managers would be making bets on how long before they switched out their best guys with some fresh out of college junior that they’d give a fancy title to.
As someone who barely interacts with the people that care about tenders, my impression is that people that usually win are the ones better at playing the game rather than better at the job. The job later is potentially repackaged in chunks and offered to other players that in turn will do the same downstream. Something like Romania gets EU fund money to build roads in Romania with a German engineering project, German contractors, German supplied materials, but Romanian workers.
Or in a more particular case part of recycling trash in Germany is basically being dumped illegally in Poland for a while and the same companies keep operating and winning contracts because why not.
You create a political class full of lawyers, and you get a country where lawyers thrive, who would have thought?
This is one of those things that is so obvious as to not require a source. Just sharing my perspective on this conversation, I don’t think it’s an unreasonable question to ask if you’re unfamiliar with the space
So, in order to avoid the negative consequences of a European monopoly, we make sure that a Chinese monopoly prevails? That doesn't seem like a wining strategy for Europe.
I'm with you on this. I feel like too much boogye-man-ing and FUD scaremongering is taking place on the cover of "China evil and has giants" in order to justify breaking anti-monopoly laws and allowing our own monopolies to form under this justification, that will only benefit shareholders of those companies but eventually harm European consumers via lack of innovation due to lack of competition, price gouging and the European workers via the inevitable layoffs that follow such mergers.
If you have two large, slow, bureaucratic and uncompetitive companies, then merging them together won't make the resulting giant less so, but the contrary, it'll be even more inefficient and uncompetitive, and then expect government bailouts because now they're too big to fail.
You either believe that monopolies produce worse products or you don't.
If you believe it, the "I know they are bad" -> "but we need to complete with the boogie man" -> "we need to build our own monopoly" argument is just confusing. So we should make worse products to be competitive?
If you don't believe it, you should be explaining why monopolies make better products, not arguing that desperate times call for desperate abandonment of logic.
The west is too lax on some of these officials. People like this should be thoroughly investigated. China is flagrantly breaking the rules of the WTO that the west has set up, having state backed companies, and these people are either purposefully or unintentionally undermining the west's efforts to fight back.
Ukraine has been buying up every cheap car in Europe for use in miscellaneous service just behind the front or as low profile transportation at it, so I'm not sure what your point is?
Civilian transportation has numerous vital roles in supporting a nation during a war.
Or maybe she just doesn't believe it's worth discarding anti-trust law over the bogeyman of the day.
The two train companies that couldn't merge can still make trains, and still sell them to whomever they want. European purchasers can still buy them. And after reading articles like this one, these two companies have a big competitive advantage: they don't include Chinese backdoors. Maybe they're small now, but if the Chinese train/bus/etc. manufacturing companies end up being blacklisted in the EU, these two companies will grow. And, better yet, there will still be some healthy competition in the space.
I found it very hard to believe that a Chinese company has more influence than Alstrom + Siemens, in Europe. It might make sense if it's a US company, but I find it difficult to believe for a Chinese one, especially that the recent Netherland example shows that EU can do whatever they want using what excuses they can find, and execute very efficiently.
I'd like to post some questions for thought:
1. What is exactly the bidding process of that particular transaction the OP described?
2. What is exactly in the contract? Does it force the Chinese company to use a lot of local companies for sub-contracting, at the same time keeping a very low profit? In essence, this basically means the EU companies grabbed the biggest share while the Chinese company just got the job. I'm not saying this is the case, but I highly doubt it IS the case as I heard similar stories from other companies.
What fraction of conspiracy theories have proven correct, at a Snowden-ish level?
My sense is that conspiracy theorists are essentially a cron job crying "Wolf!" every 60 seconds. The occasional real-world wolf does not justify paying any attention to the alarms. OTOH, it's a false dichotomy to believe that the false alarms prove the non-existence of wolves.
If the past decade of my life has taught me anything, it's "attribute all malicious actions to malice." It's usually just a matter of direct vs. indirect malice. Meaning, are they directly benefiting from their malicious actions or are they just assholes who "do it for the lulz".
The malicious actions are just at the potential stage at the moment. Someone has the capability to mess with our buses by means of a remote software update.
Just like someone has the capability to do with virtually everything we have running software.
> Two major non-Chinese train companies attempted to merge
Siemens (Germany) and Alstom (France)
> It fell down to an anti-monopoly decision by a single person in the EU ministry, who killed the proposal
Margrethe Vestager, the European Commissioner for Competition at the time (2019). At the time of the decision, she said "No Chinese supplier has ever participated in a signaling tender in Europe or delivered a single very high speed train outside China. There is no prospect of Chinese entry in the European market in the foreseeable future." This has since been proven to be a bad prognostication, as China Railway Signal & Communication (CRSC) is actively deploying its ETCS Level 2 signaling system on the Budapest–Beograd railway line in Hungary[1]; and China has delivered trains to Serbia, leased trains to Austria's Westbahn, acquired German locomotive manufacturer Vossloh Locomotives, and participated in a public tender in Bulgaria for electric trains.
She is no longer in that position. She has as of 2024 become "tough on China,"[2] acknowledging mistakes made in the past and touting how "China came to dominate the solar panel industry... and is running the same game now, across strategic industries including electric vehicles, wind turbines and microchips."
She now says Biden's IRA was a mistake, that Europe has been de-industrializing and that is not a good thing, and that Europe has been too afraid to impose tariffs on China out of fear of retaliation from China.
It sounds remarkably similar to the MAGA playbook on trade and re-industrialization.
That's falling somewhat short of admitting she alone fucked that situation up. The US and Canada had already given permission for the merge to bypass antitrust laws.
Antitrust is important, so why not pass a law that prioritizes national or European companies for critical infrastructure, even if they're more expensive? Creating a monopoly to combat another monopoly is unlikely to end well in the future.
This seems like the most obvious solution, provided local offers aren't massively more expensive. I don't see why we wouldn't award contracts to EU companies that create jobs here, pay taxes here, and follow local regulations. We don't need a super company with a local monopoly, just to stop prioritising “as cheap as possible”.
The reason why is because if they did China would retaliate and cut off cheap access to Chinese imports. That is the double edged sword of globalization the US and Europe are reckoning with today, in different ways
I'm not really on an anti-China rhetoric, they can be a valuable partner and I think we do have a positive relationship with them. BUT, they don't need to win all public government contracts by undercutting local companies. They'd be equally upset if we did the same.
I do agree that the global market is causing quite some trouble, although that could be avoided by most (all?) countries being nice to each other. Or even excellent to each other!
Agreed. I'd think a better solution would be to ban Chinese companies from these sorts of contracts, and invest in the non-Chinese companies to help them grow. You don't need to allow monopolies to form to be successful here.
Well, those are pretty big companies already - not sure combining them together is really good idea, unless you want to end up with a lumbering inefficient local monopolist.
I that regard I guess the anti-monopoly law is working ?
> […] There is no prospect of Chinese entry in the European market in the foreseeable future.
The remark stands as yet another regrettable instance of history echoing itself – a lamentable parallel to that uttered by Sir Claude Maxwell MacDonald, whose acquisition of a 99-year lease over the New Territories of Hong Kong on behalf of the British Crown from the Qing dynasty was justified with the breathtakingly short-sighted assertion that it was «as good as forever».
One observes, with increasing weariness, that politicians – regardless of generation or supposed pedigree – remain obstinately immune to the most elementary of truths: history is neither linear nor predictable. It twists, recoils, and devours the complacent. Political decision-making, therefore, ought never be entrusted to those governed by the ephemeral whims of populism – it demands the discipline, foresight, and cold precision of a strategist trained not merely to react, but to foresee. Alas – such minds are in tragically short supply.
The problem with "oh, but wait, this merger actually improves competition" is that mergers are a contagion. A large competitor's mere existence creates an economic imperative for more mergers. This happens both horizontally (across multiple firms) and vertically (up and down the supply chain). When you get big, you can start stripping your vendors' and customers' of their profit margin, which means they need to get big to compensate. Even if a merger might have positive competitive effects, it still spreads the contagion. Which is a problem, because anyone who doesn't or can't get big will get fucked. That includes individual consumers and workers.
If the problem is that Chinese companies are shipping train firmware with backdoors, then you need to ban those companies. Problem is, given the Newag situation[0], I don't think they can actually do this at the level of individual procurements. So they need specific EU directives banning this behavior and explicitly adding a process by which procurement can ban suppliers for prior noncompliance. What facilitating an illegal merger will do is reduce the EU's bargaining power with industry, ensuring that we get more backdoored trains and more risk.
[0] Short version: they got caught shipping firmware that bricks the train if you take it to a third-party repair shop, even though the contract specifically mandated Newag provide repair manuals. EU agencies and member states do not have the power to disqualify Newag from future tenders for failing to adhere to prior ones, so they keep winning contracts
How do you confirm that a train controller or any other piece of hardware does not contain a backdoor using industry standard software tools?
You can write whatever you want into a contract, but if you have no way to validate it, it's meaningless.
Also, the state-owned (and subsidized) Chinese company that doesn't have to play by the West's antitrust rules doesn't need to worry about your "contagion" concerns.
You figured it out. It's trivial to include a backdoor in a large system of systems, and one placed by a remotely competent adversary will not be found.
So what's the point of a regulation that can't be enforced?
I'm asking how you expect an auditor to confirm the absence of something in a series of black boxes that a determined and skilled adversary would like to hide.
Is there really not enough room in the global market for two smaller companies to compete (and win) against CRCC?
I think this is especially not that big a deal considering the national security implications. I expect Norway would contract with a non-Chinese company for bus, rail, everything from now on due to that, regardless of whether or not they are smaller than the CRCC.
If you are a capitalist, you should be pro-acquisition (i.e. of smaller firms) and anti-merger (for larger firms), because mergers are a form of crony capitalism that leads to reduced product quality and market dysfunction.
First, merging firms reduce the number of products they sell, with the effects materializing one year after the M&A and accelerating over the next several years.
Second, merging firms tend to drop and add products at the periphery of their joint product portfolio.
Third, the net effect is an increase in the similarity among the products that firms offer following a merger or acquisition.
This finding has been consistently true since people have started measuring merger outcomes, "we find that each merger is associated with a quality decrease (increase) in markets where the merging firms had (had no) pre-merger competition with each other, and the quality change can have a U-shaped relationship with pre-merger competition intensity. Consumer gains/losses associated with quality changes, which we monetize, are substantial " – https://www.sciencedirect.com/science/article/abs/pii/S01677...
It is doubtful that merging two companies would have improved the EU's capability to compete with Chinese state operators. On the other hand, lowering the capital threshold to create a new entrant would definitely improve the EU's competitive position and capabilities, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=cele...
Even acquisitions can be problematic for competition. They often seem to be done for the purpose of gaining/protecting market share, with the acquired product getting dropped soon after.
I think most capitalists aren't pro or anti acquisition, for the simple fact that they don't believe they have the right to tell two people (or two groups of people) that they aren't allowed to associate with each other.
But if you're more consequentialist, you might take it on a case-by-case basis.
Is there a strategy where China could remain a supplier of "lobotomized" hardware? Example: China supplies the trains, but all the silicon must be added after import.
So put 70% anti dumping duties (tariffs) on CRCC trains like they did with ebikes?
This will probably get fixed with software audits necessary for compliance under the NIS2 directive. The EU fixed the problem with more regulation and bureaucracy, ensuring that only the big boys can comply. Protect us from China by becoming China?
Honestly I couldn't care less considering how scummy our train making companies are, I'm fine with Chinese selling trains on a loss for pieces of paper. It's their problem if they want to build them and ship them for pennies, their loss.
Our companies meanwhile are all turning in John Deere, and I'm glad the merger was blocked.
The security part, obviously I do care but this article says very little about it.
You are, of course, referring to Alstom and Siemens.
"A slap in the face is more effective than ten lectures. It makes you understand very quickly." —Leopold van Sacher-Masoch
Siemens received the slap in the form of Stuxnet. Industrial controls and transport are not the same business unit, but enough of the message got around internally.
I firmly believe Alstom would not be making such garbage today, at least not from a cybersecurity perspective, had this merger gone ahead. And, let's say, I know quite well exactly what type of hot garbage they unfortunately continue to make.
So... did the Chinese company put Romanian SIMs in the busses? Or was it an importer that installed those? Are there fleet management features enabled by that connectivity or are they actually secret?
Also, why would they purchase busses that they thought couldn't be remotely monitored or controlled?! That seems like a very valuable feature for public transport.
To me this smells of rather basic economic/political propaganda to scare people. The collective west is clearly getting orders from high above to apply pressure on China and it may just be that this is part of it, spreading an air of concern and fear to dissuade other people who pay attention to this kind of thing in municipalities to avoid Chinese manufacturers. It's rather basic social engineering that has the ham fist of "intelligence" all over it.
I don't think it's orders as much as vibes. Some people have finely tuned senses for what they should do to be seen as one of the trustworthy ones, the ones that get it, the ones we could use in a more important job. And that trickles down: one of the things you do, is obviously to network with and boost people who look out for the same kind of political trustworthiness.
The ones at the top, assuming they're not asleep/drunk at the wheel/there at all, don't have to do much. The machine operates itself.
I mean, there's a lot of truth to this stuff: tech, and software, is extremely insecure, unknowably complex, and increasingly the most damaging avenue for an attack. I think the propaganda comes in when we point the finger at China, as if this isn't a problem in general.
Here in the US, all of our vehicles have SIM cards and they have for decades. They sent off God knows what data, to God knows who, and they remotely receive commands, too. Could you car be hacked? If it was, would you ever be able to find out? Both of those questions are not easy to answer.
Really, ALL of our tech works this way. That Android phone? It has countless binary blobs doing who-knows-what. It runs proprietary code at ring 0, and has access to the cellular bands. If it was compromised, you wouldn't know, especially if the attack was targeted. The people making the software and hardware are already "exploiting" it right now - mostly to gather data for advertising, ostensibly. But how do you know these systems are secure? We're talking millions of lines of C code, interfacing directly with the hardware, running at maximum privileges, written by people you don't know, which cannot be audited.
If the Chinese wanted to hide anything they'd put SIM chips without markings or eSIMs inside, as opposed to marked SIM cards. What they did is probably obtain a good quote on Romanian SIM subscriptions that work across the EEA. This is clearly FUD, but yes, they should have been more careful as to equip half of their fleet with Chinese buses that call home.
Whats sad is Norway sits right next to the country which manufactures Scania and Volvo Busses, but instead buys busses from thousands of km away. I suppose cost is all that maters these days, even for national infrastructure which must remain in control and secure.
I know for a fact that at least one of those companies also installs SIM cards in all their busses.
The only difference is who could potentially use the backdoor, and yes Sweden seems slightly less poised to attack Norway than China. At least these days. Because, let's face it, the Swedes owned Norway back in the day and them wanting their oil-rich lucky cousin back at home is deranged but not as much as the Chinese wanting the fjords....
Here, an article (from June 2025) about Chinese buses full of cameras and other sensors driven regularly inside secret Norwegian army bases. Those buses are to be used during a war or a crisis.
I’m arguing that crippled antitrust and anti-consumer practices are part of the problem that led to Chinese buses full of cameras being deployed in western countries.
I’ll go a step further and claim DMCA, anti-reverse engineering and other copyright-protection policies have further crippled the ability of the west to detect and prevent such foreign tech influence.
That's averages, but Norway has hot summer days too. Factor in thinner atmosphere (more UV), lower sun angles, over 20h days and you get more warmth with less average temperature.
And those buses stink like inside of a plastic factory. Never been to a plastic factory, but rode these buses. And the smell is strong even a year into use. Makes you wonder if China has same rules for carcinogenic plastic in consumer goods.
Ruter operates in and around Oslo where temperatures higher than average. Anyway some of old (diesel?) buses had broken heating and were heating even if it was warm outside. These are still improvement.
All I can say is that shivers go down my spine what could happen if one of those OEM's that have remote updates possible would get their keys compromised. You could brick hundreds of thousands of vehicles. I would be scared shitless to store those things.
If they were designed to do that from the start maybe. But usually low level stuff like battery management wouldn't be accessible to the main updatable OS. A lot of it isn't even software controlled, but physical parts designed to pop before things catch fire.
>The transport operator stressed there is no evidence of misuse but said the discovery moves concerns “from suspicion to concrete knowledge”. (...) The case comes as Chinese electric buses are increasingly adopted across global markets,
If a state wants to hide strategic "war/espionage" control, they don't use eSims and open mobile communications, trivially discoverable and traceable. Sounds like some bs "IoT" / telemetry shit manufactures are shoving down our throats for over a decade.
The other side is feigning shock at common industry practices (don't all Tesla's require a net connection for example), to paint it as some unique issue, and kill their sales. In other words , just another episode in the trade war.
Not unlike the DJI drones, which added all kinds of shit because the regulators demanded it, and then they act surprised that it has that shit...
It should be required that all software running on vehicles should have its source code submitted to the regulators along with the tooling to create reproducible builds, with the expectation that the regulators can audit it for back doors. This should apply to cars, buses trains and planes.
> If these were esims they would be much harder to detect or remove?
It's not clear in the article how exactly they discovered it, but by the text that mentions it, I do get the impression they just came across the SIM ports/cards themselves:
> internal tests at a secure facility found Romanian SIM cards inside the buses
But it could also have been that they put the entire bus in a giant Faraday cage (or similar) and tried to see if it emits anything. If they did that, then eSIM or SIM wouldn't have matter, nor where on the bus it was, they'd eventually see it. But if they just physically came across it, then maybe eSIMs would allow them to place them in less accessible areas. But then maybe that wouldn't matter anyways, if the SIM cards are permanently attached anyways.
Bottom line, hopefully wouldn't have made a difference.
A local group of security people have been running a weekend project they call Project Lion Cage where they take Chinese cars into a local mine with spectrum analyzers etc. to watch where they send data and so on. This is how the bus was evaluated as well. Tor Indstøy has quite a few posts on his LinkedIn page talking about the work and what they have found.
Bricking a bus via remote software update is easy. What is hard is remotely updating a vehicle and not bricking any of them. I'm under NDA so lets just say it is hard to get something that passes our test group when we are trying to make things work correctly. Trying to brick a vehicle is easy mode. (now if you want to brick it in a specific way that can be hard)
Hospitals all of the world are wholesale switching to chinese equipment - particularly mindray monitors/anaesthetic machines. China could brick all of these hospitals. We are so incredibly dependent on them.
It's a bit of a non-issue if you ask me. This remote-access feature sounds like what we usually call a software update feature if it came from a country we weren't scared of.
China disabling our buses? Really? That would be insanely petty and useless.
I think maybe we're straining at gnats and swallowing camels, considering virtually all our phones, computers, TVs etc. come with auto update features, usually giving someone in the US the theoretical capability to brick it. And considering what was done to Karim Khan, I'd say they're far more likely to actually use it.
I do worry if they are adding this to buses what are they doing to MacBooks and your phone? Do people here think these devices are compromised or should we take Apple’s word for it!?
The biggest concern I have is with cheap PC accessories, wireless routers and smarthome equipment. Also solar power inverters with their online tracking apps. In case of war, all of these would be remotely weaponized, IMHO.
> They’re probably one of the most hated companies in the world
By tecchies.
That’s like adding “In Mice,” to headlines of biological breakthroughs.
It’s quite clear that a fairly significant majority of customers don’t hate Apple. They aren’t “brand slaves,” like Harley riders (anymore), but people clearly vote with their wallets.
Microsoft always had the “My work requires it” thing going, but only a couple of industries are majority Apple.
Like it or not, people pay personal money for Apple kit, and they are a demographic that marketers drool over.
Although TSMC might be able to compromise it, Apple's hardware security is good enough that it is very unlikely that any supplier in China can compromise it. All data outside the SOC is encrypted.
It's all the other stuff made in China that is the worry, not the stuff designed by Apple, or Google.
I hate the new electric busses from China. Their acceleration is much better and braking effect is also stronger.
Bus drivers in Norway are binary people. They either press the accelerator or they press the brake. Most drivers call it leg day, because you spend the entire day pushing on these peddles as hard as you can.
Our existing buses have terrible acceleration, which helps a lot with the comfort of the bus ride. But for some unknown reason someone decided that the bendy busses should have the only wheels with power, in the rear of the bus, after the bend. So any slight hill that is slippery from a bit of snow or frost, now becomes a a comedic video of buses trying to drive up before they flop in the middle of the bend and slide back down again.
This is exactly why BYD is and should continue to be banned in the US. It’s not that they are doing this, but that they have done it and they have the capability
In China, most of buses in first-tier cities are connected to the internet to report their location and status. This allows you to check the approximate location of the next bus and a relatively accurate arrival time on a map app. It's especially useful in bad weather or traffic congestion , as you don't have to wait in heavy rain or strong winds for a bus with an uncertain arrival time.
Real time position tracking, CCTV streaming/archiving, automatic diagnostics logging, there's many reasons for a modern bus to have wireless data connections and I'd be shocked if most modern buses in the US and Europe don't already have such systems (i know here in Chicago the CCTV feeds can be viewed remotely by staff and most buses have their real time position available via public REST API, though i don't know what tech the buses themselves use to transmit that data)
Ah, and they never review iPhones/Android phones after Israeli companies demonstrated they can backdoor any cellphone on this planet, and especially after they demonstrated they can explode consumer devices and maim 3000+ people overnight.
They don’t review Windows machines either after the Snowden revelations.
How many wars did the Chinese start in the past century?
1929 – Sino-Soviet Conflict (Chinese Eastern Railway) — ROC authorities moved to seize the CER in Manchuria; the USSR responded militarily. (Initiation: ROC seizure.)
1954–1955 – First Taiwan Strait Crisis — PRC began large-scale shelling of Kinmen/Matsu and amphibious operations (e.g., Yijiangshan). (Initiation: PRC artillery/offensives.)
1958 – Second Taiwan Strait Crisis — PRC opened intense bombardment of Kinmen/Matsu. (Initiation: PRC artillery.)
1962 – Sino-Indian War — PRC launched major offensives in October after a series of frontier incidents. (Initiation: PRC large-scale attack; India calls it unprovoked, PRC says “counter-attack.”)
1967 – Nathu La & Cho La clashes (India border) — Firefights erupted while India was fencing the pass; Chinese forces are generally assessed to have fired first at Nathu La. (Initiation: PRC fire in initial clash.)
1969 – Sino-Soviet Border Conflict — PLA ambushed Soviet troops on Zhenbao/Damansky Island in March; further clashes followed. (Initiation: PRC ambush.)
1974 – Battle of the Paracel Islands (vs South Vietnam) — PLAN/PLA forces expelled RVN units and took full control of the Paracels. (Initiation: PRC naval attack in contested area.)
1979 – Sino-Vietnamese War — PRC invaded northern Vietnam in February. (Initiation: PRC cross-border invasion.)
1984–1989 – Sino-Vietnamese Border War (post-1979 phase) — PRC mounted periodic offensives and artillery duels (e.g., Laoshan/Johnson Mountain). (Initiation: multiple PRC attacks in a protracted conflict.)
1988 – Johnson South Reef Skirmish (Spratlys, vs Vietnam) — PLAN engaged Vietnamese forces and seized the reef. (Initiation: PRC assault during standoff.)
Internal (civil/unification campaigns)
1926–1928 – Northern Expedition — ROC (KMT) launched a national unification war against warlords. (Initiation: ROC campaign.)
1930–1934 – Encirclement Campaigns against the Chinese Soviet — ROC initiated successive large operations against CCP base areas. (Initiation: ROC offensives.)
1949–1950 – Hainan & Zhoushan/Coastal-Islands Campaigns — PRC amphibious operations against ROC-held islands during the civil war endgame. (Initiation: PRC landings.)
1950–1951 – Tibet (Chamdo campaign → occupation) — PLA entered eastern Tibet and compelled the Seventeen-Point Agreement. (Initiation: PRC invasion; PRC frames as “peaceful liberation.”)
Glad you listed, because that data shows apart from Sino Vietnamese almost half a century ago, PRC launched basically no wars of aggression, i.e. everything including SCS was territorial defense, i.e just. And if it was in chart form, the peace disease lull in last 30 years relative to PRC growth makes modern PRC rise the most unprescedently peaceful in modern history, borderline on absurdly serenity. Truly somehting to emulate. Can you believe those Eurocusk gave a Peace prize to Obama?
Way to move the goalposts. GGP asked for wars within the last century, and GP provided such a list.
Regardless, not sure why any of this matters. I'm not one of those "China bad!" hand-wringers, but if you don't believe the Chinese government is a threat to western countries' sovereignty and economies, I've got a bridge I'd like to sell you.
It's explaining / contextualizing the data, aka most of that list is "defensive" and limited in scope, which different vs products from actors who are expeditionary happy. The data shows PRC... having inherited 14 land borders conflicts from ROC, have largely limited use of force to just territorial sovereingty issues, which btw 12/14 have been resolved in last 40 years, essentially all with PRC concessions. Combine with PRC growth and subsequent rise, PRC peace is historic abboration, i.e. the PRC threat to wesern sovereignty is FUD outside customary state activities like espionage. Now if west wants to weaponize PRC threat/FUD to disguise the threat to genuinely competitive PRC products that will stomp their domestic industries, then sure, that's geopolitics 101.
Except you know, NOT internationally recognized except to manufactured misconception by headline scanning useful idiots. Reminder PH PCA ruling is not actual international law, as in recognized by UN/UNCLOS, ITLOS, ICJ. TBH its demonstrably stupid to even hold the position UNCLOS can rule on sovereignty claims - they fucking can't. To suggest PRC is infringing on others maritime entitlement in SCS is so stupid it's not even wrong because under UNCLOS it's not even legally possible. And also you know, who cares about a few butthurt fisherman, lol, like that's mild as fuck complaints on the spectrum of territorial drama. Every time people bring up muh fisherman they're just highlighting how generous PRC is behaving.
of course it doesn't, and I encourage you to quote where that was claimed.
that neither help nor comfort the fisherman. being third or fourth at the Oppression Olympic doesn't mean that less oppressed people have to suck it up and roll over.
It's a wierd line of reasoning to call trespassers... fisherman. These are "criminals" operating in disputed waters where their actions are classified as illegal by 1+ (frequently more than 1) disputees. They are schrodinger criminals due to grayzone nature of unsettled martime delimitations but umabiguous criminals under someones interpretation who are suppose to be repressed via domestic police enforcement.
Again this isn't just PRC doing it, this is 5 party dispute and most sides are doing their own law enforcement, up until recently with more militarized means like actual weapons discharge - PRC CG wasn't even armed until recently and they're still using relatively mild measures.
The OG comparison was Gaza, the parallel to these fishermen are closer to hamas insurgencies invading sovereign Israeli territory on the grayzone to legal spectrum. But what they are not, are "innocent", Gazans getting repressed (blown up) in their homes.
You mean the 12/14 land borders disputee who settled with PRC ceding 50%+ concessions. Probably very happy because again objectively that is magnanimous by historic standards. For SCS where PRc offers to share but retarded democratic countries can't becausen itd political suicide, even now it's really just PH being a cunt. Otherwise unsettled land borders left is India and Bhutan because bhutan border ratification is linked to India's. So the answer is most of the neighbours think PRC did them a solid. Going rate for free math lesson that PRC has equals/most borders in the world and relations with most neighbours are good is free. Combo free geopolitical lesson that it's not good with the ones with US military cooperation that generates most propaganda.
I get information from everywhere but reality has a china daily bias. This isn't complicated, you ask about PRC relation with neighbours I point out blind spot to of those with poor foriegn policy literacy, i.e. those who don't read enough china daily, that PRC has a lot of neighbours and most of them are in fact settled with PRC majority concessions and now at peace. If we're going to go even more China daily, essentially 100% of PRC disputes were inherited from ROC not only has PRC not caused any of the disputes, they have been borderline treasonous in unwinding through mostly diplomacy and minimum violence.
If your transport is accessible remotely, it can be hacked remotely.
This reminds me of that story about Polish Trains. In that case GPS was used to execute a kill code.
https://social.hackerspace.pl/@q3k/111528162462505087
Duh. What is so surprising here? Is there any serious machinery from any manufacturer that does not have said remote-access feature? For example Deere equipment looted by Russia was remotely disabled by Deere.
lets see, a modern bus has, woooooo, conectivity, woooooo, on basicly everything, woooooo, so some manager can obsess over oil filters or the voltage on the lighting circuit, and the sixteen antenas advertised in the broshure were,in fact installed
realy, wtf?, it's not like anybody is unaware that something like 10 billion things are conected to the net, and dozens, ? hundreds, of actors are doing there best to slurp up every last scrap of data, ha!, that they can
the worst part is that it would be no surprise to find out that the bus comes with
a monitering contract that is in effect.
next it will be cranes all sensored up to detect cable stretch or who know what
and didn't china just go ahead and hack the pentagon, but wooooo, Norwiegen bus hacking
wooooo
For obvious reasons, non-CBTC trains are not remotely controllable (CBTC essentially means "remotely driven"). It's all or nothing; either a safety system that inherently accepts the risk, or no way to remotely control the speed, short of fully stopping the train.
If modern cars have been fully remotely controllable for years, why can't police stop often-deadly car chases?
Ditto on air traffic control and small planes; many don't even have in-plane automatic pilots. AFAIK no ultralights ever do.
Most boats are not remotely controllable; even the large container ship that recently damaged a major US bridge didn't.
>If modern cars have been fully remotely controllable for years, why can't police stop often-deadly car chases?
They want to retain the power of discretionary action. If the powers that be employed their 1984 stuff all the time over trivial things people wouldn't support them. Part of this means they don't give the beat cops those toys.
Also, there's a difference between "can be" and "are". Like there's god knows how many numbers of compatibility layers and intermediary systems I bet even if the capability exists it's broken more often than it's not. Diverse software systems take a ton of constant work to maintain.
During the "last years of XP" era you probably could have theoretically taken down half the world's industry on paper but if you tried to do so at scale without literal years of prep and testing you'd have been foiled by the 50% of machines where you payload just didn't work for some obscure reason.
The tests done on the buses showed that they can be stopped as well as otherwise controlled remotely from China. This is way more than diagnostics, and remote control is _not_ something which is common in road vehicles.
International politics does matter. So, yes, a country that is historically hostile, or allied with countries that are hostile, towards yours, gets different treatment.
I wasn't aware of that, thanks. But still, if you go buy a car right now, I doubt they are going to make it a sales pitch that you are not the only one who can control your car.
There are limits to what can be put into the fine print as well. We probably need to revisit though rules, but you can't get away with anything just by putting it in the fine print.
"You can't have busses roaming around with no way to turn them off remotely."
Hm? Not a single bus on the road in my city can be turned off remotely. There's never been one ever, since bus transport started. So why should, no, must, that be a feature of new buses?
Look at what I replied to. The claim was "You can't have [buses] roaming around with no way to turn them off remotely".
As if there's some general rule or agreement that it MUST be possible to turn buses off remotely. What I stated was that of course there's no such mandate.
And when I said "Not a single bus on the road in my city can be turned off remotely", that's the truth. They can't. They're all diesel, so there's not even a remote possibility of a hidden esim-powered switch.
Why did the post I replied to claim that it must be possible for buses? And why did you assume that I meant something else, and that all buses are electric?
I’m pretty sure turning off the bus is something the bus driver can do. It’s not like buses were wildly roaming around before cellular networks were invented…
Kinda explains why nothing is being done in Poland about hunters accidently killing lots of people, mistaking them for boars. If you crack down on hunters, you can't have them control the population of wild buses.
Do you imagine some benevolent authority sits in your town with a finger on the kill switch for every vehicle in motion?
If it were in the specs from the beginning, there would be no issue. This isn't a "click here to accept" thing; multiple people scan the technical data in these projects.
It fell down to an anti-monopoly decision by a single person in the EU ministry, who killed the proposal. Several attempts were made to streamline the merger, but she wouldn't budge.
As a result, CRCC continues to win contracts abroad, largely (it is believed) by undercutting competition. IP theft is known to be one objective of their at-loss or low-profit contracts (I've been involved in fighting that, specifically).
It's hardly a stretch to imagine that having control of the rail in countries that might oppose you militarily is strategically huge.
This article is about busways, but the parallels are obvious.
Surveillance tech in products doesn't necessarily imply grey zone warfare. But that doesn't make it a good thing either.
Poland put out a separate bid for manufacturing and servicing of their locomotives and one company won the manufacturing bid while another won the servicing bid.
The servicing company was unable to get the trains into working order and after hiring hackers accused the manufactoring company of bricking the software on purpose by including geo-fences where the trains would no longer work after arriving at the servicing company's property.
Perhaps the interesting part to me was Dragon Sector's (the hackers) claims that the software needs to be blessed so although they discovered problems they never changed anything because they don't have the authority to bless it and heavily imply that the fact that the manufactoring company is changing the software at will is illegal.
The changes by the manufactoring company had an (undisclosed) activation sequence added to it so you didn't need to modify the software in order to get the train working so the servicing company never actually modified the software.
https://www.youtube.com/watch?v=XrlrbfGZo2k
https://www.ifixit.com/News/112008/polish-train-maker-is-sui...
It's really confusing that the EU don't consider this "dumping". I thought that was this big thing that they cared about.
And that competitive advantage could presumably give them more scale?
Your second sentence is quite a jump, however: "It won't be as big, so there's no point in trying to compete at all."
The things you see in EU public tenders is just amazing, especially when they's little to no competition.
Can you give examples of what you (obviously, since you're commenting) have seen, and how typical it is?
People employed there optimize for winning them (at any cost - quid-pro-quo agreements aren't rare in my experience). It's common for several such companies to collude in a way that they get awarded the tenders in a circle ("I get this one, next one is for you.")
Afterwards, they outsource the work to the cheapest lowest bidder (usually IT studends in the cases I've seen for software development, but essentially they'll be bottom of the barrel juniors). The quality of such products is about the same as the quality of any outsourced product which is built only to satisfy a checklist at the end. The US equivalent of that would be a corporation getting a defense contract and then basically have everything built by the cheapest outsourcer in India or similar location. Funny enough, university labs (or spinoffs) tend to be major part of this ecosystem, using grad students as workforce - their credentials tend to give them legitimacy over smaller companies.
The results are as disastrous as you can expect - companies a HNer could expect to win usually don't (due to lack of specialized knowledge on how to game the tender process, lack of connections and cost) and those that do are really there to do the bare minimum, shed the work as much as possible and deliver something they can't get sued over.
It's also not uncommon to see whole chains of such companies - the winner sometimes shares some outsourcing work with "losers" they outsource work further, skimming the funds on top and essentially outsourcing everything to the cheapest engineer they can find.
Dealing with any public EU project has been nothing but misery for me personally (as you can imagine from this post :) and this environment bred some of the most toxic workplaces I've worked with. The products were universally terrible and rarely actually useful for the purpose.
As much as I want independent EU software ecosystem, I don't think using public funding can breed anything but more corruption.
Well, you described what happens when you outsource everything.
Governments used to ... gasp ... employ people to do tasks so that you didn't have to outsource every single piddly task. And since those employees could do the tasks, there was a floor such that selecting nobody and doing it in house was always an option.
Yes, that has different failure modes. However, you have more levers over those failure modes as opposed to a single lever of "Head to court and try to win a legal case."
I mean, if you’re at a place that uses staff aug and managing a project it’s just something you have to watch out from your vendors as table stakes. Whenever a new vendor was hired my fellow low level managers would be making bets on how long before they switched out their best guys with some fresh out of college junior that they’d give a fancy title to.
You create a political class full of lawyers, and you get a country where lawyers thrive, who would have thought?
https://academic.oup.com/yel/article/doi/10.1093/yel/yeac009...
Hitchen's Razor.
"Everyone knows" is always a dangerous place to stand in any argument.
If you have two large, slow, bureaucratic and uncompetitive companies, then merging them together won't make the resulting giant less so, but the contrary, it'll be even more inefficient and uncompetitive, and then expect government bailouts because now they're too big to fail.
If you believe it, the "I know they are bad" -> "but we need to complete with the boogie man" -> "we need to build our own monopoly" argument is just confusing. So we should make worse products to be competitive?
If you don't believe it, you should be explaining why monopolies make better products, not arguing that desperate times call for desperate abandonment of logic.
Who the fuck invented that logic of "those companies prices are too high, we have to let them consolidate into a monopoly so they lower their prices"?
China turning off your transportation is.
Civilian transportation has numerous vital roles in supporting a nation during a war.
The two train companies that couldn't merge can still make trains, and still sell them to whomever they want. European purchasers can still buy them. And after reading articles like this one, these two companies have a big competitive advantage: they don't include Chinese backdoors. Maybe they're small now, but if the Chinese train/bus/etc. manufacturing companies end up being blacklisted in the EU, these two companies will grow. And, better yet, there will still be some healthy competition in the space.
I'd like to post some questions for thought:
1. What is exactly the bidding process of that particular transaction the OP described?
2. What is exactly in the contract? Does it force the Chinese company to use a lot of local companies for sub-contracting, at the same time keeping a very low profit? In essence, this basically means the EU companies grabbed the biggest share while the Chinese company just got the job. I'm not saying this is the case, but I highly doubt it IS the case as I heard similar stories from other companies.
My sense is that conspiracy theorists are essentially a cron job crying "Wolf!" every 60 seconds. The occasional real-world wolf does not justify paying any attention to the alarms. OTOH, it's a false dichotomy to believe that the false alarms prove the non-existence of wolves.
Just like someone has the capability to do with virtually everything we have running software.
Siemens (Germany) and Alstom (France)
> It fell down to an anti-monopoly decision by a single person in the EU ministry, who killed the proposal
Margrethe Vestager, the European Commissioner for Competition at the time (2019). At the time of the decision, she said "No Chinese supplier has ever participated in a signaling tender in Europe or delivered a single very high speed train outside China. There is no prospect of Chinese entry in the European market in the foreseeable future." This has since been proven to be a bad prognostication, as China Railway Signal & Communication (CRSC) is actively deploying its ETCS Level 2 signaling system on the Budapest–Beograd railway line in Hungary[1]; and China has delivered trains to Serbia, leased trains to Austria's Westbahn, acquired German locomotive manufacturer Vossloh Locomotives, and participated in a public tender in Bulgaria for electric trains.
She is no longer in that position. She has as of 2024 become "tough on China,"[2] acknowledging mistakes made in the past and touting how "China came to dominate the solar panel industry... and is running the same game now, across strategic industries including electric vehicles, wind turbines and microchips."
She now says Biden's IRA was a mistake, that Europe has been de-industrializing and that is not a good thing, and that Europe has been too afraid to impose tariffs on China out of fear of retaliation from China.
It sounds remarkably similar to the MAGA playbook on trade and re-industrialization.
[1]https://www.railwaygazette.com/infrastructure/china-railway-...
[2]https://www.politico.eu/newsletter/brussels-playbook/vestage...
> ...acknowledging mistakes made in the past "
That's falling somewhat short of admitting she alone fucked that situation up. The US and Canada had already given permission for the merge to bypass antitrust laws.
I do agree that the global market is causing quite some trouble, although that could be avoided by most (all?) countries being nice to each other. Or even excellent to each other!
That still would come at a hefty price for china as that means no or way lower income for quite a lot of chinese companies and people.
I that regard I guess the anti-monopoly law is working ?
The remark stands as yet another regrettable instance of history echoing itself – a lamentable parallel to that uttered by Sir Claude Maxwell MacDonald, whose acquisition of a 99-year lease over the New Territories of Hong Kong on behalf of the British Crown from the Qing dynasty was justified with the breathtakingly short-sighted assertion that it was «as good as forever».
One observes, with increasing weariness, that politicians – regardless of generation or supposed pedigree – remain obstinately immune to the most elementary of truths: history is neither linear nor predictable. It twists, recoils, and devours the complacent. Political decision-making, therefore, ought never be entrusted to those governed by the ephemeral whims of populism – it demands the discipline, foresight, and cold precision of a strategist trained not merely to react, but to foresee. Alas – such minds are in tragically short supply.
If the problem is that Chinese companies are shipping train firmware with backdoors, then you need to ban those companies. Problem is, given the Newag situation[0], I don't think they can actually do this at the level of individual procurements. So they need specific EU directives banning this behavior and explicitly adding a process by which procurement can ban suppliers for prior noncompliance. What facilitating an illegal merger will do is reduce the EU's bargaining power with industry, ensuring that we get more backdoored trains and more risk.
[0] Short version: they got caught shipping firmware that bricks the train if you take it to a third-party repair shop, even though the contract specifically mandated Newag provide repair manuals. EU agencies and member states do not have the power to disqualify Newag from future tenders for failing to adhere to prior ones, so they keep winning contracts
> EU agencies and member states do not have the power to disqualify Newag from future tenders for failing to adhere to prior ones
That seems like a problem that can be fixed, given the political will to do so.
You can write whatever you want into a contract, but if you have no way to validate it, it's meaningless.
Also, the state-owned (and subsidized) Chinese company that doesn't have to play by the West's antitrust rules doesn't need to worry about your "contagion" concerns.
3rd party audit like everything else?
I'm not talking about checking a compliance box, I'm talking about actually confirming no backdoor exists.
So what's the point of a regulation that can't be enforced?
Ok.
Go complain somewhere else because this discussion is not productive.
I think this is especially not that big a deal considering the national security implications. I expect Norway would contract with a non-Chinese company for bus, rail, everything from now on due to that, regardless of whether or not they are smaller than the CRCC.
This finding has been consistently true since people have started measuring merger outcomes, "we find that each merger is associated with a quality decrease (increase) in markets where the merging firms had (had no) pre-merger competition with each other, and the quality change can have a U-shaped relationship with pre-merger competition intensity. Consumer gains/losses associated with quality changes, which we monetize, are substantial " – https://www.sciencedirect.com/science/article/abs/pii/S01677...
It is doubtful that merging two companies would have improved the EU's capability to compete with Chinese state operators. On the other hand, lowering the capital threshold to create a new entrant would definitely improve the EU's competitive position and capabilities, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=cele...
But if you're more consequentialist, you might take it on a case-by-case basis.
In the abstract, I agree that we shouldn't tell two people whether or not they can associate with each other. But corporations? That's very different.
https://ec.europa.eu/commission/presscorner/detail/es/ip_19_...
This will probably get fixed with software audits necessary for compliance under the NIS2 directive. The EU fixed the problem with more regulation and bureaucracy, ensuring that only the big boys can comply. Protect us from China by becoming China?
Our companies meanwhile are all turning in John Deere, and I'm glad the merger was blocked.
The security part, obviously I do care but this article says very little about it.
"A slap in the face is more effective than ten lectures. It makes you understand very quickly." —Leopold van Sacher-Masoch
Siemens received the slap in the form of Stuxnet. Industrial controls and transport are not the same business unit, but enough of the message got around internally.
I firmly believe Alstom would not be making such garbage today, at least not from a cybersecurity perspective, had this merger gone ahead. And, let's say, I know quite well exactly what type of hot garbage they unfortunately continue to make.
It's a shame.
Also, why would they purchase busses that they thought couldn't be remotely monitored or controlled?! That seems like a very valuable feature for public transport.
The ones at the top, assuming they're not asleep/drunk at the wheel/there at all, don't have to do much. The machine operates itself.
Here in the US, all of our vehicles have SIM cards and they have for decades. They sent off God knows what data, to God knows who, and they remotely receive commands, too. Could you car be hacked? If it was, would you ever be able to find out? Both of those questions are not easy to answer.
Really, ALL of our tech works this way. That Android phone? It has countless binary blobs doing who-knows-what. It runs proprietary code at ring 0, and has access to the cellular bands. If it was compromised, you wouldn't know, especially if the attack was targeted. The people making the software and hardware are already "exploiting" it right now - mostly to gather data for advertising, ostensibly. But how do you know these systems are secure? We're talking millions of lines of C code, interfacing directly with the hardware, running at maximum privileges, written by people you don't know, which cannot be audited.
God?
Trucks and busses remain with the parent Volvo AB.
The only difference is who could potentially use the backdoor, and yes Sweden seems slightly less poised to attack Norway than China. At least these days. Because, let's face it, the Swedes owned Norway back in the day and them wanting their oil-rich lucky cousin back at home is deranged but not as much as the Chinese wanting the fjords....
See: https://cyberdefence24.pl/cyberbezpieczenstwo/blokady-w-poci...
Here, an article (from June 2025) about Chinese buses full of cameras and other sensors driven regularly inside secret Norwegian army bases. Those buses are to be used during a war or a crisis.
I’m arguing that crippled antitrust and anti-consumer practices are part of the problem that led to Chinese buses full of cameras being deployed in western countries.
I’ll go a step further and claim DMCA, anti-reverse engineering and other copyright-protection policies have further crippled the ability of the west to detect and prevent such foreign tech influence.
And those buses stink like inside of a plastic factory. Never been to a plastic factory, but rode these buses. And the smell is strong even a year into use. Makes you wonder if China has same rules for carcinogenic plastic in consumer goods.
For context, for a short while I wrote SW for auto BCM's albeit the security stuff not the drive your batteries stuff.
If a state wants to hide strategic "war/espionage" control, they don't use eSims and open mobile communications, trivially discoverable and traceable. Sounds like some bs "IoT" / telemetry shit manufactures are shoving down our throats for over a decade.
The other side is feigning shock at common industry practices (don't all Tesla's require a net connection for example), to paint it as some unique issue, and kill their sales. In other words , just another episode in the trade war.
Not unlike the DJI drones, which added all kinds of shit because the regulators demanded it, and then they act surprised that it has that shit...
https://uavcoach.com/dji-ban/#7
BYD electric busses have recently rolled out where I live in Sweden.
It's not clear in the article how exactly they discovered it, but by the text that mentions it, I do get the impression they just came across the SIM ports/cards themselves:
> internal tests at a secure facility found Romanian SIM cards inside the buses
But it could also have been that they put the entire bus in a giant Faraday cage (or similar) and tried to see if it emits anything. If they did that, then eSIM or SIM wouldn't have matter, nor where on the bus it was, they'd eventually see it. But if they just physically came across it, then maybe eSIMs would allow them to place them in less accessible areas. But then maybe that wouldn't matter anyways, if the SIM cards are permanently attached anyways.
Bottom line, hopefully wouldn't have made a difference.
Press release (Norwegian): https://www.mynewsdesk.com/no/ruter/pressreleases/ruter-tar-...
And that's what they did. If that was necessary for the conclusions is not said in the article. Only that the remote access could
The conclusion by the team was that the buses can be remotely stopped or bricked by the manufacturer.China disabling our buses? Really? That would be insanely petty and useless. I think maybe we're straining at gnats and swallowing camels, considering virtually all our phones, computers, TVs etc. come with auto update features, usually giving someone in the US the theoretical capability to brick it. And considering what was done to Karim Khan, I'd say they're far more likely to actually use it.
- https://www.theregister.com/2021/02/12/supermicro_bloomberg_... - https://www.wired.com/story/gigabyte-motherboard-firmware-ba...
Soooo, yeah.
By tecchies.
That’s like adding “In Mice,” to headlines of biological breakthroughs.
It’s quite clear that a fairly significant majority of customers don’t hate Apple. They aren’t “brand slaves,” like Harley riders (anymore), but people clearly vote with their wallets.
Microsoft always had the “My work requires it” thing going, but only a couple of industries are majority Apple.
Like it or not, people pay personal money for Apple kit, and they are a demographic that marketers drool over.
It's all the other stuff made in China that is the worry, not the stuff designed by Apple, or Google.
Bus drivers in Norway are binary people. They either press the accelerator or they press the brake. Most drivers call it leg day, because you spend the entire day pushing on these peddles as hard as you can.
Our existing buses have terrible acceleration, which helps a lot with the comfort of the bus ride. But for some unknown reason someone decided that the bendy busses should have the only wheels with power, in the rear of the bus, after the bend. So any slight hill that is slippery from a bit of snow or frost, now becomes a a comedic video of buses trying to drive up before they flop in the middle of the bend and slide back down again.
Danish authorities in rush to close security loophole in Chinese electric buses
https://www.theguardian.com/world/2025/nov/05/danish-authori...
(I think some early implementations worked via transponders in bus stops, but that's obviously a huge pain to roll out and maintain.)
They don’t review Windows machines either after the Snowden revelations.
How many wars did the Chinese start in the past century?
1929 – Sino-Soviet Conflict (Chinese Eastern Railway) — ROC authorities moved to seize the CER in Manchuria; the USSR responded militarily. (Initiation: ROC seizure.) 1954–1955 – First Taiwan Strait Crisis — PRC began large-scale shelling of Kinmen/Matsu and amphibious operations (e.g., Yijiangshan). (Initiation: PRC artillery/offensives.) 1958 – Second Taiwan Strait Crisis — PRC opened intense bombardment of Kinmen/Matsu. (Initiation: PRC artillery.) 1962 – Sino-Indian War — PRC launched major offensives in October after a series of frontier incidents. (Initiation: PRC large-scale attack; India calls it unprovoked, PRC says “counter-attack.”) 1967 – Nathu La & Cho La clashes (India border) — Firefights erupted while India was fencing the pass; Chinese forces are generally assessed to have fired first at Nathu La. (Initiation: PRC fire in initial clash.) 1969 – Sino-Soviet Border Conflict — PLA ambushed Soviet troops on Zhenbao/Damansky Island in March; further clashes followed. (Initiation: PRC ambush.) 1974 – Battle of the Paracel Islands (vs South Vietnam) — PLAN/PLA forces expelled RVN units and took full control of the Paracels. (Initiation: PRC naval attack in contested area.) 1979 – Sino-Vietnamese War — PRC invaded northern Vietnam in February. (Initiation: PRC cross-border invasion.) 1984–1989 – Sino-Vietnamese Border War (post-1979 phase) — PRC mounted periodic offensives and artillery duels (e.g., Laoshan/Johnson Mountain). (Initiation: multiple PRC attacks in a protracted conflict.) 1988 – Johnson South Reef Skirmish (Spratlys, vs Vietnam) — PLAN engaged Vietnamese forces and seized the reef. (Initiation: PRC assault during standoff.)
Internal (civil/unification campaigns) 1926–1928 – Northern Expedition — ROC (KMT) launched a national unification war against warlords. (Initiation: ROC campaign.) 1930–1934 – Encirclement Campaigns against the Chinese Soviet — ROC initiated successive large operations against CCP base areas. (Initiation: ROC offensives.) 1949–1950 – Hainan & Zhoushan/Coastal-Islands Campaigns — PRC amphibious operations against ROC-held islands during the civil war endgame. (Initiation: PRC landings.) 1950–1951 – Tibet (Chamdo campaign → occupation) — PLA entered eastern Tibet and compelled the Seventeen-Point Agreement. (Initiation: PRC invasion; PRC frames as “peaceful liberation.”)
Regardless, not sure why any of this matters. I'm not one of those "China bad!" hand-wringers, but if you don't believe the Chinese government is a threat to western countries' sovereignty and economies, I've got a bridge I'd like to sell you.
that neither help nor comfort the fisherman. being third or fourth at the Oppression Olympic doesn't mean that less oppressed people have to suck it up and roll over.
what a weird line of reasoning.
Again this isn't just PRC doing it, this is 5 party dispute and most sides are doing their own law enforcement, up until recently with more militarized means like actual weapons discharge - PRC CG wasn't even armed until recently and they're still using relatively mild measures.
The OG comparison was Gaza, the parallel to these fishermen are closer to hamas insurgencies invading sovereign Israeli territory on the grayzone to legal spectrum. But what they are not, are "innocent", Gazans getting repressed (blown up) in their homes.
And what's the going rate for posting this nonsense online?
Personally, I'd like to skip over all of the buildup and go straight to hoverboard mafia pizza delivery.
I need to re-read that book, one of my all time favourites.
Why Israel Just Banned 700 Chinese Cars from Its Military—And What It Means for Security - https://securityboulevard.com/2025/11/why-israel-just-banned...
IDF recalls 700 Chinese EVs used by senior officers over security concerns - https://www.thejc.com/news/israel/idf-recalls-chinese-evs-se...
(Teasers ... aren't especially conducive to "intellectual curiosity and thoughtful conversation": <https://news.ycombinator.com/item?id=13108404> <https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...>.)
next it will be cranes all sensored up to detect cable stretch or who know what
and didn't china just go ahead and hack the pentagon, but wooooo, Norwiegen bus hacking wooooo
For obvious reasons, non-CBTC trains are not remotely controllable (CBTC essentially means "remotely driven"). It's all or nothing; either a safety system that inherently accepts the risk, or no way to remotely control the speed, short of fully stopping the train.
If modern cars have been fully remotely controllable for years, why can't police stop often-deadly car chases?
Ditto on air traffic control and small planes; many don't even have in-plane automatic pilots. AFAIK no ultralights ever do.
Most boats are not remotely controllable; even the large container ship that recently damaged a major US bridge didn't.
They want to retain the power of discretionary action. If the powers that be employed their 1984 stuff all the time over trivial things people wouldn't support them. Part of this means they don't give the beat cops those toys.
Also, there's a difference between "can be" and "are". Like there's god knows how many numbers of compatibility layers and intermediary systems I bet even if the capability exists it's broken more often than it's not. Diverse software systems take a ton of constant work to maintain.
During the "last years of XP" era you probably could have theoretically taken down half the world's industry on paper but if you tried to do so at scale without literal years of prep and testing you'd have been foiled by the 50% of machines where you payload just didn't work for some obscure reason.
Every road vehicle sold today has a sim card, most for diagnostics, some for remote control.
Even you admit that most of them aren't for remote control, so what are you agreeing with?
Not putting this information in the fine print is fraudulent behaviour
Hm? Not a single bus on the road in my city can be turned off remotely. There's never been one ever, since bus transport started. So why should, no, must, that be a feature of new buses?
And when I said "Not a single bus on the road in my city can be turned off remotely", that's the truth. They can't. They're all diesel, so there's not even a remote possibility of a hidden esim-powered switch.
Why did the post I replied to claim that it must be possible for buses? And why did you assume that I meant something else, and that all buses are electric?
Edit: Typo
Do you imagine some benevolent authority sits in your town with a finger on the kill switch for every vehicle in motion?
If it were in the specs from the beginning, there would be no issue. This isn't a "click here to accept" thing; multiple people scan the technical data in these projects.