Choo Choo Choose to ignore the vulnerability
Smashing Security
Graham Cluley
4.7 • 579 Ratings
🗓️ 16 July 2025
⏱️ 37 minutes
🧾️ Download transcript
Summary
In episode 426 of the "Smashing Security" podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation.
Meanwhile, Carole investigates how Grok went berserk, which didn't stop the Department of Defense signing a contract with Elon’s AI chatbot. So who is responsible when your chatbot becomes a bigot?
Plus: Email headaches, SPF rage, and a glowing review for... Taskmaster SuperMax Plus?
All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Warning: This podcast may contain nuts, adult themes, and rude language.
Episode links:
- Schoolboy hacks into city's tram system - The Telegraph.
- Caboose - Wikipedia.
- Neil Smith discusses his findings - Twitter thread.
- End-of-Train and Head-of-Train Remote Linking Protocol - CISA.
- The Cheap Radio Hack That Disrupted Poland’s Railway System - Wired.
- Grok, Elon Musk’s AI Chatbot, Shares Antisemitic Posts on X - The New York Times.
- X ordered its Grok chatbot to ‘tell like it is.’ Then the Nazi tirade began - Washington Post.
- Hacker uses Elmo's X account to post antisemitic rant and demand release of Epstein files - ABC News.
- Elon Musk Announces Sensuous Grok AI Companion - Mashable.
- Grok Rolls Out Pornographic Anime Companion, Lands Department of Defense Contract - The Rolling Stone.
- Learn DMARC.
- TASKMASTER SUPERMAX+.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!
FOLLOW US:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Privacy & Opt-Out: https://redcircle.com/privacyTranscript
Click on a timestamp to play from that location
| 0:00.0 | I feel like you didn't do a ton of research on train engineering. |
| 0:06.4 | Oh, you'd be surprised. You would be surprised. |
| 0:09.2 | No, I don't know if I would. |
| 0:19.8 | Smashing Security, Episode 426, |
| 0:23.8 | Choo Choo Choo's to Ignore the Vulnerability, with Carol Terrio and Graham Cluley. |
| 0:29.0 | Hello, hello, and welcome to Smashing Security episode 426. |
| 0:32.6 | My name's Graham Cluley. |
| 0:33.9 | And I'm Carol. |
| 0:35.5 | What's coming up on the show this week, Carol? |
| 0:37.6 | Well, first, before we kick off, let's thank this week's wonderful sponsors, |
| 0:42.0 | OnePassword, Adaptive Security, and Vanta. |
| 0:45.7 | It's their support that help us give you this show for free. |
| 0:48.8 | Coming up on today's show, Graham, what do you got? |
| 0:51.3 | I'm going to be taking hacking to the end of the line. |
| 0:54.7 | And I'm going to ask who's to blame when chat assistants go rogue? |
| 1:00.6 | All this and much more coming up on this episode of Smashing Security. |
| 1:07.9 | Now, chums, chums, we all love a train, don't we? A train? Yeah, everyone loves trains. Did you love trains when you were a kid? Like a choo-choo-ch-ch-ch-ch-ch-train. Do you mean like getting on a train? Well, getting on a train, watching trains, pushing trains around on the floor when you're a little kids or watching trains? We used to walk old train tracks |
| 1:28.3 | actually as kids. Did you? That's brave. No, no. Disused ones. Disused ones, yeah. |
| 1:32.9 | That's good. Well, some people are very enthusiastic about them, aren't they? And there can be |
| 1:37.2 | cybersecurity consequences of having a love for trains way back in 2008. A 14-year-old boy in Poland got himself into a spot of bother because he hacked into actually it was a tram system rather than trains. |
| 1:51.1 | But he began to use it as a giant train set. |
| 1:55.1 | He hacked into the trams. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Graham Cluley, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Graham Cluley and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.