A critical security flaw in US trains, first uncovered by hardware security researcher Neils in 2012, has been neglected by the Association of American Railroads (AAR) for a staggering 13 years. This vulnerability allows any individual to remotely activate a train's emergency brakes using inexpensive equipment costing less than $500. It was only after the Cybersecurity and Infrastructure Security Agency (CISA) issued a security advisory recently that AAR finally began to address the issue. The root of the vulnerability lies in design defects within the wireless telemetry modules located at the rear of trains. Due to the absence of authentication and encryption mechanisms, attackers can exploit Software-Defined Radio (SDR) technology to forge messages, manipulate data, or trigger emergency brakes. Despite Neils' prompt reporting of the issue to AAR in 2012, no resolution was forthcoming until CISA's intervention.