This is a little unnerving.
http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/
http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/
-
Please take a moment and update your account profile. If you have an updated account profile with basic information on why you are on Air Warriors it will help other people respond to your posts. How do you update your profile you ask?
Go here:
Edit Account Details and Profile
YIKES!
- Thread starter jmcquate
- Start date
Now, I have no idea what the network architecture in your average passenger jet looks like, but I read a piece after this whole "terrorists are going to hack into the aircraft network" scare went up a few weeks back. The author was fairly adamant that the network that controls the functioning of the aircraft is completely separate from anything the passengers might access in the cabin through the in-flight entertainment system or Wi-Fi.
Color me skeptical.
Color me skeptical.
Agree. I find it hard to believe the design of those systems would allow for such tomfoolery, but what do I know.
The article I read said the hacker made the plane fly "sideways"....
Are we talking Galaga/Space Invaders-esque sideways, or what? If so, make him hacker of the year
The article I read said the hacker made the plane fly "sideways"....
Are we talking Galaga/Space Invaders-esque sideways, or what? If so, make him hacker of the year
I read that bit this morning too. I am also a bit skeptical. One, that the in-flight entertainment servers are in any way connected to the flight control computers. Why would they be? There's no reason to build that capability into the system. It's kind of the Hollywood "all computers can talk to all other computers because they're computers" mythology. And second, this guy supposedly hacked into the auto-throttles on a flight he was on. Doesn't fucking around with flight controls on a plane you're flying in seem kind of excessively dangerous even for the most hard-core black hat hacker?
This comment on MetaFilter gives some good background on the situation.
(Yes, IFE systems are connected to the flight computers - how else do you think you see your position, airspeed, ground speed, OAT, ETA, ETE, etc?)
(Yes, IFE systems are connected to the flight computers - how else do you think you see your position, airspeed, ground speed, OAT, ETA, ETE, etc?)
Care to translate that comment thread for those of us who aren't 733t?
Not the first time this capability has been tested/demonstrated.
http://www.bloomberg.com/bw/articles/2013-04-12/hacking-an-airplane-with-only-an-android-phone
http://www.economist.com/blogs/gulliver/2014/11/hacking-aircraft
I thought after the initial demonstration that all critical systems were supposed to be air gapped. Although it has been shown that even an air gap isn't enough to protect a system anymore. Any discussion involving further details would have to happen high side.
http://www.bloomberg.com/bw/articles/2013-04-12/hacking-an-airplane-with-only-an-android-phone
http://www.economist.com/blogs/gulliver/2014/11/hacking-aircraft
I thought after the initial demonstration that all critical systems were supposed to be air gapped. Although it has been shown that even an air gap isn't enough to protect a system anymore. Any discussion involving further details would have to happen high side.
I would want a more credible source than a dude posting in the comment section of a website, but at least he backs it up with some technical data that sounds plausible to my admittedly limited understanding of TCP/IP. Either way, his statement would seem to contradict the claim that the article is making. Take that for what it's worth. I'm still highly skeptical of the original claim that the "security researcher" took control of the aircraft's engines or other flight related systems. Possible? Perhaps, but highly improbable.
BLUF: while in flight entertainment systems and cockpit systems may share a common data link and bus for weight reasons, the underlying structure of the network (ARINC 664 nee Avionics Full Duplex Switched Ethernet) keeps unexpected machines from accessing the network.
*begin nerrrrrdsssss*
Standard Ethernet (10BaseT, 802.11x [wireless], etc.) is half duplex - only one station can transmit at a time, and if 2 or more transmit at the same time, a "collision" occurs, and everyone backs off for a random amount of time. Such networks only require simple hubs that are the equivalent of twisting a bunch of Ethernet cable together, but are easily expanded via plugging in to the hub or joining the wireless network.
Full duplex networks, where stations can transmit and receive at the same time, require more advanced hardware that can switch up the connections between stations so that they're only talking to each other at any given time. This type of network is still easily joined, but can be more secure if the network switch supports it. Still hackable, though.
ARINC 664, built on top of full duplex ethernet, takes this a step further, using highly advanced, specialized hardware to perform switching functions, dedicate bandwidth to critical stations, and police network traffic. The network structure is defined when the it is first physically created and cannot be easily modified. That is, you can't just plug into the network and start transmitting as you can with standard Ethernet. Furthermore, individual nodes have defined roles such as input only, output only, input/output - and can't be changed easily. (It requires physical access to the network controlling hardware.)
*begin nerrrrrdsssss*
Standard Ethernet (10BaseT, 802.11x [wireless], etc.) is half duplex - only one station can transmit at a time, and if 2 or more transmit at the same time, a "collision" occurs, and everyone backs off for a random amount of time. Such networks only require simple hubs that are the equivalent of twisting a bunch of Ethernet cable together, but are easily expanded via plugging in to the hub or joining the wireless network.
Full duplex networks, where stations can transmit and receive at the same time, require more advanced hardware that can switch up the connections between stations so that they're only talking to each other at any given time. This type of network is still easily joined, but can be more secure if the network switch supports it. Still hackable, though.
ARINC 664, built on top of full duplex ethernet, takes this a step further, using highly advanced, specialized hardware to perform switching functions, dedicate bandwidth to critical stations, and police network traffic. The network structure is defined when the it is first physically created and cannot be easily modified. That is, you can't just plug into the network and start transmitting as you can with standard Ethernet. Furthermore, individual nodes have defined roles such as input only, output only, input/output - and can't be changed easily. (It requires physical access to the network controlling hardware.)
English translation: smart network engineers should be able to set up the IFE network to receive data from the aircraft nav system, but reject packets going from the IFE system the other way. Of course, this is ignoring any potential vulnerabilities in the components themselves, which might let a hacker trickfuck this arrangement.
The guy is now in serious backpedaling mode, saying his claims of taking control of an aircraft were "taken out of context and misinterpreted." Probably what I would say too, if my hyperbolic publicity stunt had backfired and the FBI was breathing down my neck.
http://www.theguardian.com/technolo...ized-control-boeing-airliner-disputed-experts
http://www.theguardian.com/technolo...ized-control-boeing-airliner-disputed-experts
Apparently this guy is used to making ridiculous claims:
http://news.yahoo.com/nasa-alleged-plane-hackers-boast-breaching-space-station-173731094.html
If it looks like a duck and quacks like a duck...
http://news.yahoo.com/nasa-alleged-plane-hackers-boast-breaching-space-station-173731094.html
If it looks like a duck and quacks like a duck...