Originally posted by elaw
View Post
Announcement
Collapse
No announcement yet.
"Airliners", meet "hackers"...
Collapse
X
-
--- Judge what is said by the merits of what is said, not by the credentials of who said it. ---
--- Defend what you say with arguments, not by imposing your credentials ---
-
UDP! Over twisted-pair Ethernet with the NICs at each end set to fixed speed & duplex so no negotiation was needed. I can't remember if it was 10 or 100 megabits but definitely not gigabit.
I really didn't think it would work, but they finally talked me into trying it and it actually did work.Be alert! America needs more lerts.
Eric Law
Comment
-
Interesting to read this BBC news item on a passenger [security researcher] removed from a flight for tweeting about deploying the oxygen masks.
He'd previously talked with reporters about weaknesses theoretically letting him shut off the engines and connecting to a 'computer under his seat' to view engine data. (isn't that the data normally presented in the media screens - position, speed etc? And if that's what he's referring to certainly there's a lot of difference between viewing read only data presented to the entertainment systems and controlling the engines. But I suppose a security researcher needs to drive up demand for his services...)
Comment
-
Earlier, he tweeted he thought he could deploy the oxygen masks on board.
A bit of completely baseless speculation: I'm wondering if his comment about being able to access engine data from the computer under his seat derives from how networking is done in cars where all sorts of data is "broadcast" over the network and display devices pick off whatever data they want to display. That in itself doesn't mean you can control anything, it just means there are a lot of different data points you can view if you have the correct interface and software. But that's all based on an *ass*umption that networking in airplanes is done the same way as in cars, which I think is very unlikely if for no other reason than the "not invented here" phenomenon.Be alert! America needs more lerts.
Eric Law
Comment
-
all bs aside for 1/2 second, i am a bit concerned that boeing and AB have not come out and made public statements regarding the validity of these concerns in general. the statements quoted in the original quoted article in this thread leave W I D E open that the possibility exists.
frankly, as a guy that boards and flies about 60 commercial flights per year, that scares the shit outta me.
Comment
-
I'm not an avionics guy but if "Next Gen" is going to rely on GPS then the designers of that system should investigate to determine if GPS is spoofable (reportedly Iran spoofed a US drone and caused it to divert to Iran http://en.wikipedia.org/wiki/Iran%E2...Q-170_incident).
One way to help avoid this would be to use GPS, Galileo, and Glonass navigation systems simultaneously.
Comment
-
Originally posted by elaw View PostIt's probably a little like a shipbuilding company claiming the vessels they build are "unsinkable"...
Comment
-
-
Originally posted by elaw View PostThe drone that Iran captured had no "hardline", and got hacked. An Internet connection may make hacking an aircraft *easier*, but lack of same doesn't make hacking impossible.
can that encryption be hacked? sure. but if AES is chosen as the encryption, it would be essentially impossible, although theoretically possible, given about 1 billion years, to hack.
Comment
-
Dr Phil Polstra, a qualified pilot and professor of digital forensics at Bloomsburg University, says relax:
http://www.forbes.com/sites/thomasbr...ms-fallacious/
If you still don't understand the limitations of hacking, try hacking into someone else's mp3 player on your next flight.
Comment
-
Originally posted by elaw View Post
The only way I can think of to get 100% guaranteed one-way data flow is something I did in my job once. I actually didn't think it would work until I tried it, but the trick was to take an ethernet cable and actually cut the wires that carry data in the backward direction so transmission could only occur from A to B and not B to A.
I've never tried it myself b/c I've never had a reason to do so.
Comment
-
I heard about this yesterday and wondered if somebody had created a thread on this forum about it.
I'm rather skeptical that it is even possible with any A/C built within even the last few years (except maybe the latest like 787 or AB's latest).
I'd think that there's no reason for any of the wifi/networking on a plane to have any connection to avionics/etc. I thought many wifi and in-flight entertainment systems are add-ons with no connection at all with the planes systems.
The only thing I can think of with say latest is if they've setup message passing between the plane (ala ACARS etc.) and ground systems. Although I did see in one article (maybe even the CNN one) that there's talk of remote control technology in some of these new planes-- that one is a bit scary.
Comment
-
Originally posted by Evan View PostDr Phil Polstra, a qualified pilot and professor of digital forensics at Bloomsburg University, says relax:
http://www.forbes.com/sites/thomasbr...ms-fallacious/
If you still don't understand the limitations of hacking, try hacking into someone else's mp3 player on your next flight.
Comment
Comment