Announcement

Collapse
No announcement yet.

"Airliners", meet "hackers"...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by elaw View Post
    The only way I can think of to get 100% guaranteed one-way data flow is something I did in my job once. I actually didn't think it would work until I tried it, but the trick was to take an ethernet cable and actually cut the wires that carry data in the backward direction so transmission could only occur from A to B and not B to A.
    I wonder what kind of communication protocol was that that didn't require acknowledgement from the other side and will happily send information "in the dark" without knowing if there is another part listening or understanding the message.

    --- Judge what is said by the merits of what is said, not by the credentials of who said it. ---
    --- Defend what you say with arguments, not by imposing your credentials ---

    Comment


    • #17
      UDP! Over twisted-pair Ethernet with the NICs at each end set to fixed speed & duplex so no negotiation was needed. I can't remember if it was 10 or 100 megabits but definitely not gigabit.

      I really didn't think it would work, but they finally talked me into trying it and it actually did work.
      Be alert! America needs more lerts.

      Eric Law

      Comment


      • #18
        Interesting to read this BBC news item on a passenger [security researcher] removed from a flight for tweeting about deploying the oxygen masks.

        He'd previously talked with reporters about weaknesses theoretically letting him shut off the engines and connecting to a 'computer under his seat' to view engine data. (isn't that the data normally presented in the media screens - position, speed etc? And if that's what he's referring to certainly there's a lot of difference between viewing read only data presented to the entertainment systems and controlling the engines. But I suppose a security researcher needs to drive up demand for his services...)

        United Airlines banned a security researcher from a flight after he tweeted that he might be able to hack the aircraft's systems.

        Comment


        • #19
          Earlier, he tweeted he thought he could deploy the oxygen masks on board.
          "The stupid is strong with this one." I'd be curious to know what his "security researcher" credentials are, other than owning a laptop computer and maybe having played WoW a time or three.

          A bit of completely baseless speculation: I'm wondering if his comment about being able to access engine data from the computer under his seat derives from how networking is done in cars where all sorts of data is "broadcast" over the network and display devices pick off whatever data they want to display. That in itself doesn't mean you can control anything, it just means there are a lot of different data points you can view if you have the correct interface and software. But that's all based on an *ass*umption that networking in airplanes is done the same way as in cars, which I think is very unlikely if for no other reason than the "not invented here" phenomenon.
          Be alert! America needs more lerts.

          Eric Law

          Comment


          • #20
            And of course, someone on their knees fiddling with cable connections under the seat wouldn't be at all noticeable....would they ?
            If it 'ain't broken........ Don't try to mend it !

            Comment


            • #21
              all bs aside for 1/2 second, i am a bit concerned that boeing and AB have not come out and made public statements regarding the validity of these concerns in general. the statements quoted in the original quoted article in this thread leave W I D E open that the possibility exists.

              frankly, as a guy that boards and flies about 60 commercial flights per year, that scares the shit outta me.

              Comment


              • #22
                It's probably a little like a shipbuilding company claiming the vessels they build are "unsinkable"...
                Be alert! America needs more lerts.

                Eric Law

                Comment


                • #23
                  I'm not an avionics guy but if "Next Gen" is going to rely on GPS then the designers of that system should investigate to determine if GPS is spoofable (reportedly Iran spoofed a US drone and caused it to divert to Iran http://en.wikipedia.org/wiki/Iran%E2...Q-170_incident).
                  One way to help avoid this would be to use GPS, Galileo, and Glonass navigation systems simultaneously.

                  Comment


                  • #24
                    Originally posted by elaw View Post
                    It's probably a little like a shipbuilding company claiming the vessels they build are "unsinkable"...
                    not really. either there is a hardline connection between the internet and the aviation side of the aircraft or there isn't. it's as simple as that. no hardline? no hack. oh, and by hardline i include wifi as well

                    Comment


                    • #25
                      Originally posted by TeeVee View Post
                      no hardline? no hack.
                      The drone that Iran captured had no "hardline", and got hacked. An Internet connection may make hacking an aircraft *easier*, but lack of same doesn't make hacking impossible.
                      Be alert! America needs more lerts.

                      Eric Law

                      Comment


                      • #26
                        Originally posted by elaw View Post
                        The drone that Iran captured had no "hardline", and got hacked. An Internet connection may make hacking an aircraft *easier*, but lack of same doesn't make hacking impossible.
                        i'd be willing to bet there is no encryption of the signals for military drone uses. but if it is encrypted they are obviously using an open system that accepts signals from non-encrypted sources.

                        can that encryption be hacked? sure. but if AES is chosen as the encryption, it would be essentially impossible, although theoretically possible, given about 1 billion years, to hack.

                        Comment


                        • #27
                          Dr Phil Polstra, a qualified pilot and professor of digital forensics at Bloomsburg University, says relax:

                          http://www.forbes.com/sites/thomasbr...ms-fallacious/

                          If you still don't understand the limitations of hacking, try hacking into someone else's mp3 player on your next flight.

                          Comment


                          • #28
                            Originally posted by elaw View Post

                            The only way I can think of to get 100% guaranteed one-way data flow is something I did in my job once. I actually didn't think it would work until I tried it, but the trick was to take an ethernet cable and actually cut the wires that carry data in the backward direction so transmission could only occur from A to B and not B to A.
                            Doesn't that basically make the communication not work? I mean there is plenty of handshaking and flow control via IP that isn't payload stuff.

                            I've never tried it myself b/c I've never had a reason to do so.

                            Comment


                            • #29
                              I heard about this yesterday and wondered if somebody had created a thread on this forum about it.

                              I'm rather skeptical that it is even possible with any A/C built within even the last few years (except maybe the latest like 787 or AB's latest).

                              I'd think that there's no reason for any of the wifi/networking on a plane to have any connection to avionics/etc. I thought many wifi and in-flight entertainment systems are add-ons with no connection at all with the planes systems.

                              The only thing I can think of with say latest is if they've setup message passing between the plane (ala ACARS etc.) and ground systems. Although I did see in one article (maybe even the CNN one) that there's talk of remote control technology in some of these new planes-- that one is a bit scary.

                              Comment


                              • #30
                                Originally posted by Evan View Post
                                Dr Phil Polstra, a qualified pilot and professor of digital forensics at Bloomsburg University, says relax:

                                http://www.forbes.com/sites/thomasbr...ms-fallacious/

                                If you still don't understand the limitations of hacking, try hacking into someone else's mp3 player on your next flight.
                                with the exception of he last 2 sentences of your quoted article.....

                                Comment

                                Working...
                                X