SoylentNews is people
SoylentNews
El Reg reports:
The FBI has accused a security researcher of hacking into the entertainment system of a United Airlines plane mid-flight, before causing the aircraft to temporarily fly "sideways".
Infosec bod Chris Roberts allegedly made that audacious claim to Feds' special agent Mark Hurley, who subsequently applied for a search warrant to examine Roberts' seized electronic devices.
Thirteen items, including thumb drives, a MacBook Pro laptop and an iPad Air were confiscated from Roberts on 15 April this year, after the researcher exited a United Airline flight in Syracuse, New York, according to the Feds' affidavit (PDF).
Roberts, who founded One World Labs, has been quizzed twice by the FBI over the course of the past few months.
He apparently told the Feds that he had hacked into the inflight entertainment systems of Airbus and Boeing aircraft roughly 15 to 20 times between 2011 and 2014.
A story from the BBC has a different perspective on the situation:
Prof Alan Woodward from Surrey University told the BBC he found it "difficult to believe" a passenger could access and manipulate flight control systems from a plug socket on an aircraft seat.
"Flight systems are typically kept physically separate, as are any safety critical systems," he said.
"I can imagine only that someone has misunderstood something in the conversation between the researcher and the FBI, someone is exaggerating to make a point, or, it is actually possible and the aircraft manufacturers have some urgent work to do."/blockquote
The researcher in question, Chris Roberts said on twitter, "There's a whole five years of stuff that the affidavit incorrectly compressed into 1 paragraph... lots to untangle".
(Score: 3, Interesting) by isostatic on Monday May 18 2015, @05:55PM
I was struggling to think of a reason to connect the IFE and Flight systems together. I came up with the following:
Moving Map
The moving map needs to have the location of the plane sent to it
Tannoy
The Pilot needs to be able to talk to the passengers, which usually involves pausing the IFE, and involves audio passing over the same system as IFE.
Now this could be done via relays and similar, and certainly should not be done in the IP domain -- the flight control system would talk to the dirty network via a GPI interface or similar, and the audio from the pilot/cabin crew could be fed in via an analog feed (as well as to a separate emergency system) that involves nothing more than an amp)
This would really limit the risk, however I could see that for simplicity someone could have thought "why not just have everything on the same network". I can't see how that would ever have happened though.
(Score: 2) by bob_super on Monday May 18 2015, @06:56PM
When you have triple-redundant IT systems all over the place (the pilot's end, not the cattle side), nothing is really simple.
Don't forget that the same audio system has to allow the crew to talk to the pilots, also supports the cabin door lock, and various cameras. All under a "lighter is better, and let the contractors write safe code" rule.
(Score: 2) by LoRdTAW on Monday May 18 2015, @07:20PM
Doubt that. A standard GPS receiver can do that without anything from the aircraft's internal systems. Same with air speed. It doesn't have to be accurate at all, just a reference for passengers.
This might be one likely point of entry but I can't see the manufactures being that stupid (though I wouldn't be too surprised otherwise.) How did they perform PA announcements before IFE? I would imagine the pilot selects the channel to transmit over and the PTT button activates the audio channel attached such as a PA amp. For the IFE, its channel channel turns a digital input on for the IFE and it then listens on an analog input channel. That is much more simple and probably they way they went.
(Score: 2) by VLM on Monday May 18 2015, @08:31PM
For the map, never spend money you don't have to, and for a passenger entertainment you could just play a movie of a simulated moving map. I don't think anyone would care.
Yet going the other way around, they build planes to last a long time and you can safely assume someones going to be announcing something to passengers in 50 years, assuming we're still flying cattle car planes in 50 years, yet the IFE system would have been ripped out and replaced maybe 3 times by 2065, with 4K, then head mounted 3d displays, then some star trek holodeck stuff or something, so given how light a speaker and a piece of wire is, just run a couple PA speakers separate from the IFE and call it good.
The funniest part about the whole story, from a guy who knows a little flying and avionics and has friends who are actual pilots, is none of the journalists, the fbi/cops, the researcher, or conference participants seem to know anything about aviation leading to some utterly bizarre stories being reported. Its the modern version of witchcraft trials and debates about how many angels can dance on the head of a pin. I made the plane climb and move sideways... sure you did, sure you did. Did you know the hippies surrounded the pentagon and made it levitate during the Vietnam war? They blew all the pipes up by simultaneously flushing all the toilets too. We always got our boogeymen, need them to keep rollin in the dough.
Maybe what happened was he F'ed with the passenger entertainment IFE moving map display and changed that.
The comedy of the whole story is you don't have to worry "so much" about remote hackers making RC airplanes so much as idiot maint workers causing cascading failures of complicated interconnected systems they don't understand, or simple DOS/DDOS type work just snip this wire that runs thru the bathroom wall and not only does the IFE shut down but so does the engine computer LOL or whatever. We're basically re-living my youth in the 80s with a slightly re-written "wargames" terror campaign by the journalists and security-industrial complex, all a load of BS.
(Score: 2) by isostatic on Monday May 18 2015, @10:25PM
Maybe what happened was he F'ed with the passenger entertainment IFE moving map display and changed that.
That makes sense, if you assume everyone involved is a complete idiot.
I can't think of any other explanation though. I originally gave benefit of the doubt and assumed that the IFE system must be linked somehow to the cockpit system for some ridiculous reason that would never pass any design board (I hope), and somehow he managed to send an instruction to the autopilot.
However the maps I see on planes (and I fly more than most according to the poll) are not recordings -- they record the circling near airports, take different routes, etc. An independent GPS would be fine, but I suspect it's not an independent GPS.
The integration would be to pause the IFE when the captain comes on to tell you about turbulence, or the weather at the destination, etc.
(Score: 2) by FatPhil on Tuesday May 19 2015, @08:50AM
At no point does data need to pass from the *untrusted* domain to the trusted one. And the concept of *control* going from the *untrusted* domain to the *trusted* one is right out. (Enabling and disabling the export of certain payloads from the trusted domain can be viewed as passing data representing the state of the untrusted domain, a trivial single bit, where both values have clearly meaning, rather than control. However, there's no reason for enabling/disabling to even be a feature. The trusted domain's state machine is smaller, safer, and more predictable if everything's always on.)
Separate control from payload sensibly, and most of these problems simply evaporate. The mindset behind html+javascript support in email is the problem. Alas most people flooding the IT job market currently are people who've grown up only knowing email clients that support html with javascript. Ahhhh, Good Times...
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by isostatic on Tuesday May 19 2015, @10:16AM
In an ideal world there should be an air gap between the systems, with power being the only systems they share.
However there needs to bein formation from the airside to the cattle side, and that's where the plausibility enters. Yes there should be firewalls and proxies between the sides, ideally separate protocols (hence a gpi suggestion), however I can see a situation where you have a security-free implementation.
Plug in to ife, break into ife server which has two network cards, one air (for the instructions from the cockpit), one cattle.
Now most of us here wouldn't design such a dumb system, but it's plausible someone did.
However I think it far more likely he broke into the moving map display rather than the actual cockpit. A responsible law enforcement/media/industry would issue a statement with enough details to alieviate concerns, while emphasising that breaking into a system is still a crime, no matter how insecure the system is, however in light of the gaping security hole this time charges wouldn't be pressed and someone (not the original hacker) would be contracted to ensure the system is secure.