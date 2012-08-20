from the Please-insert-disk-7-of-42 dept.
Pen Test Partners: Boeing 747s receive critical software updates over 3.5" floppy disks:
The eye-catching factoid emerged during a DEF CON video interview of PTP's [Pen Test Partners] Alex Lomas, where the man himself gave a walkthrough of a 747-400, its avionics bay and the flight deck.
Although airliners are not normally available to curious infosec researchers, a certain UK-based Big Airline's decision to scrap its B747 fleet gave Pen Test Partners a unique opportunity to get aboard one and have a poke about before the scrap merchants set about their grim task.
"Aircraft themselves are really expensive beasts, you know," said Lomas as he filmed inside the big Boeing. "Even if you had all the will in the world, airlines and manufacturers won't just let you pentest an aircraft because [they] don't know what state you're going to leave it in."
While giving a tour of the aircraft on video (full embed below), Lomas pointed out the navigation database loader. To readers of a certain vintage it'll look very familiar indeed.
"This database has to be updated every 28 days, so you can see how much of a chore this has to be for an engineer to visit," Lomas said, pointing out the floppy drive – which in normal operations is tucked away behind a locked panel.
[...] The key question everyone wants to know the answer to, though, is whether you can hack an airliner from the cheap seats, using the in-flight entertainment (IFE) as an attack vector. Lomas observed: "Where we've gone deliberately looking, we've not found, at this point, any two-way communication between passenger domain systems like the IFE and the control domain. There is the DMZ of the information services domain that sits between the two; to jump between two layers of segregation would be tricky in my view."
(Score: 1) by fustakrakich on Wednesday August 12, @07:10PM (3 children)
Yes, any robust dialectric will do. Use a Faraday cage for RF.
To avoid crosstalk, IFE and the control domain shouldn't even be on the same airplane
(Score: 0) by Anonymous Coward on Wednesday August 12, @07:41PM
DMZ defeat=start from the other side, lot's of rf there.
(Score: 3, Insightful) by MostCynical on Wednesday August 12, @09:48PM (1 child)
got to keep the cattle entertained, or they might demand comfortable seats and edible food.
(Score: 2, Interesting) by fustakrakich on Wednesday August 12, @10:14PM
They really should just spike the drinks, it solves all the major problems, except incontinence maybe
(Score: 4, Insightful) by looorg on Wednesday August 12, @07:56PM (11 children)
The headline and the article, in parts even tho there is no scare quotes etc, in some way make it sound like it's something horrible that you receive updates via floppy these days. Is the product somehow faulty cause it download them ala some constantly connected IoT-device? It's old. It works. Why change. Oh I see it's apparently a chore for the technicians to once a month (or 28 days) insert a floppy into the machine and possibly type a few commands. Oh the horror! Are they somehow afraid that young technicians won't know what to do with a floppy disk anymore as they have a severe case of the stupids?
(Score: 0) by Anonymous Coward on Wednesday August 12, @08:09PM (9 children)
Economics. 3.5" floppy disks are about $2 a piece new in 2020 and don't have anywhere comparable longevity to a USB flash drive.
(Score: 3, Insightful) by Dr Spin on Wednesday August 12, @08:31PM (5 children)
3.5" floppy disks are about $2 a piece new in 2020 and don't have anywhere comparable longevity to a USB flash drive.
However, they are reusable, and it would take a lot of $ to replace the floppy disk drive and then get the whole plane re-certified as airworthy
(and its Boeing, so recertification may involve very expensive politics as well).
I suspect there are bigger fish to fry ... It probably costs $500 in paperwork for an engineer to enter the plane and insert the floppy disk.
(Score: 0) by Anonymous Coward on Wednesday August 12, @08:36PM (3 children)
USB drives are also reusable, more so than floppies in fact, which have higher failure rates. And I imagine when hardware fails it will cost even more money to continue tracking down the specific floppy drive that's already certified than it would to install USB and bring the process into the early 2000s.
(Score: 2) by barbara hudson on Wednesday August 12, @09:37PM (2 children)
Newer tech doesn't offer as much opportunity for creative destruction.
(Score: 0) by Anonymous Coward on Wednesday August 12, @09:55PM (1 child)
Not with windows. I used to back up Money99 on floppies, never had an error pop up during backups but when I needed the floppy to recover what was lost on the hard drive... Disc corrupt. Lost 6 months of shit.
(Score: 0) by Anonymous Coward on Wednesday August 12, @10:02PM
I pretty much backed up all my 720k 5.25" floppies last year without many bad sectors.
The 3.5" disks though -- They already were shit back in the day, and any use of them for backup needed an ECC pass.
(Score: 0) by Anonymous Coward on Wednesday August 12, @08:54PM
Can't they just pxe network boot the plane by loading a FreeDos image containing the BIOS flasher off one of the flight entertainment system's USB ports?
I mean sure you'd have to set a jumper on the motherboard so that some snotty 8 year old kid couldn't activate it mid flight by entering a magic code on the gamepad.
(Score: 5, Insightful) by sjames on Wednesday August 12, @09:07PM
For a multi-million dollar plane that costs $10,000/hour to operate, the $2 floppy is lost in the noise even if they have to buy one per plane every month. The person inserting the floppy into the drive costs many times that much. A new drive is under $40.
OTOH, re-design, re-certification, and retrofitting would cost a metric assload for a plane that is seeing declining popularity.
Unlike USB devices, floppies can't have their firmware re-flashed to do something nasty while delivering the stored data.
Words of wisdom: If it ain't broke, don't fix it.
(Score: 2) by barbara hudson on Wednesday August 12, @09:31PM
(Score: 2, Funny) by Anonymous Coward on Wednesday August 12, @09:37PM
They probably have a stockpile of AOL floppies to reuse.
(Score: 0) by Anonymous Coward on Wednesday August 12, @10:14PM
From sources, it's 8 floppies.
A quick comparison:
- Installing a pure DOS 6.22: 3 floppies
- Installing Windows 3.11: 10 floppies, 11 floppies with network.
- Installing Windows 95: circa 26 floppies, do not remember were all needed.
- Mac OS 6: 6-8 floppies, depends on configuration.
- Mac OS 7.5.3: ca. 30 floppies (upgrade path from 7.1).
- Mac OS 7.1: 7-10 disks depends on configuration
- Mac OS 7 "Every Mac" version on Macs in which it doesn't boot, so started from "NAD" universal boot disk: as above, but you have to swap disks "NAD" and "Installer disk" 47 TIMES! to make installer show its boot window. Next, 23 times to get to installation and 8 times after the last disk.
(Score: 2) by looorg on Wednesday August 12, @08:45PM
Somewhat related, just started to wonder but how many factories are there around that still crank out 3.5" floppies? There must be a few around still. I guess if Boeing had to they could probably set up their own machine to make enough to cover their own needs (and then some). So there is no risk of running out or anything.
(Score: 2) by Snotnose on Wednesday August 12, @09:37PM
From 94 to 96 I consulted for a company that was digitizing ads for cable TV. Back then the model was you had 3-4 VCRs per channel, and a worker bee that ran around inserting the appropriate tape containing a single ad into the appropriate VCRs as needed.
We had a single 486 PC (not Pentium, we were I/O bound, not CPU bound, I tested it) Linux box per channel, each with a bunch of ads. Each would broadcast across the ethernet which ad they needed for the next commercial break and another PC would send it. It was a congested mess, until I was at a CES in Vegas and discovered something called a switch. That effin chunk of hardware solved all out networking issues. We split something like 60 channels into 3 subnets using switches and all our problems went away.
Anywhoo, we also looked into airlines. We looked at the requirements for getting our movie playing machine onto an airplane and just nope noped away.
(Score: 0) by Anonymous Coward on Wednesday August 12, @10:06PM
Floppy disk: $1-$2.
Old PC sitting in a corner for reliably recording it: A smile to recycling guy in any computer company (no, USB floppy drives are not reliable at all, that's my experience).
If security is important, a bunch of batteries or even generator is the most expensive part of the framework.
So the security problems are: 1. Someone may get the disk after it's used, but it may be just destroyed, or, 2. Someone may get access to the machine which is behind a few good locks and it's in company's buildings.
Meanwhile in modern times, for critical applications like airplane with classified data it should be done this way:
- Memory card made using national technology, local chips, no grain of sand for silicon from abroad.
- Computer made the same way without security holes? No! The complexity of low-level code shows that there is no such thing! So...
- Shielding an entire room,
- Shielding network cabling. No idea why need network, but modern machines seem to be more and more immune to local-only software,
- Use EM anti-eavesdropping devices.
- From my experience: These devices literally eat kilowatts. Have a power plant nearby.
It's old technology, so let's stay with these floppies. RS232 is still good for industrial applications.
(Score: 2) by richtopia on Wednesday August 12, @11:35PM
The floppy is just a headline, it actually is a very small part of the video. Even if you aren't interested in penetration testing, it is cool to see the walkthrough of the 747. They walk through the passenger compartment into the avionics bay which is linked to cargo, then back up to the second floor and the cockpit.
If you are interested in security, the technical talk which follows is also good. A little over my head, but so technical that I fall asleep.