Airline passenger Wi-Fi access to aircraft control systems?

[ddavid 149]

Now you may have the option of landing a 'plane, using your iPad...

http://www.wired.com/2015/04/hackers-commandeer-new-planes-passenger-wi-fi/

Cheers - Dai.

[MyPC8MyBrain 273]

this is complete BS; probably an attempt by Whale; the company that makes E-Gap firewall;

a cheesy attempt to leverage public pressure to hook a contract with Boeing,

[britfrog 180]

I would find it hard to believe that a company like Boeing or Airbus would allow any onboard network to have any form of connection to the a/c systems, they would have to be independent systems.

can you imagine the scenerio? a 9 year old kid flying fsx on steam on his hand held, and he takes over the a/c controls?

come to think of it they should make a film about just that, it would be more frightening than towering inferno.

or airplane

 

Roger , roger

[J G 927]

I think this is all hype. I would expect your flight to be well and truly over- wherever you are flying to - before you could break into systems such as these, providing you can find a way in, which you won't.

 

As Chris said its BS.

 

Having said that it is still bad press for the much maligned Dreamliner. More and more this aircraft is turning into a nightmare-liner for Boeing.

[MyPC8MyBrain 273]

if anything should concern this reviewer; should be why an airline uses Wi-Fi for any sort of control device in an aircraft?

this makes absolutely no sense; any static or UMI electric storm will mess the system up!

let alone if more than 14 people turn on their hot spots; they will max out the spectrum broadcasting stations,

or as John highlighted; the flight will have to be several months if not years in the air for hacker to complete his attack successfully;

assuming he has the skill, the tools; like a three year flight

[MartinW 0]

Is it BS? Probably is. However, this is a genuine report from the GAO.

 

You have to put it into perspective though. hacking into the cockpit isn't the same as hacking into the avionics. There are key network separation capabilities in place, security protocols, defence mechanisms etc.

 

It's right that the GAO alert us to the potential danger, but by the same token it must be put into the proper perspective.

 

Possible but highly improbable.

 

 

 

 

 

 

 

 

[MartinW 0]

The report...

http://www.gao.gov/products/GAO-15-370

[Gunner 69]

...and something to read...

"Fearing United plane was hacked, FBI pulls security expert off flight"

 

http://money.cnn.com/2015/04/17/technology/security/fbi-plane-hack/index.html

[MyPC8MyBrain 273]

one should distinguish between a professional pushing the limits for safety sake;

while the other is trying to leverage public panic to secure a contract,

I am a system architect by trade; there’s just no other way to do the job Mr. Roberts is doing,

In our trade we have a term called white hat and black hats, The white hat hackers are the good people,

They both do the same thing; yet their motives a complete opposite of each other,

on both ends; these are highly intelligent individuals who exceptionally excel in their trade;

This is what it take to be a security expert who’s able to spot security holes in other designs,

the really good ones; with no acceptations, will have a shady history;

as they say… you have to think like a thief to catch a thief!

[ddavid 149]

So, does Mr Roberts wear a black hat? Not in the shower, I guess...

Cheers - Dai.

[TomDangeroux 4]

Oh dear. When I first glanced at Dai’s link my feelings were that that’s a bit dubious, nothing to see here. After some reading and some thought I’m not so confident with that first impression anymore.

As Britfrog pointed out, it’s hard to believe that Airbus or Boeing would have the entertainment system physically connected to the avionics, unfortunately that’s exactly what they’ve done. In a way it makes perfect sense. The a/c’s monitoring systems need to see the entertainment system, watch it and step in if there’s a problem, Swissair 111 springs to mind. But the designers have got everything backwards, it’s resulted in a model that instead of having security built in from the ground up, it’s being fixed as problems manifest themselves.

You can see how all this developed. Here is your new a/c. We have replaced the flight engineer with this fancy set of computers, all networked together and patched into all the avionic systems, brilliant. Then along comes the designers of the inflight entertainment system. All we have to do is get this patched into the network and voila, you can watch a multitude of shows and movies at 42,000ft. Then, what if we allow passengers to gamble in flight with their credit cards and surf the web, before to know it you have built an integrated, fully networked flying computer connected to the internet. I don’t know about anyone else but this sounds like a really bad idea to me.

When Boeing first reviled their plans for the 787’s computer network, the FAA told them to go back and install better safeguards. Boeing rolled back some of the overlap between the systems and installed some firewalls. They never isolated the avionics from the entertainment. Now, as the firewalls are just software, and as all software has bugs, this is a design philosophy that’s fundamentally suspect in terms of security.

Car hacking is now a business model. You can buy kits that will disable the central locking of many models. Hackers have demonstrated how they can disable a cars breaking system remotely from the side of the road. An a/c is far more complex, has far more lines of code and will have many more bugs. The potential for leverage could be massive.

Airbus responded to questions by saying that it “constantly assesses and revisits the system architecture of our products, with an eye to establishing and maintaining the highest standards of safety and security. Beyond that, we don’t discuss design details or safeguards publicly, as such discussion might be counterproductive to security.” In the security world this is known as security through obscurity. This should be ringing alarm bells at the offices of the regulators. I would be far more confident if they had said something like. ‘We have tested the systems thoroughly, here is how we have implemented our security, good luck with hacking that. As you can see the very implementation of what we have done makes it impossible to compromise the avionic systems of our aircraft with respect to all reasonable scenarios.’ That would have made me feel much better.

Now I’m not saying the sky is falling. The GAO and the regulators know they have a problem and hopefully they take it very seriously. Design rules for future aircraft need to be mapped out and implemented because if the white hat hackers are saying you have a problem, irrespective of their motives, you can bet the black hat guys are all over this too.

Gunner’s post is well worth a read. If Chris Roberts has actually done what he claims then the FAA need to interview him ASAP. The very fact that he tweeted from the a/c and was arrested minuets later says to me that someone in authority was watching him and taking him very seriously. Food for thought.

[MyPC8MyBrain 273]

Now, as the firewalls are just software, and as all software has bugs, this is a design philosophy that’s fundamentally suspect in terms of security.

very true

Whales E-Gap is a software/hardware based Firewall;

it came many years ago on the foothills of Checkpoint trying to establish a market hold with reinvent the wheel; they failed!

their hardware was expensive and not as stable as Checkpoint was and still is; early Checkpoint days were hardware based FW as well,

there was hardly much to compare accept the unique mechanism Whale was trying to developed;

which is a no physical contact with DMZ leg until approved,

(without getting into technical that’s a mechanical device spinning at high speeds! (very similar to old hard drives spindle))

the rest of the logic is very much the same as any other firewall on the market;

only this one had a possibility of a mechanical failure as well; wither intentional or none intentional

which ultimately would lead disabling the process of braking the defense system (theoretically)

the flip side of this; let’s assume some physical mechanical brakes were deliberately indicated; you will not be able to override these during flight without replacing a physical part!

therefore a "strictly hardware based firewall is not suitable in every condition, especially inflight imo

there's no such thing as hardware only firewall; there always software involved;

the merit of the article is that assumingly E-Gap is impenetrable due to the fact it is a hardware based firewall,

and thus should be implemented in Boings design as a standard; which in my eyes is complete BS and simply wrong for some of the reasons i mentioned above

the same sales rep who sold this idea to Visa exec's many years ago (probably the reason why this thing is still around)

is doing a good job trying to hook another sponsor to keep this shamble a float

[Quickmarch 488]

But the designers have got everything backwards, it’s resulted in a model that instead of having security built in from the ground up, it’s being fixed as problems manifest themselves.

 

Sounds a bit like Microsoft. Scary prospect.

[TomDangeroux 4]

@ Quickmarch. This is the security model Windows users have been living with for years. When Windows was first implemented the internet was just a twinkle in Bill Gates eye. Windows was never developed to operate on a network. Then the internet happened. With XP it all went to hell in a hand basket, despite the warnings from security experts (white hatters). Exploits where common place. Put an unpached XP v1.0 machine on the web today and it will be compromised within minutes. Worms are crawling around on the web even today. Microsoft released Windows XP with open sockets onto the web, a vey bad idea. This encouraged a slew of exploits until finally they released Windows XP SP2, when Microsoft finally enabled the firewall by default, then things went quiet.

It is this design mentality that is prevalent in modern a/c’s. To truly implement security it must be built in from the ground up. Any other method gives you a Microsoft Windows XP in the air. A real nightmare as far as security is concerned.

@MyPC8MyBrain. As you pointed out, any hardware firewall naturally implements software which by its very nature, is vulnerable to hackers. You must find a way to air gap the systems, nothing else is acceptable. A hardware firewall that depends on mechanical operations is a real problem in a/c’s irrespective of the software. Please post more details on this. I would love to know more. Are Boeing using E-Gap as there firewall solution? Are the Checkpoint guys the same guys who released Zone Alarm many years ago? Not very relevant but I loved that software.

This post by Dai has appeared to have moved from a ‘whatever,’ to a problem with real consequences.

Not good

[MyPC8MyBrain 273]

Boing made the right decision not going with E-Gap as a FW solution; or the article should not have come up

as for the architectural design; i have no idea what they did

checkpoint and zone alarm are two different class FW and share nothing in common to the best of my knowledge,

as for Whale's E-Gap much of it is very secret; not much technical information is available publicly

it is a high end enterprise (costs wise) implementation; with a very proprietary design by nature

to the best of my knowledge only one enterprise class company have implemented their solution, VISA!

[TomDangeroux 4]

Thank you PC8MyBrain

Oh dear, I bet VISA wished they hadn’t bothered.

[MartinW 0]

This has all become very clear to me now.

 

We should listen to the wisdom of Admiral Adama. There was none of this networking nonsense on the Battlestar Galactica! Oh no, not a chance. Any of that business and the Cylons would be hacking like crazy. Those guys know code like the back of their metal hands.

 

Joking aside, it's clear from what you guys are saying that this isn't BS at all. This is an issue that needs to be taken very seriously.

[TomDangeroux 4]

Just a little something to think about.

There has never been a computer system created that cannot be hacked.

Hackers look for mistakes in code to compromise systems, they crash the system by leveraging these mistakes, initiating buffer overruns and other tricks that allow the hacker to inject their own code into a computer system.

As the complexity of systems increase, bugs are more and more common place. In a recent study by Carnegie Mellon University, commercial software typically has 20 to 30 bugs for every 1000 lines of code. 50 million lines of code means 1 million to 1.5 million potential errors to be exploited.

The guidance system in Apollo 11 ran with 145 000 lines of code. The primary flight software of the Space Shuttle had 400 000. By comparison, Microsoft Office 2013 has 45 million lines of code, only slightly less than the 50 million lines of code required to run the Large Hadron Collider at CERN. Today the software required to run the average modern car clocks in at a remarkable 100 million lines of code. How many lines for the 787, A380 or A350?

Don’t have nightmares

[dodgy-alan 1,587]

I'll give it a few years before it actually happens, ....but it will happen eventually, todays computer brained kids are far more intelligent than many people give them credit for.  I have enough problems with todays systems , but all those guys that are constantly on X-boxes, Playstations etc are learning very very quickly. We all know just how quick todays computers can be hacked, sooner or later an aircraft will be compromised and everyone will say "we told you so!"  Aircraft operational systems and the onboard leisure system MUST be completely seperate.

[MartinW 0]

The guidance system in Apollo 11 ran with 145 000 lines of code. The primary flight software of the Space Shuttle had 400 000. By comparison, Microsoft Office 2013 has 45 million lines of code, only slightly less than the 50 million lines of code required to run the Large Hadron Collider at CERN. Today the software required to run the average modern car clocks in at a remarkable 100 million lines of code. How many lines for the 787, A380 or A350?

Bloody hell!

When you see the actual numbers it's stunning.

Do you think it's a testament to the fact that coding is still pretty primitive? In the future, perhaps with more advanced programing languages and more efficient coding strategies, we will be doing more with far less. Less code, less potential for error.

[TomDangeroux 4]

Yes MartinW, the numbers are staggering. The ill-fated healthcare.org site Obama set up had 500 million lines of code, and we know what happened to that soon after launch

I wouldn’t say all coding is primitive. It’s amazing what some programmers can do with machine code for example, massive apps that are less than a Mb in size. I suspect some coders are getting lazy. As computers get more powerful coders have more resources to work with. Keeping code lean and mean is no longer a priority. The overriding priority is that it works, they then can go back and fix any problems later. Some just drop ready made SDK’s into their code from other developers and then you end up with the nightmare that is ‘Komodia’ and their ‘Redirector’ software.

When I looked into this it spurred me into reinstalling all my systems from scratch and vetting very carefully what I allow onto my systems going forward. I have very strict policies in place now

It’s the way programmers check their code for errors that is a problem. With so much to check mistakes are inevitable. Open source software is useful in this respect, the more eyes you have checking, the more bugs you can spot But even then it’s not perfect and massive security issues have gone unnoticed for years.

With proprietary software, like you will find in a/c, the amount of people working on the code will be small in comparison. Less eyes spotting trouble, working to tight deadlines and many coders will tell you that after months, maybe even years of looking at your own code, a type of blindness sets in. Bugs could be staring you in the face but your brain just doesn’t notice them.

As Dodgy-alan has just reiterated, a total separation of avionics from the rest of the network is a priority, but it’s already too late for that.

[allardjd 1,853]

Even an "air-gap" isn't completely foolproof. I read an article a while back that detailed an experiment to use the speakers of one device to inject malware into another unconnected one using ultrasonic sound, through the microphone. Obviously something needed to already be running on the machine to be so infected, but once there, other things could be injected into it. Given it's audio I reckon the available bandwidth must be fairly low (remember audio-coupled modems?) but the whole crux of the article was to demonstrate that it COULD be done.

John

[brett 2,300]

Maybe they should use Apple products instead, I never hear my son complain about viruses and whatnot.  They issue him a laptop at work running windows and he say's, "nothing but problems all the time, who made this crap". He uses his older MacBook instead.

[TomDangeroux 4]

Your right allardjd. Nothing is foolproof. Air gap the systems and the aircraft is still susceptible to a bad actor installing a nasty directly into the avionics bay, but the air gap makes the hack so much harder to exploit.

The article you describe was a proof of concept attack by the Fraunhofer Institute, the guys who came up with the mp3 codec. They were able to get an already compromised laptop to accept commands via ultrasound at distance of 65 feet in the lab. It was very low bandwidth at 20 bits/second.

One set of white hatters crafted a special audio CD that when played on a cars CD player enabled them to wirelessly compromise the cars engine management system.

What a world we live in

I agree with your son brett. I know which OS I perfer. No system is foolproof, but it's nice not having to run AV on OS X as no viruses exist for the platform. It can still get adware though, so sensible computing is still a must.