Passenger hacks controls of airplane in flight: how?

Well here’s something new (I think) to worry about:

Here’s the application for the warrant (issued post arrest, I think)

How much of “fly by wire” in fly by wire airliners – which are they? – communicate over the air, “Bluetooth”-like? I mean, the guy didn’t run a clip line into the airplane’s comm cables, right?

And most airliners are good old hydraulics, right? So what are their vulnerabilities to software manipulation?

Fly-by-wire systems use physical wires. The article pretty clearly stated that the dude claimed to have accessed the avionics network by plugging a cat-5 cable into the IFE equipment box under the seat.

It seems extremely unlikely to me that the IFE and avionics networks would share any equipment in common, and no actual evidence has emerged that this guy actually did what he claimed outside of a simulation (which he assembled.)

But I’m no expert on flying machines.

A recent article I read suggests the situation might not be as well reasoned out as you think…

“To hell with security, this will save us 100 lb in cable weight”?


:smack::smack::smack::smack::smack:
Of all the systems that you’d think would be a natural for siloing… sweet Jesus on rollerskates will somebody explain to me *why *is it better to do it that way?

Because nothing could ever possibly go wrong with it.

Go read the NTSB’s report on United 800 (747 which exploded over Long Island, raising stories of a missile strike).

That was an extreme-range plane on a relative short hop. To get the range, the belly is a fuel tank. Because of the flight distance, it was empty.

That tank was NOT vented.

NTSB blamed both Boeing and the FAA for assuming it was possible to have such a tank and guarantee it would NEVER be subject to a spark.

Yes, a belly tank (a dangerous place for fuel) with no vent - because “We KNOW there can never be a spark”.

That thought process is scary.

We will now armor the entertainment boxes.

If this guy did what he said he did doesnt anyone think that the witnesses would have been splashed across the media?

A security researcher kicked off a United Airlines flight last month after tweeting about security vulnerabilities in its system had previously taken control of an airplane and caused it to briefly fly sideways, according to an application for a search warrant filed by an FBI agent.

I can’t get past the first sentence without scratching my head, I think I’ll wait for some confirmation on the rest.

The story I saw said he was able to increase the thrust of one of the (2 wing-mounted) engines.
This would cause that side to rise slightly, which, in some conditions, would cause the plane to “slip” - a maneuver used, for instance, in a cross-wind landing.

Not exactly the scare value of “flying sideways”.

Gotta love the press when it comes to technical issues.

Very interesting if true.
All the following is AFAIK …
Right now airliners are full of wired Ethernet and also Wi-Fi networks.

The Wi-Fi is (so far) used exclusively for passenger entertainment. On most aircraft it’s a retrofit for users to connect their own devices for email, surfing, etc. There’s enough bandwidth for a couple people to stream vid, but not everybody. So that’s mostly blocked. Some new aircraft are being delivered with Wi-Fi as the primary means to deliver IFE to the seat-back display systems. There is a competing trend to eliminate seatback systems and assume everyone will either bring their own device or not care about electronic entertainment.

There is a move afoot to add a separate, “secure” Wi-Fi signal for use in the cockpit. The idea is so we can connect our tablets to weather info, use them for communication with HQ, etc. Right now we have the silly situation that we’re using airborne radar and 6-hour old text printouts to guess where the weather is while half the passengers are using their tablets to access NWS or weather.com and can see in real time what’s going on. For us to connect to that Wi-Fi signal in flight now would be a grievous Federal offense.

The obvious problem is how do we ensure our “secure” login to the “secure” signal stays actually secure? Thousands (or tens of thousands) of pilots and tablets versus hundreds or thousands of aircraft. All have to connect and interoperate with no failures to aircraft quality levels of reliability, not laptop-at-Holiday-Inn levels of reliability. They’re still working on that one.
As to wired networks …

Older planes have all the avionics on non-Ethernet wiring busses. Which would tend to be completely isolated from even the latest Ethernet-based IFE.

Conversely, on newer planes the avionics will also be connected over Ethernet. …

There are two choices for wiring: totally separate physical wires and routers for critical and non-critical stuff, versus common physical wires and logical software-based or router-based segregation. Look up VLAN for more about how that works in a typical office or server farm setting.

I have no clue which approach was used on which aircraft. I can sure see the (non-security) engineering attraction of common wiring. Once you build a system with common fault reporting, so the IFE can report malfunctions to the central malfunction tracking software, you’re well down the road to where everything can talk to everything.

Ultimately, a lot of IFE involves traffic off the airplane, to obtain videos, bring up your email, etc. And everybody is also clamoring for aircraft to real-time report position, flight conditions, etc. to prevent the next MH370. So with just these two use cases, we have two boxes, one zero-criticality, and one high-criticality, that both eventually come together in being able to transmit data off-board over the same radio. So you’re going to have a commonality there even if you engineer out all the others. And there are hundreds more use cases for connectivity both on-board and to off-board.
It sounds to me from the Wired article in the OP like what has really happened is mostly a matter of sloppy installation, not sloppy design or manufacturing. IOW, if Security Engineering puts passwords and secure interfaces at each level, but IT at the customer company leaves all the passwords at the publicly known defaults, well you don’t have much actual in fact security.

IMO for the future we’re going to need true air-gapped systems where absolutely nothing the passengers can get to wired or wirelessly is physically capable of connecting to anything other than pure filtered entertainment. Whether that future is arriving right now or in 15 years will be interesting to watch.

IOW, with another 20 years (until the current birds get scrapped or crashed) and with great effort, we will undo the damage done by Marketing’s "Fly US and you get free WiFi!

Given that I wrote my first program 40 years ago, it grieves me to see how incredible the Slop Factor has created a whole new level of crime and terror

Compare the security consciousness these episode demonstrate with the situation 50 years ago.

The CEO demands access to every application and he wants to be able to access them from any terminal. This is an absolute NO!

  1. Users do NOT get "god ids’.
  2. You don’t get to use everything. No. Just. Plain. NO!
  3. The terminal at the loading dock does NOT access HR, Payroll. GL, etc. It can see one side of Inventory Management.

All of this was supported (and actually used!) by mainframes in 1975.

Why was this not made known to the next generation?

Levi Strauss spent the 1990’s handing out PC’s to simply anyone who wanted one - and gave them whatever systems and data feeds they wanted. When I arrived to do some Y2K, they were frantically trying to track down who had what, and which version (if any) was known to be “good”.

(ignore the ranting of an old Configuration Manager.

OTOH, now the airlines *would *have had a good reason to tell us to turn off and put away all comms devices. They should have held firm…

Because, having your access tied up to a specific location and station is so 1975, Maaaan… connectivity for everyone is going to make us sooo productive!

…and never mind the CEO, these days some marketing troll can override IT, and if it means you can tell the shareholders that the stock price will go up a half cent for one quarter there is no such answer as “no”. And there is always some code kiddie around willing to say “hey, look what we can do!”.

Short version - Chris Roberts is full of it.

Longer version - You can read a pretty good discussion by informed parties here.

Where DO you get your ill-informed “facts”?

First off, it was TWA 800, not United. But hey, that’s just mere inconsequential nitpicking, right?

More importantly, OF COURSE the tank was vented. If it wasn’t the pressure differences between ground and 35000 feet would cause the tank space to expand and damage the fuselage.

But who cares if it was vented or not? It’s the fuel/air ratio in the tank space that matters. Too rich or too lean, and no spark is going to set it off. The A/C packs under the tanks heated the tank enough that the fuel/air ratio was optimal for a rapid fire. The tank became overpressurized, and the aircraft broke apart. If the spark had occurred at altitude, it is possible that no fire would have occurred.

Ideally, empty tanks should be inerted with nitrogen, but that’s expensive. You’d need either a system carried in the aircraft (large weight penalty) or ground based inerting systems that fill the tanks before takeoff (requires all airports to have the equipment).

In this case, the info is from NTSB

http://www.ntsb.gov/_layouts/ntsb.aviation/brief.aspx?ev_id=20001208X06204&key=1&queryId=6ea01dc8-aee6-41f8-b561-cbd9ce7358de&pgno=1&pgsize=50

I didn’t look far enough to find the full report, but the summary points to the certification of the design and the fact that a spark did get into an “empty” tank, which, of course contained fuel vapor. Boom.

(the “center wing” tank is in the belly - that is where the center section of the wing resides).

Assuming the hack is true, how stupid do you have to be to start messing with flight controls while in flight to prove a point?

Nvmd. Saw he flew a simulator he built. :rolleyes:

This sounds so goofy I’m afraid it’s true (actually, based on your posting history I’m sure it’s true.) Wouldn’t it be simpler just to give you a dedicated channel for weather information and put a weather display in the cockpit along with the onboard radar? Plugging in a tablet seems like a “work-around”.