Hacking aircraft ?

Forums › Travel (planes, train, cruise) › Hacking aircraft ?

Mark

1653 posts

Uber Geek
+1 received by user: 555

#173281 18-May-2015 08:46

Personally I think the claims of this guy are a load of poo! Mainly because I can't believe any sane manufacturer would link the main cabin to any aircraft systems never mind the in flight entertainment system!

http://m.nzherald.co.nz/world/news/article.cfm?c_id=2&objectid=11450408

Rikkitic

Awrrr
19064 posts

Uber Geek
+1 received by user: 16304

Lifetime subscriber

#1306928 18-May-2015 08:56

You must not know much about the history of computing in business, then.

Plesse igmore amd axxept applogies in adbance fir anu typos

MikeB4

MikeB4
18775 posts

Uber Geek
+1 received by user: 12766

ID Verified

Trusted

Subscriber

#1306932 18-May-2015 09:12

This bit is ridiculous ...

"'It is disappointing that United refused to allow him to board, and we hope that United learns that computer security researchers are a vital ally, not a threat,' said Nate Cardozo, a staff attorney with the San Francisco-based Electronic Frontier Foundation, which represents Roberts."

They are pissed that United didn't let a neck beard mess or attempt to mess with planes electronics in flight with a cabin full of passengers, how dammed inconsiderate of United.

I think this persons reward for trying to gain 15 minutes should be a World wide airline travel ban.

Here is a crazy notion, lets give peace a chance.

roobarb

702 posts

Ultimate Geek
+1 received by user: 646

Trusted

#1306933 18-May-2015 09:19

MikeB4: I thinks this persons reward for trying to gain 15 minutes should be a World wide airline travel ban.

I think a bright orange suit and a one way trip to Gitmo would be more appropriate.

wasabi2k

2102 posts

Uber Geek
+1 received by user: 860

#1306934 18-May-2015 09:22

Yeah conflicting stories suggest he ripped open part of the seat to get at the ethernet cabling for the entertainment system.

I would really really really hope that entertainment and flight control systems had an air gap.

But who knows.

Scary if true - sounds like media bollocks.

lxsw20

3689 posts

Uber Geek
+1 received by user: 2174

Subscriber

#1306944 18-May-2015 09:31

If this is an actual issue then personally I'd prefer a white hat found it and went public with it.

Has anyone seen any actual evidence that he did hack the plane?

DravidDavid

1907 posts

Uber Geek
+1 received by user: 305

#1307119 18-May-2015 12:35

lxsw20: If this is an actual issue then personally I'd prefer a white hat found it and went public with it.

Absolutely agree! The man should get a damn medal.

Not sure I believe the claim right away. But I guess all interconnected systems could lead to an undiscovered back door in to other more important aircraft systems.

Dell

Shop now for Dell laptops and other devices (affiliate link).

wasabi2k

2102 posts

Uber Geek
+1 received by user: 860

#1307143 18-May-2015 13:03

DravidDavid:
lxsw20: If this is an actual issue then personally I'd prefer a white hat found it and went public with it.

Absolutely agree! The man should get a damn medal.

Not sure I believe the claim right away. But I guess all interconnected systems could lead to an undiscovered back door in to other more important aircraft systems.

There is a MASSIVE difference between finding he had access and actually sending commands.

I have seen dispute as to what he actually did.

If he actively sent commands/attempted to then that is incredibly irresponsible and he deserves prison time for endangering the other passengers.

If he saw he had access, documented it and reported it, then fine.

johnr

19282 posts

Uber Geek
+1 received by user: 2526
Inactive user

#1307151 18-May-2015 13:08

Sounds like BS to me!

frankv

5705 posts

Uber Geek
+1 received by user: 3666

Lifetime subscriber

#1307192 18-May-2015 13:56

I'm calling this BS too...

'He stated that he successfully commanded the system he had accessed to issue the "CLB" or climb command,' the affidavit says. 'He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights.'

Aircraft don't "climb" by increasing an engine's power -- they climb by changing the elevator position and increasing all engines' power. They certainly don't climb with one engine at a time. So it absolutely does not make sense that a "Climb" command could be addressed to one engine. If it existed at all, it would most likely go to the Flight Management System computer, which would adjust the power settings on both engines and the elevator position. I imagine that there could be commands like "Increase Power" that would go to one engine independently of the other(s). But he didn't say that... he said he sent a climb command and only one engine responded.

But maybe this is all a mistake by the agent who took down that statement.

But then, I would expect the crew to report an anomaly where there was an (apparently) uncommanded increase in power on one engine, long and strong enough to cause the aircraft to noticeably yaw. I wonder where that report is?

And another example:

Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)

This was reported as a command to make the oxygen masks drop.

AFAIK, the oxygen masks don't have any electronic mechanism to make them drop... they have a simple mechanical mechanism which opens a flap when the cabin pressure drops below some threshold. The oxygen for each mask is supplied by an individual "oxygen generator" which is triggered by the passenger. I can't imagine why you would want to command them to drop, or to turn on all the oxygen generators. Flooding the cabin with oxygen in the case of some kind of emergency would be hugely dangerous. So I'm betting that there is no wiring at all to each and every oxygen mask, nor to all the oxygen generators, and consequently no "PASS OXYGEN ON" command exists. So this is a complete misrepresentation by the "hacker".

And another from the FBI agent's affidavit:

He [Chris Roberts] stated that he used Vortex software... [on his laptop]... to monitor traffic from the cockpit system

A swift Google search for "Vortex software Ethernet" finds that Vortex is a hardware thing that connects to Ethernet:

About the Vortex DTS

Unlike competing systems that use proprietary memory devices, Vortex DTS uniquely uses commercial off-the-shelf 2.5” SATA solid state drives. This data transport system is built rugged as required for use in aircraft, ground vehicles, and ships. It’s easily integrated into Network Centric systems, providing a SWaP-optimized NFS. It is ideal for rugged applications that require the storage, removal, and transport of critical data such as cockpit data (mission, map, maintenance), ISR (camera, I&Q, sensors), mobile applications (ground radar, ground mobile, or airborne ISR pods), heavy industrial (steel, refinery), and video/audio data collection (flight test instrumentation).

- See more at: http://www.cwcdefense.com/media-center/press-release/cw-announces-pcap-software-option-for-dts.html#sthash.uhewizWY.dpuf

nakedmolerat

4631 posts

Uber Geek
+1 received by user: 874

Trusted

Lifetime subscriber

#1307295 18-May-2015 16:26

If you guys happen to read the whole story, you'll understand that the media story is based on one summary of affidavit.

Apparently he has done this for over 5 years - with the exact details not privy to us at this time.

It's worth to actually read the story.

(edit: affidavit is written by someone who will have no idea on how the plane works)