Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Transportation Security Wireless Networking

Planes Can Be Hacked Via Inflight Wi-fi, Says Researcher 151

wired_parrot writes In a presentation to be shown Thursday at the Black Hat conference, cybersecurity consultant Ruben Santamarta is expected to outline how planes can be hacked via inflight wi-fi. Representatives of in-flight communication systems confirmed his findings but downplayed the risks, noting that physical access to the hardware would still be needed and only the communication system would be affected.
This discussion has been archived. No new comments can be posted.

Planes Can Be Hacked Via Inflight Wi-fi, Says Researcher

Comments Filter:
  • yes... (Score:5, Funny)

    by gandhi_2 ( 1108023 ) on Monday August 04, 2014 @02:00PM (#47601679) Homepage

    ... but only by using Python.

  • So, which is it? (Score:5, Insightful)

    by Joe Gillian ( 3683399 ) on Monday August 04, 2014 @02:01PM (#47601683)

    Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

      It's a bit odd to talk about physical access when speaking about a metal tube flying along at 35,000 feet.

      It's not like attacks are going to take place outside the plane.

      • by Anonymous Coward on Monday August 04, 2014 @02:25PM (#47601827)

        That is what William Shatner thought.

        CAPTCHA: afraid

      • Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

        It's a bit odd to talk about physical access when speaking about a metal tube flying along at 35,000 feet.

        It's not like attacks are going to take place outside the plane.

        Last time I checked, electromagnetic waves were a physical phenomenon. The real challenge is getting anything done by unphysical (i.e. supernatural) means.

      • That's because they are claiming a wi-fi attack. That would be using a wi-fi network of some kind to access the satellite communications system. I doubt that system is directly connected to any wi-fi network. I wouldn't be surprised if the planes that let you surf the net via wi-fi have their planes systems separate from the passenger entertainment stuff. Best if someone from the industry that actually knows how that's all configured speak about that. (As to the spokesmen for the companies, I'd rather talk
    • by Jane Q. Public ( 1010737 ) on Monday August 04, 2014 @02:28PM (#47601855)

      Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

      Any airplane manufacturer that is stupid enough to link their passenger wi-fi system to ANYTHING else, deserves to get a few planes stuffed into the ground. Same with auto companies. If true, the whole thing is about as lamebrained as it gets.

      • Re: (Score:1, Funny)

        by Anonymous Coward

        Any airplane manufacturer that is stupid enough to link their passenger wi-fi system to ANYTHING else, deserves to get a few planes stuffed into the ground.

        Preferably with you on board.

      • Re:So, which is it? (Score:5, Interesting)

        by jittles ( 1613415 ) on Monday August 04, 2014 @02:55PM (#47602093)

        Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

        Any airplane manufacturer that is stupid enough to link their passenger wi-fi system to ANYTHING else, deserves to get a few planes stuffed into the ground. Same with auto companies. If true, the whole thing is about as lamebrained as it gets.

        Volkswagen hooks up their audio systems to the CANBUS on cars. Those audio systems may have bluetooth enabled. This may allow a hacker to get onto the CANBUS via BT. I haven't tried, but it's definitely something that one could attempt. Other manufacturers do this also, such as GM and Chevy.

        • Re:So, which is it? (Score:4, Interesting)

          by Jane Q. Public ( 1010737 ) on Monday August 04, 2014 @03:07PM (#47602199)

          Other manufacturers do this also, such as GM and Chevy.

          Yes, that was my understanding as well. And that was my point. It just doesn't look very smart, from where I sit.

          In my view (which I would be happy to review and modify if someone has a better idea), you have 3 basic systems in a modern automobile. In order of importance: [1] critical control and feedback, [2] internal environment, and [3] entertainment.

          [1] and [2] should have strictly limited communication, if any. [2] and [3] should probably have none, and [1] and [3] should not communicate at all under any circumstances.

        • Volkswagen hooks up their audio systems to the CANBUS on cars. Those audio systems may have bluetooth enabled. This may allow a hacker to get onto the CANBUS via BT. I haven't tried, but it's definitely something that one could attempt. Other manufacturers do this also, such as GM and Chevy.

          A 2009 study [itworld.com] claim to have managed it. Given the range & pairing requirements of BT though, it does mean crashing a car that you're currently in. Giving the victim a specially prepared CD that will hack the CANBUS half way through their road trip seems a much more sensible idea to me.

        • by Anonymous Coward

          Connected != Access.

          Just because some device is connected to via Bluetooth and that same device has a CANBUS connection does NOT mean you can now get from the Bluetooth and onto the CANBUS. It only means that it might be possible from that direction. Hack away and try, but you have a snowball's chance of getting though the radio.

          Just like in aircraft, being able to access the WiFi network which might actually be connected to some device that might be connected to the network that the satellite gear is man

      • by geekoid ( 135745 ) <dadinportland@y[ ]o.com ['aho' in gap]> on Monday August 04, 2014 @03:02PM (#47602157) Homepage Journal

        Yes, hundreds of people 'deserve' to die. It certainly not the person doing the attacks fault at all.
        Idiot.

        • Stupidity has a price. I didn't make things that way.
        • Yes, hundreds of people 'deserve' to die. It certainly not the person doing the attacks fault at all.
          Idiot.

          How does pwning the infotainment system lead to death. People might become bored to death, but I cant imagine anything else happening.

          The crew can simply turn off the infotainment system, and go on with their work. There is a reason the infotainment system is not relied on, and attendants still use verbal instructions for everything (including the initial safety spiel)

          • by boaworm ( 180781 )

            The pilot can use these data link communication channels to make his/her life easier. As an example, when asking for a new flight level clearance, they can (given up2date Flight Management System computers) dispatch a digital message to ATC (Air Traffic Control) rather than using the radio. A bit like sending a text message. This can be far more reliable than long-range radio where the audio quality isn't great. Similarly, the ATC can confirm the flight level clearance (climb or descent) via a data message,

            • The pilot can use these data link communication channels to make his/her life easier.

              CPDLC is a separate system, it does not depend on the satellite link. The one compromised is the satellite infotainment system. They are not connected. Fly-by-wire avionics are of course isolated (for regulatory reasons).

    • Is it as Ruben Santamarta says, that the plane's satellite communications system can be hacked into via the plane's wifi? Or is it as the manufacturers say, and the hacker would have to have physical access to the hardware and couldn't do much of anything anyway? There's two very different points of view here and I'm not sure how they're supposed to meet up.

      I'm going to guess it's both. Someone likely needs to flip some physical switch or whatever... but Mr Santamarta thinks social engineering could be used to trick the pilots into doing it for you. Something along those lines.

    • by NoKaOi ( 1415755 )

      "Planes Can Be Hacked" really means "Planes' Satellite Communication System Can be Hacked." That's a huge distinction. A malicious hacker still can't control the plane or it's radio communications, which are the important things. There are good reasons why the FAA is strict rules about airplanes not relying on satellites.

      To give you an idea of the technical prowess of the article: "he discovered the vulnerabilities by "reverse engineering" - or decoding - highly specialized software known as firmware."

      • Re:So, which is it? (Score:4, Informative)

        by boaworm ( 180781 ) <boaworm@gmail.com> on Monday August 04, 2014 @05:31PM (#47603167) Homepage Journal

        For the "navigation" systems, he's not talking about GPS (even if he were it wouldn't be a big deal, airplanes can navigate just fine without GPS), but the communication system does send the GPS location, altitude, and speed back home. If that goes down, not a big deal because that's not what air traffic control relies on.

        More and more aircraft and ATC centers support ADS-B transponders and data, which include a GPS-derived position (altitude + position) messages as a part of System Tracking (you can check out Eurocontrols Asterix cat62 protocol and ADS-B applications). Older MSSR radars will provide you with a rough estimate of the position and an assumed altitude based on the aircrafts built-in systems, which is being tracked using for example Kalman filters to predict the current and future position. Switching over to GPS as the primary source of positioning data is allowing tighter packing of aircraft (reduced horizontal and vertical separation rules), which is becoming critical for congested airports to reduce the time between takeoffs/landings, as well as to keep aircraft in holding patters packed tighter together.

        Also, ADS-B can be sent as frequently as 1 message/second due to signals going down towards earth rather than in all directions. Current MSSR radars usually have a scan time of 5-12 seconds.

        So interruptions with these data links (say someone hacks into it and manages to shut it down) would lead to the ATC center having to fall back on MSSR Tracking, meaning you will be violating horizontal and vertical separation rules until the controller can create more space around the aircraft again.

        • You can guarantee that if this starts happening over EU skies, the "special holding area"(*) at Stansted will start seeing a lot more visitors.

          (*) That's the one with large berms on both sides of the aircraft to deflect explosions, and said berms have a large number of gun portals on them.

    • by AmiMoJo ( 196126 ) *

      An attacker could always just bankrupt the airline by chewing up masses of satellite bandwidth for hours on end. uTorrent and a few Linux ISOs should be good for about $100m in overage charges.

      • Aircraft operators generally don't pay per Mb. They buy committed bandwidth and if you fill it with torrents, noone on the plain is going to be happy about their slow connection.

        The last time I flew, the wifi setup was clearly filtered, as I couldn't even SSH out. Web/email worked but not much else.

  • Are cellphones better than guns at hijacking planes now? At least they can replace the communication stream and take advantage of whatever that might follow.
    • Nah, don't worry about it. It's just some "security expert" going all dramatic on some minor vulnerability he found, to plaster his name on the front page. Anything talking of airplanes, hacking, hijacking, plays the terrorism bullshit music score, and is a surefire way of attracting media attention.

      No doubt the TSA will very soon jump on the opportunity to invent some new rule to steal - sorry, confiscate - your Wifi-enabled devices at the security checkpoint too...

  • No they cant. (Score:5, Insightful)

    by Lumpy ( 12016 ) on Monday August 04, 2014 @02:13PM (#47601739) Homepage

    They did not get into the aircraft avionics.

    They got into the satellite communications for the Infotainment system.

    NONE of the systems like that have any interconnection to avionics or telemetry.

    • ahh... so just all the passenger data can be hijacked.
      nothing to worry about here.

      • by 93 Escort Wagon ( 326346 ) on Monday August 04, 2014 @02:19PM (#47601785)

        ahh... so just all the passenger data can be hijacked.
        nothing to worry about here.

        Google and the NSA are worried... about someone else encroaching on their turf.

      • Passenger data in the infotainment system? What makes you think there is anything sensitive in there?
        I thought it was just shitty movies and games, along with a GPS map of where the plane is that is viewed only by passengers.

        • You're thinking too small. Think bigger...if you have access to the in-flight infotainment system, you have access to the eyes, hearts and minds of the passengers. Passengers who are, due to not so subtle-conditioning, easily frightened. "9/11" "Never again!" Pictures of the statue of liberty crying and politicians dissembling at the top of their lungs. =^_^=

          So what would I do? Two things. I'd play a video, ostensibly of a 'live' newscast that the plane they are currently on has been taken over by terrorist

          • by geekoid ( 135745 )

            About as plausible as any M.Bay film.

            • by SpzToid ( 869795 )

              The hackers could broadcast a fake NBC news TV report that 'inadvertently' made its way to the plane video system. The news report would obviously declare that particular plane is known to carry the Ebola virus and no one onboard could be trusted as safe anymore, and chances for their survival are small, yet the risk to the larger world very great. I'll leave the plot continuation to the next bored slashdotter. (Obviously matters must be taken into hand)

              • A crew of us was flying into Dallas one rime, circling the field. That was when pagers were big and cell phones were not.

                We all got a Sky Page about a Dallas flight circling DFW because of unknown mechanical failure and a crash landing was inevitable.

                Our buddies in Virginia thought it was funny.

                • by SpzToid ( 869795 )

                  A crew of us was flying into Dallas one rime, circling the field. That was when pagers were big and cell phones were not.

                  We all got a Sky Page about a Dallas flight circling DFW because of unknown mechanical failure and a crash landing was inevitable.

                  Our buddies in Virginia thought it was funny.

                  Oh wow, what a classic old school hack! I'd have smacked them all first chance possible, but I'm in admiration for their thought, concern, and effort still. They must really, really like you and the rest of the team, and it shows.

                  Please just don't tell me this was SITA text, or I'm gonna die laughing too hard (having worked with SITA before). SITA text will never die.

                  http://www.sita.aero/products-... [sita.aero]

          • I've seen this used in one of the Die Hard films. The attackers took over a news channel and transmitted fake video of the white house being blown up - easier than actually blowing it up, and just as effective at creating panic.

            • I've seen this used in one of the Die Hard films. The attackers took over a news channel and transmitted fake video of the white house being blown up - easier than actually blowing it up, and just as effective at creating panic.

              Surely people wouldn't believe it. I mean, who would want to blow up the White house?

        • I'm talking about cases where internet access is available through the inflight wifi.
          Taking control of the network equipment through which this traffic runs isn't harmless.

        • by Lumpy ( 12016 )

          Pay per view, all that juicy credit card info....

      • by Desler ( 1608317 )

        What customer data is in the infotainment system?

        • Credit card data, perhaps? I assume they want you to pay for that infotainment, not to mention any food or drinks you're ordering.

        • the whole point of in-flight WIFI is that people can be charged exorbitant sums for painfully-slow internet access while in flight.

          While certainly it is no hijacking of a plane, the hijacking of this network equipment isn't nothing.

      • by Anonymous Coward

        ahh... so just all the passenger data can be hijacked. nothing to worry about here.

        That's ALREADY possible, no hacking the plane's systems required. Tell me you don't trust public WiFi connections, EVER.... Please tell me..... (crickets) We are doomed, doomed I say.

      • by AmiMoJo ( 196126 ) *

        No need for such an elaborate hack to do that. Just set up your own network called "In-Flight Free WiFi" and begin the harvest. For bonus points add a splash screen warning users that they may receive certificate warnings "due to the nature of in-flight wifi and the speed/altitude of the aircraft in international airspace", complete with instructions on how to bypass them in all common browsers.

    • Yeah, remember that when you're flying with your family and someone is hacking the plane away while everyone else is asleep.
      • by Anonymous Coward

        Sir, I believe you might be troubled to learn YOUR COMPUTER IS BROADCASTING AN IP ADDRESS!

    • by MobyDisk ( 75490 )

      Yes, but imagine if a terrorist changed all the in-flight movies to be Uwe Boll movies: Passengers might start jumping out of the plane!

      • I believe that act would fall afoul of the Geneva Conventions and be considered a War Crime. Uwe Boll skirts the law based on pathetic notions such as "free speech" and "free expression." Purposely inflicting Uwe Boll on people is torture and will be punished appropriately (unlike the US treatment of suspected terrorists).

      • Yes, but imagine if a terrorist changed all the in-flight movies to be Uwe Boll movies: Passengers might start jumping out of the plane!

        That's nothing. I heard the in-flight Infotainment catalog includes Nickelback, which we all know is the aural equivalent of two cup chicks hosting a goatse lemon party.

      • by boaworm ( 180781 )

        Or "Snakes on a Plane". Which for some strange reason never made it to the inflight entertainment systems :-(

        • Or "Snakes on a Plane". Which for some strange reason never made it to the inflight entertainment systems :-(

          I saw "Memphis Belle" on a plane once, a few years ago. Some scenes were cut, but more because of the adult content than the planes being shot down.

          Disclaimers:
          1: This is pre Sep/11
          2: This is pre seat-back entertainment systems, where everyone watched the same show on a screen at the front of the cabin
          3: Yes I am that old

    • by Andy Dodd ( 701 )

      Also not specified is whether the "hardcoded credentials" are even valid during a normal operating mode.

      In many cases, avionics like this has a dedicated physically isolated service port and/or a dedicated "service mode" that can only be entered by powering on the device when a discrete is tied to ground by a special test equipment connector.

      Almost surely, these vulnerabilities are either:
      1) Firewalled from the passenger network (This is, however, unlikely, airgrapping/network isolation is far more likely,

    • by LoRdTAW ( 99712 )

      Here here:
      In theory, a hacker could use a plane's onboard WiFi signal or inflight entertainment system to hack into its avionics equipment, potentially disrupting or modifying satellite communications, which could interfere with the aircraft's navigation and safety systems, Santamarta said.

      So it stands that there really isnt much of a threat here. Either the journalist is confused or purposefully crafted the article so as to imply that a hacker with a wifi device can disable a planes navigation system or d

      • No, the journalist just swallowed the press release verbatim. I mean, there's practically no downside to doing so, and it keeps everyone happy.

        Security is a demanding field with a few "rockstars", which means there's a lot of incentive to, uh, exaggerate one's accomplishments. This guy had extended time to pick apart a piece of airplane hardware in his lab, and did so. That's all. What real-world vulnerability does this translate to? We don't know; he can't reveal them at the moment because it would be irre

    • Comment removed based on user account deletion
    • by boaworm ( 180781 )

      They did not get into the aircraft avionics.

      They got into the satellite communications for the Infotainment system.

      NONE of the systems like that have any interconnection to avionics or telemetry.

      The article isn't very clear on exactly what they managed to do, but it is quite possible that there is a shared satellite data communication system shared for infotainment systems and aircraft system status/updates/notifications alike. Hopefully with a robust QoS in place. So _if_ someone could break into the message routing, they could intercept and possibly create their own messages to send along the channel.

      If you check TFA's quote:

      In theory, a hacker could use a plane's onboard WiFi signal or inflight entertainment system to hack into its avionics equipment, potentially disrupting or modifying satellite communications, which could interfere with the aircraft's navigation and safety systems, Santamarta said.

      Since a modern airline has lots of avionics communicating with the groun

  • by tekrat ( 242117 ) on Monday August 04, 2014 @02:16PM (#47601765) Homepage Journal

    Quick, get Samuel L. Jackson on the phone.
    I smell a blockbuster movie in the works!

  • ...then I don't care. Very simple question; can you get to the avionics of the plane through the WiFi? If you can that's poor system design and someone should be beaten with a wet noodle; if you can't then I don't care as the network is physically disconnected from the actual movement and functioning of the aircraft. If the best you can do is spy on the passengers of the aircraft through the WiFi or use the WiFi without paying then I don't care. Anytime I log into a flight I go encrypted through VPN as you

  • The last several flights I was on you were supposed to run your device in the Airplain Mode so no WIFI.

    This alone makes the whole story implausible.

    Uhm yesss....

    • by Ksevio ( 865461 )
      Was that a couple years ago? The FAA recently loosened restrictions on using devices including using them more of the flight and allowing wifi (cellphones still need to be in airplane mode which turns of the cell transmitter).
      • by Teun ( 17872 )
        No, eight flights over the past 6 weeks, the last one Saturday.

        Indeed the rules have been loosened, last year you had to switch off completely during start and landing.

        But do I see a woosh?

        And sorry for the c's in Nonsense.

    • Delta is now going with a free tv and movie system that you can view via a browser or an ipad/ipod app. The plan in with future plane is to order without monitors on each seat.
  • by TubeSteak ( 669689 ) on Monday August 04, 2014 @02:39PM (#47601965) Journal

    Hughes spokeswoman Judy Blake said hardcoded credentials were "a necessary" feature for customer service. The worst a hacker could do is to disable the communication link, she said.

    1. Are hardcoded credentials ever "necessary?" How about credentials that are generated on first boot and then requested by support?

    2. Disabling the communications link for a piece of hardware whose sole purpose is communications... kind of a big deal.

    • by geekoid ( 135745 )

      Yes..and no. IF the communication that goes down is just wi-fi, then its a problem but not a big deal when compared to taking down avionic coms.

    • by blueg3 ( 192743 )

      Hardcoded credentials aren't necessary. What they *mean* is that the *reason* for hardcoded credentials is "support". "Necessary" here doesn't actually mean "necessary", but rather, "deemed to be the best choice". Of course, it might really be the best choice. There's certainly a cost associated with making the support more complicated. You have to weigh that against the difficulty of using the hardcoded credentials and what you can do with them. There are lots of potential tradeoff points, from "using hard

  • Given the age of most aircraft in the fleet, and the age of most FAA-approved avionics, I have a hard time believing any of the avionics used in today's fleet are capable of TCP/IP communications, much less being able to hook into the in-aircraft wifi system. Most in-aircraft wifi systems I've seen are add-ons; separate systems which only tap into the airplane's power. And the only thing in the cockpit that may tie into the wifi system is the pilot's iPad.
    • And the only thing in the cockpit that may tie into the wifi system is the pilot's iPad.

      Dun-dun-dun...

      "We can't communicate with the pilots!"
      "Why not?"
      "Somebody hacked the WiFi network and put 'Plants vs. Zombies' on the pilots' iPads!"

      Now we know what happened to MH370...

    • Exactly. Ot is more than impossible that a 'hacker' can access any flight system/avionics via WiFi ... they are not even connected to each other, very likely they don't even share the same power grid.
      Communication between avionic components are usually done via buses with 2 wire serial connections. There are roughly two dozen protocols/technologies in use, all but 2 or three involving wires, the others glass fibers. I'm only aware of Airbus A380 using ethernet, not sure to what extend.
      An overview you can fi

  • The article is short on details, but, in all fairness, the paper is to be presented on Thursday and presumably the details will be forthcoming.

    My guess is that there are are two possibilities here:

    1. The avionics and entertainment systems are connected on the same local network, and thus if one can gain control of the entertainment system(s) on might then hack into the avionics.

    Q. Why might the avionics and entertainment systems be connected? One reason I can think of is so that the entertainment system can

  • by dltaylor ( 7510 ) on Monday August 04, 2014 @02:57PM (#47602105)

    I used to work for one of the In-Flight Entertainment (IFE) vendors. Although their "architect" was clueless about security, some of us doing the work managed to build some into the system. With WiFi, it was harder, but, before I left, we had, at least, set up some VPNs to isolate the system control links from the cabin crew- and customer-access features (don't know if that persisted). The entire IFE did rely on hard-coded passwords, though.

    There IS a connection between the IFE and aircraft systems. It is used to feed aircraft position and speed data, plus some useful state, such as wheels up/down (there are features that only enabled while in "cruise", but not during takeoff and landing, for example). The aircraft systems designers, however, seemed to have a clue about security, however, as we were only allowed a network connection to a slave server with no apparent upstream links.

    • by Anonymous Coward

      I have worked for several avionics companies on everything from autopilots to IFE. I could say lots on the subject but you have well summarized the situation. There are connections of various kinds and a LOT of scrutiny and analysis goes into making those connections secure. Avionics are their own special world full of different buses and ways of operating than most computer folks are use to. A master hacker would have no chance at all against aircraft systems unless he was also highly trained in aircraft s

      • by Anonymous Coward

        Avionics are their own special world full of different buses and ways of operating than most computer folks are use to. A master hacker would have no chance at all against aircraft systems unless he was also highly trained in aircraft systems and had access to the hardware.

        So, what you want to say is: it's security through obscurity.

        • by GuB-42 ( 2483988 )

          In fact it's not really obscure. One of the most used bus for critical data is ARINC429 and it's a well defined and very simple standard.
          If you somehow manage to connect a device directly to the bus wires (you can't do this with WiFi), it is relatively easy to inject whatever data you want. However, connected equipment will double check everything they receive, so you have to craft consistent data, a much harder task. And even then some devices have additional analog sensors so you'll need to fool these too

  • No I will have to hear endlessly about this completely misleading article from people who know nothing about avionics.

    That you article writer and slashdot submitter for adding to technology hysteria.

    This article is basically saying someone can hack your washing machine from your cable modem without any supporting evidence that is true.

  • It seems epically stupid that wifi access for passengers is not on a physically separate system. Something as sensitive as this should NOT be even a virtual LAN.
  • Story reminded me of a good Dilbert comic [dilbert.com] from back in the day.

  • Per a NUMBER of various regs, the avionics network is physically separated from anything that the passengers can touch.
    IOW, not going to happen.

    As to the passenger's network, oh yeaj, easy enough to crack that with time. Heck, Airbus uses Windows.
    • Define "physically separate"

      That is not how I read the following FAA Special Conditions:
      https://www.federalregister.go... [federalregister.gov]

      This says "the design provides isolation from, or airplane electronic system security protection against, access by unauthorized sources internal to the airplane"

    • by Anonymous Coward

      I'm heavily involved in maintaining the Avionics and IFE onboard our aircraft. The IFE system is physically separated only in the sense that it has read only capability to the ARINC-629 avionics data bus. It can't put anything onto the bus, because the wires aren't connected. The IFE is however tied into the Passenger Service System, so the passengers can turn on their reading lights and attendant call lights, and so that video playback stops when announcements are made.

  • This is ancient news that was debated endlessly during the MH-17 breathless cable news-a-thon, the lost airline network had this on every night.

    No clickbait global warming stories today? No polarizing left wing loon right wing nutcase stories? Gee slashdot, are you on vacation too this week?

This is now. Later is later.

Working...