Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Transportation Network Networking The Internet

Access Codes For United Cockpit Doors Accidentally Posted Online (techcrunch.com) 109

According to the Wall Street Journal, the access codes to United's cockpit doors were accidentally posted on a public website by a flight attendant. "[United Continental Holdings], which owns United Airlines and United Express, asked pilots to follow security procedures already in use, including visually confirming someone's identity before they are allowed onto the flight deck even if they enter the correct security code into the cockpit door's keypad," reports TechCrunch. From the report: The Air Line Pilots Association, a union that represents 55,000 pilots in the U.S. and Canada, told the WSJ on Sunday that the problem had been fixed. The notable thing about this security breach is that it was caused by human error, not a hack, and illustrates how vulnerable cockpits are to intruders despite existing safety procedures. The Air Line Pilots Association has advocated for secondary barriers made from mesh or steel cables to be installed on cockpits doors to make it harder to break into, but airlines have said that they aren't necessary.
This discussion has been archived. No new comments can be posted.

Access Codes For United Cockpit Doors Accidentally Posted Online

Comments Filter:
  • by JonnyCalcutta ( 524825 ) on Tuesday May 16, 2017 @04:04AM (#54424843)

    It is 0000

    • by Opportunist ( 166417 ) on Tuesday May 16, 2017 @04:11AM (#54424855)

      You joke, but you'd be surprised how much critical infrastructure is insecure simply because "Hey, nobody can get here anyway".

      • by _merlin ( 160982 )

        2580 opens a surprising number of electronic security doors, including some hospitals and brothels I know of.

        • Actually, system of PINs has been hacked. Attackers had revealed all the PINs on the Internet. You can check yours, but it's there! Why are we still using them, if anyone can find them online??? http://l33tn3rdz.deviantart.co... [deviantart.com]
        • by michelcolman ( 1208008 ) on Tuesday May 16, 2017 @07:18AM (#54425409)

          The code doesn't matter that much. There are two codes, a normal one and an emergency one.

          The normal code just makes an audible signal in the cockpit. The pilots then look at the camera screen to make sure that it's a crew member with no terrorists behind him/her. If all looks OK, they flip a switch to unlock the door. So what if a terrorists knows the code? The pilots will see "hey, that person's not supposed to enter" and keep the door shut. And yes, we do always check the camera. Our life could depend on it.

          Then what about the emergency code? It causes a similar sound that goes on for 30 seconds. If no action is taken by the pilots during those 30 seconds, the door is briefly unlocked so it can be pushed open. However, the pilots can simply block entry with a single switch. Since they have 30 seconds to do so, this is not really a big security risk either. The purpose is just to allow a crew member to enter if the pilot(s) are incapacitated.

          People get freaked out "OMG they have the access codes to the cockpit" but in reality this really is a non-issue. We had the same problem in my company, some comedian said the codes on a radio show and we got all these memos changing the codes and reminding us how vitally important it supposedly was that they were kept secret. Big deal. They might as well install a simple button instead of a keypad, it wouldn't make a difference.

          • by mysidia ( 191772 )

            However, the pilots can simply block entry with a single switch. Since they have 30 seconds to do so, this is not really a big security risk either.

            Ok... This is a good idea UNLESS the hostile force is Already in the Cockpit, OR the emergency is so imminent that everyone will be dead in 30 seconds. So if the terrorist is already in the cockpit, they can just take their time and keep everyone locked out, AND use the locked steel door to protect the terrorist from the passengers, Passengers who

            • by michelcolman ( 1208008 ) on Tuesday May 16, 2017 @08:15AM (#54425707)

              Well, if the terrorists are already in the cockpit, all bets are off. Obviously. Do you have a better idea?

              • Re: (Score:3, Informative)

                by Anonymous Coward
                Look, this is Slashdot. Without fail some guy will spend maybe three seconds thinking and then post his pin-headed conclusion about what's wrong with something, as if everyone else in the world is an idiot and can't consider even the simplest things. That guy is always wrong.
                • Look, this is Slashdot. Without fail some guy will spend maybe three seconds thinking and then post his pin-headed conclusion about what's wrong with something, as if everyone else in the world is an idiot and can't consider even the simplest things. That guy is always wrong.

                  No I'm not! Well, not every time. I hit the nail on the head occasionally with a wildly thrown rock.

                • by swb ( 14022 )

                  The world is always more rational and well-organized in mom's basement.

                  That being said, I do think there are a disturbing number of times that large groups and organizations perpetuate some really bad designs/systems and a fix is obvious (and sometimes even tested) to an outsider. Kind of an emperor wears no clothes kind of situation, and probably, if you looked into it, it's something perpetuated for reasons (like making money) that have nothing to do with problem solving or design.

              • by mysidia ( 191772 )

                Well, if the terrorists are already in the cockpit, all bets are off. Obviously. Do you have a better idea?

                Yes -- PIN+Biometric; a Two-Person rule for opening the security door, multiple automation and redundant systems, and ground crews monitoring commercial flights with an ability to remotely override a rogue pilot.

                • And then that system gets hacked and flies the plane into a mountain with the pilots powerless to do anything about it. Try again.

                  • by mysidia ( 191772 )

                    system gets hacked and flies the plane into a mountain with the pilots powerless to do anything about it.

                    The system need not allow that, just like current flight automation systems could deny the pilots' from doing that.

                    I don't think there's a material change of risk in that. Commercial planes ALREADY rely on automated navigation systems and software -- the pilots are already dependent on the computer, and already rely on consent of the computer to do any manual flying.

                    At least by having a ground sec

                    • We don't "rely on the consent of the computer to do any manual flying". We can turn off the autopilot at any time. On Airbus there are a few very basic protections that are still active in manual flight (excessive load factor, bank angle, stall) but even those can be turned off by degrading the system to the most basic flight mode.

                      There is currently NO system that prevents the pilots from flying into a mountain. We do have Enhanced Ground Proximity Warning System, but it's only an aural warning. Occasionall

          • by wonkey_monkey ( 2592601 ) on Tuesday May 16, 2017 @11:58AM (#54427379) Homepage

            They might as well install a simple button instead of a keypad, it wouldn't make a difference.

            Unless the pilots are incapacitated and there's a terrorist onboard! Are you trying to get us all killed?!

            What if they put a call out for a doctor to treat the pilots and the online doctor onboard is a terrorist... wait, forget I said that, it's copyrighted and you can't have it because it's my screenplay now.

        • by DeVilla ( 4563 )
          I'm about a week behind on my reading and I only get to see this now. It's sad that it appears no one got the joke. Maybe someone will learn the hard way.
    • Dear Valued Employee. Because your PIN has been compromised we have randomly generated a new PIN for you. Your new PIN is 5555. Please do not write this down.
    • That's amazing. I've got the same combination on my luggage!
    • I thought it was 0451.
    • It is 0000

      Actually, it's 12345.

    • That was actually the code to get into one of the high rises I used to live in. You could use the phone in the entryway to call up to units to be buzzed in, but it would unlock the door if you dialed 0000. Management was stunned when I demonstrated this to them and finally changed the default code.

      Building security was crap overall. There had been numerous break-ins and the foolish condo association wouldn't pay for 24 hour security.

      • When I lived in a tenement there was a service button which would let you in if you buzzed it before 10am. I think that's quite common here (Scotland) so I guess our criminals are known to never get up early.

    • by kbg ( 241421 )

      That's amazing. I've got the same combination on my luggage

  • by PSXer ( 854386 ) <psxer@msfirefox.com> on Tuesday May 16, 2017 @04:06AM (#54424851) Homepage

    1... 2... 3... 4........ 5

    • by Anonymous Coward

      But the new secure and safe version is 123456.

    • by Anonymous Coward

      That's the same combination I have on my luggage

  • by Anonymous Coward

    Once the cockpit security barrier reaches about half the airplane's weight, things will settle into a steady state, I guess.

    • by Teun ( 17872 )
      The ultimate safety from cockpit invasion would be to do away with the cockpit.

      Technology for remote (or alternatively autonomous) operation is existing, it 'only' needs certification for passenger transport.

      And then someone hacks the link or breaks in to the operating center and we're back at square one.
      • by michelcolman ( 1208008 ) on Tuesday May 16, 2017 @07:40AM (#54425507)

        Technology for remote (or alternatively autonomous) operation is existing, it 'only' needs certification for passenger transport.

        It would need a little more than just certification.

        People always go "80% of crashes are due to pilot error, so let's get rid of the pilots, the autopilot can fly the plane by itself anyway". What they don't know, is how often automation screws up and no crash occurs because the pilots were there to prevent it. In 20 years of flying I've had quite a few of those.

        In fact, a lot of "pilot error" crashes were really due to automation failures where the pilots were (rightfully) blamed for not having intervened. Autothrottle pulls the throttles back to idle at 1000 ft because a failing radio altimeter said the plane was about to touch down? Pilot error, they should have seen the throttles move backward and the speed decrease, and should have immediately reacted by taking manual control. As other pilots have on numerous occasions.

        Another example, the Air France flight from Rio that stalled and crashed into the Atlantic. Yes, the pilots stalled the airplane. But the only reason they were flying manually was because the automation had already given up. The same situation had already occurred with other crews and they had corrected the situation without crashing.

        Take the pilots out, with the current state of technology, and you'll see two orders of magnitude more crashes.

        How many military drones do they have flying around? Only a few, a ridiculously small number compared to passenger aircraft, yet drone crashes are a pretty frequent occurrence. Even though their missions are usually extremely simple: take off in good weather, fly a predetermined GPS trajectory, come back along a fixed trajectory and land in good weather. And they are vastly simpler mechanically because they don't need things like air conditioning, seats, etc. Yet they crash all the time.

        Come on, we can't even write a word processor or spreadsheet that doesn't crash occasionally, and you want to make automatic planes?

  • by CastrTroy ( 595695 ) on Tuesday May 16, 2017 @04:33AM (#54424907)

    The bigger question is why they have set codes at all. There are only a set number of people on each flight who might need to access the cockpit. They should really just have the pilots set a code before anybody else boards the plane, and have the relevant people notified of the code before the flight. Even better if the code is random generated by a computer.

    • It does make the physical security a bit pointless if the code is so insecure. Would probably be better to lock from the inside, and use the tried and tested "knock knock"/"Who's there" approach.
    • by Nidi62 ( 1525137 )

      The bigger question is why they have set codes at all. There are only a set number of people on each flight who might need to access the cockpit. They should really just have the pilots set a code before anybody else boards the plane, and have the relevant people notified of the code before the flight. Even better if the code is random generated by a computer.

      The Germanwings crash is a good example of this. With codes that can be changed from inside the cockpit, once someone has access they can deny access to anyone else. Also, you could have crew (both cockpit and cabin crew) operate 3 different aircraft in a day depending on their schedule, or at elast operate with different crews. If there is an emergency and you need to access the cockpit (maybe a pilot has a medical emergency and the other pilot has to handle actually flying the plane and contacting ATC

      • by Maritz ( 1829006 )

        The bigger question is why they have set codes at all. There are only a set number of people on each flight who might need to access the cockpit. They should really just have the pilots set a code before anybody else boards the plane, and have the relevant people notified of the code before the flight. Even better if the code is random generated by a computer.

        The Germanwings crash is a good example of this. With codes that can be changed from inside the cockpit, once someone has access they can deny access to anyone else. Also, you could have crew (both cockpit and cabin crew) operate 3 different aircraft in a day depending on their schedule, or at elast operate with different crews. If there is an emergency and you need to access the cockpit (maybe a pilot has a medical emergency and the other pilot has to handle actually flying the plane and contacting ATC so a flight attendant needs to assist the pilot with the medical issue) it is a lot easier to remember one standard password than what the password happens to be for this leg of your shift.

        Yeah we obviously can't have a system where the captain cannot get into the Cabin from the outside, because we have cunts like Andreas Lubitz on the planet. I hope I get a chance to piss on his grave someday.

      • by Z00L00K ( 682162 )

        The correct way is to have each plane programmed individually by a security officer and then only the assigned personnel for that flight will have the access through their keycards and codes.

        To allow for emergencies additional personnel could be added but never removed, but adding additional persons wold require that two different persons codes in the added personnel.

        It's of course an inconvenience to have systems like this, but the inconvenience of being dead is worse.

        An alternative is to have the cockpit

    • That has the same problems as letting people set their own passwords... the passcode will likely not change between flights anyway and is probably going to be easy to guess like 1111 or 1234. And unlike with passwords a 4-digit PIN is difficult to enforce good password practice with because the key space is so small.
    • That's my thinking too.

      By having the same code for every door, United has just implied that all stewardesses, both on flights and on the ground, know the code.

      This is beyond retarded.

    • Here's a thought. Instead of something you know (a PIN), to control cockpit access requests use something you have -- maybe a piece of metal with some unique notches cut into it. We could call it ... I dunno ... maybe a "key". Might have a few problems (many of the same ones a PIN has), but it's unlikely to get written down or posted inadvertently on the internet.

  • by Bearhouse ( 1034238 ) on Tuesday May 16, 2017 @04:58AM (#54424981)

    https://en.wikipedia.org/wiki/... [wikipedia.org]

    According to French and German prosecutors, the crash was deliberately caused by the co-pilot, Andreas Lubitz.[29][97][98] Brice Robin said Lubitz was initially courteous to Captain Sondenheimer during the first part of the flight, then became "curt" when the captain began the mid-flight briefing on the planned landing.[99] Robin said when the captain returned from a probable toilet break and tried to enter the cockpit, Lubitz had locked the door.[29][97] The captain had a code to unlock the door, but the lock's code panel can be disabled from the cockpit controls.[7][100] The captain requested re-entry using the intercom; he knocked and then banged on the door, but received no response.[101] The captain then tried to break down the door.[16][77][102] During the descent, the co-pilot did not respond to questions from air traffic control and did not transmit a distress call.[103] Robin said contact from the Marseille air traffic control tower, the captain's attempts to break in, and Lubitz's steady breathing were audible on the cockpit voice recording.[97][104] The screams of passengers in the last moments before impact were also heard on the recording.[99]

    After their initial analysis of the aircraft's flight data recorder, the BEA concluded that Lubitz deliberately crashed the aircraft. He had set the autopilot to descend to 100 feet (30 m) and accelerated the speed of the descending aircraft several times thereafter.[105][106] The aircraft was travelling at 700 kilometres per hour (430 mph) when it crashed into the mountain.[99] The BEA preliminary report into the crash was published on 6 May 2015, six weeks later. It confirmed the initial analysis of the aircraft's flight data recorder and revealed that during the earlier outbound Flight 9524 from Düsseldorf to Barcelona, Lubitz had practised setting the autopilot altitude dial to 100 feet several times while the captain was out of the cockpit.[107][108]

    • Re: (Score:2, Insightful)

      by Maritz ( 1829006 )
      It's difficult to get your head around the sheer cuntishness it takes to murder 149 people as you commit 'suicide'. It's a shame there's no hell for this evil little cuntweasel to go to.
    • Comment removed based on user account deletion
  • That and manual deadlocks on the inside.

    The reasons airlines don't want to put them in?

    * Expense (because retrofits on existing planes isn't just "EXPENSIVE!!!", it's "FUCKING EXPENSIVE!!!"
    * Weight savings. A reinforced door and manual/ratcheted lock bar could easily add another 5-800 lbs to a plane. That's EASILY 3-5 passenger fares.

    Save money vs save the crew's life? Fuck the crew! SAVE THE MONEY!

    It's like these little 7-11 Slurpee stores in high crime areas. They get robbed repeatedly, yet they don'

    • How expensive is it to replace the cashier?

      Exactly.

      • by sconeu ( 64226 )

        To be fair, back in college (early '80s), I pulled graveyard at a 7-11. During training we were taught that if someone came in armed, give him whatever the hell he wanted. The actual words they used were "We can replace money, we can't replace you".

        • Yes, I would tell you exactly the same. If for no other reason than you hating me for telling you otherwise.

      • by Chas ( 5144 )

        You've never had a wrongful death lawsuit filed against you have you?

        • Is it my fault that the robber came in and shot the guy? It's not like I hired him or told him it's a good idea. There's even a sign in the window that it's pointless to rob the store because the clerk can't access the big bucks, they're in a steel box (mostly so the little asshole can't steal from me... I mean, for the cashier's safety, of course).

          • by Chas ( 5144 )

            So the answer is "no", you haven't had a wrongful death suit filed against you.

            A wrongful death suit is a civil suit. So there is no burden of proof protecting you. Such suits run on preponderance of evidence.

            If your establishment has been robbed multiple times in the past, and one of your employees was eventually killed, his family could get you for wrongful death simply by dropping all those previous police reports in the jury's lap and go "See! Didn't take appropriate precautions to safeguard his empl

    • by Anonymous Coward

      Why do they not just use the 5 lb door if the range is so large?

    • by Anonymous Coward

      Nah the only thing they have to do is put a note on the door: "Illegal for terrorists to enter" and the problem will go away.

    • by Nidi62 ( 1525137 )

      That and manual deadlocks on the inside.

      The reasons airlines don't want to put them in?

      * Expense (because retrofits on existing planes isn't just "EXPENSIVE!!!", it's "FUCKING EXPENSIVE!!!" * Weight savings. A reinforced door and manual/ratcheted lock bar could easily add another 5-800 lbs to a plane. That's EASILY 3-5 passenger fares.

      Save money vs save the crew's life? Fuck the crew! SAVE THE MONEY!

      Aircraft crews are trained to repel attackers, quite a few in the US are armed now with the FFDO program, there are simple methods beyond a lock that can slow down any attempt to open the cockpit door by force (for example on MD-80 type aircraft, simply putting down the jumpseat would slow anyone down), and as a last resort they literally have a weapon on hand (the crash ax). Also, especially in the US, there is a very good chance that at least one of the cockpit crew is former military and has had self de

  • That's just plain dumb, right? Flight crews can't remember more than one 4 digit number?

    Why not distinct codes for each plane, or each flight? If there's only one master code for all planes, all a potential hijacker has to do is kidnap a flight attendant and beat it out of them.

    As it is, there might as well not be a code at all. It'd be just as secure to use "Shave and a haircut" as a secret knock.

    • by Anonymous Coward

      Flightcrews dont fly the same plane every day, and rather than risk losing millions of dollars by regularly having planes stuck on the tarmac while somebody calls a locksmith, the airlines (correctly) noted that this secure cockpit door stuff is just theatrics & set them all on the same password because frankly it doesnt fucking matter.

      • by mysidia ( 191772 )

        I would suggest two-factor with a Biometric + Personal code for each authorized person across the fleet, synchronized from a source database.

    • That's just plain dumb, right? Flight crews can't remember more than one 4 digit number?

      Why not distinct codes for each plane, or each flight? If there's only one master code for all planes, all a potential hijacker has to do is kidnap a flight attendant and beat it out of them.

      As it is, there might as well not be a code at all. It'd be just as secure to use "Shave and a haircut" as a secret knock.

      Except that there is a lockout that can be enabled while the plane is in flight. So even having the code does not guarantee you access to the flight deck.

    • by Togden ( 4914473 )
      Actually studies show that if you force people to try too hard to memorize passwords, they use coping methods such as keeping passwords on sticky notes which compromises the security of the password to a lower standard than if you have relatively simple pass codes. A more realistic solution might be to have a regular password rotation. This means that there is an established and tested system in place for new passwords to be issued to all staff. It also means that should passwords make it into the wrong ha
      • Doesn't rotation give you more to remember?

        And remembering a 4 digit number for a few hours isn't exactly a feat of memorization. It's well within the average person's ability.

  • of course since pilots post the access codes online
  • 9/11 happened because no one had really experienced using planes as weapons in this capacity. All the cockpit doors need to do now is keep any potential hijackers at bay for a minute.. by that time crew and passengers will have subdued the individual(s) trying to break in.

    I'm not worried once I get through security.. my biggest concern is someone blowing up the line for security. Not saying it's impossible to sneak through security with bad intentions but by that point you've gone through multiple laye

Truly simple systems... require infinite testing. -- Norman Augustine

Working...