FBI And United Airlines Shoot The Messenger After Security Researcher Discovers Vulnerabilities In Airplane Computer System
from the that-doesn't-make-me-feel-safer dept
At some point, the corporations and authorities in America are going to have to get over this knee-jerk reaction complex they have in going after citizens kindly pointing out technology and security flaws for them. You see this over and over and over again: someone notices a flaw in a system, points it out publicly instead of exploiting the flaw, and is thoroughly punished for his or her efforts. Often times there is a mealy-mouthed explanation for these punishments, which, chiefly, have to do with security risks in publicizing the flaw even though the ultimate goal should be fixing the exploit to begin with.The latest version of this has gotten the EFF involved in defending a security intelligence expert who tweeted from aboard a United Airlines flight about his ability to hack into the flight's WiFi and access some level of the flight's communications.
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :) — Chris Roberts (@Sidragon1) April 15, 2015
It may not mean much to you, but he's talking about getting access to communications systems and even some level of controls within the plane itself. And if that doesn't scare you, it should. It scared the feds, too, but it didn't scare them into actually, you know, addressing the security concerns. But it did scare them enough that upon the plane landing Roberts was scooped up by the FBI, questioned for several hours, and had his encrypted computer, tablet, and drives snatched from him. No warrant for any of this, mind you, at least not at the time of this writing. As you can imagine, he's not pleased. Mostly, though, he's confused as to why the feds are picking on him at all.
Roberts told FORBES he was disconcerted by the actions of US law enforcement. “Feds have known about issues in planes for years, why are they hot now? I’m a researcher, that’s what I do, I don’t go out to harm or hurt, why pick on researchers? If not us then who will find flaws?”Which is the entire point. The government should be thanking its lucky stars that a benevolent force such as Chris Roberts was the one who found this exploit, rather than someone who might actually wish to do harm. Tweeting about it may alert more nefarious folks that such an exploit exists, sure, but it also got the attention of the federal government who had damned well better be fixing this tout de suite. As far as anyone interested in actually fixing this exploit should be concerned, mission freaking accomplished. And yet Roberts is targeted, not because he's an actual threat, but merely for doing what people in his profession do.
And not just at the conclusion of that flight, either, I should add. The harassment continued afterwards.
Roberts was back at the airport on Saturday evening, headed to San Francisco to attend two high-profile security conferences, the RSA Conference, where he is scheduled to present on Thursday, and BSides SF. After Roberts retrieved his boarding pass, made his way through the TSA checkpoint and reached the gate, United corporate security personnel stopped him from boarding the plane. Roberts was told to expect a letter explaining the reasons for not being allowed to travel on United. Thankfully, Roberts was able to book a last-minute flight on another airline and has now landed safely in San Francisco.This should be seen as useful for the public, which now knows somewhat certainly that United Airlines would much rather attempt to achieve security through obscurity rather than seeing experts like Roberts as a boon to their own safety product. Should you need to fly anytime soon, do you really want to board a flight run by a company that has now demonstrated that it tolerates vulnerabilities aboard its flights and also would rather try to put its head in the sand than deal with those vulnerabilities? I sure wouldn't. Keep in mind, by the way, that United is getting this important information into its own security for free. But rather than be grateful, out come the cross hairs.
Nevertheless, United’s refusal to allow Roberts to fly is both disappointing and confusing. As a member of the security research community, his job is to identify vulnerabilities in networks so that they can be fixed. Indeed, he was headed to RSA speak about security vulnerabilities in a talk called “Security Hopscotch” when attempting to board the United flight.
It's enough with this crap already. No amount of embarrassment is justification for harassing a security researcher who happens to be fault-testing technology on high-profile targets. And doing it free of charge, I might add. In the realm of security, Roberts is a helpful force, not a harmful one. It'd be nice if the Feds and United Airlines would behave gratefully, rather than targeting the man.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: chris roberts, hacking, in-flight computers, in-flight wifi, obscurity, research, security, shooting the messenger
Companies: united airlines
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
A simpler and more logical explanation is that whoever's job it was to keep aircraft communications secure is embarrassed at the public knowledge of their incompetence, and quite pleased to deflect blame toward the good samaritan who revealed it.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
But those backdoors are vital for national security! It they're closed then we're all doomed!
[ link to this | view in chronology ]
Re: Re: Re: Re:
And, about those backdoors, I've come to the conclusion that the NSA, CIA and FBI have collectively sold their souls to the PLA's elite cyberwarfare group, Unit 61398.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
The fact that that is even POSSIBLE for someone sitting in the passenger area is terrifying -- the sort of security flaw that should result in every plane using that network system being grounded instantly and permanently until it is fixed.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
When I first heard of this, I was astounded that they were doing all of this on just the one system. One pizza box server for each would have been the smart way to go. How could they justify not doing that way?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
no engineer would ever wire public wifi with ANYTHING ELSE of the airplane
(unless he and nobody he knows is ever going to fly)...
but then it went through "the manegerial revolution" you know, the happy MBA yes men,
and one had the brilliant idea to save cost wiring it all together...
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
(another porsche)
[ link to this | view in chronology ]
Re: Split System
Back then Boeing made one of the safest planes ever.They don't now....
Things change, the bean counters and not the flight crew or engineers have the last say these days, Boeing makes crappy, unsafe planes, it's suicidal to book a flight on Japan's national air carrier, the TSA and HLS consider it their duty to rob us blind and as botw mentions corners have been cut by the air carriers and manufacturers.
It's a nasty world we live in.
[ link to this | view in chronology ]
Re:
Having openness actually increases security, provided that competent people are applying the recommended fixes.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Because apologists are always all knowing.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
This is a fairly typical situation, when people in positions of authority are confronted with how much they DON'T know their usual response is to get aggressive and act poorly. In my experience most organisations arent prepared for cyber and they arent happy when its bought to their attention.
The researcher should have known this, I would NEVER attack a client network (or even discuss it) without my get out of jail free card but having said that I've pen tested planes in flight and not been on one with a vulnerability, if i was I would yell about it just like he did.
[ link to this | view in chronology ]
Re: Re:
You should be shot for using that annoying buzzword.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Yeah, sure...
[ link to this | view in chronology ]
Re: Re:
And then the cheap ass duck blind the aliens are provided turns out not to have enough redundancy built in and fails killing a few *and* lets the proto-Vulcans see what the aliens are doing, leading them to do an about face back to the Dark Ages (ST:TNG).
Yeah, this sort of thing was entirely impossible to foresee. The fibbies should be banging their heads on the wall for this and Boeing deserves to be forced to fix it for free. "Important people" should be fired for this cockup.
[ link to this | view in chronology ]
He didn't get in trouble for finding a vulnerability. He got in trouble for joking about abusing the vulnerability while on an airplane.
[ link to this | view in chronology ]
Re: Anonymous Coward
I used to fly United all the time. Now, I avoid them if at all possible in favor of Southwest.
[ link to this | view in chronology ]
Re:
What about the whole, the issue exists and people can find it problem?
It seems apparent that the issue was known, but not disclosed. The people with responsibility for correcting the issue should be the ones embarrassed. Yet, the one who is sanctioned is the one who exposes it.
Where are our whistle-blower laws that exempt whistl-blowers from prosecution or even harassment? Oh right, they are tied up in the governments quest for moar power.
Que up the Wizard of Oz scene where the 'professor' is behind the curtain pulling levers to 'create' the illusion of omnipotence.
That is where you will find 'just cause'. Ha, ha, ha!
[ link to this | view in chronology ]
Re: Re:
Oh, yes. Jokes, sarcasm, parody and the whole similar lot should be absolutely banned!
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
The word you want here is "cue"; it's pronounced the same way as "queue", rhymes with "who", and means either "a signal to do something" or "to signal to do something".
The word "queue" in its turn means either "a line in which things wait for their turns" or "to put into line to wait for its turn".
[ link to this | view in chronology ]
Re: Re: Re:
"que" is pronounced roughly "kway".
"cue" and "queue" are pronounced roughly "kyoo".
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
1. He finds the security loophole. He tweets.
2. Feds notice it. At this point, the only ones who are aware of his actions are him, (on the plane,) and the feds (off the plane.) Unless someone on the plane was actively checking this one guy's twitter. Feds can also probably tell from the twitter account that he's a compsecurity researcher.
3. Feds prepare to meet him at the scheduled and intended landing. Of course, if he's actually doing anything nefarious, the plane won't be getting there. The entire plot of "we're going to pick him up, interrogate him, and take all his shit" is predicated on "He's not going to hijack, sabotage, or otherwise exploit his plane flight."
4. It lands at his destination, proving that he was not hijacking, sabotaging, hacking, or generally doing anything wrong. He is taken into custody (sans warrant).
Maybe I'm a little too idealistic but this doesn't seem like a sane, legal, or sensible response.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
I was at a registration-required, but otherwise public, conference Roberts presented at few (3 or 4) years ago, and had an opportunity to speak to him a bit one on one about some of this (I was actually attending the conference for free as part of a deal Infragard had worked with the conference organizers).
This isn't a new thing, It's not the first time the airlines and feds have been notified about these problem, and it's not going to get fixed anytime soon.
[ link to this | view in chronology ]
Re: Re:
1) Roberts, and others, have done research on this issue in the last 5 years.
2) In previous flights Roberts has taken he has attached his laptop to the Ethernet port available under his seat and monitored all the packets that travel across this network. Even though this is the In Flight Entertainment system (IFE), he has seen packets that are for command and control and sensor information for the planes avionics control. This confirmed the network traffic is not strictly partitioned but the airlines claim such traffic is one way. That is there is a gateway to the IFE system which doesn't allow any packet to be sent from the IFE. He has never attempted to inject his own packets into the network. He did not do any monitoring on this particular flight.
3). During a twitter conversation discussing what he does with an acquaintance he sends the joke tweet. This tweet refers to the type of plane and makes no mention of the airline or flight number.
4). Roberts was asked by the FBI a couple of months previously to back off on his research and back off on publicizing any potential vulnerabilities. This was a blanket request to stop talking, even generally, about the possible vulnerabilities. Last month, he was interviewed on Fox News where he discussed the general security risk in interconnecting the IFE and avionics networks.
5) 3 hours after he makes the tweet from the airplane, they land at their destination in Syracuse. The FBI is already waiting for him and escort him from his seat. I have to conclude the FBI was monitoring his twitter account as a result of him not kowtowing to their desire that he shut up.
6). Roberts was questioned for 2 hours. He was not taken into custody. His electronics were confiscated except for his cell phone.
[ link to this | view in chronology ]
Re: Re: Re:
2) The IFE receives some telemetry data from the FMC via a unidirectional data bus e.g. ARINC's 429 (http://en.wikipedia.org/wiki/Avionics_Full-Duplex_Switched_Ethernet). If he has indeed "seen" command/control packets, again, publish this so it can be peer reviewed.
4) Is there documented evidence of such an interaction with the FBI, or are you taking Mr Roberts' word for it?
[ link to this | view in chronology ]
Why not?
One wonders what the justification for repressing this type of joke actually is. The widespread belief is that the situation is similar to the classic "yelling 'Fire' in a crowded theater", i.e., the danger which is averted by suppressing these jokes is the danger of having the passengers panic.
Do you actually believe that there was any likelihood whatsoever of this esoteric tweet, in and of itself, causing panic on a flight? Anyone knowledgeable enough to understand the tweet is unlikely to panic. And the particular "threat" in the tweet would seem to be "I can cause the oxygen masks to deploy", which doesn't seen to be very dangerous by itself.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
They should design laws...
[ link to this | view in chronology ]
Re: They should design laws...
That's a joke, right?
[ link to this | view in chronology ]
Re: Re: They should design laws...
[ link to this | view in chronology ]
Re: They should design laws...
If I put out a sign that says "Free access to the premises" in front of my house, then forget to close (let alone lock) the front door, it's not unauthorized access for someone to walk inside.
Yeah, common sense might say that of course I don;t really want people inside my house. But that's not what my sign said.
[ link to this | view in chronology ]
Re: They should design laws...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Airports and the airline industry are ground zero for security theater.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
On WiFi at all?
[ link to this | view in chronology ]
Re: On WiFi at all?
The much talked about, never yet seen massive cyber attack on infrastructure the NSA and FBI are constantly blathering about would first require that they connect vital systems to the internet -- and only an idiot or a traitor would do that.
If vital systems that need to be secure are connected via WiFi, that's just ASKING to be hacked. They're just lucky the first member of the general public to notice is a white hat, not a black hat.
[ link to this | view in chronology ]
Re: On WiFi at all?
[ link to this | view in chronology ]
Re: On WiFi at all?
[ link to this | view in chronology ]
Dunno why they don't teach this (explicitly) in school...
[ link to this | view in chronology ]
Re: Dunno why they don't teach this (explicitly) in school...
[ link to this | view in chronology ]
Re: Dunno why they don't teach this (explicitly) in school...
[ link to this | view in chronology ]
Re: Dunno why they don't teach this (explicitly) in school...
It would help if you would no longer give them that title, and remind them that they do work for us overall and that WE do have the constitutional remedies for their corruptness - admittedly (again) it would help if more people would actually bother to learn the US Constitution, and their own state Constitution as they ARE the contracts that they are REQUIRED to follow and work under.
[ link to this | view in chronology ]
Re: Re: Dunno why they don't teach this (explicitly) in school...
[ link to this | view in chronology ]
Re: Dunno why they don't teach this (explicitly) in school...
[ link to this | view in chronology ]
Bad for business if the FBI were exposed putting peoples lives in danger just so they can look good.
[ link to this | view in chronology ]
Arrested the wrong person?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Bill the f*ckers...
[ link to this | view in chronology ]
the article doesn't get it
IT'S ABOUT CONTROLLING YOU
it is why hackers do not share no more
it is why you will never know how vulnerable you are until you piss them off
yup thats it in a nut shell and for the record your fbi are a bunch a fucking criminals in suits
[ link to this | view in chronology ]
Re: the article doesn't get it
[ link to this | view in chronology ]
Key note:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Sympathize with the feds on this one
Yes, he had a smiley face to suggest sarcasm. Or maybe instead of sarcasm he meant Smithers-like glee? C'mon. Roberts' statement was a clear provocation.
Furthermore, Roberts is quoted as saying, "I’m a researcher, that’s what I do." That tweet sure doesn't sound like it came from a researcher. Sounds more like it came from an unprofessional smart-ass.
I also believe it's irresponsible and unprofessional (though not criminal) to publicize these types of serious security problems before they're fixed.
The authorities were entirely justified in detaining Roberts after the flight, to determine whether he really intended to act on the vague threat, to properly determine his identity, and to make sure that if there was a vulnerability, he would reveal it so that it could be formally reported.
Imagine if someone joked that they found bomb-making materials on-board an aircraft, and no law enforcement bothered to follow up. Would you have been okay with that?
[ link to this | view in chronology ]
Re: Sympathize with the feds on this one
If you read the article at http://www.wired.com/2015/04/twitter-plane-chris-roberts-security-reasearch-cold-war/ you'll perhaps see the errors in your post.
I don't understand how asking if he should turn on the passenger oxygen system (or maybe just the warning light equals finding bomb making materials on an aircraft.
[ link to this | view in chronology ]
Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Re: Sympathize with the feds on this one
But that's beside the point. You arrived at this conclusion after reading articles about it, and knowing that, in retrospect, this was intended as a joke. At the time, did the Feds what his intention was? Maybe he found a new attack vector. Maybe he was angry and intended to do something after having been ignored for 5 years.
Ask yourself this: if he HAD done something nefarious (say, on his next flight), and it was discovered that the Feds knew about his "threat" but chose not to act based on an assumption that he was just kidding, would you have been okay with that?
[ link to this | view in chronology ]
Re: Re: Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Sympathize with the feds on this one
You are confusing two issues here. As far as the reaction to Robert's tweet goes, it's irrelevant whether he spent years trying to get them to fix such vulnerabilities. Even assuming in the relatively short duration of this flight that authorities had enough time to understand and confirm who Roberts was and all the history behind his efforts, his tweet was still provocative. And for all authorities knew, he was a guy who was disgruntled from the lack of response to his revelations and decided to ratchet things up a notch.
But again, his history doesn't matter...just because the flaws were disclosed does not, years later, authorize him to threaten to exploit them. The lack of action on the airline's part is inexcusable for sure, but immaterial to whether it was proper to detain Roberts.
And you're picking and choosing from his tweet. He also threatened/joked about the engine/crew alerting system, and communications system. What he did was claim to have the ability to affect important airplane systems that are supposed to be off-limits to passengers, and that is why it's on a par with finding bomb-making materials. In fact, if he could control avionics, he could not only destroy the aircraft, but ground-based targets as well.
Try to separate your justified disdain for the way Roberts' research has been treated from his irresponsibly provocative tweet.
BTW, I'm not passing judgment on whether they should have confiscated his equipment, or whether United should have prevented him from flying. Just on detaining and questioning him.
[ link to this | view in chronology ]
Re: Re: Re: Sympathize with the feds on this one
How long have you worked in any technical field where stupidity on the part of management leads to situations like this?
My second question is :-
If you have worked in a technical field for any length of time (
[ link to this | view in chronology ]
Re: Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Sympathize with the feds on this one
For example, it's well-known and trivially obvious that you could circumvent the TSA's volume-of-liquid limitations by splitting them into multiple containers, and/or via multiple passengers. That bug has never been fixed. So does that make it okay to tweet something about combining liquids to create, say, a smoke bomb on the plane?
I didn't think so.
[ link to this | view in chronology ]
Re: Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Sympathize with the feds on this one
You are being influenced by the after-the-fact knowledge that Roberts didn't actually intend to do anything underhanded.
[ link to this | view in chronology ]
Re: Re: Re: Sympathize with the feds on this one
There was no security gain in the Feds having confiscated his equipment, though the deluge of Feds that have been commenting on this topic on Schneier's blog and on here does make for some interesting conversion, albeit, it comes off a bit like shilling when there's no back-and-forth with productive dialogue.
[ link to this | view in chronology ]
Re: Re: Re: Sympathize with the feds on this one
How about an alternative argument:
Intimidating security researchers will ensure less security research is done in the future by onlooking researchers or prospective researchers. If law enforcement is more comfortable in a world where a 747 could be hacked and taken over/taken down by a terrorist than they are in a world where a security researcher can jokingly bait them, then I'd say there's either mixed up priorities or a severe lack of foresight.
[ link to this | view in chronology ]
Re: Sympathize with the feds on this one
It could sensibly construed as facilitating the nefarious intentions of enemies already determined to use our own technology against us. So, it should be criminal to aid the enemy in this manner. Make it well known to everyone also.
[ link to this | view in chronology ]
Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Sympathize with the feds on this one
Also, he was going to present his findings at a BSides conference. With much more specificity. Information that'd be public. In a venue that many more security-minded people would've been paying attention to as opposed to a TWITTER ACCOUNT.
[ link to this | view in chronology ]
Re: Sympathize with the feds on this one
If a serious problem like this has been reported and no visible action has taken place within days or weeks, then the responsible and professional thing to do is publicise the flaw. It is a matter of public safety not company reputation that should take the front line.
If it means that that particular airline and any other airline which has the same flaw suffers major economic damage due to their lack of movement on such a flaw, then so be it. To put profits before safety is a common attitude amongst many companies (both large and small).
It is far better that such flaws are widely publicised than hidden. Sure, the wrong people may get a early insight to an exploitable flaw. But the reality is that the wrong people already know about and are already exploiting the flaw.
[ link to this | view in chronology ]
Re: Sympathize with the feds on this one
So, did the FBI immediately contact the plane and insist they put it on the ground tout suite? No, they just sat around and waited for it to land leaving how many potential lives in jeopardy, in the air and on the ground.
This is a fibbie, United, and Boeing cockup, and they should all be extremely grateful and seriously embarassed for their actions.
[ link to this | view in chronology ]
Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
Re: Re: Re: Sympathize with the feds on this one
[ link to this | view in chronology ]
The real story here is ...
[ link to this | view in chronology ]
4 types
1. White hats who try find flaws and alert the appropriate people about them so the flaws can be fixed (Roberts). This is relatively small group because of the skills needed to find the flaws.
2. The security aware who try keep up with the field but lack the deep technical knowledge to routinely find flaws. The is not a particularly large group but an important because they often provide a link to educate others about best practices. Readers of Techdirt and similar blogs are in this group.
3. The average user who does not keep up with most security issues and may not understand their implications. They are heavily reliant on their technically aware friends and family members for advice, training, and support. This by far the largest group of users. Often they confuse the white hats with the black hats, especially by the technical illiterates in the criminal injustice system.
4. The black hats who use flaws to harm others usually financially but occasionally in other ways. Many black hats are script kiddies who do not have the technical skill to find the flaws. They are reliant on more skill black hats to find them and determine how to exploit. This is a very small but dangerous group.
[ link to this | view in chronology ]
Re: 4 types
6. Political Hats who don't know shit about anything including but not limited to so called cyber security, so they just make shit up or regurgitate what has been feed to them from their overlords, the Corporate Hats.
7. Media Hats whose talking heads anoint your idiot boxes daily with slanted garbage feed to their teleprompter by corporate editors.
[ link to this | view in chronology ]
Re: Re: 4 types
[ link to this | view in chronology ]
Re: Re: Re: 4 types
[ link to this | view in chronology ]
Re: Re: Re: 4 types
that was considered a crackpot theory before the evidence proving it came out
maybe you should add number point for the people who have to eat their words after ridiculing those tin foil hats
[ link to this | view in chronology ]
Re: 4 types
1. White hats who try find flaws and alert the appropriate people about them so the flaws can be fixed (Roberts). This is relatively small group because of the skills needed to find the flaws, and the fact that so many companies have made it clear that exposing a flaw in their product and/or service will not result in it being fixed, but the company doing everything they can to crush the one who found the flaw.
[ link to this | view in chronology ]
Re: Re: 4 types
[ link to this | view in chronology ]
Know the truth
[ link to this | view in chronology ]
The way this story is being reported you'd think he was just a few well adjusted packets away from dropping the oxygen masks. Which if true, in-flight tweets seem a poorly chosen method of disclosure. Or perhaps it was meant as a publicity stunt, in which case, mission accomplished.
[ link to this | view in chronology ]
Tin foil hat time:
That would reveal a vague what and how things have been compromised, so they have to go after everyone of necessity.
[ link to this | view in chronology ]
Horribly, horribly misleading headline
Take, for example, the simple fact that the 737 DOES NOT have an EICAS. There is no such thing as a "PASS OXYGEN ON" message on that airplane.
It is 100% joke and I will leave it to others to argue about whether or not that is wrong.
[ link to this | view in chronology ]
Re: Horribly, horribly misleading headline
And if you look at the B737's very hefty technical manual you will discover that the passenger O2 system can be activated by sending a test message over EICAS. You'll also discover that the system can be remotely activated if you have the proper codes and can broadcast them on the correct frequency.
[ link to this | view in chronology ]
Re: Re: Horribly, horribly misleading headline
[ link to this | view in chronology ]
Highly Efficient to Squash the Proficient
[ link to this | view in chronology ]
Re: Highly Efficient to Squash the Proficient
[ link to this | view in chronology ]
[ link to this | view in chronology ]
um
[ link to this | view in chronology ]
Re: um
[ link to this | view in chronology ]
Re: um
[ link to this | view in chronology ]
Re: Re: um
[ link to this | view in chronology ]
There is absolutely no benifit for them to fix the error.
If someone used this vulnerability in the system, it would have to be spread on the internet that this is the way they did it. If not, it would be kept quiet so as to not encourage others to do it as well and/or to cause panic.
The crash would most likely be blamed on the plane or the pilot. Behind the curtain, agencies would get more money and power for fighting terrorists and United would get money to fix the flaw and beef up security even more and at the same time probably collect the insurance on the plane.
To be cynical, one could believe that the reason these flaws are ignored is that they simply didn't care because it would only end up making profit in the end, even if the flaws were misused.
[ link to this | view in chronology ]
Re: They should design laws...
Funny how they never seem to be applied to anything except 'unauthorized' leaks by people in power...
[ link to this | view in chronology ]
Calm down
These hosts are there because:
1) 'Box-IFE-ICE-SATCOM' is the central hub of the Inflight Entertainment (IFE) system, which includes a SATCOM terminal.
1) the EICAS is a read only message window in the cockpit, think of it as the debug output of the plane. Should the IFE overheat or otherwise fail a message would be displayed to the pilots. Why? Because fires in IFE systems have damaged airplanes and in at least one case caused a crash (Google 'SwissAir Flight 111').
2) 'PAS-OX-0N' is a device that sends a signal to the IFE that causes the IFE to shut down. The IFE can't cause the passenger oxygen masks to drop.
While no hack is possible in this network, joking about anything to do with aircraft safety is not a smart thing to twitter. The first amendment doesn't mean that other people can't consider your speech when deciding to trust you.
Nothing to see here, move along.
[ link to this | view in chronology ]
Re: Calm down
[ link to this | view in chronology ]
that's nice
[ link to this | view in chronology ]
Bottom line is this
a) Showed that an avionics system could be hacked
b) Had the skills to actually perform the hack
c) Publicly implied that he might start hacking
d) Subsequently started hacking in-flight avionics, causing big problems
...and it was discovered that the authorities didn't bother investigating after (c), there would be a huge hue and cry about how incompetent law enforcement was in this case, ignoring a potential threat like this.
Some of you obviously aren't able to eliminate the 'hindsight' factor. You know that (d) didn't occur, so you can't imagine why he was hassled.
For those of you who think whatever Roberts might have done would have been harmless, how the heck would you have known that (esp. without hindsight)? If the oxygen masks were deployed, how do you know that panic wouldn't have ensued, or that someone wouldn't have had a heart attack? How could you know that Roberts wouldn't make a mistake and inadvertently affect a critical system during his first live real-time intrusion? How could you know whether the hack would cause the flight to be diverted, causing great expense and potential hardship on the passengers? How could you know whether Roberts intended to affect only non-critical systems, since his tweet left the door open to just about anything? How could you know that Roberts hadn't slipped a cog and decided to end it all to make a point after years of frustration?
The bottom line is you couldn't know any of these things without the benefit of hindsight.
You don't joke about hijacking or bombing in an airport, and it's fine for authorities to detain you to determine whether it was a joke or not. Do you think authorities should assume all such comments to be frivolous and never investigate them?
The TSA, FBI, Police, Prosecutors, et al., are guilty of many transgressions. There are countless examples of their overreach, ineptitude, stupidity, and callous disregard for civil liberties. But detaining Roberts after that tweet was one of many examples of them doing something right.
If you want to complain about United's inaction, that's a separate beef.
But if you want to complain about bad behavior by law enforcement, there are too many better examples of it out there than criticizing the questioning of someone who wrote something as ambiguously provocative as that tweet.
[ link to this | view in chronology ]
Re: Bottom line is this
Hindsight like, "Oh, the plane made it safely to the airport on time, now we can arrest him and take his stuff"?
[ link to this | view in chronology ]
Re: Bottom line is this
"I could see the fuel rebalancing, thrust control system, flight management system, the state of controllers," he said.
He told CNN he has been hacking planes loaded with passengers. That's why he was kicked off United.
[ link to this | view in chronology ]
What good is a vulnrability, if EVERYone knows about it
Sick
[ link to this | view in chronology ]
Re: Hindsight
First, you're off-base on a few things. He wasn't arrested. And I wasn't commenting on the FBI "taking his stuff" (if you read my initial comment above). I was only talking about the FBI questioning him.
Re hindsight: The plane landing safely didn't prove that Roberts had not tried, intended to, or did not actually break into the avionics, or that he didn't discover a new method of doing so (a vulnerability which should be reported), or that he was not a threat to hack an upcoming flight, or that he didn't alter something that would affect subsequent flights on that plane. Or that it was actually Roberts who sent the tweet. For example.
And if he had succeeded in breaking into the system, I would certainly hope there would be consequences. I don't want even well-intentioned passengers fiddling with these systems in any way. Heck, I'm an IT guy and we'd take action against anyone poking around in our network in violation of our policy, even if we are just a public library and lives aren't exactly on the line.
I don't want the FBI to take a potential threat and look for every possible reason to ignore it. They've gotten rightly slammed for failing to connect the dots on other occasions. Roberts' tweet was a pretty big dot.
Sounds like you'd have preferred the FBI to say, "Yeah, we're assuming that the tweet is from that security researcher guy Chris Roberts...he's always breaking into the control systems and whining about their hackability; he's probably just blowing off steam and trying to get people worked up about it. Let's not make a big deal out of this. We could go talk to him about it, but let's just assume the best case."
[ link to this | view in chronology ]
Re: Re: Hindsight
Relying on passengers, well intentioned or not, not fiddling with these systems is a security failure, they should not be able to fiddle withe the systems full stop. When such security problems exist, one hopes that well intentioned people bring it the attention of the authorities, and one also hopes that the authorities will fix the problem., and not as in this case ignore it until at least it is made public.
[ link to this | view in chronology ]
A reasonable question for Reasonable Coward
Your attitude (like so many others in the "authority" vein) is that the message is so bad that the messenger has to be shot to protect those above.
You completely miss the point of the entire scenario - the problem was allowed to continue long after it should have been fixed. The FBI should have been beating the doors down to United first and foremost without even having to speak to Chris Roberts.
[ link to this | view in chronology ]
Re: A reasonable question for Reasonable Coward
I'd also want to be talking to the FAA about this. Did they know this situation exists? Why did they allow this system to even get into the air? They're supposed to be certifying stuff like this for commercial airlines.
[ link to this | view in chronology ]
Re: Re: A reasonable question for Reasonable Coward
Your response Reasonable Coward?
[ link to this | view in chronology ]
Re: Re: Re: A reasonable question for Reasonable Coward
I wonder if he is a lackey from the FBI PR group or from the airline PR group?
[ link to this | view in chronology ]
Opportunistic reporting
Many very highly qualified people of a given airplane manufacturer's team, the IFE provider's team and the airline's team work tirelessly to eliminate security issues. I'd venture they are multiple orders of magnitude better qualified than Mr. Roberts and other commentators in the matters of avionics, flight management computers and in-flight entertainment systems.
Yet, the uninformed media and consumers of the media don't want to know this because a) it is not fun b) it does not scare anyone and c) it takes a minimum degree of intellect to comprehend.
Keep calm, and move on. Nothing to see here, and more importantly, there's no money to be made here...
[ link to this | view in chronology ]
Re: Opportunistic reporting
I've done it, so have many of my colleagues and so have many we have worked with. Specialists can very easily get blind sided by the obvious. My process is to give inexpert people opportunity to use said systems and watch carefully. It is amazing what you then pick up.
I have, at various times, made suggestions to colleagues far more expert in their field than I about things I see as obvious and have many times had these same colleagues figuratively palm their faces at missing the obvious. It then becomes a simple matter for them to fix, but they first have to see the problem.
That is reality.
[ link to this | view in chronology ]
Re: Re: Opportunistic reporting
This is what I believe is the problem here. We have a security industry that has failed everyone miserably. Sony, Target, Anthem, Home Depot etc. - the list goes on forever, and it is MY data and YOUR data that has been lost as a consequence of lousy products offered by the industry and the lousy implementation of the lousy products by those who acquire them. If the security industry did its job well, would we have seen all these breaches last year? Probably not. Instead, what does the industry do? It has a conference in San Francisco claiming that security Armageddon is nigh and all hell will break loose if corporations don't spend even more money on buying even more lousy products.
Where am I going with this seemingly ranting statement? The aviation industry (i.e. the engineering, safety and security of the aircraft and on-board systems) has been optimized over the years by many experts in their respective fields. Opening the kimono to the Sunday market cowboys such as Chris Roberts will have as much impact on further improving the security of the on-board systems as the proverbial fly on an elephant's rear end.
You can count on the fact that airplane manufacturers and on-board systems manufacturers are *constantly* optimizing their products for efficiency, safety and security. Not because they are kind souls, but because not doing so gravely threatens their commercial interests.
In my opinion, the real experts in any field are the quiet ones. They don't tweet, they don't speak at massive commercial conferences, their passion is their work and the goal is to 100% optimize what they do.
Please, please, see this entire episode for what it really is - an unabashed way to exploit fears to further one's own commercial agenda.
[ link to this | view in chronology ]
Re: Re: Re: Opportunistic reporting
This is just a fact of life. Not everyone is careful and this can be due to outside influences (including accountants, management, government regulation, banking, etc.).
It doesn't even matter if the specific manufacturers are continually optimising their systems for efficiency, safety and security. Obvious things can and do get missed. In the above example, the problem itself can be a third party piece of hardware/software that allows the entire system down. The eventual interactions within any complex system can and does give rise to avenues that allow security to be bypassed. All it takes is for a belief that someone else has done the complete required testing and that that testing has covered all the interactions between all the systems in question. Even a change in standards can give rise to an opening up of a system.
The most difficult job to do completely is that of testing a system in every possible way. This requires a specific set of skills that are quite rare and are rarely found in highly technical people. When you find such people, they are literally worth their weight in gold but are not considered very important by management.
I have seen (in action) highly competent technical experts that have missed the obvious. Simply because they know that something should not be done a specific way and hence have not expected the suppliers, users or others to have failed in that manner.
Only if they are given the freedom to do this. Too often, it is the commercial interests of the organisation that dictate that this doesn't happen. Deadlines, cost, etc have caused more problems for engineering excellence than incompetency in the design and development staff. It, at times, takes the squeaky wheels raising enough noise to stop the deployment of a sub-standard system.
The fact that so many systems today use computers of all sorts with the associated hardware just increases the likelihood that different interactions will give rise to "obvious" points of attack.
In my early days, I worked on systems where we found severe system limitations which only manifested itself after we started testing a completely different sub-system. In hindsight, assumptions had been made were not correct (though our testing had confirmed these assumptions). We didn't even have to raise our access levels above the lowest levels to bring about the problem. The experts had made an assumption that nobody even in their most warped mind would ever do what we did in our testing. From our point of view, it was the most obvious way to do our testing (we were young and naive way back then).
The point is that blind spots do arise and are a fact of life and obvious things can be missed.
Yes, the commercial agenda of the FBI and the airlines.
[ link to this | view in chronology ]
Re: Re: Re: Re: Opportunistic reporting
The airlines and the airplane manufacturers? Certainly - they are in business to make money. Do they do it safely? The record pretty much speaks for itself.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Opportunistic reporting
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Opportunistic reporting
All American Government Organizations are commercial ventures.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Opportunistic reporting
I thank you for reading and responding to my posts. I do not believe there is any merit in discussing this matter further because subjectivity has overtaken the conversation (including my submissions).
Regardless, while I am thrilled to see so much concern on aircraft system's security, I am equally disappointed that you find it so hard to hold the security industry and researchers accountable for their abysmal failures over the recent few years. Certainly, there is enough blame to go around when it comes to data breaches, but to ignore the elephant in the room is simply bad form and further shames this industry segment.
Again, thanks. I can only hope that something good will come out of this episode and the good guys' voices across the spectrum are not drained out by armchair cowboys and backbenchers with no expertise in these matters.
Good luck!
[ link to this | view in chronology ]
Re: Re: Re: Opportunistic reporting
The idea is to have the good guys find 0-days and get the vendor to patch them before the bad guys can weaponize them.
[ link to this | view in chronology ]
Re: Re: Re: Re: Opportunistic reporting
They are a business, and their goal is to make money. If they were doing this out of the kindness of their hearts and because their pure motivation was to make aviation safe, they'd be academics, and their approach to this issue would be vastly different.
[ link to this | view in chronology ]
Re: Re: Re: Opportunistic reporting
Is it the 'security industry' that has failed miserably here or is it Sony that has failed to hire the required security experts, pay them appropriately, and follow their recommendations because they're either too cheap or don't want to be inconvenienced by security to do so. Saying that one company failed at security is different than saying it's a 'failed industry'. The industry doesn't owe this one company free security fixes to their insecure network just because Sony did things that any security expert would tell you shouldn't be done either out of convenience or out of their unwillingness to pay an expert. Security costs money. It causes inconvenience as well (ie: the need to type in passwords). If a company is cheap and lazy that's their own faults.
[ link to this | view in chronology ]
Re: Re: Re: Opportunistic reporting
Those are not examples of failure by "the security industry". Those are failures by the companies that were breached. Unless you are asserting that the security industry has the power to force others to engage in good security practices...
[ link to this | view in chronology ]
Re: Re: Re: Re: Opportunistic reporting
Companies that suffer data breaches or create serious security concerns for anyone due to lax governance/security/standards should be held accountable to the highest standard. Equally, security companies need to be held accountable and responsible for producing lousy products. Unfortunately, nothing makes a company produce a better product than the threat of significant monetary losses, and this statement works both ways i.e. the security products consumer and the security products producer.
Not recognizing this as a problem is akin to the proverbial ostrich with its head buried in the sand.
[ link to this | view in chronology ]
Re: Opportunistic reporting
Your researchers felt it safe to allow passengers not only logical access to one of the plane's control systems, physical access to much more sensitive information with much more catastrophic possibilities were it exploited.
It's people like you, the "nothing to see here folks, move along" ones that sicken me. People like you ensure we live in a more dangerous tomorrow filled with fear mongering, security theatre, and most importantly, LACK OF ACTUAL SECURITY.
[ link to this | view in chronology ]
Re: Re: Opportunistic reporting
You, sir, are prone to hyperbole. Please drink a glass of water and relax.
[ link to this | view in chronology ]
Re: Opportunistic reporting
Perhaps so, but what Mr. Roberts was talking about was security, which is something that he is qualified to discuss.
[ link to this | view in chronology ]
Re: Re: Opportunistic reporting
Note that I am less inclined about protecting the aviation industry. I'm just more curious about the credentials of these security researchers and security companies, who really have failed and failed miserably at protecting personal and corporate assets. Bottom line is that I don't believe a word they say because nothing they say is not under the umbrella of commercial interests.
[ link to this | view in chronology ]
Re: Re: Re: Opportunistic reporting
It's also important to note that many security researchers or prospective security researchers have been intimidated away from the field due to heavy-handed and capricious enforcement of existing computer crime laws by prosecutors that have track records of driving their targets to suicide.
[ link to this | view in chronology ]
Re: Re: Re: Re: Opportunistic reporting
Please don't get me wrong, but I have little to no faith in the security industry and/or these commercial security researchers. The various mega breaches in 2014 are ample evidence that whatever the industry and these researchers are doing is simply not working.
Social media seems to have given people the leave to commit incredible acts of narcissistic stupidity - look at me, I'm so awesome, I can do this to a commercial airplane (which, in fact, he couldn't).
Legitimate research has its roots in academia. I support it and salute it. The term seems to be loosely used by commercial interests - they will not research any bloody thing unless it has clear financial benefit attached to it.
To be clear, if MIT, Georgia Tech, UoW Madison, UC Berkeley, CalTech etc. came out and conducted an academic study of the security within a commercial aircraft environment and reported it so the faults, if any, could be addressed, the world would welcome it.
I'm not a government or airline or airplane manufacturer lackey. It's just that I've been in the tech industry for 26 years now, and I have the experience to see through red herrings.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Opportunistic reporting
"2) 'PAS-OX-0N' is a device that sends a signal to the IFE that causes the IFE to shut down. The IFE can't cause the passenger oxygen masks to drop."
Yes, his tweet included the word oxygen, which easily could have been an autocorrect insertion.
My reaction sitting next to him would have been a non-reaction, as he tweeted his edgy joke and it's ridiculous to assume I'd even know the Twitter handle of a random stranger.
Assuming I did see his tweet if I were on the same flight, I'd likely assume it was an inside joke as I didn't even know what EICAS was before all this. I'd provably eyeball things to make sure nothing odd happened, but I wouldn't panic.
You keep referring to him as a commercial researcher. If that was true, he'd be seeking remuneration for his disclosure, not going from conference to conference to on his findings.
Regarding social media and narcissism, I fail to see how his tweet was narcissistic. For someone to make a joke to bait observers in-the-know into a reaction is more so a function of his profession and his personality.
Regarding research and legitimacy, it's unreasonable to assume all brilliant minds that want to research must only do so within a societal institution. Brilliant minds are to be cherished, not given financial and bureaucratic barriers too stymie public-interest work.
I'm confused as to why this research would've been more palettable to you were the researcher doing so on behalf of a university as opposed to doing so on behalf of himself, but in the public interest.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Opportunistic reporting
And how do you suppose that a tweet about releasing oxygen masks on an airplane full of passengers is in public interest. If Mr Roberts were not so narcissistic (judging by his subsequent media dabbling), I'd think he was stark raving mad.
I have intense respect for academics because their quests are dedicated to learning and solving. That is undisputable.
Money brings a different dimension into play - includes greatly vaulted traits such as lying, cheating, truthiness, and of course, tweeting about how much power you have over a hapless Boeing aircraft.
In order for me to be convinced that Mr Roberts is simply not an opportunist, he need to publish his findings in a technical paper that *experts* can peer review. Until that happens, well, you know.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Opportunistic reporting
"Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)"
Are you seriously stating that his tweet suffered an autocorrect incident? If so, I have only this to offer: https://www.youtube.com/watch?v=BvJF0j-RLxk
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Opportunistic reporting
You're missing the point of the problem here. It's not necessarily that the security folk don't know what they're doing. It's that companies resent having to spend money on them. They want to buy politicians and gulfstream jets and lawyers. They don't want to hire us smelly geeks who can't even speak English considering the mumbo jumbo we babble on about. Sony has been hacked numerous times over the years because they despise "wasting" money on IT.
In your average corporation, IT is considered a cost center, as in a drain on the bottom line. How is something that enables the business to reduce costs and increase sales via connectivity and computerized efficiencies a drain on the business? They'd rather spend it on marketing and advertising, jet setting around the world getting face time with stakeholders and partners, while we run from problem to problem applying bandaid fixes to what we can of it before we have to run off to fix the next imminent disaster; lather, rinse, repeat.
They think we went through all that Y2K stuff as a scam, 'cause once 2000 rolled around, no disaster! Well, yeah, we fixed all that broken stuff, or at least all we could find of it! They don't believe us and still resent that we somehow pulled a fast one and got away with something sneaky and underhanded.
Yet we're just a bunch of too expensive, prima donnas, smelly, socially inept geeks who can't even converse with normal people.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Opportunistic reporting
However, I find it rather hard to digest that the two largest engineering manufactures of commercial aircraft, who also happen to engineer and build military aircraft would turn away from security. If anything, their ranks almost all the way to the top are replete with smelly lovable geeks.
[ link to this | view in chronology ]
Re: Re: Opportunistic reporting
My statement below intrinsically implies that systems and data security is part and parcel of the engineering effort of these systems. Judging by his public statements, I'd venture that Mr. Roberts does not have keen knowledge of aircraft systems. Again, no disrespect intended to him. I am only stating what I believe to be a fact, and in this case, would love to be proven wrong.
"I'd venture they are multiple orders of magnitude better qualified than Mr. Roberts and other commentators in the matters of avionics, flight management computers and in-flight entertainment systems."
[ link to this | view in chronology ]
Re: Re: Re: Opportunistic reporting
[ link to this | view in chronology ]
Re: Re: Re: Re: Opportunistic reporting
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Opportunistic reporting
[ link to this | view in chronology ]
Re: Re: Re: Opportunistic reporting
They were apparently not qualified enough to catch this vulnerability but Mr. Roberts was. Your subjective opinion about how unqualified he is in opposed to the 'experts' being paid to secure everything is irrelevant to this discussion. He was qualified enough to find said vulnerability and that's all that matters here.
[ link to this | view in chronology ]
Re: Re: Re: Re: Opportunistic reporting
[ link to this | view in chronology ]
am I the only one?
an accident EXACTLY like the German Wings in the French alps?:
-open/ lock doors
-spoof altitude information...
you can think I am sick, but this is the first thing that came to my mind...
please confirm with Chris Roberts,
-Do I need to sit in the plane to do the hack? or just plant a software in any passengers laptop...
(you can remote control a patsy/bot right?)
[ link to this | view in chronology ]
Alex Baldwin got thrown off a plane for tweeting how bad the service was on a plane, tweeting that you could hack into the planes system? Yeah, not a good idea, at least if you want to continue on the plane. I don't have a problem with his tweet, but his execution leaves much to be desired. Waiting till he was off the plane and issuing the same tweet would have been just as effective, and he wouldn't have been delayed.
I admire what he did, but would you really expect any other reaction?
[ link to this | view in chronology ]
Re:
I wouldn't dare say that TSA is a joke, I'm too busy making sure necessary body parts, keys, cash etc are still on my person after they get finished groping me.
FYI Alec Baldwin is an idiot, a rich, overly coddled idiot but still and idiot despite the fact that some of his movies are actually watchable.
And the whitehat computer genius, if he was truly a genius he would have spoofed the tweet so it appeared to come from Ted Cruz's Twitter account.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
His initial tweet was;
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)
And 100 tweets later we get;
hey homies dis white muthafucka say his schmoooove ass can blow up a plane wit just a cold-ass lil beeper
And every gangbanger in East LA is looking to make his bones by taking out a United Airlines 737.
Almost makes me wish Volvo made commercial aircraft.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
It doesn't work that way
[ link to this | view in chronology ]
Re: It doesn't work that way
[ link to this | view in chronology ]
Chris Roberts: Credibility? Shattered! - Security UNprofessional!
[ link to this | view in chronology ]
Clarification
I find it really amazing that so many people are so panicked about this.
Having worked in aviation DTE (Developmental Test), OTE (Operational Test), and Avionics Systems Design for nearly 20 years, I call bullshit on this guy.
I have worked on and co-developed some of the protocols used in ARINC based Ethernet before it was even standardized under ARINC.
To me there is no reason for Boeing, Airbus or any of the other companies to respond to this shill. He is seriously full of shit. Sorry guys but no way you are gaining flight control or any other control of an operational aircraft system. PERHAPS, one could should down the In-Flight Entertainment system but that is about it and all that would do is tick off fellow passengers.
The guy doesn't even understand how the messaging protocols work. Just because a signal (message) is sent to and read by the IFE doesn't mean the IFE can send a message back.
I'm being deliberately vague as to why this is simply not possible, but I suppose one can google up on Avionics bus communication protocols/messages and be able to figure it out quickly.
Even if you were highly knowledgeable and were able to tap into the some part of the avionics buss, mux, communications, chances are you will corrupt the channel (and it would thus be shut down) before you could even communicate with a device on the bus/network.
Last thing I feel that should be stressed...if you are worried about the physical security of an airplane you shouldn't fly. And to replace firmware on a plane someone will need physical access to the avionics bays/areas.
Seriously, there are so many better, cheaper, faster ways to do something nefarious or destructive to a plane if someone who wishes to do ill has unfettered access to it. No reason to even hack the firmware.
I still fly so that should tell you something. However if I was flying with this guy...I would have reported him as he is an ass.
There is seriously nothing to see here aside from the guy being an idiot. I don't wish any ill will towards the guy but I think he doesn't have a clue. BUT if we should ever be at the same conference together I will take him to task!
[ link to this | view in chronology ]
Re: Clarification
[ link to this | view in chronology ]