Can a hacker gain control of your plane? Probably not, but...

Discussion in 'The Howard Stern Show' started by Mr Pink, Apr 22, 2015.

  1. Mr Pink

    Mr Pink Well-Known Member

    Reputations:
    5,693
    Joined:
    Sep 9, 2013
    Messages:
    3,148
    Likes Received:
    5,745
    I am fairly computer literate, plus I work on planes, and I had no idea there were network connections under the seat! Or maybe it's another case of the the reporter not know what they were talking about. Of course, even without that, there are attack vectors via the wifi network. Hacker shit is beyond my scope of knowledge.

    Feds Warn Airlines to Look Out for Passengers Hacking Jets
    http://www.wired.com/2015/04/fbi-tsa-warn-airlines-tampering-onboard-wifi/

    IN RESPONSE TO reports last week that passenger Wi-Fi networks make some planes vulnerable to hacking, the FBI and TSA have issued an alert to airlines advising them to be on the lookout for evidence of tampering or network intrusions.
    The FBI and TSA note that they currently have no information to support claims that an attacker could commandeer a plane’s navigation system through the passenger Wi-Fi or IFE (In Flight Entertainment) networks, but they are taking the claims seriously. They are currently evaluating the evidence to determine if there is a credible threat posed by intrusions into the networks of passenger planes.
    The alert, posted to the FBI’s InfraGard site as a private industry notification (or PIN), advises airline staff to be on the lookout for signs that any passengers might be trying to connect to the network ports located beneath their seats.
    “Although the media claims remain theoretical and unproven, the media publicity associated with these statements may encourage actors to use the described intrusion methods,” the alert notes. “Attempting to gain unauthorized access to the onboard networks of a commercial aircraft violates federal law.”
    The alert then describes the signs that flight crews should be looking for:
    • Report any suspicious activity involving travelers connecting unknown cables or wires to the IFE system or unusual parts of the airplane seat.
    • Report any evidence of suspicious behavior following a flight, such as
      IFE systems that show evidence of tampering or the forced removal of
      covers to network connection ports.
    • Report any evidence of suspicious behavior concerning aviation wireless signals, including social media messages with threatening references to Onboard Network Systems, ADS-B, ACARS, and Air Traffic Control networks.
    • Review network logs from aircraft to ensure any suspicious activity, such as network scanning or intrusion attempts, is captured for further analysis.
    The FBI/TSA alert comes on the heels of atweet sent out last week by security researcher Chris Robertswhile aboard a United Airlines flight from Chicago to Syracuse. Roberts tweeted a joke about accessing his airplane’s network to see if he could play with passenger oxygen masks. He was met by FBI agents when he landed in Syracuse, who seized his laptop and other electronics.
    Roberts sent out his joke tweet in response to areport released last week by the Government Accountability Officeindicating that unsecured connections between the passenger Wi-Fi networks and the avionics systems on some Boeing and Airbus planes could make it possible for a hacker to gain access to navigational controls and commandeer a plane.
    Roberts, a respected computer security professional, has done extensive research into the vulnerabilities of airplane networks and has spoken with Boeing and Airbus in the past about the vulnerabilities, but got little response from the airlines.
    The tweet he sent from his United flight was a result of exasperation, he told WIRED, exasperation that his warnings over the years had not been heeded by the airlines.
    Although Roberts has said that he did not access United’s network during his Chicago to Syracuse flight, and never intended to, he admitted to WIRED and the FBI that he has in the past connected to the network ports beneath his seat on more than a dozen flights, along with a fellow unnamed researcher. They did this to sniff traffic crossing the networks and uncover vulnerabilities, Roberts said.
    The FBI/TSA alert to airlines to be vigilant about passenger activity appears to be a direct response to Roberts’s admission.

    http://www.wired.com/2015/04/twitter-plane-chris-roberts-security-reasearch-cold-war/
     
  2. strum

    strum Member

    Reputations:
    571
    Joined:
    Apr 19, 2014
    Messages:
    86
    Likes Received:
    83
    More white hat bullshit.
    Roberts is an asshat.
     
  3. Rocinante

    Rocinante Well-Endowed Member Gold

    Reputations:
    21,845
    Joined:
    Mar 18, 2012
    Messages:
    3,934
    Likes Received:
    4,551
    I sat on a JetBlue plane on the runaway while the tvs didn't work. The pilot had to call a special guy to literally "reboot the plane" so the tvs would work again. Are all the systems linked together on a jet?
     
  4. Dlist

    Dlist Well-Known Member VIP

    Reputations:
    340,295
    Joined:
    Jan 16, 2012
    Messages:
    28,614
    Likes Received:
    37,742
    It doesn't matter b/c planes have a physical disconnect and if there was a possibility of a hacking (which I doubt b/c networks used for passenger wi fi and the airplane's computer system are not connected) the pilot can disconnect from the computer subsystem and fly by wire.

    Geezus I need another cocktail....I am far to serious tonight.:burp:
     
    Shortwave98 likes this.
  5. gridlockd

    gridlockd Well-Known Member

    Reputations:
    10,408
    Joined:
    Feb 18, 2012
    Messages:
    2,296
    Likes Received:
    2,289
  6. cg256

    cg256 Well-Known Member VIP

    Reputations:
    70,009
    Joined:
    Jul 15, 2013
    Messages:
    4,649
    Likes Received:
    8,941
    Um, I'm confused. If you unhook the computer from a modern airplane it's going to drop out of the sky as there are no longer actual physical connections between the flight stick and the hydraulics.
     
  7. Dlist

    Dlist Well-Known Member VIP

    Reputations:
    340,295
    Joined:
    Jan 16, 2012
    Messages:
    28,614
    Likes Received:
    37,742
    Well I am not a plane person but have work on some subsystems...pilots can still fly a plane manually if needed...that is my understand...any pilots here?
     
    Shortwave98 likes this.
  8. Shortwave98

    Shortwave98 A-Number 1 Banned User

    Reputations:
    178,992
    Joined:
    Nov 9, 2013
    Messages:
    31,231
    Likes Received:
    31,971
    You seem pretty fancy to me!;)
     
    Dlist likes this.
  9. Winst

    Winst Well-Known Member VIP

    Reputations:
    -12,842
    Joined:
    Jan 24, 2012
    Messages:
    8,309
    Likes Received:
    2,237
  10. Mr Pink

    Mr Pink Well-Known Member

    Reputations:
    5,693
    Joined:
    Sep 9, 2013
    Messages:
    3,148
    Likes Received:
    5,745
    They can reset the system via power switch or breaker in the cockpit. You don't really reset systems on a plane remotely.

    According to the second article linked at the bottom of OP, bafflingly they are connected on some level.

    There are 3-5 backup computers so that, in theory, a fly by wire plane would always be flyable. I'm going to guess that there's a failsafe so that they all couldn't be disconnected or shut down.

    Yes they can fly it manually but on modern fly by wire planes, there is no physical connection from yoke to control surfaces (like actual cable rigging). Although with all of the built in redundancy, the pilot could always fly a plane manually.

    If there was an autopilot failure (again, unlikelyu because of redundancy) the pilots could hand-fly the plane to their destination.
     
  11. Dlist

    Dlist Well-Known Member VIP

    Reputations:
    340,295
    Joined:
    Jan 16, 2012
    Messages:
    28,614
    Likes Received:
    37,742
    Dlist was probably tipsy..ignore any and all posts in this thread..:p
     
    Shortwave98 likes this.