Originally Posted by
OldnGrounded
I would suggest that a good place to start thinking about this, even before digging into details, is with this question: "What were the system architects thinking when they decided that it was OK to have an inflight entertainment system that is not physically separated from flight control systems?" Some air gaps are really very important.
I'm not in the aviation industry but I do know a moderate amount about netsec. Are you sure they're
not physically separated? Not that it's something I've looked into in detail, but everything I've heard from people who are in a position to know about the actual network configuration in aircraft suggests that they are (obviously I don't know the details but that's my strong impression), and as you say it would be monumentally stupid to design the system any other way.
The only exploits for which I've seen credible evidence are things like GNSS spoofing, which, while it has the potential to be an enormous pain in the **** and under some circumstances could be a contributing factor in an accident, is by itself not going to be enough to 'hack' a plane in the media sense of hijacking it and flying it into terrain/populated areas. Besides that one weirdo who claimed to have made the plane he was on 'fly sideways' a few years ago, I haven't seen anyone who's not a tabloid journalist suggest that flight controls could be taken over via the IFE.