Air bubba,
VATSIM, you know it? You can check routes on there eh? What guys have flown ect
I'm one of those folks who tries to avoid the sim, since it is too much like work to me. Still, I should look into getting some of this software to practice FMS work and the like for my annual training. You get some wacko route modifications that you will never ever see in the real world but the folks in the sim building think are somehow essential. Of course, you never learn how to do an offset while still on the SID in China for example.
See Researcher Says He's Found Hackable Flaws In Airplanes' Navigation Systems (Update: The FAA Disagrees) - Forbes for more on Teso’s test rig, but of interest is this extract:
‘Teso focused on a different protocol called Aircraft Communications Addressing and Report System, (ACARS) a simple data exchange system that has evolved over decades to now include everything from weather data to airline schedules to changes to the plane’s flight management system. (FMS)
Teso says that ACARS still has virtually no authentication features to prevent spoofed commands’.
I certainly agree with Teso that legacy protocols like ACARS (and even worse maybe, CPDLC) have little in the way of security and authentication. They were designed years ago to replace civilian voice procedures which are similarly unsecure and weakly authenticated.
I'm sure the network engineers will remind me that security and authentication can be added at the transport layer as with the Satcom transmissions discussed here. However, VHF ACARS is still usually sent in the clear with little security other than the formatting and some internal airline codes.
There are secure ACARS protocols available, in my observation, they are still not in common use:
Avionics Magazine :: Securing ACARS: Data Link in the Post-9/11 Environment
From the article above:
So far, ACARS messaging seems to have been relatively incident-free. "I don't think we've ever seen an instance of spoofing," comments Arnold Oldach, principal marketing manager for surveillance and data link products with Rockwell Collins Commercial Systems. (Spoofing is when an outsider is able to pose as the sender of a message.) The worst thing that has occurred, experts say, was the apparent decoding of an ACARS message about a passenger disturbance, which made its way into a newspaper.
Here's a couple of ACARS messages I posted here years ago, logged with simple equipment and software:
ACARS mode: 2 Aircraft reg: .N468UA
Message label: 5Z Block id: 6 Msg. no: M07A
Flight id: UA0231
Message content:-
/C4 IADOAK TERRELL...CONT ON PAX
MAN HAS 35MM WITH A
ZOOM LENS...MIDDLE EAST
DESSENT...NOTED BY FA
AND CAP
CAP XXXX XXXXX
-------------------------------------[16/07/2002 08:12]
ACARS mode: 2 Aircraft reg: .N468UA
Message label: 5Z Block id: 0 Msg. no: M09A
Flight id: UA0231
Message content:-
/C4 IADOAK JOHN...I NOTICED HIS
ACTIVITY IN THE TERM...
TWO FA NOTICED HIS ACTIV
ON THE AIRCAFT DURING
TAXI OUT...RECMD FBI
BE ADVISED...GLEN
-------------------------------------[16/07/2002 08:24]
http://www.pprune.org/rumours-news/6...tml#post593825
The hack of simulated aircraft systems with an Android phone may have been an overstated media stunt and perhaps not a possibility with MH 370.
However, as we go more and more digital on the flight deck, this computer and digital comm stuff is a threat surface we really need to consider in my opinion.