Hi swh,
IFE does, have a look at this video on youtube
I'm certainly well aware the the IFE has a front end that is based on a listener on an IP port. I use one on a regular basis. :-)
However, the question of the possibility of using the IFE as a pivot to access FMS and avionics packs is the item under discussion. And on that point, the likelihood of a threat actor actually managing to do what the "ethical hacker" has claimed to be able to do is, as far as I am concerned, not possible. I'm calling BS on that. He can claim to have done whatever he thinks. Show me the proof.
What is seen on FlightRadar24....
I've got a handle on ADS-B, MLAT and the ATC feeds that power FlightRadar. I host a receiver for FR24. :-) I know you mention that the moving maps use on-board data to plot the map, but I'd be interested in the way that data is retrieved. Is it purely a GPS based system which extrapolates velocity and altitude? That wouldn't require any access to the avionics of the aircraft. There will still be a very big gap between something that has an IP stack running linux, and something that is embedded and talks a very different protocol.