Originally Posted by
yssy.ymel
Hi swh,
I'm certainly well aware the the IFE has a front end that is based on a listener on an IP port. I use one on a regular basis. :-)
However, the question of the possibility of using the IFE as a pivot to access FMS and avionics packs is the item under discussion. And on that point, the likelihood of a threat actor actually managing to do what the "ethical hacker" has claimed to be able to do is, as far as I am concerned, not possible. I'm calling BS on that. He can claim to have done whatever he thinks. Show me the proof.
I've got a handle on ADS-B, MLAT and the ATC feeds that power FlightRadar. I host a receiver for FR24. :-) I know you mention that the moving maps use on-board data to plot the map, but I'd be interested in the way that data is retrieved. Is it purely a GPS based system which extrapolates velocity and altitude? That wouldn't require any access to the avionics of the aircraft. There will still be a very big gap between something that has an IP stack running linux, and something that is embedded and talks a very different protocol.
If you look carefully, the flight tracker in the IFE (talking A330) only shows great-circle track to destination from present position to destination. So it has no link to route or flight plan. It DOES however have a connection to the ETA at destination in the FMS. Sitting in the back on break one day watched our ETA on the flight-tracker jump 30 minutes early. Called up to see about adjusting break times. Apparently the winds aloft had dumped out somewhere in the climb, and the boys up front re-inserted them so the airplane went from assuming a 30 knot wind (projected based on the current position wind) to a 150 knot tailwind for most of the flight (correct). When the FMS recalculated the landing time, that got fed thru to the IFE. However, it still thought we would be flying the great circle directly over Pyongyang, which did not occur.
So some things are connected, and some are not.