Hacker turns a/c
Join Date: May 2008
Location: Paris
Age: 60
Posts: 101
Likes: 0
Received 0 Likes
on
0 Posts
@Sampublius:
PUUUHHLESE?
Don't treat me like a teenager. Just don't. I've been in the business which I occupy for more than thirty years.
Now please show me where in the whole litany of Due Process a search warrant is proof of guilt. Then you say that he "admitted it". Admitted or claimed? While you're turning his boast into an admission please specify the precise degree of the hack.
One good reason why he may not be in jail is because of the fact that he may be a BS artist who didn't manage in any way to do what he has claimed. The hacker community is full of BS artists. I've invited them to hack systems that they claim to have hacked. They couldn't.
It's that simple. There are several protections against brute force attacks. On the mainframes I've worked, enumeration (random scrolling for valis IDs) doesn't work. Three failed attempts blocks the IP address and the Logical Unit Address. Even with a valid ID, three failures does the same thing, though in some cases also blocks the entire subnet.
My clients have offered money to self-professed hackers to display their wares - they have never succeeded despite significant financial inducements.
It's the quiet ones which should be of concern.If they can really hack a system they'll keep it quiet and turn their technique into gold very quickly for fear that the entry point has been spotted.
PUUUHHLESE read the FBI warrant request posted several times
http://aptn.ca/news/wp-content/uploa...lectronics.pdf
granted these are allegations- but he ( hacker ) was specific about the In flight entertainment systems ( IFE). The ongoing argument is that such could not impact flight/cockpit controls. Even so hacking the IFE is a federal crime.
One could ask - then why- since he admitted it - isn't he in Jail now ?
http://aptn.ca/news/wp-content/uploa...lectronics.pdf
granted these are allegations- but he ( hacker ) was specific about the In flight entertainment systems ( IFE). The ongoing argument is that such could not impact flight/cockpit controls. Even so hacking the IFE is a federal crime.
One could ask - then why- since he admitted it - isn't he in Jail now ?
Don't treat me like a teenager. Just don't. I've been in the business which I occupy for more than thirty years.
Now please show me where in the whole litany of Due Process a search warrant is proof of guilt. Then you say that he "admitted it". Admitted or claimed? While you're turning his boast into an admission please specify the precise degree of the hack.
One good reason why he may not be in jail is because of the fact that he may be a BS artist who didn't manage in any way to do what he has claimed. The hacker community is full of BS artists. I've invited them to hack systems that they claim to have hacked. They couldn't.
It's that simple. There are several protections against brute force attacks. On the mainframes I've worked, enumeration (random scrolling for valis IDs) doesn't work. Three failed attempts blocks the IP address and the Logical Unit Address. Even with a valid ID, three failures does the same thing, though in some cases also blocks the entire subnet.
My clients have offered money to self-professed hackers to display their wares - they have never succeeded despite significant financial inducements.
It's the quiet ones which should be of concern.If they can really hack a system they'll keep it quiet and turn their technique into gold very quickly for fear that the entry point has been spotted.
Join Date: Apr 2014
Location: Washstate
Age: 79
Posts: 0
Likes: 0
Received 0 Likes
on
0 Posts
Groooan
Then you say that he "admitted it". Admitted or claimed? While you're turning his boast into an admission please specify the precise degree of the hack.
Chris Roberts, a security researcher with One World Labs, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system, or IFE, on an airplane and overwrote code on the plane’s Thrust Management Computer while aboard the flight. He was able to issue a climb command and make the plane briefly change course, the document states.
“He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” FBI Special Agent Mark Hurley wrote in his warrant application (.pdf). “He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.”
“He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” FBI Special Agent Mark Hurley wrote in his warrant application (.pdf). “He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.”
Roberts did not immediately respond to Ars’ request for comment, but he told Wired on Friday that this paragraph was taken out of context.
Further Reading
Researcher who joked about hacking a jet plane barred from United flight
United's move comes three days after FBI detained white hat hacker for 4 hours.
"It would appear from what I’ve seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others," he said, declining to elaborate further.
Further Reading
Researcher who joked about hacking a jet plane barred from United flight
United's move comes three days after FBI detained white hat hacker for 4 hours.
"It would appear from what I’ve seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others," he said, declining to elaborate further.
Check my initial post on the subject and the links and the claims by both sides and the supposed quotes.
Bottom line - there ARE concerns at least for older planes prior to 777 for example per the fed register post earlier.
And read the concerns stated at
http://www.gao.gov/products/GAO-15-370
Last edited by SAMPUBLIUS; 17th May 2015 at 20:13. Reason: added GAO link
Join Date: Jun 2008
Location: Ventura, California
Age: 65
Posts: 262
Likes: 0
Received 0 Likes
on
0 Posts
Join Date: Apr 2014
Location: Washstate
Age: 79
Posts: 0
Likes: 0
Received 0 Likes
on
0 Posts
and on page 18 we find
re
http://www.gao.gov/assets/670/669627.pdf page 18
Now about the claims that such a system can never be hacked ?
Could the guy have done just what he said ?
" ALL four ex-spurts " agree ??
http://www.gao.gov/assets/670/669627.pdf page 18
According to FAA and experts we interviewed, modern communications
technologies, including IP connectivity, are increasingly used in aircraft
systems, creating the possibility that unauthorized individuals might
access and compromise aircraft avionics systems. Aircraft information
systems consist of avionics systems used for flight and in-flight
entertainment (see fig. 4 below). Historically, aircraft in flight and their
avionics systems used for flight guidance and control functioned as
isolated and self-contained units, which protected their avionics systems
from remote attack. However, according to FAA and experts we spoke to,
IP networking may allow an attacker to gain remote access to avionics
systems and compromise them—as shown in figure 4 (below). Firewalls
protect avionics systems located in the cockpit from intrusion by cabinsystem
users, such as passengers who use in-flight entertainment
services onboard. Four cybersecurity experts with whom we spoke
discussed firewall vulnerabilities, and all four said that because firewalls
are software components, they could be hacked like any other software
and circumvented. The experts said that if the cabin systems connect to
the cockpit avionics systems (e.g., share the same physical wiring
harness or router) and use the same networking platform, in this case IP,
a user could subvert the firewall and access the cockpit avionics system
from the cabin. An FAA official said that additional security controls
implemented onboard could strengthen the system.
technologies, including IP connectivity, are increasingly used in aircraft
systems, creating the possibility that unauthorized individuals might
access and compromise aircraft avionics systems. Aircraft information
systems consist of avionics systems used for flight and in-flight
entertainment (see fig. 4 below). Historically, aircraft in flight and their
avionics systems used for flight guidance and control functioned as
isolated and self-contained units, which protected their avionics systems
from remote attack. However, according to FAA and experts we spoke to,
IP networking may allow an attacker to gain remote access to avionics
systems and compromise them—as shown in figure 4 (below). Firewalls
protect avionics systems located in the cockpit from intrusion by cabinsystem
users, such as passengers who use in-flight entertainment
services onboard. Four cybersecurity experts with whom we spoke
discussed firewall vulnerabilities, and all four said that because firewalls
are software components, they could be hacked like any other software
and circumvented. The experts said that if the cabin systems connect to
the cockpit avionics systems (e.g., share the same physical wiring
harness or router) and use the same networking platform, in this case IP,
a user could subvert the firewall and access the cockpit avionics system
from the cabin. An FAA official said that additional security controls
implemented onboard could strengthen the system.
Could the guy have done just what he said ?
" ALL four ex-spurts " agree ??
Join Date: Jun 2008
Location: Ventura, California
Age: 65
Posts: 262
Likes: 0
Received 0 Likes
on
0 Posts
Maybe he did and maybe he didn't; but obviously the FBI isn't the only agency which thinks it's possible.
If it's possible, then we have to assign probability and react accordingly. I'm no expurt, but in my opinion some of the posts here ring of complacency or even denial.
There seems to be an attitude of "no one with any brains would design a system with such vulnerabilities." Unfortunately the historical record indicates otherwise.
A few well known examples:
Apollo 1
Challenger
Columbia
Pinto
Drive On - Drive Off ferry boats
HMS Sheffield
And many others....
"It appears that there are enormous differences of opinion as to the probability of a failure with loss of vehicle and of human life. The estimates range from roughly 1 in 100 to 1 in 100,000. The higher figures come from the working engineers, and the very low figures from management. What are the causes and consequences of this lack of agreement? Since 1 part in 100,000 would imply that one could put a Shuttle up each day for 300 years expecting to lose only one, we could properly ask "What is the cause of management's fantastic faith in the machinery? .. It would appear that, for whatever purpose, be it for internal or external consumption, the management of NASA exaggerates the reliability of its product, to the point of fantasy." - R. Feynman
If it's possible, then we have to assign probability and react accordingly. I'm no expurt, but in my opinion some of the posts here ring of complacency or even denial.
There seems to be an attitude of "no one with any brains would design a system with such vulnerabilities." Unfortunately the historical record indicates otherwise.
A few well known examples:
Apollo 1
Challenger
Columbia
Pinto
Drive On - Drive Off ferry boats
HMS Sheffield
And many others....
"It appears that there are enormous differences of opinion as to the probability of a failure with loss of vehicle and of human life. The estimates range from roughly 1 in 100 to 1 in 100,000. The higher figures come from the working engineers, and the very low figures from management. What are the causes and consequences of this lack of agreement? Since 1 part in 100,000 would imply that one could put a Shuttle up each day for 300 years expecting to lose only one, we could properly ask "What is the cause of management's fantastic faith in the machinery? .. It would appear that, for whatever purpose, be it for internal or external consumption, the management of NASA exaggerates the reliability of its product, to the point of fantasy." - R. Feynman
Last edited by thcrozier; 17th May 2015 at 22:18. Reason: Another thought...
Join Date: Jun 2014
Location: London
Posts: 8
Likes: 0
Received 0 Likes
on
0 Posts
"Maybe he did and maybe he didn't; but obviously the FBI isn't the only agency which thinks it's possible.
If it's possible, then we have to assign probability and react accordingly. I'm no expurt, but in my opinion some of the posts here ring of complacency or even denial."
If it's possible, then we have to assign probability and react accordingly. I'm no expurt, but in my opinion some of the posts here ring of complacency or even denial."
It's possible that there are a few people actually working in this area involved in the discussion. It's unlikely that they are complacent.
Join Date: Jun 2008
Location: Ventura, California
Age: 65
Posts: 262
Likes: 0
Received 0 Likes
on
0 Posts
Probability
If you have any understanding of typical aircraft architecture, you will understand why claims to have "taken control" of an aircraft are extremely improbable.
Not trying to offend or be aggressive, I'm just curious.
Join Date: Jun 2014
Location: London
Posts: 8
Likes: 0
Received 0 Likes
on
0 Posts
It's a well defined number and concept in the aviation systems design world, no?
10^-9 or less.
Edit: And with your edit, mine comment looks aggressive...! :-)
10^-9 or less.
Edit: And with your edit, mine comment looks aggressive...! :-)
Last edited by Dagegen; 17th May 2015 at 22:57. Reason: previous edit
Join Date: Jun 2008
Location: Ventura, California
Age: 65
Posts: 262
Likes: 0
Received 0 Likes
on
0 Posts
10^-9
One in a billion? I hope you are right.
Then what accounts for the concerns in the GAO report? I know I'm oversimplipifying, but wouldn't you first need to find the very few guys who could do it, and from them find the tiny portion who would do it?
Are the GAO, the FAA, and the FBI responding to a non-existent threat? If they are, it wouldn't be the first time...
Then what accounts for the concerns in the GAO report? I know I'm oversimplipifying, but wouldn't you first need to find the very few guys who could do it, and from them find the tiny portion who would do it?
Are the GAO, the FAA, and the FBI responding to a non-existent threat? If they are, it wouldn't be the first time...
Join Date: Nov 2009
Location: flying by night
Posts: 500
Likes: 0
Received 0 Likes
on
0 Posts
There is not a single incident or accident report yet which would indicate "hacking of aircraft" is a problem; that could help to estimate the probabilities even without knowledge of a/c system design. It's an imaginary problem so far. The scaremongering is a real problem though, some statistician with a better grasp of numbers than me estimated that around 1600 people died following 9/11 because they chose to travel by car, instead of flying. I wonder what the probability is that someone will get killed in a road accident because they read stories about "hacking of aircraft"...probably more than those who get killed by "hacked" aircraft?
Join Date: Jun 2008
Location: Ventura, California
Age: 65
Posts: 262
Likes: 0
Received 0 Likes
on
0 Posts
Unforeseen Consequenses
Agreed, that's a very good point.
I wonder how many more have suffered stress related health problems resulting from the frustrations of waiting in screening lines?
I wonder how many more have suffered stress related health problems resulting from the frustrations of waiting in screening lines?
Join Date: Jun 2008
Location: Ventura, California
Age: 65
Posts: 262
Likes: 0
Received 0 Likes
on
0 Posts
Years ago he built a small "lab" with some IFE parts bought off ebay
Join Date: Mar 2009
Location: YBBN
Posts: 48
Likes: 0
Received 0 Likes
on
0 Posts
and on Page 18
@SAMPUBLIUS
Figure 4 is a very simplistic view of how an aircraft may be configured, and it has a number of important assumptions.
The first is that the avionics and FMS are exposed via an IP port to the rest of the aircraft systems. I would find it extremely unlikely that there would be permissive access from any other system inbound to any critical system on an aircraft. That's security 101. Door is shut, reinforced, welded and concreted.
Secondly, there is an assumption (that in this case), the avionics actually talk IP at all. As someone asked - "well how to the get the moving map?" How do I get it off FlightRadar24? I'm obviously not connected to an FMS to see where the plane is.
Thirdly, that given I get get access to an unlikely exposed TCP port, how am I going to deploy a payload to an embedded system that I don't know, or have an exploit framework for. It'd be like trying to exploit a Mainframe switch major node with a Zeus attack. Pretty pointless, even though the major node talks IP.
If the guy in this story "hacked" anything, he probably owned the IFE. And he didn't need plug in to do that if it was WiFi.
In terms of the GAO report, it's the same security principles that any enterprise organisation would implement. It's nothing new, and really it's just a bunch of the usual security talking heads doing the rounds on the speech circuit. Security Professionals for Hire.
Look, the paradigm may be different for the A350 and B787, but heck, if you expose a service, expect the door to be knocked on. Which is why you would have to say that door is closed and locked...
Now about the claims that such a system can never be hacked ?
However, according to FAA and experts we spoke to,
IP networking may allow an attacker to gain remote access to avionics
systems and compromise them—as shown in figure 4 (below)
IP networking may allow an attacker to gain remote access to avionics
systems and compromise them—as shown in figure 4 (below)
The first is that the avionics and FMS are exposed via an IP port to the rest of the aircraft systems. I would find it extremely unlikely that there would be permissive access from any other system inbound to any critical system on an aircraft. That's security 101. Door is shut, reinforced, welded and concreted.
Secondly, there is an assumption (that in this case), the avionics actually talk IP at all. As someone asked - "well how to the get the moving map?" How do I get it off FlightRadar24? I'm obviously not connected to an FMS to see where the plane is.
Thirdly, that given I get get access to an unlikely exposed TCP port, how am I going to deploy a payload to an embedded system that I don't know, or have an exploit framework for. It'd be like trying to exploit a Mainframe switch major node with a Zeus attack. Pretty pointless, even though the major node talks IP.
If the guy in this story "hacked" anything, he probably owned the IFE. And he didn't need plug in to do that if it was WiFi.
In terms of the GAO report, it's the same security principles that any enterprise organisation would implement. It's nothing new, and really it's just a bunch of the usual security talking heads doing the rounds on the speech circuit. Security Professionals for Hire.
Look, the paradigm may be different for the A350 and B787, but heck, if you expose a service, expect the door to be knocked on. Which is why you would have to say that door is closed and locked...
Join Date: Jun 2008
Location: Ventura, California
Age: 65
Posts: 262
Likes: 0
Received 0 Likes
on
0 Posts
Well yssy:
What's your definition of "Extremely Unlikely"?
I'm not qualified to form my own opinion, I'm just taking a survey.
Do you agree with 10^-9?
What's your definition of "Extremely Unlikely"?
I'm not qualified to form my own opinion, I'm just taking a survey.
Do you agree with 10^-9?
Join Date: Mar 2009
Location: YBBN
Posts: 48
Likes: 0
Received 0 Likes
on
0 Posts
Likelihood
What's your definition of "Extremely Unlikely"?
I'm not qualified to form my own opinion, I'm just taking a survey.
Do you agree with 10^-9?
I'm not qualified to form my own opinion, I'm just taking a survey.
Do you agree with 10^-9?
Secondly, there is an assumption (that in this case), the avionics actually talk IP at all
i386 computer running Redhat Linux 2.4.10, starts IP services, including ICMP, UDP, TCPIP, IGMP, and connects with port 50071. It uses Iptables as well, so there is more than enough information to understand how they have set it up. As another poster pointed out, you can buy one of these computers off ebay for $35.
No hacking or sniffing, no hardware, not even on the aircraft, just watching a youtube video.
How do I get it off FlightRadar24?