Trojan-Infected Computer Linked To 2008 Spanair Crash

← Back to Stories (view on slashdot.org)

Trojan-Infected Computer Linked To 2008 Spanair Crash

Posted by Soulskill on Friday August 20, 2010 @12:49AM from the blue-screen-of-literal-death dept.

An anonymous reader writes "Two years ago, Spanair flight JK-5022 crashed shortly after takeoff in Madrid, killing 154 of its 172 passengers and crew. El Pais online newspaper reports that the ground computer responsible for triggering an alarm after three failures are reported in a plane failed to do so. The computer was infected with trojans (Google translation of Spanish original)."

71 of 324 comments (clear)

Min score:

Reason:

Sort:

Shit. by fuzzyfuzzyfungus · 2010-08-20 00:54 · Score: 5, Funny

Holy Safety-critical system running Windows and apparently not adequately air-gapped, batman!
1. Re:Shit. by TheRaven64 · 2010-08-20 01:09 · Score: 5, Insightful
  
  The Internet is not the only source of infection. What about removable media, removable drives, or other machines on a private network that can connect to either the Internet or removable media? Perimeter defences are part of good security, but they are not the whole of it.
  
  --
  I am TheRaven on Soylent News
2. Re:Shit. by LordLimecat · 2010-08-20 01:10 · Score: 2, Insightful
  
  Arent there OSes designed specifically for mission critical applications out there, for just this kind of thing? Doesnt the list NOT include off-the-shelf OSes like Windows and OSX?
3. Re:Shit. by Dunbal · 2010-08-20 01:11 · Score: 3, Insightful
  
  they don't have access to the Internet.
  Hopefully they don't have access to USB keyrings, flash drives, thumb drives and CD/DVD ROMS that have access to the internet, either...
  
  --
  Seven puppies were harmed during the making of this post.
4. Re:Shit. by fuzzyfuzzyfungus · 2010-08-20 01:13 · Score: 3, Insightful
  
  I'm not sure that banning Windows by name would be of too much use. A quick trip down the router aisle at any computer store will show you more degenerate abuses of embedded linux and VXworks than you care to think about, and I'm told that things don't get better nearly as fast as you would hope as prices rise in other industry segments.
  
  Anyone, though, using Windows in an environment where it could trivially be infected(ie. internet connected or contractors doing flash drive upgrades) really needs to be shown the door, yesterday. I'm also not sure why there would be "a" computer responsible for raising the alarm. Commodity x86 gear is pretty reliable for what you pay; but it isn't that reliable. If the safety of one or more 100 million+ aircraft, and everybody on board, is at stake, why are there not multiple systems, all independently capable of raising the alarm?
5. Re:Shit. by Pojut · 2010-08-20 01:17 · Score: 3, Insightful
  
  If the safety of one or more 100 million+ aircraft, and everybody on board, is at stake, why are there not multiple systems, all independently capable of raising the alarm?
  You're talking about an industry who would likely charge passengers for use of the bathroom, if they could get away with it. Why do you think there aren't multiple systems?
  
  --
  Living With a Nerd
6. Re:Shit. by JamesP · 2010-08-20 01:31 · Score: 4, Interesting
  
  We run critical stuff on Windows, they don't have access to the Internet. Deal with it.
  Well, no. It's you who has to deal with it.
  good luck
  
  --
  how long until /. fixes commenting on Chrome?
7. Re:Shit. by Charliemopps · 2010-08-20 01:32 · Score: 4, Insightful
  
  We had to secure a computer at a company I worked at years ago. The IT department claimed it was secure (they had put Norton AV and firewall on it) I laughed when the owner of the company told me about it. He asked if I could do better. I put the computer in a metal drawer, locked it, drilled a hole in the back for the cables to come out and handed him the key. "There, now it's secure." He thought I was kidding until I pointed out the USB ports and drive bays.
8. Re:Shit. by AlecC · 2010-08-20 01:34 · Score: 3, Interesting
  
  Except that this was not really a mission critical system - it was a fault logging system in the maintenance department. So far as one can tell from a machine-translated popular article, it was meant to log if a single aircraft had a number of different faults logged close together, because faults at different stations might not otherwise get correlated. As such, it is basically an IT system with response requirements in minutes, not a real time system with fault tolerance requirements. One of the systems which failed might have been a warning system which would have warned the pilots of the mistake which cause the crash.
  
  --
  Consciousness is an illusion caused by an excess of self consciousness.
9. Re:Shit. by TheHonch · 2010-08-20 01:36 · Score: 2, Insightful
  
  Did you remove the networkcable too?
10. Re:Shit. by skyride · 2010-08-20 01:41 · Score: 2, Insightful
  
  Well its either had a hand in causing the deaths of 154 people, and therefore was a mission critical system. Or it wasn't a mission critical system and the entire article is just a load of sensationalist garbage.
11. Re:Shit. by AHuxley · 2010-08-20 01:43 · Score: 2, Insightful
  
  Think of it as: The boss person for the "mission critical applications" area was given a nice long lunch and presented with some back of the napkin math just before an upgrade.
  The savings in hardware and software over aspects of a traditional OS was amazing... and thats how an off-the-shelf OS could get into mission critical area.
  Marketing has its lists of areas to wine, dine, seduce and penetrate.
  
  --
  Domestic spying is now "Benign Information Gathering"
12. Re:Shit. by tibit · 2010-08-20 01:47 · Score: 4, Interesting
  
  Those mission-critical-designed-for OSes are, unfortunately, likely to be secure by obscurity. Something like vxWorks or QNX is not a big enough target for malware writers or blackhats, but I'm quite sure those platforms are full of holes simply because they are not very exposed. I'd say that linux, perhaps with realtime extensions, would be a somewhat better platform -- it's exposed way more, and most of the holes have been patched.
  
  --
  A successful API design takes a mixture of software design and pedagogy.
13. Re:Shit. by Vectormatic · 2010-08-20 01:52 · Score: 4, Insightful
  
  i think MS also disclaims any responsability, that should tell you enough about windows' fitness for mission-critical stuff
  regardless of law, putting any mission critical system (especially when lives depend on it) on a windows machine should be chargeable with criminal negligance, and in this case, manslaughter
  
  --
  People, what a bunch of bastards
14. Re:Shit. by oldspewey · 2010-08-20 02:00 · Score: 2, Funny
  
  No, but he wrapped it in tinfoil.
  
  --
  If libertarians are so opposed to effective government, why don't they all move to Somalia?
15. Re:Shit. by Bemopolis · 2010-08-20 02:04 · Score: 2, Insightful
  
  Two words: Blowout. Preventer.
  
  --
  "I guess the moral of the story is, don't paint your airship with rocket fuel." -- Addison Bain
16. Re:Shit. by Rob+Riggs · 2010-08-20 02:07 · Score: 4, Funny
  
  Did you remove the networkcable too?
  No can do, my friend. Anti-virus software is useless without a network connection to keep the virus definitions up to date.
  
  --
  the growth in cynicism and rebellion has not been without cause
17. Re:Shit. by Idbar · 2010-08-20 02:23 · Score: 2, Insightful
  
  You're talking about an industry who would likely charge passengers for use of the bathroom, if they could get away with it.
  And why would they blame their own, if it's easier to blame it on the OS?
18. Re:Shit. by Ellis+D.+Tripp · 2010-08-20 02:27 · Score: 2, Interesting
  
  But if you don't have a network connection (and the machine is physically secured to protect the USB ports and removable media drives), then you don't NEED anti-virus software. Without a means for a virus to get onto the machine, it should be perfectly safe.
  Having a live network connection only for the purpose of updating an unnecessary AV package provides a route of infection in itself. Unless the machine needs a network connection for another reason, then it shouldn't be connected to a network.
  I maintain several Windows (and DOS) boxes which are used for stand-alone machine controls, and none of them have ever had a problem with virus infections (despite complete lack of AV software), because there is no way for a virus to get onto them. The front panel USB and floppy/CD ports are disabled (physically unplugged inside the machines), and the rear panel USB ports are filled with epoxy glue. If I need to update software, I just open the box, and plug the cables in as needed.
  
  --
  Remember "News for Nerds, Stuff that Matters"? Help make it a reality again! http://soylentnews.org
19. Re:Shit. by drsmithy · 2010-08-20 02:30 · Score: 2, Insightful
  
  This is a one-way ticket to the cessation of all innovation in the field of computing.
  Rubbish.
20. Re:Shit. by Twillerror · 2010-08-20 02:43 · Score: 2, Interesting
  
  I'm not sure about Norton, but Symantec AV has gone beyond simple virus stuff for a while now.
  Using Symantec we didn't block USB entirely, but it is possible. It did block the standard USB type attacks though. When USB drives where plugged in the system logged all activity including files and sent them up to the central server.
  Better than a drawer would have been a nice server rack...of course physical security is important. Someone could steal the drive and modify it and then put it back in. But I would think if the machine auto locked and users didn't have root/administrator access it would harder for these types of attacks.
  Also, if your USB cable is coming out the back couldn't someone hijack that?
  The new firewalls block incoming worms versus just blocking ips and ports like a traditional firewall.
  But at the end of the day most of these attacks happen because of lack of a firewall and not patching the machines. For devices like the article it should be tested regularly, monitored, and even rebuilt from time to time for good measure...lifes are at stake.
  I wish MS's firewall would be smart enough to block all traffic unless from servers. Does Joe and Janes machines at work really ever need to talk to one another. In fact I'd block traffic from the same subnet most of the time in a business setting.
21. Re:Shit. by Dishevel · 2010-08-20 02:50 · Score: 2, Insightful
  
  they don't have access to the Internet.
  Hopefully they don't have access to USB keyrings, flash drives, thumb drives and CD/DVD ROMS that have access to the internet, either...
  USB keyrings, flash drives (same thing), thumb drives (Same thing again).
  Do you just type things to make your post look longer so that people will have the belief implanted into their head that you are not dumb.
  
  --
  Why is it so hard to only have politicians for a few years, then have them go away?
22. Re:Shit. by Xiaran · 2010-08-20 03:02 · Score: 4, Insightful
  
  I worked for many years in the security industry. We had to do this to prevent security guards turning off the machine when they alarmed as it would interrupt their naps. Probably the best story I heard about a secure room was in Australian Defence. A contractor was installing a secure door to make a secure room(where you store your import and documents and hard disks after hours). Once completed a senior military guy comes down and is really impressed by this thick steel door with massive bolts etc. The contractor said its pretty good, but he reckoned he could get inside within 10 seconds. The military guys cannot believe it and bets the guy $100 he cant do it. They lock the door and the contractor then proceeds to go to the side of the secure room and put his foot thru the plaster board panelling, kicking out a large chunk and allowing him to crawl into the room in about 5 seconds.
23. Re:Shit. by abigsmurf · 2010-08-20 03:32 · Score: 2, Insightful
  
  Yeah because Linux is totally 100% immune to malware and never ever crashes!
  
  If they couldn't properly isolate a mission critical windows system, guess what? They almost certainly wouldn't be able to properly secure a Linux or OSX system either. Relying on the small amount of Linux based malware for security? That sounds an awful lot like security by obscurity to me. Relying on the rights system? There's plenty that you could do without admin rights that would potential suppress or interfere with an alarm.
24. Re:Shit. by SpzToid · 2010-08-20 03:37 · Score: 2, Informative
  
  Actually two, operational blowout preventers were called for in the regulatory specifications. Turns out the single blowout preventer had no battery juice available. The system is supposed to work, by the batteries closing the hole automatically when detection of the control monitoring software fails. But if the batteries to the sole preventer don't have the juice when needed, bad things can happen. Someone thought the costs vs. risks were negligible, so they settled for less.
  
  --
  You can't be ahead of the curve, if you're stuck in a loop.
25. Re:Shit. by Jeremy+Erwin · 2010-08-20 03:41 · Score: 2, Interesting
  
  See, this is why government oversight is so expensive. Regulations have to written for morons and swindlers. Here's the US Government standard.
  
  1) Class A Vaults.
  (a) Reinforced Concrete. The wall, floor, and ceiling will be a minimum thickness of eight inches of reinforced concrete. The concrete mixture will have a comprehensive strength rating of a least 3,000 psi. Reinforcement will be accomplished with steel reinforcing rods, a minimum of 5/8 inches in diameter, positioned centrally and spaced horizontally and vertically 6 inches on center; rods will be tied or welded at the intersections. The reinforcing is to be anchored into the ceiling and floor to a minimum depth of one-half the thickness of the adjoining member.
  (b) Modular. Modular panel wall, floor, and ceiling components, manufactured of intrusion-resistant material, intended for assembly at the place of use, and capable of being disassembled and relocated meeting Underwriters Laboratories, Inc. (UL) standards are approved for vault construction.
  (c) Steel-lined. Vaults may be constructed of steel alloy-type, such as U.S. Steel T-1, having characteristics of high-yield tensile strength or normal structural steel with a minimum thickness of 1/4 inch. The metal plates are to be continuously welded to load-bearing steel members of a thickness equal to that of the plates. If the load-bearing steel members are being placed in a continuous floor and ceiling of reinforced concrete, they must be firmly affixed to a depth of one-half the thickness of the floor and ceiling. If the floor and/or ceiling construction are less than six inches of reinforced concrete, a steel liner is to be constructed the same as the walls to form the floor and ceiling of the vault. Seams where the steel plates meet horizontally and vertically are to be continuously welded together.
  (2) Class B Vaults.
  (a) Monolithic Concrete. The wall, floor, and ceiling will be a minimum thickness of four inches of monolithic concrete.
  (b) Masonry Units. The wall will be brick, concrete block, or other masonry units not less than eight inches thick. The wall will extend to the underside of the roof slab above (from the true floor to the true ceiling). Hollow masonry units shall be the vertical-cell type (load bearing) filled with concrete and metal reinforcement bars. The floor and ceiling must be of a thickness determined by structural requirements, but not less than four inches of monolithic concrete construction.
  (3) Class C Vaults. The floor and ceiling must be of a thickness determined by structural requirements, but not less than four inches of monolithic concrete construction. Walls must be not less than eight inches thick concrete block or hollow-clay tile or other masonry units. The wall will extend to the underside of the roof slab above (from the true floor to the true ceiling).
  source
26. Re:Shit. by zombieChan51 · 2010-08-20 03:43 · Score: 2, Insightful
  
  But LinuxIsPerfect(TM)
27. Re:Shit. by sjames · 2010-08-20 03:50 · Score: 4, Insightful
  
  Considering that 154 people died because this system did not issue the warning it was supposed to, I would say it most certainly IS a mission critical system, it just isn't treated as one.
  Of course, it sounds like the whole thing was a tragedy of errors. The pilot should have seen that slats and flaps were in the wrong position, the computer in question should have flagged the plane for grounding, the on board computer should have raised the alarm. There should have been maintenance records independent of the computer that should have raised the flag on pre-flight. Not one of those things happened and people died as a result.
  I would call it a comedy of errors except that it's hard to call 154 deaths a comedy.
28. Re:Shit. by scribblej · 2010-08-20 03:59 · Score: 3, Insightful
  
  It's odd to me how easily you write off a system that caused the death of ~150 people as "not really ... mission critical."
29. Re:Shit. by rickb928 · 2010-08-20 04:27 · Score: 2, Insightful
  
  Work with me here. This is complicated.
  Someone posted:
  "That's not regulation, that's cost minimization. (A free toilet is significantly cheaper than cleaning up after the alternative...)"
  Flight safety and maintenance are not cost issues per se. For an airline with a clue, they are about maximizing profit and reducing inefficiency.
  If a plane crashes due to maintenance issues, you have these consequences:
  - Lost revenue. Passengers will be wanting refunds. The aircraft is not available for future flights, which will reduce revenue. Many airlines don't have capacity problems today, so this is not a big issue for them right now. Others however are sensitive to equipment availability.
  - Inefficiency. It's generally cheaper to maintain the equipment than it is to replace it, insurance and spare equipment notwithstanding.
  - Lost business. Perceptions of poor maintenance can lead to public image issues and potentially lost revenue. This is very hard to recover from. Note that the industry as a whole agrees to avoid taking advantage of competitors' safety issues to gain market share. Sharks apparently also do not eat each other, except in dire circumstances.
  This particular incident is , at the root of it, not much different than a credit-card data disclosure, or dropping the bakcup tapes down the stairs, or failing to submit a bid because the computer crashed due to some malware. With the salient exception that people died. More reason to have redundant systems, backup manual processes, and even more rigorous IT security practices. We might, just might, see an effort by the FAA and aircraft manufacturers to require airlines and other operators to take aditional steps to secure their critical ground systems.
  ???
  
  --
  deleting the extra space after periods so i can stay relevant, yeah.
30. Re:Shit. by jbengt · 2010-08-20 05:55 · Score: 2, Insightful
  
  I don't know why you think this demonstrates any particular excess expense of government. It is no more complex or restrictive than any of hundreds of private sector construction specifications and design criteria that I have read.
31. Re:Shit. by blair1q · 2010-08-20 07:37 · Score: 2, Informative
  
  Let me be a bit more clear about this:
  No, those OSes are not secure. Quite the opposite. Almost all of them are very primitive, and have wide-open memory models that allow anything to run, allow anything running to touch any location in memory, and don't log a thing about it. More recent versions of them may have memory partitioning and privileged-user-only modes, but don't bet on the more recent versions being used even on brand new projects.
  The innate vulnerabilities to coding errors presented by this openness are alleviated by performing exhaustive (and expensive) testing of every function in the system to be sure it does what it's supposed to, and exhaustive (and expensive) testing of the system to be sure it does what's required of it, and exhaustive (and expensive) evaluation of the requirements to be sure they cover all of the safety-critical and mission-critical possiblities.
  And then you still get gomers on the flight deck disabling safety alerts on a poorly maintained aircraft and executives in the airline HQ giving them a wink and a nod for it while looking all stern (or waving a bulging envelope) at regulator visits.
What operating system was used? by sa666_666 · 2010-08-20 00:55 · Score: 2, Interesting

Just wondering what operating system those computers used, and how they contracted a virus from the outside network (when they probably shouldn't have been connected at all)??
1. Re:What operating system was used? by TheKidWho · 2010-08-20 00:57 · Score: 3, Funny
  
  I take it you've never worked with real people before?
2. Re:What operating system was used? by mseeger · 2010-08-20 01:00 · Score: 4, Insightful
  
  Because humans are humans. Possible chain of events: "Hmmm. I want to surf in the internet but have no PC. But wait, there is our maintenance PC. If i install iTunes on it and connect it to my iPhone, i may surf during work. Hurray! I can even download the hot pics of my favorite celebrity to which i received a link from these chinese guy."
3. Re:What operating system was used? by Buggz · 2010-08-20 01:05 · Score: 2, Insightful
  
  The operating system really isn't the issue here, failure to isolate the system is. I've set up several windows systems inside a double firewall which in turn are set up with a VPN to whatever the systems needed to communicate with, and nothing else. Those did exactly what they needed to do because nothing else would get in or out. That a mission critical system gets infected at all points to a serious flaw somewhere, a goddamned alarm system shouldn't need any active usb-ports nor any access to the internet besides an encrypted line to whoever is supposed to receive the alarm and respond. I hope this is viewed as a criminal case, someone did an absolutely horrendous job or didn't do it at all and 154 people lost their lives because of it.
4. Re:What operating system was used? by mcgrew · 2010-08-20 01:11 · Score: 2, Insightful
  
  Are you new to computing? How many Mac or Linux or BSD users do you know who have ever gotten a trojan infection?
  
  --
  Free Martian Whores!
5. Re:What operating system was used? by LordLimecat · 2010-08-20 01:12 · Score: 3, Insightful
  
  Its STILL not a high-availabilty OS, and should not be treated as such. Windows can be great for normal business use when properly set up, but it isnt designed for mission critical stuff-- if your graphical shell can bring down the OS, its probably not a good candidate for that kind of thing.
6. Re:What operating system was used? by mcgrew · 2010-08-20 03:17 · Score: 2, Informative
  
  Sure, a Linux box can get rooted, but I've never seen one, and I've installed Linux on friends' computers when I got tired of reinstalling Windows for them after the thing slows to a crawl from malware. Once Linux was on it, they never got infected again.
  Of course, to be victim of a trojan you have to know how to install a program ;)
  
  --
  Free Martian Whores!
The pilots were incompetent by GaryOlson · 2010-08-20 00:58 · Score: 2, Interesting

At the bottom of the article, it states the computer system did not alarm when the pilots failed to use the flaps properly on takeoff. That pilot should have had his license revoked.

--
Every mans' island needs an ocean; choose your ocean carefully.
1. Re:The pilots were incompetent by Pojut · 2010-08-20 01:10 · Score: 4, Informative
  
  From the Wikipedia page (emphasis mine):
  "On 17 August 2009, CIAIAC released an interim report on the incident [21]. The interim report confirmed the preliminary report's conclusion that the crash was caused by an attempt to take off with the flaps and slats retracted, which constituted an improper configuration, and noted that safeguards that should have prevented the crash failed to do so. The cockpit recordings revealed that the pilots omitted the "set and check the flap/slat lever and lights" item in the After Start checklist. In the Takeoff Imminent verification checklist the copilot just repeats the flaps and slats correct values without actually checking them, as shown by the physical evidence."
  Daayum.
  
  --
  Living With a Nerd
2. Re:The pilots were incompetent by Zocalo · 2010-08-20 01:10 · Score: 3, Interesting
  
  The pilots kind of revoked their own licenses. Permanently. All of the crew perished in the crash.
  
  The thing that bugs me is that flight systems on passenger jets are multiply redundant and their are strict rules about what can and can't be done when there is a system failure. For instance there are usually at least three autopilot systems, and if only one is indicating a fault then the flight crew has to perform all flight operations manually. WTF happened with regulatory control that didn't enforce that this kind of redundancy and human oversight applied to critical systems on the ground as well?
  
  --
  UNIX? They're not even circumcised! Savages!
3. Re:The pilots were incompetent by nedlohs · 2010-08-20 01:17 · Score: 2, Funny
  
  Being dead does that automatically anyway.
4. Re:The pilots were incompetent by Pojut · 2010-08-20 01:21 · Score: 2
  
  The pilots kind of revoked their own licenses. Permanently. All of the crew perished in the crash.
  "It's just been revoked!"
  "Peter, that line doesn't work here."
  "Oh. Uh...I'll have what she's having!"
  
  --
  Living With a Nerd
Its an MD82 by MichaelSmith · 2010-08-20 01:00 · Score: 3, Informative

wiki link
Beyond the translated Spanish article I can't find anything else about this idea of an alerting system being infected with malware. Typically such systems are simple, embedded and not interfaced in ways which could cause them to run software they are not meant to.
This bit from wikipedia is interesting:

The MD-80 Advanced was to incorporate the advanced flight deck of the MD-88, including a choice of reference systems, with an inertial reference system as standard fitting and optional attitude-heading equipment. It was to be equipped with an electronic flight instrument system (EFIS), an optional second flight management system (FMS), light emitting diode (LED) dot matrix electronic engine and system displays. A Honeywell windshear computer and provision for an optional traffic-alert and collision avoidance system (TCAS) were also to be included. A new interior would have a 12% increase in overhead baggage space and stowage compartment lights that come on when the door opens, as well as new video system featuring drop-down LCD monitors above.[4]
link
Apparently this upgrade got dropped in 1991, so the system still in use must be pretty low tech.

--
http://michaelsmith.id.au
Re:Windows? by WrongSizeGlass · 2010-08-20 01:02 · Score: 3, Funny

No, but this computer was running the old version of Flight Simulator.
What? by miffo.swe · 2010-08-20 01:04 · Score: 5, Insightful

Who puts Windows on anything even remotely mission critical? If you could blame someone, it should be the person deciding that.

--
HTTP/1.1 400
Complimentary 7 point Slashdot troll guide... by vistapwns · 2010-08-20 01:06 · Score: 4, Interesting

Here is your complimentary guide to trolling this story: 1. Pretend only windows can get infected with trojans. 2. If you can't do 1. adequately, then pretend Windows is some how easier to infect with trojans than other OSes. 3. Accuse anyone who disagrees with you of being paid off. 4. Make thoughtless absolutists statements like Windows has no security model, and is not a networking OS. 5. Mention chair throwing as proof that MS personnel are unstable, but never mention wife murdering linux developers. 6. Repeat other MS bashers without researching what they're saying. 7. Mention "640k ought to be enough for anyone" as much as possible without giving thought to the brain dead simple idea that MS had nothing to do with the addressable memory limit of the 8086. Following this guide is sure to get you modded up and liked by many other slashdotters, so be sure to follow it closely!

--
"...I think the Microsoft hatred is a disease." - Linus Torvalds
1. Re:Complimentary 7 point Slashdot troll guide... by LordLimecat · 2010-08-20 01:14 · Score: 3, Informative
  
  Problem with your rebuttal: Whether or not other systems can get trojans, you should NOT be using Windows for anything that needs 100% uptime to guarentee safety of human lives, plain and simple. If the entire system can be locked up and made responsive by userland apps, then it isnt qualified to be responsible for the safety of human lives.
2. Re:Complimentary 7 point Slashdot troll guide... by geekoid · 2010-08-20 02:34 · Score: 5, Insightful
  
  Windows is easier. It's a byproduct of sloppy architecture.
  It doesn't mean the others can't be compromised, but it's a fallacy to assume all OS's can be infected with the same level of difficulty.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
3. Re:Complimentary 7 point Slashdot troll guide... by Stradenko · 2010-08-20 02:49 · Score: 2, Insightful
  
  https://launchpad.net/bugs/+bugs?field.searchtext=remote+code+execution&search=Search+Bug+Reports&field.scope=all&field.scope.target=
  https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1252
  http://news.softpedia.com/news/Critical-Vulnerability-Silently-Patched-in-Linux-Kernel-152678.shtml
  http://projects.info-pull.com/moab/MOAB-20-01-2007.html
  http://projects.info-pull.com/moab/MOAB-14-01-2007.html
  http://projects.info-pull.com/moab/MOAB-01-01-2007.html
  http://projects.info-pull.com/moab/MOAB-01-01-2007.html
Re:Windows? by LordLimecat · 2010-08-20 01:09 · Score: 2, Funny

Or possibly TSA?
A result of employee loafing by hessian · 2010-08-20 01:09 · Score: 3, Insightful

1970s:
"I'm sorry, our computers are down." (Reality: our employees are playing NET TREK and DUNGEON on a Friday afternoon.)
2000s:
"I'm sorry, our computer has a trojan." (Reality: our employees finally found an "unused" machine to surf porn, got loaded up with Russian malware, and now it's nobody's fault.)

--
Futurist Traditionalism
Nothing to do with the plane by Kupfernigk · 2010-08-20 01:10 · Score: 5, Informative

This is an aggregating computer at SpanAir HQ which is supposed to record aircraft alerts and notify when too many of them happen too close together. Its only connection with the on-board computer is that somehow it receives the alerts from it. Its OS is unstated. It is not a mission-critical system, it is a decision-support system. Even so, someone looks to have been careless.
Whoever modded up the above post - you've missed the point. There may have been a fault in the on-board management system - or human error failing to heed a warning - but nothing in TFA suggests that malware was in any way involved on the flight deck.

--
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
So, when... by Titan1080 · 2010-08-20 01:10 · Score: 5, Insightful

Does the 'War on Trojanists', begin? But seriously, someone wrote that virus. That means that someone, somewhere (probably Estonia), is guilty of killing 154 people.
Summary needs a bit of clarification by ptbarnett · 2010-08-20 01:11 · Score: 5, Informative

The infected computer was one being used by mechanics to enter maintenance log entries. According to the article, an alert is supposed to be raised if three failures in the same part or subsystem occurred. If I understand the broken English correctly, they would have taken the plane out of service had the maintenance log entry been completed before the plane attempted to take off.
But, the problem that was supposed to be logged was reportedly an overheated pitot tube. That was not the cause of the crash: the report says that the pilots did not set the flaps correctly and a warning alarm did not go off. This was not related to the problem with the computer being used by mechanics.
The article appears to be trying to link two independent events: a separate problem with the plane and an error by the pilots. Or maybe it's just the broken English translation.
1. Re:Summary needs a bit of clarification by Anonymous Coward · 2010-08-20 01:40 · Score: 5, Informative
  
  Spanish is my mother tongue, so maybe I can shed more light after reading the original article:
  The procedures of Spanair are to log incidences right away whenever they are detected. Three accumulated incidences and the plane is grounded.
  Two incidences had been found the day before the crash. One incidence was detected on the same day of the crash.
  However, the technicians did not enter the incidences into the system right away, because the system was too slow (assumedly due to the malware)
  The system did not trigger any alarm on the same day because the incidences had not been entered by the technicians. The plane was deemed airworthy, and then the accident happened due to the multiple causes described elsewhere.
2. Re:Summary needs a bit of clarification by Registered+Coward+v2 · 2010-08-20 01:48 · Score: 4, Informative
  
  The infected computer was one being used by mechanics to enter maintenance log entries. According to the article, an alert is supposed to be raised if three failures in the same part or subsystem occurred. If I understand the broken English correctly, they would have taken the plane out of service had the maintenance log entry been completed before the plane attempted to take off.
  But, the problem that was supposed to be logged was reportedly an overheated pitot tube. That was not the cause of the crash: the report says that the pilots did not set the flaps correctly and a warning alarm did not go off. This was not related to the problem with the computer being used by mechanics.
  The article appears to be trying to link two independent events: a separate problem with the plane and an error by the pilots. Or maybe it's just the broken English translation.
  Very true - the accident appears to have been the result of a series of crew errors that lead to an improper takeoff condition:
  From Wikipedia: On 17 August 2009, CIAIAC released an interim report on the incident [21]. The interim report confirmed the preliminary report's conclusion that the crash was caused by an attempt to take off with the flaps and slats retracted, which constituted an improper configuration, and noted that safeguards that should have prevented the crash failed to do so. The cockpit recordings revealed that the pilots omitted the "set and check the flap/slat lever and lights" item in the After Start checklist. In the Takeoff Imminent verification checklist the copilot just repeats the flaps and slats correct values without actually checking them, as shown by the physical evidence. All three safety barriers provided to avoid the takeoff in an inappropriate configuration were defeated: the configuration checklist, the confirm and verify checklist, and aircraft warning system (TOWS).
  Had they not made a series of compounding errors the flight probably would have been uneventful; it appears the deactivated systems was not related to the crash. It may be that some other systems were improperly set - ground vs flight mode - which caused problems and may have contributed to the accident; but none are related to the maintenance computer. Should the plane have been grounded due to an early problem? Maybe; but that may not have prevented the errors that lead to the crash.
  We'll never know what the pilots were thinking; but having aborted one takeoff they may have assumed, intentionally or not, that they systems were set for takeoff and did a cursory check as a result; I've seen that happen in other industries where checklists are used. You interrupt the expected course of actions and people simply pick up where they left off, without assuring the systems were properly set for operation.
  
  --
  I'm a consultant - I convert gibberish into cash-flow.
Swiss cheese by Fzz · 2010-08-20 01:20 · Score: 5, Interesting
The crash of an airliner these days is rarely due to a single cause. There's a saying in the industry that a crash occurs when the holes in the Swiss cheese happen to line up. This appears to have been the case with this particular crash.
- The direct cause was that the pilots attempted to take off without setting take-off flaps.
- They were rushing because they'd had a technical issue, and returned to the terminal after previously taxiing to the runway and completing the take-off checks. So they accidentally skipped the critical check that the flaps were deployed when they lined up to take off the second time.
- There's a take-off configuration alarm that is supposed to alert the pilots, but it wasn't working.
- It wasn't working because the engineer removed the circuit breaker that powered it, in order to turn off a stuck heater on a pitot tube that was due to a malfunctioning switch.
- This particular fault had been noted on previous flights, so should have flagged a warning on the airline's fault monitoring system.
- The fault monitoring system had a trojan.
Yup, the holes in the cheese certainly lined up that day. None of these, by itself, would have caused the crash.
1. Re:Swiss cheese by Kitten+Killer · 2010-08-20 02:08 · Score: 3, Informative
  
  Instead of indicting everyone under the sun, let's do something to fix it instead of tossing people in jail. Many people contributed a little, like Murder on the Orient Express. In the end, the ultimate responsibility rested on the Pilot-in-Command who paid the price for his mistakes. Let's learn from it instead.
  1. Revise procedures so that the PNF (Pilot-Not-Flying) visually confirms the flap & slats indicator instead of just reading it to the PF (Pilot Flying)
  2. Design future systems such that the take-off config warning isn't on the same circuit breaker as the Total-Air-Temp sensor. (I'm a recreational pilot, not an engineer, so I don't know if there's a valid reason for them to be on the same circuit.) Also, have an EICAS warning when the take-off-config alarm is disabled.
  3. Have the engineers remind the pilots / placard the cockpit to remind them that the take-off-config alarm is disabled.
  4. Flapless take-off attempts leading to accidents are not a new thing to airplanes. Further training seems to be required, especially as the small aircraft we all initially learn in will take off without flaps.
No Cause and Effect Alleged by anorlunda · 2010-08-20 01:26 · Score: 2, Interesting

The Spanish article cited in the summary does not allege any cause-and-effect relationship between the computer, the trojans, and the crash.
Nearly all crash investigations reveal factoids that cause suspicion and which invite people to jump to conclusions. Sometimes, the premature public debate on such issues cause emotional harm to victims, their families and other people involved.
I realize that I'm pissing into the wind to raise this topic. I's human nature to gossip. Slashdot is no different than any other public forum in this regard. It just frustrates me to see this happen again and again.
Catch-22 by PolygamousRanchKid+ · 2010-08-20 01:28 · Score: 2, Insightful

That pilot should have had his license revoked.
Well, I think the crash took care of that.
Unless the pilot was Captain Orr from Catch-22 . . . then he and all the other passengers would be frolicking in Sweden for the rest of the war . . .

--
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Re:and they want to have networked auto drive cars by ground.zero.612 · 2010-08-20 01:33 · Score: 2, Funny

and they want to have networked auto drive cars some day as well.
I hope that the windows based car navigation and sound system is not hooked to the drive part at all or even better no windows at all.
I would find it very difficult to navigate in a car lacking windows.

--
"Be prepared, son. That's my motto. Be prepared." --Joe Hallenbeck
Re:Windows? by Z00L00K · 2010-08-20 03:00 · Score: 3, Interesting

In any case the malware author could be charged with 154 cases of second degree murder. Or will it be mass murder?
It would be interesting to see that in court.

--
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Just need a super cable by Ripit · 2010-08-20 03:00 · Score: 3, Funny

Pop one of these AKDL1's on it, and the machine is immune to trojans.
Re:Windows? by halowolf · 2010-08-20 03:23 · Score: 3, Interesting

And I would dearly love to see it in court. However I would imagine it would fit more under manslaughter rather than common law type murder, as I would imagine the trojan writer wasn't out to kill people. Though I would imagine you could argue malice is involved in writing trojans. I'm not a lawyer so don't take notice of anything I say. Though going by the poorly translated article there was more going on then just the trojans, the trojan computer may of been more of a contributing factor rather than the primary reason for the crash, due to reasons stated in the article.
Re:Mission Critical by NotBornYesterday · 2010-08-20 03:59 · Score: 2

The computer, located at the headquarters of the airline in Palma de Mallorca, emits an alarm signal on the monitor when you register three similar technical problems in the same device
Pardon me if something got lost in translation, but why the hell was was there not a computer on board that could have registered a series of failures and alerted the crew? It seems that would have been useful information for them to have.

--
I prefer rogues to imbeciles because they sometimes take a rest.
Re:Mission Critical by DougF · 2010-08-20 04:26 · Score: 4, Interesting

Hate to rain on the IT parade here, but the investigation revealed that the aircrew had the aircraft on "in-flight" mode, leading to erroneous indications (forcing the first abort), and then excluding the no flaps/no slats pre-takeoff configuration error warning. The crew also called for the flaps/slats settings to be proper without actually checking them. In effect, they were able to defeat three separate safety measures to prevent exactly this kind of mishap from happening.

It does not appear that an infection of the mainframe maintenance computer is anything more than a side note in this particular mishap. It may, however, be something for airline maintenance personnel to be aware of to prevent future incidents.

The real question is why the aircrew are allowed to override a weight-on-wheels (WOW) sensor, when that is primary used for troubleshooting by ground crews. Putting the aircraft into "flight" mode while on the ground requires special attention to actions/procedures (as in when a USAF F-4 shot up a maintenance truck when the WOW switch was in override and the weapons crew performed an ops check on the gun system--ops check good, BTW).

--
Impetuous! Homeric!
Re:Mission Critical by tuxgeek · 2010-08-20 04:52 · Score: 3, Insightful

A computer controlling in-flight operations infected with trojans translates to a computer running MS windows. Why the fuck would anyone even think of this? This is like building a suspension bridge using legos and 6 year olds doing the assembly.
So when I fly, is my life really dependent on a tinker toy OS? That's fucked up! Someone should be beaten to death for this idea.

--
"Suppose you were an idiot...and suppose you were a member of Congress...but I repeat myself." Mark Twain
You acknowledge that Software is not designed... by travisb828 · 2010-08-20 05:11 · Score: 2, Funny

You acknowledge that Software is not designed, licensed or intended for use in the design, construction, operation or maintenance of any nuclear facility.

http://www.java.com/en/download/license.jsp

I really like that part of the Java EULA.

Even if the infected computer did directly cause the crash of the plane, Microsoft should put something similar in their EULA. Having this kind of disclaimer will remind people that they probably shouldn't use Windows in a system that may have lives depending on it. Its about using the right tool for the right job.
Re:Mission Critical by DougF · 2010-08-20 05:19 · Score: 2, Informative

Maybe I wasn't clear, the mainframe in maintenance has nothing to do directly with inflight operations. The computers on board are completely independent of those in the maintenance system. Now, if there are wireless connections, allowing the maintenance mainframe and the aircraft to share information, it MAY be possible for a virus to gain access to the aircraft, but I am pretty sure this has not happened yet, possibly to the security in place, or possibly no one has really tried to infect an aircraft with a virus.

Indirectly, the maintenance mainframe's failure to alert on related system faults MAY be a factor in future mishaps, but it does not appear that the infected mainframe had anything to do with this one.

--
Impetuous! Homeric!