Boeing 787s To Create Half a Terabyte of Data Per Flight

Qedward writes "Virgin Atlantic is preparing for a significant increase in data as it embraces the Internet of Things, with a new fleet of highly connected planes each expected to create over half a terabyte of data per flight. IT director David Bulman said: 'The latest planes we are getting, the Boeing 787s, are incredibly connected. Literally every piece of that plane has an internet connection, from the engines, to the flaps, to the landing gear. If there is a problem with one of the engines we will know before it lands to make sure that we have the parts there. It is getting to the point where each different part of the plane is telling us what it is doing as the flight is going on. We can get upwards of half a terabyte of data from a single flight from all of the different devices which are internet connected.'"

internet-connected plane

What could go wrong?

Re:internet-connected plane

[ls671]

Hopefully, they meant a TCP/IP connection, not "Internet" connected ;-)

Re:internet-connected plane

[jklovanc]

I was hoping that too but the following quote seems to indicate there is some access from the ground.

If there is a problem with one of the engines we will know before it lands to make sure that we have the parts there.

I just hope they can only see information and have no control from the ground.

Re:internet-connected plane

[ls671]

I just hope they can only see information and have no control from the ground.

Yeah, right, it seems to ring a bell for me, let's see... OK, let's say: like having a read-only access to a web-site?

Hopefully the plane pushes the data if it reports in real-time and the plane doesn't have any listening sockets accepting connections on some kind of wireless network. Pilots could also transmit problem reports through radio...

Re:internet-connected plane

[leuk_he]

eeeh, Almost everything is internet connected. They tell you that the nuclear power central is not connected, but if you really audit it you will find there is some kind of double vpn to connect it.

The international airports have their own internal networks, but in some ways they are always connected to the internet. There are some vpn and firewalls between your home desktop and the plane, but in the end it is all connected.

Re:internet-connected plane

[Richard_at_work]

This isn't exactly new - Rolls Royce, GE and Pratt & Whitney all do "power by the hour" rented engines, which are permanently connected (allowing for coverage issues) to data receiver centers which manage them. If they need maintenance, are running hot or have a vibration issue (its amazing how much you can discern about an engine due to its vibration levels), the engine manufacturer can determine before the flight has even ended whether or not the engine needs that maintenance at that point, needs replacing, or can suffice until the aircraft can be rotated to a full maintenance center to be swapped out.

On PBTH engines, its typical that the airline will be called by the manufacturer to report the issue before the crew flying the aircraft ever notices anything.

Its also a service engine purchasing airlines can select.

Re:internet-connected plane

[wmac1]

A web server of a read-only website, still accepts connections and web requests. There are listening sockets and there are connecting clients.

Re:internet-connected plane

[ls671]

woosh...

Re:internet-connected plane

wget http://www.vigrin-atlatic.com/flight/12321/manage.aspx?flags=down&gear=up&parachutes=deploy

Re:internet-connected plane

[fbobraga]

mod the GP funny!

Re:internet-connected plane

[theVarangian]

Hopefully, they meant a TCP/IP connection, not "Internet" connected ;-)

Whatever it is I hope it's an encrypted connection. That would put them one step ahead of the military.

Re:internet-connected plane

[AmiMoJo]

There is already a broadcast-only system in place for sending this kind of telemetry back to HQ. Air France was getting warnings about their flight that went down over the Atlantic telling them that the air speed sensors were producing conflicting data (nice of them to share that with the pilots...)

This could be a similar sort of thing using UDP. It could also be two way - lots of servers accept TCP/IP connections for management and telemetry. It will be via a dedicated satellite link most likely and hopefully not connected to the public internet, but considering that apparently lots of our other critical infrastructure is I wouldn't take that as a given.

Re:internet-connected plane

[Joce640k]

Yep. Some engine manufacturers already monitor all their engines continuously, in real time.

Rolls Royce was the first, I think GE have started doing it too.

It's not a big leap from monitoring the engines to monitoring the entire aircraft.

Re:internet-connected plane

[drakaan]

Instrumentation has been part of the stack of internet protocols for many years. It's called SNMP, and it's certainly possible to implement as read-only.

Re:internet-connected plane

[ninlilizi]

Just wait till the pilots desperately trying to diagnose a flameout and searching the iPad hosted flight manual for a YOLO failure. To just find Trollface.jpg as its single entry.

Re:internet-connected plane

[wvmarle]

Not likely that it'd be streamed in real time.

500 GB per flight, say six hours of flight time for an average flight, and I'm at almost 24 MB/s on data production. That's 240 Mb/s. 4G mobile phone can't do that, and when flying you'll often be out of reach of a mobile phone network. So you need satellite - while that may be able to handle the data, it's costing you an arm and a leg. Besides, most of the data is not that interesting.

What would be viable, though, is for errors to be automatically transmitted. Like an engine that detects an anomaly, indicating it needs maintenance, that such a little bit of information is forwarded to the ground.

Re:internet-connected plane

[Opportunist]

I do seriously hope that too. Connecting flight critical hardware to an open network is asking for trouble.

Quite frankly, if their CISO didn't veto that and got shot down, he should be fired. Out of a cannon.

Re:internet-connected plane

[LWATCDR]

Slashdot not knowing what they are talking about. They are not going to Intranet connect flight controls. They will NETWORK them. Probably using a variation of firewire or maybe ethernet. Slashdot news for wannabe nerds and and clueless politicos.

Re:internet-connected plane

Instrumentation has been part of the stack of internet protocols for many years. It's called SNMP, and it's certainly possible to implement as read-only.

SNMP ????? Security is Not My Problem ..... please don't make me laugh... it's hurt...

Re:internet-connected plane

[h4rr4r]

There have been lots of SNMP security bugs over the years.

Syslog is what you want. The plane exports syslog to a listening box and that is it.

Re:internet-connected plane

yes, it's everyone else that doesn't know what they are talking about. i don't think anyone mentioned 'intranet' before you, so maybe you are just confused, but an intranet IS a network.

Re:internet-connected plane

[Rich0]

Yup, makes way more sense to just get a 2kb event list sent during flight, and then the dispatchers can have the right maintenance team on the tarmac when the plane pulls in. They can plug in an ethernet cable and download whatever raw diagnostic logs they need to speed up the repairs.

I could even see an in-flight request for specific logs to be sent, but it isn't like you can change an engine in-flight so I'm not sure how much time that would really save.

Saving multi-TB of data on looped storage for such an expensive plane just makes sense. Bonus points if you can harden it to survive a crash. Streaming all that data in realtime, however, makes little sense. Even archiving it may be of limited use, but with planes being so expensive it probably doesn't hurt to have the data available "just in case."

Re:internet-connected plane

would this cannon be internet connected?

Re:internet-connected plane

[acoustix]

Well, technically the article only says that the large amount of data could be created. It doesn't say that all data created is sent over a network. I would guess that the system doesn't send all data, and the rest of the data could be downloaded once the plane has landed.

Re:internet-connected plane

[wvmarle]

Hardening shouldn't be too hard - don't modern black boxes store a lot of digital info about the flight already? With advancing technology I would expect it to be totally feasible to have all this info stored in the black box, in addition to the regular plane's computers.

Re:internet-connected plane

[wezelboy]

Oh great

My safety at 30,000 ft. is dependent on a mib file.

Re:internet-connected plane

What could go wrong?

Adama would never let them network his 787

Re:internet-connected plane

[0123456]

I was hoping that too but the following quote seems to indicate there is some access from the ground.

Fault data is already sent over ACARS (a low-bandwidth text-message-like protocol) from existing aircraft. When the avionics detects a fault it sends a message so the maintenance staff will be ready to fix it after the plane lands.

Re:internet-connected plane

[jeffmeden]

Do you want to be the guy responsible for 500GB of syslog messages about every flight? Talk about making your eyes bleed...

Mar 07 04:08:02.040 UA565 altimeter: altitude 36455.5 feet
Mar 07 04:08:02.050 UA565 altimeter: altitude 36455.6 feet
Mar 07 04:08:02.060 UA565 altimeter: altitude 36455.7 feet
Mar 07 04:08:02.070 UA565 altimeter: altitude 36455.6 feet
Mar 07 04:08:02.080 UA565 altimeter: altitude 36455.5 feet
Mar 07 04:08:02.090 UA565 altimeter: altitude 36455.6 feet
Mar 07 04:08:02.100 UA565 altimeter: altitude 36455.7 feet
Mar 07 04:08:02.110 UA565 altimeter: altitude 36455.6 feet

Re:internet-connected plane

[tibit]

Nothing critical on those planes uses internet in any shape or form. The closest you get to internet-anything is the TTE (Time Triggered Ethernet) -- that's what interconnects the avionics together, probably the FADECs too. About the only commonality with "internet" is that it uses the Ethernet for lower 2 or 1.5 OSI layers, depending on who you ask :)

Re:internet-connected plane

virgin-atlantic.com?from=ORD&to=SJC&number=123&device=engines&setStatus=off

Re:internet-connected plane

[zimtmaxl]

Cockpit-Popup:
"Do you want to update Java or crash?"
|_______________ [Ok ]

Re:internet-connected plane

[cdrudge]

I believe there are 88 parameters that are required to be recorded by modern flight data recorders, although they have the option to record far more. However I would be surprised if they dumped the same amount of data to the FDR that they would send to a quick access recorder type of device.

Re:internet-connected plane

[Ryan101]

To be fair, they still technically have an air gap :)

Re:internet-connected plane

[reasterling]

Ther is a differance between a censor that can be read and an actuator that moves the flaps.

Re:internet-connected plane

[AK+Marc]

MIB is unrelated to SNMP security or reliability. MIB is a translation file for "plane.propulsion.engine.2.fuel.low" from "332.114.2.2.3.1" And the presence or absence of a MIB has no effect on SNMP, only how the results are displayed in your walker/poller.

SNMP's main problem is that so who use it don't know how.

Re:internet-connected plane

[HornWumpus]

Someone should invent computer tools for dealing with large text files.

Perhaps you could grep through a listing of sourceforge/user space and find such a tool.

Re:internet-connected plane

[drakaan]

Are you just trolling, or do you just not believe that rolling out a simple snmp service that doesn't include any ability to be writeable is possible? Not that commercially-available, generic implementations of SNMP haven't had holes in them, of course they have...that's not the point, and is unrelated to my comment.

Re:internet-connected plane

[Wolfrider]

--Bah, almost all they have to do is put the plane on IPV6 and it will automatically be more secure, since no one is using it :-P

Re:internet-connected plane

[h4rr4r]

If you are reading syslogs like that you deserve to be fired.

Use the right tool for the job.

Re:internet-connected plane

[Lissajous]

Ther is a differance between a censor that can be read and an actuator that moves the flaps.

Actually censors make sure things can't be read. I think you'd need sensors to be read. :)

Re:internet-connected plane

[bobbied]

More to the point would be the windows blue screen from the Windows 98 based display host... Don't laugh, I've seen Windows 98 in "mission critical" parts of a national cellular system in a small country within the last 5 years.

Re:internet-connected plane

According to all the Splunk ads I see around the web, someone has already done this.

Re:internet-connected plane

[adolf]

According to all the Splunk ads I see around the web, someone has already done this.

There is still advertising on the web? It's been years since I've seen any.

Re:internet-connected plane

[adolf]

I could even see an in-flight request for specific logs to be sent, but it isn't like you can change an engine in-flight so I'm not sure how much time that would really save.

They can't change an engine in-flight, but that doesn't mean they can't pressure hammer the valves or perform other creative maintenance during the flight.

Re:internet-connected plane

It probably also depends on the flight time. I'm sure a little 1.5 hour flight creates less data than a 15 hour flight. 500GB may actually be the amount of data on a flight traveling the max range that the 787 can go.

Re:internet-connected plane

[McGuirk]

Do inform.

Re:internet-connected plane

[Rich0]

I could even see an in-flight request for specific logs to be sent, but it isn't like you can change an engine in-flight so I'm not sure how much time that would really save.

They can't change an engine in-flight, but that doesn't mean they can't pressure hammer the valves or perform other creative maintenance during the flight.

You only do those kinds of tricks if the alternative is crashing/etc, or in something unmanned, or when there really is very little risk. Otherwise, the adage is "if it ain't broke, don't fix it." An engine that needs maintenance soon is quite different from an engine that is on fire, etc.

Re:internet-connected plane

[adolf]

Thank you, Captain Obvious.

Re:internet-connected plane

Not sure when they started, but diagnostic messages have been automatically radioed at least since 2009. Those messages helped narrow the search radius for Air France 447 when it went down in the Atlantic Ocean.

see: http://en.wikipedia.org/wiki/Air_France_Flight_447#Automated_messages

Re:internet-connected plane

[h4rr4r]

There are lots of tools to parse syslogs.
Splunk is really popular. If you know what you are looking for just using grep can work.

Either way you are not going to get a lot done if you spend your whole day just reading syslog.

Re:internet-connected plane

[Opportunist]

Bah, almost all they have to do is put the plane on IPV6 and it will automatically be more secure, since no one is routing it.

I'd love to use it, but trying to find an ISP that can handle it is the problem.

Re:internet-connected plane

[gstrickler]

They would have to be selective about what they download. 500GB is 4Tb. Even assuming 90% utilization on a 1Gb Ethernet connection or 900Mb/s, that's over 74 minutes to download. 90% utilization is very difficult to sustain. 900Mb/s is 111 MB/s, which is near the sustained average transfer rate of a modern HD. So, any way you look at it, most of that data can't be used beyond in-flight monitoring.

Re:internet-connected plane

[mjwx]

Mar 07 04:08:02.040 UA565 altimeter: altitude 36455.5 feet

OK,

The date/time would be in ISO format (like Linux), the UID would be the planes S/N or at the very least, registration, not the flight no and altimeter readings would be in meters not feet.

So it would be:
20130307 04:08:02 VH-EBL Altimeter: 10897.24
20130307 04:08:02 VH-EBL Altimeter: 10897.23
20130307 04:08:02 VH-EBL Altimeter: 10897.24
20130307 04:08:02 VH-EBL Altimeter: 10897.25

But if the designers had half a brain (and I refuse to believe that Boeing _or_ Airbus are hiring idiots) they'd separate these out into individual logs, I.E. altitude.log, fuel.log, temp.log, engine1.log, engine2.log, so on and so forth, even if they do have one giant log they'd also have smaller logs with the same info just for simplicities sake.

VH-EBL is a QANTAS A330 if anyone is interested.

Re:internet-connected plane

[RockDoctor]

Those numbers seem familiar ...

Mar 07 04:08:02.040 UA565 altimeter: altitude 36455.5 feet
Mar 07 04:08:02.050 UA565 altimeter: altitude 36455.6 feet
Mar 07 04:08:02.060 UA565 altimeter: altitude 36455.7 feet
Mar 07 04:08:02.070 UA565 altimeter: altitude 36455.8 feet
Mar 07 04:08:02.080 UA565 altimeter: altitude 36455.9 feet
Mar 07 04:08:02.090 UA565 altimeter: altitude -36455.0 feet
Mar 07 04:08:02.100 UA565 altimeter: altitude -36454.9 feet
Mar 07 04:08:02.110 UA565 altimeter: altitude -36454.8 feet

Don't knock it ; we've all seen it happen (even if I've forgotten precisely the number at which Tetris rolled over).

I, for one, welcome our numerate engineering and software design overlords who understand the concept of "appropriate precision". Or, I would do, if they'd stop chasing Zeno's tortoise and actually get here.

What's the range of travel on a normal undercarriage? A foot? A half-metre? About the same as the precision necessary in an altimeter? And the frequency of sampling / storage/ transmission is likely to be related to the rate of change?

Re:internet-connected plane

Guess Pratt & Whitney still can't detect turbine blade cracking in-flight, however...

Re:internet-connected plane

[steppin_razor_LA]

"Worst idea... EVAH...."

I for one

welcome our new data loving overlords!

Wait, does posting as an AC mean that I give or don't give a rat's ass to someone who cares? I'm so confused!

Internet connected

I wonder what would be the length of the RJ45 cable though

Re:Internet connected

[Sique]

They probably use HSDPA cables.

Re:Internet connected

[The_Wilschon]

They'd be better off using Monster Cables.

Re: Internet connected

cable spec? not a cable...

Re:Internet connected

[flyingfsck]

Yeah, with big direction arrows on the headers.

Re:Internet connected

[jones_supa]

That's their security strategy so that data gets only transmitted down and the planes don't get cracked into.

Re:Internet connected

you username (flyingfsck) somehow seems relevant to the topic of this conversation...

do you happen to be a "mechanic" for these new planes?

Re:Internet connected

[afidel]

You can actually do this with serial cables, I know of one application where they attached a line printer via serial connection for totally secure logging.

Re: Internet connected

[AK+Marc]

cable-spec cable is a cable, connector is never a cable, even if it implies one. Like the Cisco console cables everyone is familiar with. RJ-45 on one or more ends, and definitely *not* Internet (wrong wiring, wrong electrical spec, short, etc.).

Re:Internet connected

[AK+Marc]

No, that's his brother - crashingfsck.

Usage of data in a flight simulator

It would be cool if one could play back that data in a flight simulator to recreate the flight.

Re:Usage of data in a flight simulator

Sufficient data for playing back flights in simulators has been recorded by the black boxes for a couple of decades already. It's done to evaluate the crew's actions (and compare those with what they've been trained to do) as well as to test if alternative actions could've prevented the accident. A good example was Swissair 111 (in 1998) which had a fire on board and crashed before the crew could land the aircraft. The crew didn't even try to get it to the nearest airport as fast as they could because they wanted to dump fuel, prepare the cabin and were reluctant to land at the very closest airport at first since they wanted one with Swissair mechanics. As part of the investigation crews in simulators got exactly the same fire scenario at the same point and among other things tested if they had been able to reach the airport if they didn't dump fuel and land overweight. In those scenarios too, however, it would've taken too long from the point the fire was first detected.

Re:Usage of data in a flight simulator

[IwantToKeepAnon]

Does it transmit ALL the black box info? That would be handy like in Air France Flight 447, it wouldn't have taken years to physically find the boxes b/f knowing what happened. Is this true "cloud computing"? (groan.)

What could possibly go wrong?

[stoploss]

dave@console:~ ssh dave@hal-787
[dave@hal-787 ~]$ echo "1" > /dev/landing-gear-doors
echo: I'm sorry, Dave, I can't do that.
[dave@hal-787 ~]$ sudo echo "1" > /dev/landing-gear-doors
dave@console:~ Connection to hal-787 lost.

Re:What could possibly go wrong?

Admittedly sudo echo "1" creates the most powerful "1" there is, but it's still not quite enough to affect permissions checks on the redirection.

Re:What could possibly go wrong?

[Agent+ME]

[dave@hal-787 ~]$ sudo echo "1" > /dev/landing-gear-doors

You don't want to run echo as superuser; a regular user can echo 1 to the program's own stdout just as easily as superuser. The shell is what opens the output file (/dev/landing-gear-doors), so you either need to run the shell as superuser or have a different program as superuser which opens the file. Either of these will work:

[dave@hal-787 ~]$ sudo sh -c 'echo "1" > /dev/landing-gear-doors'
[dave@hal-787 ~]$ echo "1" | sudo tee /dev/landing-gear-doors

Re:What could possibly go wrong?

[ls671]

He,he, I kind of never got used to sudo. On all systems I ever had access to, simply typing "sudo bash" gives me the old root shell...

Re:What could possibly go wrong?

This is the real solution to the problem: sudo -i. Using sudo as above provides zero additional protection.

Re:What could possibly go wrong?

[The_Wilschon]

sudo -s is fewer characters than sudo bash.

sudo make me a sammich

Re:What could possibly go wrong?

Won't you take me to funky town?

Re:What could possibly go wrong?

[jkflying]

If you're short on characters, plain old su will save you a few more...

Re:What could possibly go wrong?

Just log in as root. no sudo needed.

and then do
shutdown -h now

That gives the pilot something to do!

Re:What could possibly go wrong?

But that does rather ruin the joke.

Re:What could possibly go wrong?

[ls671]

It doesn't work because root has no password set on a typical sudo system.

~# grep root /etc/shadow
root:!:15997:0:99567:5:::

I use my user (not root) password to execute sudo bash. Thanks to the guy who gave a hint about sudo -s!

Re:What could possibly go wrong?

Thank you, sir!

I was just now having trouble with a permission denied while trying to sudo $somecomand > $file.

The $somecommand was running as root, but the ">" part was still the regular user.

The single quotes sudoes the whole thing.
/newbie

Re:What could possibly go wrong?

Really, once again, thank you.

I had been frustrated by this problem, and decided to distract myself by reading slashdot for a few minutes while waiting for the solution to pop into my head.

I didn't have to wait long.

Slashdot still rules.

Bonus--captcha: "unaware"

Re:What could possibly go wrong?

[RDW]

Even attempting to activate the manual override can be confusing for those without prior unix experience:

http://xkcd.com/912/

Re:What could possibly go wrong?

[GigaplexNZ]

You could just use "sudo su"

Re:What could possibly go wrong?

[fbobraga]

nice tip!

Re:What could possibly go wrong?

or

apt-get purge sudo :D

Re:What could possibly go wrong?

As far as I know, "sudo -i" is the best option. This way also the home directory is changed to /root, so that the configuration files (or history files) in the home directory of your regular user aren't suddenly owned by root.

Re:What could possibly go wrong?

If you find yourself doing commands needing sudo, try this.

sudo !!

!! will repeat the last command.

Re:What could possibly go wrong?

My god. Slashdot is full of terrorists.

Re:What could possibly go wrong?

sudo (echo "1" > /dev/landing-gear-doors)

Would that work?

Re:What could possibly go wrong?

[Opportunist]

Terrorists? No. People who know something that COULD be used by terrorists? Probably.

Seriously, when did knowledge become a problem? I know how to build bombs. Hey, I even know how to build an atomic one. Getting that yellowcake is the problem. And the fact that I have exactly zero INTENTION to build one.

I'm pretty sure there are quite a few people around here who would have a good idea how to start hacking those planes. Me included. Hell, I spend 99% of my working hours prodding and poking at various bits of hard and software trying to break their security. I may do that. I got the order from the owner (or, in case of corporations, of the person responsible for their security) of said hardware to do that.

Knowledge is not a problem. How it is applied is. Knowledge is nothing else than the weapon that doesn't do anything wrong by itself, it matters who wields it an how he applies it.

Re:What could possibly go wrong?

sudo make me a sammich

make: *** No rule to make target `me'. Stop.

Re:What could possibly go wrong?

[fnj]

All the suggestions I've seen here are wrong. I do it all the time and it's "sudo su -".

Oh, and if you want to be any user who has /sbin/nologin for a shell, just do e.g. "sudo su -s /bin/sh postfix"

Re:What could possibly go wrong?

[In+hydraulis]

Well played, sir!

Re:What could possibly go wrong?

[razorshark]

My god. Slashdot is full of autistics.

The guy was joking (I think). You should have realised that before launching into a spiel.

Re:What could possibly go wrong?

[mjwx]

sudo make me a sammich

#> Cannot locate object "sammich". Consult correctenglish.log for more info.

Re:What could possibly go wrong?

[ls671]

I actually appreciate that side effect of using "sudo bash". That way, I do not contaminate other admins history files... I don't recall using su without the "-" on non-sudo system having the same effect.

I encountered no issues such as the ones you mention. As long as the files already exist and are owned by the regular user, root won't change the permissions on the files.

I might have used chown a couple times at most on some files that were created by root but I can't recall where, so really seldom...

Re:What could possibly go wrong?

[Opportunist]

Possibly, but I still thought it had to be said. More and more knowledge is being blamed when someone does something illegal, as if making knowledge illegal would change whether people who want to do something illegal can get access to it.

When someone plans to build a bomb, the fine for trying to find out how to build one doesn't matter to him.

Internet != Network

[scsirob]

Connecting flight controls to "The Internet" would be the stupidest of all ideas. If they do this, anyone getting on board would be a candidate for the Darwin awards.

I'm sure they meant to say that all these systems are networked together, using ARINC or other aviation network technologies.

Re:Internet != Network

[Christian+Smith]

Connecting flight controls to "The Internet" would be the stupidest of all ideas. If they do this, anyone getting on board would be a candidate for the Darwin awards.

I'm sure they meant to say that all these systems are networked together, using ARINC or other aviation network technologies.

TFS says "an internet". A network -> network connection is an internet connection, regardless of whether it's routed to "the internet".

Re:Internet != Network

[Sique]

If it uses the IP (Internet Protocol), then it's probably an internet.

Re:Internet != Network

[SpazmodeusG]

Another possible meaning is that it's purely dataloggers monitoring every device he describes. So there's no way to control anything, just a way to monitor it.

Re:Internet != Network

[rioki]

True that, by implementing push only the plane is safe. Let's hope they implement proper authentication, since injecting fake error reports may not hurt the plane, but can definitely hurt the airline.

internet connected...

Who's the first to hack those planes and connect them to flightgear. Passenger plane UAV!

Internet?

Hopefully he's just abusing the word 'Internet'

Mile high club

[hviezda14]

I see this as next level for all the hackers: let the airlines do all the unnecessary orders based on signals from hacked plane. Mile high club got just new meaning.

Misuse of "literally"

[[ Literally every piece of that plane has an internet connection ]]
I'm sure that's not actually true. Seats? Toilets? Overhead bins? Main wing spar?

Re: Misuse of "literally"

You are literally the craziest person I've met

Re:Misuse of "literally"

[Richard_at_work]

Main wing spar would be a certainty of some form of connectivity due to its fatigue and stress sensors.

I will give you the rest.

Re:Misuse of "literally"

[halltk1983]

I think knowing which seats were occupied, when, would give the airline useful weight distribution analytics, along with seeing which foods were more likely to make people need to use the restroom more. Also, it could provide an average weight of person per flight on each flight route giving them a little better idea on how much extra fuel to start packing.

You think the toilets don't need occasional maintenance? Maybe a pressure gauge near the flush? Check the water tanks for leaks? They could have sensors too.

Over head bins provide much the same reasoning as the seats above. Weight average, weight over all, weight distribution, maybe even the ability to check for the weight shifting during turbulence so that stewardesses know which bins are likely to kill someone when they are opened, and can get their smart phones ready for youtube goodness.

Remember, in this world of data analytics, it's all valuable to someone.

Re:Misuse of "literally"

[Opportunist]

Toilets?

DO NOT WANT!

Re:Misuse of "literally"

[Rich0]

What about fuselage rivet #3248? Don't leave that out! (Uh, assuming they actually use rivets.)

Re:Misuse of "literally"

[bobbied]

It may be valuable, but if you have to carry 1 tone of extra weight to carry the sensors and wire I'm not sure the cost is going to be worth it.

Much less data than you think

Sources say it's an XML dump. Maybe 100KB of actual data in there.

Re:Much less data than you think

[ls671]

This would make perfect sense ;-)

Re:Much less data than you think

Before compression.

Re:Much less data than you think

Much worse than that, they are using PHP for their servers on all planes.

The horror.

Re:Much less data than you think

Bravo, my good man, bravo!

Re:Much less data than you think

[flyingfsck]

Man, you made me snort my coffee and it was bloody hot. I don't think I'll ever have a cold or a sniffle again...

Re:Much less data than you think

[fbobraga]

it's the Apocalypse coming!

Batteries....

You'll need some big Li batteries to power all that....oh wait....

on fire

Re:Batteries....

[IwantToKeepAnon]

You'll need some big Li batteries to power all that....oh wait....

on fire

But a very well documented fire.

interent != Internet

[Prokur]

there is a difference between internet (any internetwork) and the Internet (a worldwide publicly accessible system of interconnected computer networks)

Re:interent != Internet

[jklovanc]

intranet != internet

FTFY

Re:interent != Internet

[fbobraga]

internet != the internet FTFY

Re:interent != Internet

[DarwinSurvivor]

internet != the Internet

The "I" is capitalized in "The Internet."

They're Watching Ypu

Isn't it funny? After pointing out yesterday that Virgin hire a reputation management company which scans the internet 24/7 to scrub any news which might tarnish Virgin's carefully massaged reputation we have a topic submitted to buff Virgin's image as a trend setter. The reality is Virgin just asset strip other people's ideas and sell them as their own. There's nothing special (or even nice) about Virgin. They just want your money.

Re:They're Watching Ypu

[fbobraga]

The reality is Virgin just asset strip other people's ideas and sell them as their own.

Like an very well-known IT company...

Beowulf

Imagine a Beowulf cluster of these!

Impressive

My lord, that's like a whole 19 or 20 signals 16 bit digitized at 1 Meg Sa/S over an 8 hour flight.

Re:Impressive

oh, half terabyte, maybe 8 bit then
So they might be storing some direct sample data. Not a big deal.

Re:Impressive

[belthize]

Agreed. I'm not sure what we're supposed to be amazed at. It's a storage industry driving amount of data per flight in 1993, it's impressive in 2003, it's trivial in 2013.

Storage in the cloud

[verifine]

Finally it makes sense, the plane (which is often in the clouds) generates data (which is stored in the cloud.)

Re:Storage in the cloud

[DarwinSurvivor]

Ironically it has to send the data down the ground first!

Currently producing zero bytes

[Viol8]

Because all 787s are grounded. Perhaps Boeing should have concentrated on the basics for a bit longer instead of the frivolous nonsense that is nothing more than a tickbox on a marketing sheet.

Re:Currently producing zero bytes

[jimicus]

I don't know that it's all that frivolous.

Your average airline is running on razor-thin margins. They do NOT want a plane grounded for any longer than is absolutely necessary - because a grounded plane isn't earning any money. If an airliner can signal any faults several hours before it lands, the maintenance crew have advance warning so they know exactly what to look at (and maybe even have parts available) the instant it touches down rather than have it sitting on the tarmac waiting for parts to arrive.

Re:Currently producing zero bytes

[DerekLyons]

Maintenance data is far more than a 'tickbox on a marketing sheet', it's the absolute bedrock for efficiently operating a large fleet of... well, anything. Cars, trucks, planes, etc. That airlines and airframe manufacturers can and do collect and analyze tons of maintenance and operational data is a large part of why air travel is so safe and (relatively) cheap.

Re:Currently producing zero bytes

[Opportunist]

A grounded plane not only isn't earning money, it costs and arm and a leg to just stand there.

I doubt they're happy with this.

Re:Currently producing zero bytes

[gl4ss]

well not much of maintanence data if they can't figure out wtf is wrong with their batteries with it.

Re:Currently producing zero bytes

[Eugriped3z]

Your average airline is running on razor-thin margins.

You must have on tough beard.

Re:Currently producing zero bytes

[jimicus]

Seriously, they are.

Oh, they might make good money - but to make £50 million they often have to spend £49 million. When the difference between "successful business" and "calling in the administrators" is that tight, it really doesn't take very much to screw with the numbers.

Makes me wonder...

[Foske]

1) How often do they update the virus scanner on their toilets ?

2) Is ssh enabled on their engines ? Are the engines protected against "shutdown -h -t now" commands ?

3) Can I upload video player software to the cockpit screens ? I mean, looking at those indicators the entire flight is soooo boring !

Re:Makes me wonder...

[flyingfsck]

Hmm, can a common user fill up the tmpfs of /run and cause the whole system to grind to a halt?

Re:Makes me wonder...

[tompaulco]

All they are really saying is that they use internet protocols to send data back and forth through routers rather than have a wire from every single sensor to the recording device as was done historically. This probably saved thousands of pounds of wire, and makes the plane safer as you can now double or triple your wire runs cheaply and effectively. Also, the recent overly dramatized video of the plane that was crashed on purpose shows that thousands of wires running the length of the fuselage poses a significant evacuation impediment in a crash.
Secondly, the half a terabyte of data that they produce doesn't all get sent to the ground. When you design a program, you probably make it log all kinds of events, but does it e-mail every event to somebody, or only e-mail when something really important happens? Planes have long had data connections to service center and headquarters. I'm sure they piggy back on that or a similar technology and send down the important events.

Engines at Rolls Royce

[martin]

Have been doing this for years. They constantly stream data to RR HQ and theres a team of highly experienced people watching the data. http://www.youtube.com/watch?v=zPIYBgZNrsg&sns=tw

Re:Engines at Rolls Royce

[Michael+Woodhams]

I notice that this did not prevent an uncontained failure of an A380 engine.

Re:Engines at Rolls Royce

[martin]

Quite - everything seemed to happen v quickly once the oil pipe broke. And yes the engine should be able to contain a broken blade

Allows get issues with new engines and the original Trent almost broke RR (its development costs being the major reason fir nationalising it in the 1970s from what I remember

Re:Engines at Rolls Royce

[pittance]

And yes the engine should be able to contain a broken blade

Slight correction: the engine should be able to contain a failed fan blade. A turbine disc (or the one third disc pieces it breaks into), which is what failed on the flight here, acts like god's own laser beam and is not containable and so the aircraft will always have to be designed to tolerate that type of failure as it duly did. In fact the regulations require uncontained fan blade failures to be checked as well, even though they shouldn't happen.

Re:Engines at Rolls Royce

[Richard_at_work]

Why would it? It only highlights situations where there is prior indication of an issue on a monitored part. The A380 engine failed because of a leak of oil that pooled, caused a fire and thus caused an engine failure.

Couple things to note - it was the engine core that failed, which is not required to be contained by certification standards, and RR were aware of the engine heat issues caused by the fire during that flight as it happened, however there was nothing they could do. The amount of oil that leaked was trivial, it was the fact that it leaked where it did and pooled where it did.

500 gigs? How are old machines staying ualoft?

[ReallyEvilCanine]

What percent of that "data" is bad scripting, really bad mark-up and AdSense shit? Is there maybe an address like "m.part_number.plane_number.location.internalsite.boeingcorp.com" so the people who fix the problems can get the info without being tracked and spammed by OK Cupid and 100 different tool sellers?

Brilliant!

Hopefully they will be using Windows 8 and not Linux, try and keep the Washington companies together ya know.

flights? what flights?

"We can get upwards of half a terabyte of data from a single flight". Well, provided they're actually able to fly, which is not the case, last time I checked.

Looks like a job for Big Data!111

Cue the consultants and bullshit artists.

Re:Looks like a job for Big Data!111

[jones_supa]

Thank you for saying "cue" instead of "queue" which is so common these days.

Re:Looks like a job for Big Data!111

[bobbied]

But are we telling them to start doing something or just line up?

Re:Looks like a job for Big Data!111

[AK+Marc]

Both are correct for his statement. One meaning "start the consultants" the other meaning "line them up". I agree they are often used improperly, but in this case, the meaning is not changed significantly if the other had been used.

And yet...

I still have to turn my Kindle off during take-off and landing.

500GB in a few hours?

[EmagGeek]

That must be some wicked-fast in-flight Internet connection they have...

I use about 160GB/month, and my ISP considers me an abuser.

Re:500GB in a few hours?

[flyingfsck]

160GB/month? Geez, I think you need treatment for your pr0n addiction...

Re:500GB in a few hours?

[ketomax]

160GB/month? Geez, I think you need treatment for your pr0n addiction...

Starring who, the flight crew? And they call it Virgin Atlantic!

Re:500GB in a few hours?

[fbobraga]

Some torrenting of movies/series easily achieves that - not necessarily pr0n...

Re:500GB in a few hours?

[jones_supa]

Here in Finland, at one point I had unlimited 3G and was able to consume 44GB per month watching 720p YouTube and stuff.

7-Zip

[Compact+Dick]

LZMA is Boeing's friend.

Re:7-Zip

[fbobraga]

For 100KB?

Re:7-Zip

[Compact+Dick]

For 100KB?

LZMA is how 500GB can be reduced to 100 kB.

Re:7-Zip

[fbobraga]

Wow!

All this for lousy service

[gelfling]

0.5 TB about how your flight is late or cancelled and there's nothing anyone can do about about anything ever.

Boeing 787s To Create Half a TB per flight

[hcs_$reboot]

Normally that would be a whole TB, that is when the plane makes a whole flight.

787 On-Board Network

[Required+Snark]

In less then two minutes on Google I found this article with a description of the 787 on-board network: http://www.avionics-intelligence.com/articles/2011/06/boeing-787-avionics.html

The Core Network, which is standard on the 787, uses computing servers and networks based on commercial open standards. It also has a variety of third-party applications to manage the onboard data flow to improve airline efficiency. The Common Data Network (CDN from Rockwell Collins is a, bi-directional copper and fiber optic network that utilizes ARINC 664 standards and protocols to manage the data flowing between the 787's onboard systems. It is based on Ethernet technology and enabled for avionics systems. The CDN has higher data rates, expanded connectivity, and reductions in overall aircraft weight when it is contrasted with point to point topologies, Rockwell Collins officials say.

Another quick search on ARINC 664 yields the following: http://en.wikipedia.org/wiki/Avionics_Full-Duplex_Switched_Ethernet

AFDX is a next-generation aircraft data network (ADN). It is based upon IEEE 802.3 Ethernet and utilizes commercial off-the-shelf hardware thereby reducing costs and development time. AFDX is one implementation of deterministic Ethernet defined by ARINC Specification 664 Part 7. AFDX was developed by Airbus Industries for the A380, initially to address real-time issues for flight-by-wire system development. A similar implementation of deterministic Ethernet is used on the Boeing 787 Dreamliner. AFDX bridges the gap on reliability of guaranteed bandwidth from the original ARINC 664 standard. It utilizes a cascaded star topology network, where each switch can be bridged together to other switches on the network. By utilizing this form of network structure, AFDX is able to significantly reduce wire runs thus reducing overall aircraft weight. Additionally, AFDX provides dual link redundancy and Quality of Service (QoS).

So both the Airbus 380 and the 787 use COTS hardware and Ethernet, as does the Internet. Although slightly sloppy, describing the network as an "internet" is technically correct. Asserting that the data is "bloated XML" or that their is bad scripting, spam or cookies involved is grossly stupid.

I have worked with previous ARINC formats, and the data is very compact. It fact, it is positively cryptic, and generally you use software to turn it into a more human friendly form, like a line graph. So if there is a half terabyte per flight, it is all "real" data. Any of the posts that assume otherwise are a combination of arrogance and ignorance, which is typical for what passes as comments on Slashdot these days. Hence my sig:

Re:787 On-Board Network

>Hence my sig:

So Slashdot's combination of arrogance and ignorance has influenced your use of a blank sig?

Re:787 On-Board Network

[Muad'Dave]

...deterministic Ethernet defined by ARINC Specification 664 Part 7.

That rang a token-bus bell, so I dug a little deeper. It seems they borrowed the token-bucket concept from ATM to get their deterministic behavior. Pretty clever.

On a side note, how I wish we'd standardized on ATM-to-the-premises!

Re:787 On-Board Network

Yup, I think the data can be positivitly massive due to it being more or less everything, sensors can give you LOTS and LOTS of data if you want it, though generally you don't try to store that data. A quick calculation you might guess 16-bit sensors, and maybe 32 sensors overall, 1kHz isn't a crazy sensor output rate either. that gives you 16*32 bits per milisecond, which gives you 0.5MB/s, over a 10 hour flight that's 18GB for just 32 16-bit 1kHz sensors. I'm sure that plane has more than 32 sensors.

Re:787 On-Board Network

I have worked with previous ARINC formats, and the data is very compact. It fact, it is positively cryptic, and generally you use software to turn it into a more human friendly form, like a line graph.

You mean, the type of data that needs complex parsers, hardcoded structs and spaghetti code to decode ? Is it safe to assume this are smart sensors that also receive messages from upstream, such as 'start measurement', 'throttle the data speed', 'change data format' or 'data received' ? Is a stretch to assume the same very compact data format is used for commands too, and get decoded by the sensor's 8 or 16 bit microcontrollers which is programmed in assembly or C++, and have no protection against stack smashing or memory segmentation, thereby transforming many types of software mistakes into complete control over the sensor's behavior ?

I know the aeronautic industry is very attentive to the subject of safety, but this is quite in a different ballpark than screws that tend unscrew due to vibration and material fatigue. This is a psychopathic screw with limbs that is able to unscrew itself and jump straight into your turbine yelling "Jehovah Akbar !". Try to build a plane with that ! The computing industry, who's been at it for decades, still have no idea how to build provably secure devices. Major industries such as banking and governmental nuclear facilities have fallen victim to cyber attacks.

And the guy in charge is talking about how great is to have everything 'connected to the Internet', a complex bidirectional protocol suite that is exceptionaly hard to implement let alone operate securely ? What could possibly go wrong indeed...

Re:787 On-Board Network

[TrekkieGod]

Asserting that the data is "bloated XML" or that their is bad scripting, spam or cookies involved is grossly stupid...Any of the posts that assume otherwise are a combination of arrogance and ignorance, which is typical for what passes as comments on Slashdot these days.

Although I'm always tired of the "what could possibly go wrong" posts (and was tired of them back in '03 too, slashdot has always had those posts)...Dude, the xml comment was a joke, and a pretty funny one at that. As I literally laughed out loud after reading it, it never even occurred to me that somebody else might read that post and think it was a serious concern that 100kb suddenly transformed into half a terabyte because of xml tags. Until I read your post that is.

You should go in search of your sense of humor. I think if you check your wallet, you'll discover you've lost it. After you find it again, I bet slashdot will seem a little less arrogant and ignorant.

Re:787 On-Board Network

[humbleking]

On a side note, how I wish we'd standardized on ATM-to-the-premises!

Ah! And old ATM hand. I remember those days of endless Powerpoint presentations depicting the whole world as ATM-to-everything. That dream died long ago. Makes me wonder if you're the Dave I used to know.

Re:787 On-Board Network

[Muad'Dave]

Maybe. Where'd you meet this amazing-sounding Dave?

Re:787 On-Board Network

[humbleking]

In Dallas in the mid 90's at a telecom company. Then worked with him at an ATM start-up.

Re:787 On-Board Network

[Muad'Dave]

Nope, different awesome Dave. Sorry. I was introduced to ATM working for Concurrent Computer Corp back in the late 80's/early 90's.

Re:787 On-Board Network

[HungWeiLo]

AFDX and the Rockwell CDN is not just "COTS hardware and Ethernet". AFDX/664 is a protocol based on UDP packets coupled with hardware redundancy, real-time data transfer, and packet time/sequencing verification. Having the technology based on UDP packets makes it possible to use existing RJ-45 cables and cheap switches for development.

Re:787 On-Board Network

You should go in search of your sense of humor.

He lost it in the 499.9999 GB of XML tags, you insensitive clod!

Re:787 On-Board Network

[0123456]

On a side note, how I wish we'd standardized on ATM-to-the-premises!

We pretty much did: DSL mostly seems to be ATM to the ISP.

But ATM really, really, really sucks for anything other than phone company to phone company connections, which is why we use TCP/IP over ATM instead.

Re:787 On-Board Network

[Muad'Dave]

But ATM really, really, really sucks for anything other than phone company to phone company connections...

Huh? The promise of ATM was not its data-carrying capability; rather its ability to guarantee bandwidth and jitter on a per VC basis. I've long said that I'd rather have 5 ATM video channels that I can connect to whatever I want to watch versus 500 channels of what the cable company thinks I want to watch. Why shouldn't I be able to connect to the news across the country? Why shouldn't I be able to watch any football game I want instead of what my 'viewing area' gets to see? Are you a gamer? Imagine being able to get a low latency connection, guaranteed.

I'm not saying these things are not possible today with fast internet access - clearly they are. But they could have been available 20+ years ago if we'd decided as a country to leverage ATM as a utility and allow competition for generic phone and data service. For video, I would've loved to see the actual content creators/providers compete for my virtual circuit/hour.

Re:787 On-Board Network

[AK+Marc]

The computing industry, who's been at it for decades, still have no idea how to build provably secure devices.

They do, but the results are considered unusable.

RR engine - meet your new buddy

Stuxnet.

What could go wrong?

[Dereck1701]

Depends, If they're just censors with no tie-in to the aircraft's operation then there shouldn't be any issue. But that needs to be in the form of hardware or air-gap, not some software setting that can likely be overridden remotely. The only way I would see this kind of functionality being safe is if the aircraft basically has two health monitoring systems, one used by the cockpit which has NO communications ability. And the other which can communicate and does have passive only access to the aircraft's censors, but is otherwise is physically disconnected from any of the aircraft's control systems.

Re:What could go wrong?

[mhajicek]

Even if you can't get at anything on the plane, it could be possible to hijack and falsify the telemetry. You could keep telling maintenance that the engine is just fine even though it's in trouble, so it doesn't get the service it needs.

Re:What could go wrong?

[halltk1983]

I would prefer it if my aircrafts sensors weren't censored.

/I'm so very sorry, I'm not normally a Grammar Nazi

Re:What could go wrong?

[fnj]

As in most cases where invoked, the grammar nazi disclaimer is not necessary here. Noting a really amusing spelling error in a non-hostile way could never be taken as nazi behavior by rational beings.

Re:What could go wrong?

It's Nazi, not nazi.

Re:What could go wrong?

[eth1]

As in most cases where invoked, the grammar nazi disclaimer is not necessary here. Noting a really amusing spelling error in a non-hostile way could never be taken as nazi behavior by rational beings.

Oh, stop being such a grammar Nazi Nazi.

Re:What could go wrong?

[serialband]

As in most cases where invoked, the grammar nazi disclaimer is not necessary here. Noting a really amusing spelling error in a non-hostile way could never be taken as nazi behavior by rational beings.

That's the key. Too many people read too much of their own emotions into other people's posts and become irrational. There is no facial expression or intonation in typed words, which is why people started using emoticons.

Re:What could go wrong?

aircrafts -> aircraft's /I'm sorry... -> /, I'm sorry...
sorry, -> sorry;
Nazi -> Nazi.

Re:What could go wrong?

Only if you stop being a grammar Nazi Nazi Nazi.

Wait until anonymous hears about this

[tigersha]

And lets hope the server controlling the engine is not written in PHP or something

Re:Wait until anonymous hears about this

[hcs_$reboot]

There are only bad programmers. The real problem is to ensure the whole system is not reachable from the Internet, otherwise terrorists may not even have to take the plane...

0.5TB per flight?

so that's 0B total

Only on /....

[Opportunist]

...could a discussion about plane travel and safety descend into a bickering about the correct use of the Linux console...

Gives new meaning...

[jampola]

...to "cloud" computing!

Where do I sign up?

not unbelievable

[CaptainNerdCave]

John Deere has a variety of satellite-guided systems that can be implemented, and there are a few methods to monitor and program firmware over a wireless connection (I don't know the exact communications medium, it's not my field). Suggesting that there is 500+GB isn't unlikely, because I use CAN to interact with the hardware that we test, and a few seconds of reading a few variables can easily be 1MB.

Here's my quick number-crunching output:
500GB / 5 hours (estimate average flight including prep) = 100GB / hour
100GB / 60min / 60sec = .0278GB / sec of data being recorded
If it's anything like the CAN system here, they'll probably have 16 byte messages, depending on how it's subdivided. A lot of things report at 1000ms intervals, but more critical ones report at 100ms or faster. .0278GB/s = 28.4MB/s = 29127KB/s = 29826162 bytes / second
29826162 byte / 24 byte / 10 ms =
Assuming they use 16 byte messages with 8 character message IDs logged to .asc or .blf, etc, that breaks down to roughly 124000 things reporting every 100ms. My guess is that there are probably messages transmitted to the ground every minute or thirty seconds, or about 3MB per data burst.

Who is going to store all that data?

So who is going to pay to archive all that data? I don't think it is now, but how soon will it be before the Feds (NTSB) require that the data be permanently archived. I could see storing it for a maintenance cycle (in case of an accident or crash), but the Feds love to use any information available for surveillance purposes.

Bloat: It's not just job security ...

[Rambo+Tribble]

... it's an adventure.

Useless

Useless when cabin goes on fire

500 GB isn't that much

That's not a ton of data if it's log-style data. If you aren't likely to need quick access to the archived data, you can use an ultra-efficient (but slow) compression like PAQ to compress a 500GB log file into something on the order of 1GB. If you're archiving more than one flight at a time and have a ton of RAM you can take advantage of solid archiving to achieve even better compression. You could probably fit a month's worth of flight data onto a single Blu-ray disk.

That's a lot of addresses!

I sure hope they're using IPv6 ;)

Secure storage too

[PPH]

Don't worry. It's got battery backups.

Oops!

ARINC664

[_Shad0w_]

After talking to a friend in the biz, he's most likely talking about a mutated version of ARINC664 with a downlink thrown in. Which is different to Airbus's mutated version of ARINC664.

(Probably anyway; I deal with ships. We have things like IEC 61162 instead.)

subject

[aahpandasrun]

Internet connected toilet reports an increase in poop from yesterday.

sudo done wrong

[ls671]

OMG, could have I been right 15 years ago when I perceived sudo as a security hole? Still nowadays, no system I have the last say on have sudo enabled...

In init scripts, to start gpg-agent as root so it runs under user nobody which has a nologin shell, I use:
eval `/usr/local/bin/gpg-agent-copy-nobody --daemon`

with gpg-agent-copy-nobody suid nobody:
# ls -al /usr/local/bin/gpg-agent-copy-nobody
-rwsr-x--- 1 nobody root 1238888 Mar 02 2013 /usr/local/bin/gpg-agent-copy-nobody*

I never seemed any gain in using sudo, especially when most sysadmin allow users to do "sudo bash".

Sudo could nevertheless be used in some setup where you really want to manage what users are allowed to do but I have never seen it used as it should be yet. It's like: "we are using sudo therefore we are more secure"

So, in all cases that I have witnessed, you could do "sudo bash". This makes sudo another complex thing to maintain and patch therefore a potential security hole while, in that context, it doesn't protect you from anything compared to plain su.

Rights

[stoploss]

OMG, could have I been right 15 years ago when I perceived sudo as a security hole?

Yes, sudo is a security hole.

I never seemed any gain in using sudo, especially when most sysadmin allow users to do "sudo bash".

Not only is it usually allowed, it's actually very difficult to prevent a user with sudo rights from being able to escalate that to a root shell. Read the sudo man page regarding shell escapes. "Due to the large number of programs that offer shell escapes, restricting users to the set of programs that do not is often unworkable. and "Note that restricting shell escapes is not a panacea."

... and what if some user uploads a statically compiled bash binary (cleverly named something else) and sudo's *that*?

it doesn't protect you from anything compared to plain su.

Whoa, there... that's a bridge too far.

sudo prevents you from having to share a single root password with everyone who needs to su. It's much easier to revoke an individual user's sudo rights than it is to come up with a new root password and communicate it with "everyone but the now-revoked person". Besides, people are more likely to share a root password that "everyone knows" than they are to share their personal login creds.

Besides, you can setup nice logging with sudo that gives you per-user security audits. This is useful in professional circumstances, because it allows you to enforce policies like "do not sudo a shell, or you will be fired". And if someone *does* "sudo su" and then nukes the security audit log to cover their tracks then that's not only a termination-worthy offense, it's also likely a criminal act in many jurisdictions.

And, yes, I have configured sudo on production machines for users who were restricted to executing only a handful of explicitly designated scripts, so sudo *was* far more secure than giving them su in that context.

Sudo vs. su on your machine at home for which you are the only person with a login? Meh. It doesn't really matter, so go with your preference.