Slashdot Mirror

← Back to Stories (view on slashdot.org)

Calling Out a GAO Report That Says In-Flight Wi-Fi Lets Hackers Access Avionics

Posted by timothy on from the this-postcard-is-just-an-atom-bomb dept.

An anonymous reader writes A new report from the U.S. Government Accountability Office (GAO) warns that in-flight W-Fi, including wireless entertainment and internet-based cockpit communications, may allow hackers to gain remote access to avionics systems and take over navigation. At the same time, a cyber expert and pilot called the report "deceiving" and said that "To imply that because IP is used for in-flight WiFi and also on the avionics networks means that you can automatically take over the avionics network makes about as much sense as saying you can take over the jet engines because they breathe air like the passengers and there is no air gap between passengers who touch the plane and the engines which are attached to the plane."

14 of 113 comments (clear)

  1. Kind of a dup, but here's a link that explains it by xxxJonBoyxxx · · Score: 5, Informative

    This is a dup story, so here's my dup comment:
    See DefCon 22's avionics preso from 2014 to see what you can and can't do from a hacker's perspective.
    https://www.defcon.org/images/...
    (Since the summary doesn't even often a link or name...this MIGHT even be exactly what the submitter is talking about.)

  2. Hmmm .... by gstoddart · · Score: 4, Insightful

    So, Mr cyber Expert and Pilot, other than saying "nuh uh", do you have anything to suggest there is no chance of this?

    We know people can hack air gaps, and if the in-flight wi-fi is at all connected to the electronics in the airplane, there's potentially a lot of attack vectors.

    And since there is no actual article, just a summary which says some guy says it can't happen ... I call "bullshit" on the whole story.

    Seriously, timothy, a link to a story or this is nothing more than innuendo.

    --
    Lost at C:>. Found at C.
    1. Re:Hmmm .... by Em+Adespoton · · Score: 4, Informative

      https://www.defcon.org/images/...

      Different physical network. Someone in GAO misread the original report.

    2. Re:Hmmm .... by ledow · · Score: 5, Insightful

      You know that little screen they put in the back of the seats? Do you think they're stupid enough to cable that into the engine management?

      The air-phones? Do you think they're stupid enough to just tie that into the cockpit comms?

      When you're talking life-dependent systems (which pretty much no-one here will ever have to deal with and certify, which is why all your electronics ALL say that it's not to be used in life-support devices etc.) like airbag deployment and plane avionics, it's heavily regulated, heavily specified, heavily tested and heavily scrutinised. Rarely does a aircraft system specified on the "jumbo jet" level do anything more than exactly what it's designed to do. Plane crashes are caused by outside influences, human input overriding the computer and by DESIGN decisions, not software failure because someone forgot to renew the licence of two DHCP servers fought over who assigned IP's to the engines.

      It's an entirely different class of system that you want to hope that you never have to deal with. That's WHY large planes cost HUNDREDS of millions of dollars and you have to train for decades to be allowed near the switches - even if you're servicing them.

      And, no, VLAN's would never operate in a system like that and if they did they'd be proven-safe mathematically and, hell, even my cheap commodity switches only respond to management requests on the management VLAN and no other.

      They is why the guy responding is so clear on this. It's just not done. Ever. If you change a cable, or a panel, or redesign a bit of hatchway, or push out a software upgrade for a commercial airliner, it takes hundreds of people checking it, re-certification of the end-result, testing and all sorts.

    3. Re:Hmmm .... by grimmjeeper · · Score: 3, Interesting

      As someone who has spent a great deal of his career in avionics design, both civilian and military, I fully agree.

      Avionics computers are not PCs running linux or windows. They don't have generic user level applications. They are custom designed, custom built hardware with very specifically chosen components to do the specific job at hand. The application software is pretty much entirely custom. As far as operating systems, many still run home grown schedulers that provide a bare minimum of services. Only in the last 15 years or so have they even started using off the shelf operating systems and so forth. Even then, it's usually something like VxWorks or Green Hills Integrity or some other RTOS like that. But they have to use versions of the operating systems that conform to ARINC 653. And while ethernet has started appearing on modern systems, it's use is highly specialized. They may put an IP stack on the box to facilitate getting packets from one box to another but the content of the packets are very highly specialized and they are carefully scrutinized before they are accepted and acted upon. Not to prevent hacking but to prevent "undefined behavior". Safety requirements mandate that they carefully inspect packets coming in and drop out of spec packets according to the rules established long before the first line of code got written. Not because they're trying to prevent hacking. It's because accepting unexpected and out-of-spec data can lead to problems that make the plane hit the ground. The anti-hacking capabilities are a side effect of that scrutiny.

      But even if you could get your packets into these specialized computers, how do you think you're going to hijack the box and spawn your malicious task that takes over? Like I said before, these computers aren't just PCs running Linux. They're custom built computers with an RTOS that very carefully and very deliberately partition the box to prevent tasks from corrupting each other or the operating system. And each task very specifically inspects every packet coming in before using the data so things like buffer overruns and what not simply won't work. So crafting the right kind of packet to allow you to insert your malicious code is more difficult by many orders of magnitude. Beyond that, you are extraordinarily unlikely to find a random port being open that gives you access to the OS core. That's a safety issue so it's checked before the computer can get FAA certification. The only ports available to be used are the ones that are needed and specified.

      Is it 100% provable that you can't hack into the systems? No. But it's so monumentally unlikely as to be effectively impossible. Are there some systems out there that had vulnerable code make it through certification? More than likely. But even so, the threshold for making it through FAA certification is high enough that even bad code that slips through is far less vulnerable than most everything out on the commercial market.

  3. New concept by courteaudotbiz · · Score: 4, Funny

    Its a brand new concept called "crowd-piloting". The plane goes wherever its passengers feel to go. Very nice!

  4. Uhh by StikyPad · · Score: 4, Insightful

    If there's no air gap between the passengers and the engines on your flights, then I'll take another flight please.

    --
    https://www.eff.org/https-everywhere
  5. Re:Kind of a dup, but here's a link that explains by Anonymous Coward · · Score: 5, Informative

    Mod parent down. I attended the presentation in person. The presenter is full of shit.

    He based his presentation on flight simulators and utter conjecture. Flight simulators do not model the internal workings of an airplane, but rather the flight characteristics. You can't learn how the internals work without any reference to the internals. The guy made claims about things that just aren't true. He also spread a lot of FUD - "isn't it scary that landing times are on the Internet? What evil things could I do with that?!?" Idiot. Flight plans have to be public, because they're offering travel to the public. If you don't know when the plane lands, you can't schedule a ride from family. If they don't know when it lands, they can't schedule their pickup of you.

    The 'hacker' that presented that tripe doesn't know what he's talking about.

  6. Re:Kind of a dup, but here's a link that explains by BitZtream · · Score: 4, Interesting

    This story is just a slashvertisement.

    The story linked (now linked in the summary) is to a guy making silly ignorant statements about how the GAO is wrong but in such a vague way that I can safely say the guy making these silly comments is wrong. He's arrogantly implying that no aircraft can be hacked because they never make any mistakes and use separate systems and a special software device (thats not a firewall!) that acts as a firewall and doesn't let the two connected networks communicate with each other ...

    Also he seems to think that engines 'breath' air, and that the air inside the cabin of an airliner is not at all isolated from the air that goes into the engines.

    In short, the summary refers to an article written by someone that claims to be a security expert AND pilot while at the same time making incredibly stupidly inaccurate blanket statements that any useful security officer and certainly any pilot know are too broad and vague to be true or just flat out wrong.

    There most certainly IS a firewall between the passengers and the engines on commercial jet aircraft, otherwise the people would die at 30k feet. The fact that he claims to be a pilot and then claims there is no separation between the cabin and exterior is just scary.

    And claiming that this other special box ... that acts as a firewall ... but since they gave it another name, its not actually a firewall, so therefor its not possible to be hacked and bypassed.

    The reality of it is, what the GAO said IS TRUE. IT IS possible that 'hackers' MIGHT be able to cross the network boundaries if they are physically connected, anyone who claims this is not true knows absolutely nothing about IT security or security on complex systems in general. You work really hard to prevent it, and make certain design decisions to make it hard to cross that gap, but the instant they are connected, you've created the possibility. You can't honestly claim that your network is 100% secure and impeneratble which is what this guy is trying to claim ... about aircraft that he's never had anything to do with, never seen, knows nothing about the internal operation of ... just because he's a pilot doesn't make him suddenly privy to private information internal to Airbus or Boeing.

    Once again, I repeat, this is nothing but a shitty slashvertisement. They probably paid timothy to post it to the front page, which explains why it was done in such a hurry the first time and didn't even have a fucking link in it.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  7. Re:Kind of a dup, but here's a link that explains by Lumpy · · Score: 4, Insightful

    It's the same for all the hype over car systems. EVERY SINGLE EXAMPLE they have to install hardware to get access to the data interface.

    So yes Terrorists can take over the airplane from their cellphones if the flight crew let them into the maintenance areas and help them install several specialized devices that give them access.

    The terrorists need to make appointments so they can make sure that avionics technicians are on hand to help them

    --
    Do not look at laser with remaining good eye.
  8. Re:Kind of a dup, but here's a link that explains by Lumpy · · Score: 3, Insightful

    Hackers have a better chance of deorbiting a satellite and hitting the aircraft while it is in flight than they do taking it over from the in flight wifi.

    --
    Do not look at laser with remaining good eye.
  9. How it all works by Anonymous Coward · · Score: 4, Informative

    1. My First Ever Post, please go easy
    2. I'm an aircraft engineer with about 12 years in the industry with experience of small and large jets, with both the big orange airline in Europe and the "other" british long haul carrier based at Heathrow.

    The WiFi system on board arrives at the plane via a dedicated satellite reciever designed for the specific task of internet connectivity. From there it plugs into the In Flight Entertainment system and the signal is projected via specially designed wifi routers that allow passengers to connect. At no point do the IFE system and the Avionics systems inter-connect physically. Furthermore, the IFE computers are actually stored under each row of seats and drive that row's IFE. Ever kicked that steel box under the end row? Thats the IFE controller for your row.

    The avionics systems are connected using an ARINC 429 system - http://en.wikipedia.org/wiki/ARINC_429. This is similar to a home network, but extremely specialised and focused on the job at hand. You cannot hack the IFE system and "get" into the Avionics. Yes, "Air Gap" hacking has been proven. Thats on computers that are next to eachother, not sat 100+' away through aluminium floor supports and all the other cabin interior. Who ever wrote the subject article has clearly never looked at the technicalities of what he is suggesting.

    Thanks

  10. Re:Kind of a dup, but here's a link that explains by Minupla · · Score: 3, Informative

    Fortunately pilots are less likely to do it to themselves then drivers are :).

    http://jalopnik.com/progressiv...

    Min

    --
    On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
  11. The 777 is unique in its vulnerability by Anonymous Coward · · Score: 4, Informative

    The 777 is unique in its vulnerability to precisely what you mention. The avionics bay access hatch is conveniently next to the toilet but behind a corner. An anonymous youtube poster who claims to be a pilot recorded a video when flying as a passenger to draw attention to this in the wake of MH370 and showed how he during a flight could get in and out of the avionics bay through that hatch with nobody noticing. Most people on board were sleeping and those who saw him, presumably thought he was just going to the toilet. The first thing to address this problem which no other plane has would be to put a fucking lock on that hatch and keep the key in the cockpit. Currently, two people with nefarious intentions can do anything to a 777 that can be done with access to the avionics and the right know-how. One just has to "stand in line" to the toilet and the other can fiddle undisturbed with all aircraft electronics. Thus I consider precisely such a "hijacking" one of the more plausible scenarios in the case of MH370. And the issue has still not been addressed.

    The video was first linked to on pprune but might be unlisted and the thread is long so I can't find it but will post again, if I do find it.