Slashdot Mirror

← Back to Stories (view on slashdot.org)

Aircraft Entertainment Systems Hacks Are Back (threatpost.com)

Posted by msmash on from the security-woes dept.

Reader msm1267 writes: Researchers at IOActive today disclosed vulnerabilities in Panasonic Avionics In-Flight Entertainment Systems that were reported to the manufacturer close to two years ago. The flaws could be abused to manipulate in-flight data shown to passengers, or access personal information and credit card data swiped at the seat for premium entertainment or Internet access. Given that the firmware is customizable and used by dozens airlines in hundreds of aircraft models, the researchers said it's almost impossible to determine whether the vulnerabilities no longer exist across the board. IOActive said that segmentation between aircraft control and information services that oversee avionics and operational control of a plane should isolate these vulnerabilities to passenger entertainment domains. Whether an attacker could cross those domains and affect critical avionics systems would depend on specific devices and configurations, IOActive said, given that a physical path could exist that connects those systems through satellite communications terminals that provide in-flight updates to critical systems. The concern is that whether in some configurations, IFEs would share access to these devices and provide the physical path an attacker would need to reach critical systems. As for the vulnerabilities in passenger systems, IOActive said there is a lack of authentication and encryption between an on-board server and clients at passenger seats. This could allow an attacker on board to send commands to the IFE system to manipulate what's displayed to passengers, or read payment card data swiped at seats.

34 of 56 comments (clear)

  1. ZOMG!!! by Lumpy · · Score: 1

    So anyone can access the _MAKE_AIRPLANE_CRASH_ API call!

    Again these hacks are fun but not scary at all. the Infotainment system has NO CONNECTION tot he avionics.

    --
    Do not look at laser with remaining good eye.
    1. Re:ZOMG!!! by ComputerGeek01 · · Score: 1

      So anyone can access the _MAKE_AIRPLANE_CRASH_ API call!

      Again these hacks are fun but not scary at all. the Infotainment system has NO CONNECTION tot he avionics.

      You say they aren't scary. But just you wait until you're stuck in the air for 6 hours while a malicious actor plays nothing Son in Law with Pauly Shore on a loop.

    2. Re:ZOMG!!! by sconeu · · Score: 1

      The *REAL* terrorists will play Barney the Dinosaur on a loop.

      --
      General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    3. Re: ZOMG!!! by Anonymous Coward · · Score: 1

      Last job was at Panasonic Avionics' cross-town rival, Thales Avionics. From the many Panasonic veterans working at Thales, they mentioned our architectures were quite similar, so I will use what I know about Thales' system to make what could be a close comparison.

      You have a system called ACARS, which is an ancient technology that sends data from the cockpit to the IFE system (GPS, airspeed, etc). ACARS I believe is a 1-way protocol (think of it as an RSS feed where you can subscribe for updates) The only bit of communication that can go the other direction (I think) is BITE (built-in test environment) which is a centralized way for a technician to see status messages and error codes sent from individual components (such as each seat-back screen, power distribution boxes, switches, wireless access points, etc). The IFE systems we developed had separate satellite systems for internet connectivity from that of the cabin, including separate antennas. From my understanding, hacking an IFE system could mean gaining access to CC info, but it would be very very unlikely to take control of the plane from a seatback screen.

    4. Re:ZOMG!!! by unixisc · · Score: 1

      So anyone can access the _MAKE_AIRPLANE_CRASH_ API call!

      Again these hacks are fun but not scary at all. the Infotainment system has NO CONNECTION tot he avionics.

      Not just that, someone who's getting into a plane - even assuming no luggage - would have to do a number of things to rig the firmware in the flight entertainment system, while preparing for anything from an hour to days long trips. Hardly the environment conducive to hacking

    5. Re: ZOMG!!! by Anonymous Coward · · Score: 1

      Article says otherwise.

  2. Download movies by PRMan · · Score: 5, Interesting

    With the way a lot of these plane systems work these days, it could be a way to download a lot of "free" movies and music.

    --
    Peter predicted that you would "deliberately forget" creation 2000 years ago...
    1. Re:Download movies by Joe_Dragon · · Score: 1

      With a lot of lag and buffing. Some planes are just use your own device to get movies and stuff.

    2. Re:Download movies by dknj · · Score: 1

      Lets think critcally about this statement a bit. 160 seats, and each one wants to download a movie. A screen is 480p, so we need to have bandwidth for 160 devices to download a 480p movies at any given time. Not all 160 seats are watching movie. And you think it will lag and buffer?

    3. Re:Download movies by MountainLogic · · Score: 1

      Yes, like most all other networked digital video systems the video streams are buffered to restarting every stream at once when the announcement is over does disrupt download and playback.

    4. Re:Download movies by jrumney · · Score: 1

      Some systems seem to manage the bandwidth and disc access by giving you a copy of someone else's stream if they are already watching the movie you select. Many users will just watch the movie from part way through instead of rewinding it to the beginning (which will force the streams to split), so they can cheap out on the resources a bit. Basically they are taking advantage of their users' fear of technology and the fact that at least half the airplane has enough trouble selecting a movie, and isn't going to try anything fancier. On systems like this (which are usually retrofit on older infrastructure), I have seen stuttering after splitting my stream off by rewinding to the beginning, occasionally to the point of being unwatchable. But on newer systems, there seems to be sufficient bandwidth to stream without stuttering.

  3. Not any more by PPH · · Score: 5, Interesting

    IOActive said that segmentation between aircraft control and information services that oversee avionics and operational control of a plane should isolate these vulnerabilities to passenger entertainment domains.

    That may have been true on older models, but Boeing got an exception to the separation rule for the 787. What's worse, the primary authentication method used to provide 'security' is a protocol that filters packets based on MAC addresses. So you can't plug your own gizmo into an avionics bus. But if you can trick the passenger entertainment units into generating bogus air data (for example), bad stuff can happen.

    --
    Have gnu, will travel.
    1. Re:Not any more by MountainLogic · · Score: 1

      As even the summary pointed out, Boeing does not supply the IFE system or even deliver the craft with seats installed. IFE is done by vendors like Rockwell and Panasonic.

    2. Re:Not any more by PPH · · Score: 1

      Boeing does not supply the IFE system

      Boeing is responsible for certification of all aircraft systems. In fact, Boeing doesn't supply anything. It's all built by other vendors. But that's not an excuse for poor systems architecture.

      --
      Have gnu, will travel.
    3. Re:Not any more by Anonymous Coward · · Score: 1

      Not exactly, there's other means than pure physical separation. The switches are not wide open, they are configured to allow specific traffic on specific VLs from and to specific IPs connected to specific switch inputs. You would have to modify the switch configuration and/or change the physical routing of the wiring to make that happen if the unit was not the "normal" sender of that data. You wont be able to spoof an ADAHRS as an IFE, it will get rejected by the switch, as it's not in the allowed message routing. You could send erroneous IFE data within the BAG limits, but that won't be used for much. This also has the added benefit of aiding in prevention of denial of service attacks too.

    4. Re:Not any more by MountainLogic · · Score: 1

      Air frame makes to not certify IFE. Believe it or not, IFE type approval for each configuration (e.g., 747-400 with xyz Boeing supplied options options and abc non-Boeing certified options) is typically owned by the airline or leasing company. If another airline has that exact configuration then they can piggy back on that cert.

    5. Re:Not any more by joe_frisch · · Score: 1

      Usually the FAA is very conservative on aircraft design. I'm surprised and dismayed that they would not disallow any connection between entertainment systems and avionics systems. I'm sure that they have carefully designed the firmware in any switches to prevent data from the entertainment system getting into the flight controls, but it seems difficult to prove that the firmware is free of any bugs that could allow such a connection.

      The NSA was unable to prevent a very destructive hack, I have little faith that organizations are able to do so.

    6. Re:Not any more by ArylAkamov · · Score: 1

      Well that is horrifying. And I thought cars being hijacked and being remotely steered was bad.

      What possible justification could there be for having them connected in any way?

    7. Re:Not any more by PPH · · Score: 1

      Boeing is the one who installed the network and Boeing is the one who asked the FAA for the exception to existing rules for systems separation.

      They provide customers and IFE vendors with specifications for equipment compatible with the data bus (and any other aircraft systems like power). If that data bus was isolated from the avionics buses, then Boeing could just say there was no safety problem. But that's not the case on the 787 (and perhaps older model derivatives adopting it's data bus architecture).

      --
      Have gnu, will travel.
    8. Re:Not any more by PPH · · Score: 1

      What possible justification

      Cheap. We saved a whole twisted pair of wires. Woo hoo!

      --
      Have gnu, will travel.
  4. Sounds like I should be fine then by damn_registrars · · Score: 2

    The majority of planes I fly on seldom even have electric outlets to plug in your laptop. I'm usually on the single-class (cattle-class / steerage-class) flights where nobody has anything. I'm not important enough to be on the long haul flights where people expect more than a bag of peanuts and half a can of soda.

    Not saying that I like it that way, just that apparently I have less to worry about as a result.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
    1. Re:Sounds like I should be fine then by jrumney · · Score: 1

      You get half a can of soda? I get 50ml of orange "juice" spilt in my lap, to go with the bag of peanut crumbs.

    2. Re:Sounds like I should be fine then by jrumney · · Score: 1

      And the 30 minute flight to the nearest international hub invariably has the latest high tech entertainment system with a vast selection of feature-length movies to choose from (if you bring your own headphones, as they don't supply them on short haul flights), while the 8 hour flight I change onto has a cathode ray tube to bump your head on every 4 rows.

    3. Re:Sounds like I should be fine then by mjwx · · Score: 1

      The majority of planes I fly on seldom even have electric outlets to plug in your laptop. I'm usually on the single-class (cattle-class / steerage-class) flights where nobody has anything. I'm not important enough to be on the long haul flights where people expect more than a bag of peanuts and half a can of soda.

      Not saying that I like it that way, just that apparently I have less to worry about as a result.

      I think you need to start flying better airlines.

      Almost all long haul flights I've been on have served meals, drinks (incl alcohol) and had in seat power or at least USB ports where you could charge a mobile device. Hell, even my last flight from LHR-AMS they served a snack and a drink. The only reason that was it was because that was all they had time to do. LHR to AMS is only an hour gate to gate.

      BTW, the reason they use the little cans of soda is because weight and space on an aircraft is at a premium. People are demanding cheaper flights and booking using third parties are also not helping..

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
    4. Re:Sounds like I should be fine then by damn_registrars · · Score: 1

      I think you need to start flying better airlines.

      Better airlines are only an option if they service the airports that I fly in and out of. I used to see commercials for Korean Air all the time on TV and they left me wondering why the hell they even bothered advertising as the closest airport they served relative to my home was hundreds of miles away, and their destinations from there were all distant international locations that I don't have any reason or opportunity to visit.

      If there is only one airline that flies from the airport nearest where I live to the place I need / want to go to, guess which airline I'm going to fly? And if all the seats are steerage class, guess what kind of uncomfortable non-reclining seat I'm going to stuff myself into?

      --
      Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  5. So can we drop charges on Chris Roberts already? by nucrash · · Score: 1

    He tried to show them they were exploitable, they kicked him off a plane and charged him with a bunch of nonsense and they haven't done anything to really fix the problem.

    Get him back to One World Labs where they can stop this nonsense.

    Please?

    --
    Place something witty here
  6. Who needs Aircraft Entertainement System in by Max_W · · Score: 1

    the 21st century in the first place? I have my notebook and my smartphone with me.

    Instead a dorky display and a headset provide better a normal WiFi. Besides a WiFi router weighs only about 300 grams, instead of a ton of hundreds of displays, and a WiFi router costs only a couple of hundred instead of millions for this System, which later ends up in the price of our air-tickets.

    Add to this the cost of additional fuel to carry these displays. Why would I want to pay for the fuel to carry these displays when I have already three HD screens with me anyway?

    1. Re:Who needs Aircraft Entertainement System in by Max_W · · Score: 1

      Just type in a search engine "how to watch movies on a computer or smartphone offline". But normally I can watch movies over WiFi on a computer or tablet.

    2. Re:Who needs Aircraft Entertainement System in by quetwo · · Score: 1

      You do realize that providing internet access to a device that is traveling at 300MPH+ is not exactly as simple as upgrading a WiFi access point... The WiFi system in the planes is not the problem -- it's the LMRS that either uses a point-to-point antenna or satellite system to provide internet access.

      The nice thing about having those screens is that you don't have to have your laptop open all the time. Sometimes you want to just sit back and not have to juggle a laptop or ipad on your lap while everything else is going on around you.

    3. Re:Who needs Aircraft Entertainement System in by pnutjam · · Score: 1

      The planes should just mirror the internet to a local drive. They can rsync it all down while they are fueling. ;)

      --
      Cheap storage VM.
  7. Re: Scary, scary stuff. by Anonymous Coward · · Score: 4, Informative

    Whilst I've worked with Panasonic Avionics , and they are not the info section "A" team...

    The IFE systems are essentially air gapped already as a mandatory requirement by regulatory agencies - ACARS is basically an RSS feed to the IFE system and anything other than that is separate again. IFE has no in the air satellite connection on any deployments I've seen .

    This is the digital equivalent of hacking a highway sign to say rude words.

  8. No connection to avionics, but... by Megahard · · Score: 2

    What about hacking the display of in-flight data to show the plane going a different direction? Maybe a message that the plane has been hijacked? No need to bring down the plane with code if you can get the passengers to break into the cockpit and do it.

    --
    I eat only the real part of complex carbohydrates.
  9. Re: Entertainment by lokedhs · · Score: 1
    I have travelled extensively all over the world, and I haven't seen this degradation of quality of air travel that US people seem to complain about all the time.

    Now, I haven't travelled on a US airline since 2000, and even then they were worse than any other I've travelled with. If they got even worse, I can certainly understand the complaints, but all I can say is perhaps people should try an airline outside the US. They might just regain some hope for air travel.

    I recall seeing the list of best airlines, and if I remember correctly the highest rated US airline was in the 40'th position or something like that. If I wasn't on mobile right now I'd find the link.

  10. Re: Scary, scary stuff. by mjwx · · Score: 1

    Whilst I've worked with Panasonic Avionics , and they are not the info section "A" team...

    The IFE systems are essentially air gapped already as a mandatory requirement by regulatory agencies - ACARS is basically an RSS feed to the IFE system and anything other than that is separate again. IFE has no in the air satellite connection on any deployments I've seen .

    This is the digital equivalent of hacking a highway sign to say rude words.

    Just because it's mandated doesn't mean engineers weren't ordered to ignore that mandate. See: Volkswagen.

    That might be a little paranoid but air safety authorities don't know the meaning of the word paranoid.

    However you can do a lot of damage with just a message, like sowing mass panic. If you've ever seen a stampede inside a barn you can imagine what it's like. People aren't much smarter than cows on aircraft in my experience and if they're all told the plane has been hijacked I can see mass panic starting.

    --
    Calling someone a "hater" only means you can not rationally rebut their argument.