Hacker Hijacks Plane

Discussion in 'United Airlines | MileagePlus' started by Newscience, May 18, 2015.  |  Print Topic

  1. Newscience

    Newscience Gold Member

    Messages:
    14,694
    Likes Received:
    45,079
    Status Points:
    16,475
    Is this a serious airline security issue? This is all over the news this morning, including:

    http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/

    "A SECURITY RESEARCHER kicked off a United Airlines flight last month after tweeting about security vulnerabilities in its system had previously taken control of an airplane and caused it to briefly fly sideways, according to an application for a search warrant filed by an FBI agent."

    Also:

    http://www.watoday.com.au/it-pro/se...jacking-plane-midair-fbi-20150517-gh3fne.html

    http://www.news.com.au/technology/o...rtainment-system/story-fnjwnj25-1227358053541
     
    8MiHi, Kalboz, MX and 3 others like this.
  2. daninstl

    daninstl Gold Member

    Messages:
    1,288
    Likes Received:
    1,677
    Status Points:
    1,120
    Maybe he'll get the 1 million FF miles that United is offer to hackers now :)
     
    8MiHi, Sammich, uggboy and 1 other person like this.
  3. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,504
    Likes Received:
    20,198
    Status Points:
    16,520
    Inflight systems are excluded from the bounty hunt.
     
    Sammich and daninstl like this.
  4. milchap
    Original Member

    milchap Gold Member

    Messages:
    27,638
    Likes Received:
    148,039
    Status Points:
    20,020
    Is this story hype or substance ?

    If substance, this is a serious issue !

    Perhaps a computer programmer can comment on this story.
     
    Last edited: May 18, 2015
    daninstl, YULtide and Newscience like this.
  5. Newscience

    Newscience Gold Member

    Messages:
    14,694
    Likes Received:
    45,079
    Status Points:
    16,475
    Absolutely agree with your POV, milchap! This story is now getting airtime on all the major television networks. I'm sure that there's more to come on this. If accurate, the news media has just handed a page from play book to the bad guys who want to bring down airplanes! :eek:
     
    daninstl likes this.
  6. milchap
    Original Member

    milchap Gold Member

    Messages:
    27,638
    Likes Received:
    148,039
    Status Points:
    20,020
    100 % agree with you.
    I am perplexed why the discoverer of the flaw would tweet this fact. Let the authorities know about the possible vulnerability and do not publish the fact. Need to know is the way to go. There is a reason for classified information !
     
    YULtide and Newscience like this.
  7. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,215
    Likes Received:
    61,743
    Status Points:
    20,020
    Ugghh....why does no one actually read the story instead of just posting headlines?!?

    He claims he may have taken control of a plane and also claims that the quote where he said that to the FBI was taken out of context when put into the warrant affidavit.

    He claims he did those things. No one has corroborated the claims.
     
    Sammich, daninstl and MX like this.
  8. Newscience

    Newscience Gold Member

    Messages:
    14,694
    Likes Received:
    45,079
    Status Points:
    16,475
    I couldn't agree with you more, @Wandering Aramean! ;)

    As per: http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/

    According to FBI Special Agent Mark Hurley: "He (Chris Roberts) stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights”

    "Roberts had previously told WIRED that he caused a plane to climb during a simulated test on a virtual environment he and a colleague created, but he insisted then that he had not interfered with the operation of a plane while in flight."

    Roberts admits to what he has done - and it is now public, due to the FBI Search Warrant's availability, see:
    http://www.wired.com/wp-content/uploads/2015/05/Chris-Roberts-Application-for-Search-Warrant.pdf

    If this fellow wanted notoriety, he certainly now has it. The truth of the matter will likely come out, through the FBI investigation, and media coverage follow-on. ;)
     
    anileze, milchap and MX like this.
  9. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,215
    Likes Received:
    61,743
    Status Points:
    20,020
    Nah...no one cares about the truth. Just fear-mongering and clicks.
     
    jaysona, Dublin_rfk, MX and 3 others like this.
  10. daninstl

    daninstl Gold Member

    Messages:
    1,288
    Likes Received:
    1,677
    Status Points:
    1,120
    I was just trying to be funny of course :) Maybe it's a society issue. Kind of like if "If it bleeds it leads" news mentality. I have to keep reminding my wife that just because someone posts an urban legend on Facebook it STILL doesn't make it true.
     
    anileze, Newscience and MX like this.
  11. MX

    MX Gold Member

    Messages:
    2,215
    Likes Received:
    4,805
    Status Points:
    2,545
    Or maybe not...
    Somebody fed the story to the media, and that was likely the Feds (since they provided all the quotes and facts). Nobody would've found out or cared, but for their tireless vigilance.
     
    daninstl, anileze and Newscience like this.
  12. DTWBOB

    DTWBOB Silver Member

    Messages:
    748
    Likes Received:
    921
    Status Points:
    750
    Has anyone actually verified that this actually happened and has any of this been through the scientific peer review process or have the 'expert' reporters even taken the time to check their facts?

    For some reason....

    DTWBOB
     
    Newscience likes this.
  13. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,215
    Likes Received:
    61,743
    Status Points:
    20,020
    I think it is the other way around. The guy is angling for publicity every which way he can get it. And warrants are public record AFAIK.
     
  14. anileze

    anileze Gold Member

    Messages:
    4,963
    Likes Received:
    12,790
    Status Points:
    10,675
    I find it rather hard to believe, that the wiring for any control system of any embedded system, be it a plane, or a mission critical production/MAP system, goes and terminates in a insecure area - i.e passenger area, or outside prem area for control input. I read the wired piece, and I did not find anywhere in the article where the researcher claims that he messed with the system insitu. It's all lab simulation based on publically available information.
     
  15. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,504
    Likes Received:
    20,198
    Status Points:
    16,520
    Yup.
     
    Newscience likes this.
  16. effseeoh

    effseeoh Gold Member

    Messages:
    740
    Likes Received:
    2,458
    Status Points:
    1,145
    http://cryptome.info/faa010208.htm
     
    MX and Newscience like this.
  17. Newscience

    Newscience Gold Member

    Messages:
    14,694
    Likes Received:
    45,079
    Status Points:
    16,475
    News articles put "through a scientific review process" is very funny! Which would also help to ensure that "news articles" would be reported much too late to be called "news". Which may be preferable to some folks? Journalistic integrity is important, especially with the advent of almost all the "news" being "tweeted" and "TM'd".

    Here's an update, with a video, from Fox News:

    http://www.foxnews.com/us/2015/05/1...ty-expert-admitted-to-briefly-hacking-flight/
     
    MX likes this.
  18. avflyer
    Original Member

    avflyer Silver Member

    Messages:
    735
    Likes Received:
    597
    Status Points:
    720
    milchap, Newscience and MX like this.
  19. Newscience

    Newscience Gold Member

    Messages:
    14,694
    Likes Received:
    45,079
    Status Points:
    16,475
    Pay no attention to that man behind the curtain...

     
  20. Newscience

    Newscience Gold Member

    Messages:
    14,694
    Likes Received:
    45,079
    Status Points:
    16,475
    Here is a further update from Gizmodo, written by Yijun Yu, a Senior Lecturer, Department of Computing and Communications at The Open University, and Andrew Smith, a Lecturer in Networking at The Open University, see:

    http://gizmodo.com/how-a-hacker-could-hijack-an-airplane-from-their-seat-1705735617

    From this article:

    "It was once believed that the cockpit network that allows the pilot to control the plane was fully insulated and separate from the passenger network running the in-flight entertainment system. This should make it impossible for a hacker in a passenger seat to interfere with the course of the flight."

    But the unfolding story of this hacker’s achievement, which has prompted further investigation by authorities and rebuttals from plane manufacturers, means that this assumption needs to be revisited
    ."

    "It is becoming imperative that airlines re-evaluate their internal aircraft security, particularly with the introduction of in-flight passenger Wi-Fi. They should also monitor any unusual network traffic that passes between the passenger cabin and the cockpit in order to watch out for any attempts at hacking."
     
    Last edited: May 20, 2015
    MX likes this.
  21. Newscience

    Newscience Gold Member

    Messages:
    14,694
    Likes Received:
    45,079
    Status Points:
    16,475
    See the posting immediately above. For the original article, written by two academics (Yijun Yu and Andrew Smith): "How a Hacker Could Hijack a Plane from Their Seat", see:

    https://theconversation.com/how-a-hacker-could-hijack-a-plane-from-their-seat-42063
     
    MX likes this.
  22. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,504
    Likes Received:
    20,198
    Status Points:
    16,520
    Newscience likes this.
  23. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,215
    Likes Received:
    61,743
    Status Points:
    20,020
    How are academics saying that an unsubstantiated claim necessitates further investigation?

    If I claim that I've seen Nessie that doesn't mean we need to go back to Scotland and explore the Loch again. :rolleyes:
     
  24. Newscience

    Newscience Gold Member

    Messages:
    14,694
    Likes Received:
    45,079
    Status Points:
    16,475
    Especially if you made that claim! :p
     
    MX likes this.

Share This Page