>According to the FBI affidavit, however, when he mentioned this to agents last February he told them that he also had briefly commandeered a plane during one of those flights.
So he admitted to a federal felony, lol. That's even beyond simple FAFO.
>“It would appear from what I’ve seen that the federal guys took one paragraph out of a lot of discussions and a lot of meetings and notes and just chose that one as opposed to plenty of others.”
"Anything you say can and will be used against you", which is why you Don't Talk To The Police.
Just to piggy back, people need to be aware how degraded their legal protections have become over the past two decades. For example, mens rea protections are becoming nonexistent, because certain administrations have eroded them and they may disappear if people don't stop voting for the political entities pushing for their erasure. It's an incredibly dangerous situation that most Americans are completely unaware of.
Wow, that guy sounds like a total idiot. I was shocked to read how brazen his actions were and if it’s true he commandeered control over the plane and made it list to the side as stated in the article, he belongs in jail.
Cost-agnostic business travelers are not a large enough segment of the market for transatlantic flights to justify flying a plane that only seats business class and costs a lot of money. (Boom says they're targeting $5,000 fares between NYC and London [1], and I bet they'll end up being even higher, if/when it gets off the ground.)
Concorde ran a profit until its last flight, actually. It was retired in expectation of how expensive it would get to maintain; it was one of the few planes so analog that it still had a flight engineer seat, when it was retired.
I think the lesson was that business travellers prefer comfort to speed, as business class funds the entirety of transatlantic passenger aviation. There's plenty of business-class-only flights.
I would say it's the exact opposite, after all planes replaced ships and that NY to London leg is significantly more comfortable on a ship. Heck if I could cut my NY-London time in half, I'd take it, even if I had to give up lie-flat seats.
The Concorde was plenty comfortable when it first flew, it's just that it was never replaced. I'm sure boom will offer current business class comforts.
Concorde was very cramped, a longer flight in a first class suite with bed is more appealing, more so now in flight WiFi is a thing so you can work if needed.
wow, I came here to comment that of course passengers can't hack an airplane, at least in the sense of taking control of it, because there's no way that anyone with half a brain wouldn't have an absolute air gap between the passenger facing systems and the flight control systems.
The 737 MAX was not a "crude mistake". The failure mode was a multiple independent root cause sequence of low probability events. If I remember correctly there were about 200,000 flights before it was grounded after two airframe losses which is a failure rate of 1 in 100,000 flights, 5 9s, which, when accounting for the average flight distance, is about as dangerous as driving per passenger-km.
People downplay it as a "crude mistake" to claim that the people at Boeing are idiots who could have avoided the problem if they just applied average techniques and common sense. No, preventing these types of problems requires extremely sophisticated safety engineering the likes of which no other industry even attempts. Other industries have dreams about making systems as safe as cars; in aerospace they have nightmares about making systems that are only as safe as cars.
The Boeing 737 MAX was a disaster because they made a plane around 100x-1000x more dangerous than average. It is unacceptable to have such a massive safety regression. But claiming it was a "crude" or stupid mistake is absurd. It was a extremely sophisticated mistake that demands a return to the extremely sophisticated safety engineering normally employed when designing aircraft.
The only reason for that system to exist is because the 737 MAX is effectively a flying flight simulator for earlier versions of the 737, because Boeing and particularly Southwest didn't want to spend the money to recertify pilots on a "new" type of aircraft.
So yes, it's pretty much a crude hack that wasn't needed for any objective reason other than to save some money for shareholders, and now people are dead.
> The failure mode was a multiple independent root cause sequence of low probability events. If I remember correctly there were about 200,000 flights before it was grounded after two airframe losses which is a failure rate of 1 in 100,000 flights [...]
> preventing these types of problems
"1 on 100,000" is not a "type of problem".
Just because an event is rare that doesn't mean it's some kind of niche scenario that's hard to prevent.
If you actually look at reports of what they did wrong (which you did not do at all), you see there were plenty of actions that went against safe engineering judgment. (And no, I'm not referring to mine or other randos', but those of actual engineers and pilots.) They blew past multiple safeguards in the process, which made unlucky events fatal. It didn't need to be that way, and it wasn't that way for other planes either.
First of all, I am not excusing how horrendous the 737 MAX failures were. They were a total failure of the safety regime. As I said, they were 100x-1000x worse than other planes which is a unacceptable safety regression. I am attacking the notion that the problem was "stupid" and thus easily fixed; no, the problem was very hard and thus needs a significant overhaul of their safety processes.
So, to get onto the main point, I disagree. The people who say things like "crude" or "stupid" mistakes are literally making the implication that the decision-makers were idiots.
"there's no way that anyone with half a brain wouldn't have an absolute air gap"
"After the Boing [sic] 737 Max disaster you still believe plane manufacturers don't make crude mistakes?"
That is a direct reply implying that the Boeing 737 MAX disaster is evidence that plane manufacturers do not have half a brain and make basic mistakes. That is a extremely dangerous perspective because it implies that the problem would not have occurred if they were not being stupid. I most commonly see this argument being put forward by commercial IT software developers who generally assume they have a whole brain and thus "if only the airplane people would adopt best practices" these dumb problems would be avoided.
This could not be further from the truth. The processes Boeing used when developing the worst catastrophe in a decade were still tens to thousands of times better than the moronic processes usually employed in software companies and were still likely better than the processes employed in basically every other safety-critical industry. That does not excuse their failure. They did 100x worse than everybody else and 100x worse than their past.
What it meant is that they needed to significantly overhaul the safety processes that lead to such a failure and re-adopt the old processes since their new processes were unacceptably terrible. It did not mean that any random person on the internet who, having seen the extensive post-mortem in hindsight, thinks they would not make the same mistake has even the foggiest clue about actual safety-critical development.
Downplaying how hard safety-critical development actually is does a great disservice to the amount of care actually needed to do it right. It leads people to think it is not actually that hard and then kill people in their ignorance. The message is that the amount of care Boeing spent to create a death-machine is probably 1,000x more than the amount of care you are putting in (if you are not making a safety-critical product); 1,000x more is a death machine, are you sure you are not going to kill somebody?
> The people who say things like "crude" or "stupid" mistakes are literally making the implication that the decision-makers were idiots.
No, it really is just stupid, and that's not a claim that any individual cog in the machine is stupid.
As the saying goes: "None of us are as dumb as all of us". You can have dumb outcomes even though every individual step of getting there wasn't that dumb.
I touched on this in an upthread comment, but if airplanes worked like cars then your driving license would only be valid for one model of car. Now, you're a Ford F-150 owner who got his license in the mid-80s, and you'd like to buy a new car today.
So of course you're going to be biased towards the 2024 F-150, because Ford's implemented a complex system to have the newer model pretend it's a 40-year old car. It'll handle like your 1986 F-150, even though the length, weight etc. of the car is drastically different.
This is going to work really well, right up until it doesn't, because something's going to have to give when you've got a driving simulator on wheels.
Type ratings should exist, because it makes sense to treat minor iterations in design as the same airplane, and e.g. only re-train pilots on the specific things that were changed.
But if you look at the evolution of the 737[1] there's just no way to claim with a straight face that a 2024 model of that airplane is in any meaningful way the same airplane as the original 737. It's got 109% more thrust, it's over 50% longer, almost 30% wider, and has >75% more takeoff weight.
Once you peel back the layers of obfuscation that claim is the reason for the 737 MAX disasters. The system that failed (MCAS) doesn't need to exist in the first place, it only existed to maintain this continuity of type rating.
Hey FYI when you edited your comment it was duplicated [1]. Afaik this is a rare race condition in HN. If you get to it before the two hour mark, you can delete the second comment.
> If a car can receive OTA updates it can receive OTA hacks, no passenger in car required.
True, but that seems like a different threat model—the title is "Can a Passenger Hack an Airplane?", so I was taking the analogue to be "Can a Passenger Hack a Car?" Specifically, the response
> wow, I came here to comment that of course passengers can't hack an airplane, at least in the sense of taking control of it, because there's no way that anyone with half a brain wouldn't have an absolute air gap between the passenger facing systems and the flight control systems.
I have a rust bucket, but it seems that a lot of newer models use bluetooth to pair phones with cars. I assume that car manufacturers have baked in at least some level of security to prevent every nearby rando from hijacking the car with bluetooth, but you know what they say about assumptions. And if the call is coming from inside the car (aka every passenger wants to play a different song and they all bombard the infotainment system with requests), are you just SOL?
But more prone to infotainment saturating the CAN bus. Infotainment can be hacked using the 5G connection facilities which no-one takes seriously. The CAN bus also drives the brakes.
I wouldn’t say it’s as easy as cutting the brake cables in 1950, but it’s as efficient.
Service brakes were typically hydraulic long before 1950. Only parking brakes would have been cable operated on the overwhelming majority of cars on the road in 1950 (or since).
>> What’s the worst that could happen? Bad press coverage?
A flashed bomb threat. Flight doesn't take off, or is diverted to an alternate airfield, or otherwise misses its connection. That sort of thing can quickly cascade into six or seven cost figures. A widespread attack across a fleet could be crippling, at least the first time it happens.
Right, but if the perpetrator has to be on board, they run a pretty big risk of getting caught for a serious crime. While I imagine a called-in threat can have a similar effect, with much less risk.
My wife shared a tiktok with me last year, which was clips of an American Airlines flight, Airbus Plane, and someone had "hijacked" the speaker system. I combed the Airbus manuals and maintaince PDFs and found that those planes have several exposed compact flash ports for "pre-flight audio". I hypothesized that either the copilot lost a bet or someone slipped a pre-recorded track into one of those slots... /shrug, but Im still interested in those CF card slots...
Wow. Given the amount of things that can be done with audio networking, and or connections via wireless to a CF card, this seems like something that should be considered.
Well, they are non-obvious slots near Flight Attendant stations and high traffic areas.
I wont say I hung out near them on a flight and observed traffic patterns, nor did I observe periods in the rear of the plane where one CF slot was unattended.
I forget the exact model now, but Im leaving out alot of detail. There are assumptions in the "unattended slot" hypothesis. For one, the slots need to be set to an autoplay, which is not a given, and if not- requires navigating a complex and dated touch screen.
Andd I'm back. Got to love when it all comes together :P
CF is compact flash card, kind of like the big memory card in cameras. PCMCIA is a PC card whose function is to "introduce peripheral capability to a laptop", kind of an interface. DMA is direct memory access.
It does have DMA but this only speeds up data transfer.
You are probably thinking of PCI bus mastering, where the PCI slave temporarily takes control of the bus to read and write main system memory.
This still exists in PCIe and thunderbolt, which is why bus mastering can be a security risk.
CF poses no such risk.
PCMCIA I don't think does either, since it is effectively a stripped down ISA. Later PC laptop cards look very similar but are actually CardBus, which is basically PCI.
CardBus does support bus mastering. And the later Express card did too, in its PCIe forms
Funny enough something like four months before that incident, the CEO of a cybersecurity firm that sounds like Kerberos reached out directly to American's CEO with a bullshit story that his personal laptop was hacked while onboard a flight.
He was claiming all sorts of vague nonsense like sites rendering in Chinese or something and a flight attendant making him clear his history or something; I don't remember specifics but it read like bad copypasta and is quite possibly the stupidest case I've ever worked.
He could not have been any more unhelpful with the investigation had he pissed directly into my eyes and called me blind. I wrote him off as a crank trying to drive business through FUD when we asked for his MAC address with the wifi vendor's AP logs in-hand. He gave us the MAC for his VPN adapter and ignored further questions. He provided so little usable information altogether I could never confirm whether he was even on that flight in the first place, much less connected to the AP and doing whatever the hell else supposedly transpired.
Maybe coincidental that American's PA system gets taken over a few months later, with similar nonsensical circumstances-- it's not an obvious prank or tampering, which would get someone like me called in again looking for shenanigans. Instead, aircraft engineers looked at it from a mechanical failure angle.
> Chris Roberts, a security researcher with One World Labs, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system, or IFE, on an airplane and overwrote code on the plane’s Thrust Management Computer while aboard the flight. He was able to issue a climb command and make the plane briefly change course, the document states.
> “He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights,” FBI Special Agent Mark Hurley wrote in his warrant application
Goes without saying this is so reckless and dangerous. Was he ever charged? I couldn't find any information.
The telling quote from the linked Wired article is:
Although Roberts hasn’t been charged yet with any crime, and there are questions about whether his actions really did cause the plane to list to the side or he simply thought they did,
"or he simply thought they did"
The principal article for this thread concerns some far more open hackers who had an entire functioning COVID grounded aircraft scheduled for scrapping to play with. They assert that, as expected, the in flight entertainment and flight control systems are fully isolated as required to meet FAA regulations.
"caused one of the airplane engines to climb" is about what you'd expect from a bad Hollywood take, so I think you're being overly polite with regard to the validity of his claims
"Roberts had previously told WIRED that he caused a plane to climb during a simulated test on a virtual environment he and a colleague created, but he insisted then that he had not interfered with the operation of a plane while in flight."
So they wrote a simulation without knowing how any of it works and then showed they could hack their own cobbled together mess.
"They built a test lab using demo software obtained from infotainment vendors and others in order to explore what they could to the networks."
Yep, cobbled together random non-production infotainment software which is isolated from the actual flight systems. Generally only certified to DO-178 DAL Level D/E since they are isolated in such a way that total failure or even maliciousness can not possibly cause a meaningful safety impact.
The functional equivalent of claiming you could totally steal from a bank vault because you successfully stole some pens from the counter. Just another self-aggrandizing idiot.
However, I’m surprised they don’t protect us more against hacked phones. When each iPhone is 4,000mAh, it could cause quite a fire, let alone entire laptops.
Is the entire security theater based on the trust that terrorists won’t short-circuit batteries?
The passenger entertainment system typically displays some information related to flight location, speed, altitude, ETA and so on. Where does that info come from ? If it does come from the "Aircraft Control Domain, or ACD" then these two systems are probably not "completely isolated" as claimed in the article?
> Where does that info come from ? If it does come from the "Aircraft Control Domain, or ACD" then these two systems are probably not "completely isolated" as claimed in the article?
You are indeed right, there is a connection to the BUS that shares some information. You can also write back some of the information(flight number, flight leg etc.) back to it. However, rest of the things are read-only. So, no way to do weird things like modifying the altitude or ground speed etc.
Basically, the main computer is completely isolated from the infotainment system, except for the BUS emitting these minor information.
You can however, probably get near the main computer if you can get the jump seat ...
You're making it sound like isolation requires exotic components, but a GPIO pin on a raspberry pi is basically one way only unless you explicitly write code to read data from it.
Thanks for this comment. It seems that ARINC 429 has been replaced by ARINC 644 in most new aircraft.
From reading the Wikipedia article, they are indeed logically one-way (although the underlying protocol involves two-way communication). It has no security at all.
However, it seems that communication between any avionics systems and anything user-accessible goes through a Network Extension Device (NED). These are required to either be physically (not only logically) unidirectional _or_ have built-in security.
So it might be physically impermeable or it might be a buggy 10-year old firewall. Doesn't exactly inspire confidence given the subject of the article.
I don’t know why you are getting downvoted. You are absolutely right. There is no need for any kind of connection to the system that flies the plane, even a read-only one. The entertainment network should be completely isolated and if one of the entertainment apps requires the aircraft’s location, they could use a separate GPS receiver and antenna.
A regular phone can also give you this information, just be seated at the window (I guess) for best reception of GPS data. The GPS test app is nice for this.
Coordinating Committee for Multilateral Export Controls (COCOM) limits is 1,000 knots (510 m/s) and/or at an altitude higher than 18,000 m (59,000 feet).
Commercial airliners usually have a service ceiling at about 40000 feet and a speed below the speed of sound (343 m/s). Even with a very strong jet stream of 100 m/s it's below the limit.
The Concorde had a service ceiling of 60000 feet and maximum speed of 605 m/s.
You can use Open Street Maps to monitor the flight without the internet connection.
I often use it to watch how the plane speeds up for take off and slows down for landing.
Sometimes you have to keep the phone closer to the window. Luckily you get the list of currently connected GPS sats so you can debug whether hiccups are software/hardware related or poor GPS coverage.
It's lot of fun observing how early planes start going down in altitude before landing or trying to guess river and city names from up top.
I have used Google's My Tracks (now defunct but apk still works) app, and Various GPS Speedometer apps at window seat to get the air speed and such for fun.
Yep. Its broadcast by ADS-B transponders. Suffice to say hobbyists with ADS-B transponders and people using FlightAware and its competitors' APIs don't all have write access to flight computers...
This article has some of the most frustrating uses of quotations I’ve seen: they’re placed right beside the paragraph they quote and they are exactly the same as the paragraph, so it’s forcing you to read the same thing multiple times.
Everyone is dismissing the headline as clickbait. The interesting part is the discussion on Electronic Flight Bags and their security. Seems like a gap.
Some years ago I was on a Lauder Air flight and somehow unintentionally crashed out the in-flight entertainment system when switching channels, fiddling with the buttons or such and ended up with the OS command prompt.
Not exactly life-threatening but it ought not to have happened.
I would add one more thing about hacking IN an airplane (not "a plane"): with the chat app included in many flights you can scam people and do other kind of funny things interacting between unknown people in the flight.
> The airplane networks are very carefully segregated. You have a bit in the cabin that’s called the Passenger Information Entertainment Services Domain. That’s completely isolated from what we call the Aircraft Control Domain, or ACD.
Seems to raise the question of where the nearest connection to the ACD is, from the passenger cabin.
No it's not, granted the headline makes it sound scarier than the reality.
> we did find ways to compromise the in-flight entertainment systems. But one of the limitations of our research is that the airplanes that are being retired – they’re the old ones. One of the systems we were working on was 27 years old. It was running Windows NT 4.0.
> We also discovered vulnerabilities in some of the apps, which meant if someone had compromised one of these tablets, they could mess around with the calculations [that] tell the pilot how much power they need
> the first vulnerability we found, Boeing came back to us within 24 hours and said, “We agree with you"
https://www.wired.com/2015/05/feds-say-banned-researcher-com...