Aviation officials have taken a skeptical view of claims that it's possible to hijack a commercial aircraft using a smartphone, with both the US Federal Aviation Administration (FAA) and the European Aviation Safety Administration (EASA) issuing statements to the effect that it simply couldn't happen. On Wednesday, Spanish …
Traveling this week on Southwest, they actually made a point that phones now had to be *off* during takeoff and landing -- most emphatically not just in airplane mode.
This was new to me. Is this new bit of security theater in reaction to this hacker's claim, or is there some other reason they've turned up the silly? Are other airlines doing this as well?
Been that way on SAS for at least 4 and a half years.
Pretty sure that's standard practice here (to and from the UK). They want all devices switched off during take-off and landing, but you can use phones in flight-mode and other devices for the bit between. It's been that way as long as I can remember.
I fly Southwest 2 or 3 times a month and have been for around 10 years now. They have been asking for phones to be off (not airplane or game mode) pretty much that entire time. Don't know about other airlines.
You can if you have one of those extra large Samsung phones which you can tie to a toothpick and use as a battle axe.
Actually, the new Dreamliners have 17 interface ports, 4 of them located in various positions in the passenger cabin area and one is in fact a USB port.
The interface ports do take information from the central processing computer and the back up computers that cover any redundancies in the system but these are 'separate' from each other and the flight controls.
The worrying aspect is that the separation is software based and not hardware based. The reason for this is that there is a specific need to ensure there are no software anomalies or conflicts when the flight system as a whole operates. Adjustments can be made to the software though this.
And yes there is a laptop with a computer program that can be plugged into any of the 17 interfaces and check the system. The computer program is bespoke, so windows, android or iOS cannot talk to it....
However if an android phone contained the software.... But it can't.... Yet.
I was on a BearSkin Airlines from ThunderBay to Timmons ON CA last week, 5 min into taxing they asked us to shut down everything electronic. I would have felt more comfortable if they would have asked we had extra duct tape in our pockets (seriously this was basically a crop duster).
This is particuarly stupid, given that, in flight mode, my phone will stay in flight mode till I unlock the screen with a code.. But in poweroff mode, I just have to bump the power button. So airplane+locked is safer.
"But in poweroff mode, I just have to bump the power button. So airplane+locked is safer."
I've never met a phone that doesn't require at least a second of holding the power button to turn on, so I don't buy that.
As for the airline chat at the beginning, they've just gotten wise to flight-mode and updated their chat. It was always "turn all electronic devices off", now they clarify "and we don't just mean flight safe mode".
They also tell you to put it in flight safe mode and then turn it off if you're planning to turn it on again later. None of this is particularly new though - even cassette walkmans had to be turned off on takeoff/landing.
Nothing new IME
IME all of the U.S. and also Lufthansa internattion flights that I have been on require the devices to be shut off completely for 15-20 minutes at take off and also landing. I think this is intelligent safety precautions and certainly very reasonable. If people have a problem with such a minor request then they should take the bus or a freighter.
most airlines I've flown with tell you to put it in flight mode and then turn it off.
There is nothing OS specific about USB, that is the whole point (U for Universal). Appropriate code under any OS could talk to this if it is electrically a standard USB port.
There will no doubt be some top secret security-by-obscurity protection waiting to be breached.
That is standard practice. Phones must be OFF during take-off and landing. They can be ON during cruise, but must be in airplane mode, unless the aircraft is equipped with an onboard basestation. I was on a flight last week, which had an onboard basestation, but required international roaming to be enabled to work, and was hideously expensive to use it. It was however free to receive SMS messages through it.
Basically they want you paying attention during take off and landing
Not playing angry birds while safety announcements are being made or during the most dangerous parts of the flight
It's always been that way on flights I've taken.
but the reason is not interference so much, but passenger awareness.
If you are listening to something, or playing with a phone during take-off/landing, then you are not aware enough in an emergency, and while that might cost your life, it may also cost the lives of another passenger in an emergency!
Mobile Phones must be switched off
From the CAA website:
"Portable Electronic Devices (including mobile phones)
The use of portable electronic devices for sending and receiving data and voice calls is not permitted on board aircraft after they have closed their doors.
It may be possible to use a portable electronic device that has a transmitting facility in-flight, provided the transmitting facility is de-activated. This is often referred to as ‘flight safe mode’ or ‘airplane mode’.
Some airlines allow customers to use portable electronic devices for transmitting data and calls if the aircraft is fitted with a system that supports this, but there may charge for this facility."
On flights that I have taken with Lufthansa for at least the last five years, they always announce that the law requires mobile phones to be switched off when the aircraft leaves the gate and not be switched on again until inside the terminal building at the destination.
I always put my phone in flight mode but ne'er switch it off as that part is theatrical bollocks. I've flown over 40 times in the last six months and the plane doesn't seem to be affected. The other thing that tells me this is all theatre was an article I read somewhere (possibly even on the Reg) that had a statistic about the typical number of passengers that completely forget to do it. Phones in handbags, too busy reading etc.
The number of theories for why phones have to be turned off demonstrates the quoted pilot's view that "Commercial aviation is a breeding ground of bad information"... And in many cases the airlines have only themselves to blame.
"I always put my phone in flight mode but ne'er switch it off as that part is theatrical bollocks."
Finally someone talking sense. My phone is always in silent mode and just stays that way in a pocket. What the flight crew don't know won't hurt them, and won't hurt anyone else either. If planes don't crash because people forget to switch off, they won't crash because I can't be bothered to switch off, either.
"Appropriate code" - that's rather broad isn't it? Do you write software patents in your spare time?
Give me the "appropriate code" & I'll pwn the world!
A former colleague travelled a lot in West Africa, often on DC3's. In one case the pilot, an old white-haired African gentleman indeed did his "walk-around" with a roll of duct tape, covering up bullet holes along the way!
The colleague explained that: "Nah - no worries, they know what they are doing".
He would rather fly an ancient war-plane with an elderly pilot, who wears the plane like his own tweed-jacket, than any modern plane with two African youngsters straight out of flight-college in the cockpit.
As the standard response to someone worried about flying in an old aircraft goes: "How do you think it got to be so old?"
No member of the flight crew (that's the pilots, specifically, not the cabin crew) cares if your phone is on but in flight mode. They don't switch theirs off for every take-off and landing, but they do go into flight-safe mode.
However, the reason you're asked to put it into flight mode is because there is a small but not insignificant chance that it can interfere with some ground based navigation aids - specifically, the ILS (Instrument Landing System). This is - obviously - required for landing but in low visibility conditions provides lateral guidance during the take-off roll. I suspect the "turn it off completely" advice is more belts and braces than anything else.
According to Airbus in an Operational Engineering Bulletin, there is "no chance" of a phone interfering with the plane's flight control system. The probability of it affecting the ILS localiser is about 1/1,000,000. Hence the request that it's switched off. While unlikely to happen with 1 or 2 phones transmitting, with 800 of them broadcasting the chances of interference are much greater.
"And yes there is a laptop with a computer program that can be plugged into any of the 17 interfaces and check the system. The computer program is bespoke, so windows, android or iOS cannot talk to it...."
On this sentence alone, I declare it "Bullshit"
"I always put my phone in flight mode but ne'er switch it off as that part is theatrical bollocks. I've flown over 40 times in the last six months and the plane doesn't seem to be affected."
And it probably normally isn't. However, what if your phone has a fault which results it transmitting something that intereferes regardless of airplane mode and it does cause an issue? Are you a qualified electronics and aerospace engineer?
Yet you're quite happy to potentially risk hundreds of people lives because your too fucking lazy to follow the current air travel regulations and to just your precious phone off for 20 minutes?
Hope it blows up in you pocket and blows your nuts off. Nothing important would seem to be affected.
This sounds like a job for...
the Mythbusters or at least the BOFH and his friendly sidekick the PFY.
Re: This sounds like a job for...
I was thinking this was bogus
I was wondering how he could even connect to the FMS and the other flight computers in the first place. These systems are fully air-gapped and there are no wireless links and no way to access these things without being in the cockpit or other engineering compartments which will be noticed immediately if any one accesses these.
As for the Nav systems with the wireless links to the ground and satellites, it would be impossible for a phone to even rival the power output of these, and that's even if the Cabin wasn't shielded against EM and RF in the first place.
Re: I was thinking this was bogus
"These systems are fully air-gapped and there are no wireless links and no way to access these things without being in the cockpit or other engineering compartments ...."
Don't you mean that you *hope* they are airgapped.
In fact it seems quite likely that important systems are not truly airgapped at all. Hopefully they don't have a wifi or bluetooth interface, but the air-ground radio systems provide radio access, and he claims it is unencrypted.
These are likely directly connected to flight information display systems and/or navigation, and they are probably connected to other systems.
So this probably breaks the air gap, and reduces it to " well you can't push data in one hole and make it come out another one the designer didn't intend". History hasn't been too kind about that one.
Now the in-flight entertainment system displays the current position, and airspeed. Unless they have put a separate GPS antenna + pitot tube on just for this, it probably has a data connection to the navigation system.
So (about 2008) I got on a plane in BKK, and plugged my phone into the USB socket on the inflight tv thing (the type that lets you play your own photos and mp3s), as soon as I got seated (ie about an hour before we took off). When they started up the in-flight entertainment, well bugger me if it doesn't start to boot linux - I have a linux boot on the phones USB mass storage for an industrial tool, and the in-flight entertainment is booting off it, and happily scrolling the boot log. So next time I flew with them I brought a little mini usb keyboard and hub, and could merrily run linux console on the screen.
Actually it didn't work out so well, because that time I was on a 15hour flight, and it wouldn't actually reboot back into the entertainment system.
The linux console is more boring than even the worst movie (ok 50% of movies)
So hopefullly this guy hasn't found out how to do it.
Re: I was thinking this was bogus
The seat back entertainment system on Virgin Atlantic runs under linux, or it certainly did. One computer serves several seats.
Re: I was thinking this was bogus
The moving-map feed for the 'on-demand' entertainment is probably simply a separate GPS receiver.
- I'm reasonably sure it's separate because the height values have been wrong for my last few flights where it's been running on the ground.
Even if it does get the data direct from the flight instruments, the sane way to do this would be a unidirectional RS232 link - only one direction physically wired - streaming the current position and speed data into the moving map.
Re: I was thinking this was bogus
Singapore Airlines seat back system is Linux too. The one on the A380 anyway at least. When they told us there was an engine problem, and proceeded to turn the plane off and on again... Running a play book even I could have come up with I got a glimpse of the bootloader.
Re: I was thinking this was bogus
Aircraft GPS typically output in ARINC 429 words. A429 is unidirectional. Very little room for anything weird at all, at worst you'd invalidate the signal and the aircraft would ignore it, and that's assuming that your device is hooked up to the same transmitter as an aircraft system.
"Therefore, a hacker cannot obtain 'full control of an aircraft' as the technology consultant has claimed."
Do hackers include rootkits in ALL unwantedware that makes a computer operate in a way that it wasn't designed to?
"The statement went on to explain that although Teso may have been able to exploit aviation software running on a simulator, as he described in his presentation, the same approach wouldn't work on software running on certified flight hardware."
These responses, while likely reasonable from a purely practical standpoint, serve primarily to obscure the significance of the allegations.
Sure, in good weather and low stress conditions, pilots will notice bogus information... but what if the weather and stress levels are bad? Again, it's likely that the risk is low, but...
... why the heck AREN'T the digital radio messages signed?
Basically, they're saying that, while the door is never locked, it's hard to find and someone would notice if you walked in. All true, but why not turn the key, too?
"We pilots always check what the automatic systems are doing"
.... well, I seem to remember a Air France crash in the Atlantic where the pilots had no idea what the plane was doing when taking back control from the autopilot.
Also, I'd trust the FAA as far as I could throw them with their "regulated airspace". What does it mean that the airspace has rules if somebody does not play by the rules?
And we're sure this isn't advance work for another Bruce Willis flick?
"Fuck Off and Die Hard" or something?
We must listen to experts
" ....using only a desktop computer." the agency wrote, making something of a muddle of the facts."
If they can't be bothered to get simple reporting right, what makes anyone think they got the rest of it right?
The history of electronic/computer security is a history of people saying, "As a recognised authority in this field, I/we can tell you that this can not happen and the system is secure."
But I hope the FAA and other AAs aren't just going to rest on a quick expert response. At the very least it has been shown that there is altogether too much information available on the inner working of flight systems. It would be wise to quietly demand a detailed analysis from all providers of such systems as to why this exploit cannot work.
We checked with the expert we are paying over the odds for, they said "no, I'd never make a mistake", thus we trust them. ;)
Why would you ever believe a government, specially the US Government, say?
Although I concede assuming the control of, or even seriously disrupting an aircraft, with an Android OS handset is likely very remote ANY claims made by government should be taken with a fistful of salt.
I remember when the late Yasser Arafat and his Merry Men were recycling aircraft in the Middle Eastern deserts, the Foreign Office tossed high-powered SSB communications systems in to primarily the BA predecessors aircraft without much testing. So if a 200-300 watt HF SSB set passed muster, why would a 0.3 watt Android cause concern?
Likewise, BOAC aircraft did long range testing of other government systems. Decca Navigator had equipment aboard many BOAC flights to Moscow to test coverage for potential RAF bombing use (some of the lane ID signals were lost although the 4 main frequencies were fine).
The recent DEA claim that it couldn't 'hack' iThingy messaging systems was most likely a ham fisted attempt to persuade their potential clients to use an open door which they happily monitor, trolling for new business.
Social drug dealers should continue to cross-post messages on travel web sites, as they do now, avoiding any that are hosted in the USA such as Trip Advisor or LP. The avoidance of any cell handset communication in and around Thailand is recommended for them, too.
..."and the extent to which different myths, fallacies, wives' tales and conspiracy theories have become embedded in the prevailing wisdom is startling."..
Why should aviation be any different? Almost ALL aspects of human endeavour are full of myths and stories. Read Snopes.
Sometimes I wonder how scientists ever manage to advance or engineers manage to design things. Making up stories seems to be so bound up in the human psyche. The current philosophy of 'PostModernism' actually cements this idiocy by claiming that 'what you think is happening' has as much validity as 'what is actually happening'.
Very much like Climate Science...
The 4 stages of security response
First they ignore you
They they say there is no risk
Then they say there is a risk, but it is not exploitable
Then you are hacked.
The most worrying statement was "For more than 30 years now, the development of certifiable embedded software has been following strict guidance and best practices that include in particular robustness that is not present on ground-based simulation software."
Yes, for safety, but as anyone who has developed secure embedded systems will tell you a different mindset is needed compared for safety assured systems since with safety the faults are not actively trying to locate and exploit weaknesses(although it does feel like they do sometimes).
Probably there is no risk, but that is no excuse for trying to sweep these things under the carpet
Re: The 4 stages of security response
completely agree with you. Embedded systems never consider security they consider functionality. In this case it does not matter that pilots can overide tampering of aircraft controls its the fact that they can be altered that will distract pilots and thus cause accidents. For a more detailed explanation of this problem and respomse from pilots see http://arstechnica.com/security/2013/04/hacking-commercial-aircraft-with-an-android-app-some-conditions-apply/
assuming this is true...
How does the exploit access the flight control system?
A pretty big obstacle would be to send it data at all without being somewhere where passengers tend to not be permitted to go.
Re: assuming this is true...
AFAIR using a radio transmitter using the same mechanism the airline itself uses to transmit operational data to the aircraft (could be EICARS, can't be bothered to look it up)
Damn, another lost opportunity ..
.. to ban Android phones.
Next week: how iOS ruins GPS navigation - are they an iRisk?
Following week: Windows phones: threat in the clouds? How viruses board aircraft.
Get your adverts placed now - do not miss out on the furore as the FAA may decide to ban phones from planes altogether. (won't happen, but a bit of conjecture adds to the page impressions). Etc.
Sorry, I'll fly regardless. If it happens, it happens. It won't take long, and there will be less chance to survive it as a near vegetable as with a car accident. I'd be more worried about stuff like batteries on the new planes, and intelligent people must have noticed that those planes landed safely too despite the problems, proving that the system works and things get found out. Personally, I would welcome an end to the security theater because it's costing a fortune that can be more productively spent elsewhere, like healthcare.
Right... about... THERE!
" I'd be more worried about stuff like batteries on the new planes"
Pretty sure they have been making batteries for many, many, years now. Settled science you might say..... yet batteries are catching on fire on the new Boeings and they are not sure why.
Extrapolation: They say "Our software is Bulletproof", yet heavily defended gov orgs like, oh say, the Pentagon gets 'hacked' on a daily basis. With who they consider the best experts in the field, yet it_still_happens.
Kinda sets the stage for a massive, deadly, <facepalm> at some point in the future.
Re: Right... about... THERE!
Um...you do know they were lithium batteries which have known issues, not NiMH or NiCd batteries which are extremely safe and reliable?
Re: Right... about... THERE!
"not NiMH or NiCd batteries which are extremely safe and reliable?"
Sarcasm, I hope?
If not, try getting any suitably beefy rechargeable battery and sticking a coat hanger across the terminals. See how long it takes for the hanger to melt or the battery to bust a seal.
As for reliability.. with NiCad? The battery technology you have to flatten in order to charge up again properly?
Lithiums might need to be treated gently, but so long as you do, they're heaps better than any NiCad and have tremendous capacity to weight benefits over NiMH.