back to article Airplane HACK PANIC! Hold on, it's surely a STORM in a TEACUP

Claims by a security researcher that he hacked an aircraft in flight have been questioned widely across the hacking community and the airline industry. According to a FBI affidavit, security researcher Chris Roberts claimed to have taken control of an airplane using an ordinary laptop connected to the aircraft’s In Flight …

  1. Captain DaFt

    Pshaw!

    I have it on good authority from no less than the US Government that there are two methods to take control of a plane.

    One involves a pair of nail clippers, and the other utilizes a container that can hold more than three ounces of water.

    I guess this is why McGyver is permanently on the no fly list, since he's the only one that knows how to do this.

    1. Anonymous Coward
      Anonymous Coward

      Re: Pshaw!

      But I have never found out how to transform the three ounces of water into "The Blob" using the nail clipper.

      (Also, El Reg has missed a good heading about "Dread Air Pirate Roberts" or maybe Porco Rosso. For shame.)

  2. DougS Silver badge

    Don't rely on passengers to catch this

    Passengers are good at spotting stuff they know is suspicious based on what they've heard on the news, like someone trying to break into the cockpit or generally acting crazy. A guy fiddling around under his seat isn't likely to raise alarms, especially when there are only one or two people in his row who could even see it. If he was seated next to people who doze off during a flight, he wouldn't even have to come up with an explanation like "I dropped my pen and it is jammed under the seat somehow"

    If he's in a window seat with the tray table down and his laptop out, even a wire from the window side USB port connected to something under the seat is unlikely to be noticed, as he can be sitting on all but the last few inches.

    1. MacroRodent Silver badge

      Re: Don't rely on passengers to catch this

      Besides, it would be easy to book the whole seat row with accomplices.

  3. Charles Manning

    Times sure have changed

    In the 1990s, a colleague of mine was on a trans Pacific flight and was having problems with the sound jack for entertainment system.

    He's an engineer, so not a problem. Pull out the swiss army knife and leatherman, disassemble the arm rest, fix the problem and reassemble.

    Nobody freaked out. A bit later an air hostess asked him to fix something else on the plane.

    Fast forward to 2008. I pulled out a laptop and plugged in an Arduino-like board to do some development. After about ten minutes I was requested by cabin staff to put it away because the wires and blinking lights were making some passengers nervous because it looked threatening (they were very careful not to say "Bomb").

    One thing about the War On Terror, it is making us terrified!

    1. Neil Barnes Silver badge
      Coat

      Re: Times sure have changed

      Ah yes, the days of my youth: have toolkit, will travel. With screwdrivers, cutters, knives, soldering iron, wires, plugs/sockets and spare parts.

      All in the carry-on.

      Although there *was* that time, when I chanced to be on the last flight out of Delhi before a mid-air collision, flying into Tashkent with not one but two passports, when they had royalty on a state visit and I had a toolcase full of equipment... That was an uncomfortable couple of hours.

    2. Voland's right hand Silver badge

      Re: Times sure have changed

      One thing about the War On Terror, it is making us terrified!

      It is supposed to. Read more on Stalin's rise to power and why he got as far as he did, it provides a good explanation on the necessity to keep the population terrified of "something".

      You are not the only one by the way. I had a similar incident with openwrt and a (lidless) TP3020 portable access point with the console plugged in. From there on I work only harmless stuff on planes such as virtualization, java, etc. Real work - that is for the desk back home.

    3. Robin

      Re: Times sure have changed

      Fast forward to 2015. I was stopped at Manchester airport security area because I had some cheddar cheese in my cabin baggage, which I was taking back for the folks in Spain. You couldn't make it up.

      1. Ralph B

        Re: Times sure have changed

        A few years ago I was stopped at security for having a house brick in my carry-on luggage. (It happened to have my name baked into it. (Recovered from a demolished building, not a vanity creation.)) Despite bricks not being on the list of forbidden items, it was deemed a risk - in case I was planning to budgeon my way into the cockpit - and it had to go in my hold luggage instead, which meant I nearly missed that flight.

        Yes, I know, I should have put it in the hold luggage from the start.

      2. Trigonoceps occipitalis

        Re: Times sure have changed

        "You couldn't make it up."

        Oh, I could - but airport security would sue me for plagiarism!

        1. Sgt_Oddball Silver badge

          Re: Times sure have changed

          Narrator: Was it ticking?

          Airport Security Officer: Actually throwers don't worry about ticking 'cause modern bombs don't tick.

          Narrator: Sorry, throwers?

          Airport Security Officer: Baggage handlers. But, when a suitcase vibrates, then the throwers gotta call the police.

          Narrator: My suitcase was vibrating?

          Airport Security Officer: Nine times out of ten it's an electric razor, but every once in a while...

          [whispering]

          Airport Security Officer: it's a dildo. Of course it's company policy never to, imply ownership in the event of a dildo... always use the indefinite article a dildo, never your dildo.

          Narrator: I don't own...

    4. Kevin Johnston

      Re: Times sure have changed

      Oh the remembered joys...

      I was working in Saudi Arabia for BAe many moons ago and it was well known that you never flew on the same plane as the fitters as they had a habit of working their way round the cabin looking for things to fix. Used to drive the cabin crew frantic trying to stop them taking stuff apart but the passengers seemed to consider it as the in-flight cabaret

    5. Anonymous Coward
      Anonymous Coward

      Re: Times sure have changed

      Way back in the days of Sony Walkmen, I had one with an FM radio.

      The reception was rubbish, so I made a portable aerial amplifier consisting of an extensible antenna fastened to a cardboard toilet roll that contained the circuit board and 9v battery, with a wire hanging out to connect to the antenna input on the Walkman.

      As a kid, it never really occurred to me the device looked *exactly* like a home-made bomb - until I got stopped at airport security...

      In fairness, the security guards were just fine once I'd explained what the hell it was. I dread to think what would happen if someone pulled the same stunt now.

    6. Richard 1

      Re: Times sure have changed

      As we all know from films, bombs are always fitted with blinking lights. Without blinking lights they are completely harmless.

      1. Anonymous Coward
        Anonymous Coward

        Re: Times sure have changed

        Don't forget the helpful bleeping when it counts down. I always wondered why the actors bothered being stealthy getting into places if they were going to fit bombs that bleeped that loud.

    7. JeffyPoooh Silver badge

      Re: Times sure have changed

      "I pulled out a laptop and plugged in an Arduino-like board to do some development."

      Use of 'external peripherals' is not permitted for quite reasonable and rational EMI reasons.

      No need to seek further explanation.

    8. Amorous Cowherder
      Facepalm

      Re: Times sure have changed

      Way back in 2001 ( pre towers ), we got pulled by airport security in NY, they claimed we had knives in our bags. We said we had nothing of the sort. Security showed us the X-Ray and sure enough there was something that looked like knives. So we pulled the entire bag apart only to find 2 long handled hairbrushes and some finger nail sand-boards!!

      I had a Swiss army penknife I stupidly left in my carry on bag, no one even noticed that!

    9. Naughtyhorse

      One thing about the War On Terror, it is making us terrified!

      MISSION ACCOMPLISHED! :-)

  4. Jack of Shadows Silver badge

    So much for using cell-phones, or that matter any electronic device, on flights from now on.

    1. Dan 55 Silver badge
      Happy

      You say that like it's a bad thing.

      1. Michael Wojcik Silver badge

        You say that like it's a bad thing.

        Well, my original e-Ink Kindle, with the case that has the built-in reading light, is more convenient than multiple books / magazines and a clip-on reading light. So I admit there's one electronic device I'd miss if I couldn't use it on a plane. Flying is pretty miserable as it is.

        That said, I went for many years using the physical-book-and-clip-on combination, and somehow I survived.

        (A couple of times I used a laptop while flying, if I was in Business or First, or back in the days when SteerageCoach wasn't always jammed to the gills. But I found it hard to be very productive in that environment. It seemed to be more useful to use it for research or entertainment.)

  5. MacroRodent Silver badge

    Black box?

    One would expect the flight recorder could be used to determine if the alleged hacking actually happened or not.

    1. DropBear Silver badge

      Re: Black box?

      Well sure, but as we well know flight recorders are surrounded by a time-dilation field that makes even the simplest operation involving one take many months or even years in our time...! (Seriously though - if there was nothing else particularly exciting on that flight, that data is long overwritten by now...)

    2. User McUser

      Re: Black box?

      There's a much easier way - just look at the maintenance logs. Any pilot worth their salt who is flying a plane where one of the engines just throttles up all by itself enough to supposedly yaw the plane is going to log it and ask maintenance to inspect the thing. If they're paranoid enough they might even shut it down completely.

      Also, IIRC, the "black box" records the position of the various controls directly so if this hack really did occur then it would not be logged in the flight data recorder.

  6. Voland's right hand Silver badge

    Err minor detail

    He points out that there are multiple safeguards built into Boeing aircraft systems

    The aircraft in question was an Airbus.

    1. Neil Barnes Silver badge

      Re: Err minor detail

      And indeed, that is one of the safeguards: due to the built-in airgap, you can't hack a Boeing from and Airbus.

    2. aawelj

      Re: Err minor detail

      Since the "he" in question was a spokesman for Boeing Commercial, as specified in the article, you wouldn't really expect him to mention the competition directly, would you? Although it is a nice bit of damning by omission.

  7. Anonymous Coward
    Facepalm

    This happened to me, but in reverse

    I was on a flight to New York watching a film, we were near to landing and suddenly, without warning, my film was switched off and the pilot made an announcement. I looked around in bewilderment and noticed that every person's screen that I could see was blank!

    The explanation? Clearly we'd been cyber-hacked, and by the pilot or maybe one of the crew! The person in a position of supreme trust on the plane had either hacked us all or passively sat back whilst the cyber hackery took place. Will the pilot be punished? Probably not. In my panic, all I could think of was: what about the children? Will this affect house prices in my area?

    So if a BA pilot can violate passengers' trust like this, then surely it's within my human rights to navigate the plane a bit with my phone. Quid pro quo, as the Spanish like to say. Quid pro quo.

    1. Anonymous Coward
      Anonymous Coward

      Re: This happened to me, but in reverse

      I think you just have to cut back on the caffeine. :)

      1. Will Godfrey Silver badge
        Happy

        Re: This happened to me, but in reverse

        NoNO. That was the best comment so far

  8. geoffb_au

    What about the pilots?

    If the alleged hack did occur, wouldn't there be a pilot or two somewhere with an interesting story about the time (from their point-of-view) they were on the way from X to Y when they noticed one engine entered an un-commanded increase in power? Couldn't they corroborate the in-flight allegation? They'd have the flight number and date; he could offer a rough time estimate? Shouldn't be too hard.

    1. Anonymous Coward
      Anonymous Coward

      Re: What about the pilots?

      There would be more than a story; there would be a report in a QA tracking system.

  9. Pen-y-gors Silver badge

    Strange

    Seems a bit odd to arrest someone for doing the impossible (or at least according to the manufacturers and airlines)

    What next? Nicked for using a perpetual motion machine in a public place?

    1. Roj Blake Silver badge

      Re: Strange

      Of course! After all, using a perpetual motion machine is against the law(s of thermodynamics).

    2. Anonymous Coward
      Anonymous Coward

      Re: Strange

      Seems a bit odd to arrest someone for doing the impossible (or at least according to the manufacturers and airlines)

      What next? Nicked for using a perpetual motion machine in a public place?

      I think it's more like being arrested for stating you have done something dangerous that would worry the heck out of people if it were true. Implausible as we find it after some thinking and analysing, it would have to be investigated if this was merely stupid bragging or stupid self-incrimination. In this specific case I cannot blame law enforcement for first seeking to reduce the threat, and then ask questions when they have access to expertise that can distinguish between the two.

    3. JeffyPoooh Silver badge
      Pint

      Re: Strange

      "Seems a bit odd to arrest someone for doing the impossible..."

      It's their way of encouraging him to shut his nonsense-spewing pie hole.

  10. Alister Silver badge

    This article seems to be based on the erroneous "fact" that Roberts has done these things, whereas it was my understanding of the original story that Roberts claimed that such actions were possible, and the FBI twonk totally misrepresented what Roberts had said?

    1. Gordon 10 Silver badge
      FAIL

      Agreed. I think this story should read "The FBI claims Roberts claims"

  11. Simon Watson

    Hrumph

    I read the whole comments section looking for a good Airplane gag. Shame on you all.

    1. Raumkraut

      Re: Hrumph

      Sorry, looks like I picked the wrong week to give up Airplane gags.

      1. The Jon

        Re: Hrumph

        - What do you make of this [story] Johnny?

        - Well, I can make a nice hat, or a brooch. Or a pterodactyl..

    2. Hellcat

      Re: Hrumph

      Better watch out for more from DEFCON this year given the security incident.

      DEFCON? What is it?

      It's a big conference of hackers, but that's not important right now.

    3. Laura Kerr
      Thumb Up

      Re: Hrumph

      Yes, but this is an entirely different kind of flying.

      1. This post has been deleted by its author

        1. John G Imrie Silver badge

          Re: Hrumph

          Yes, but this is an entirely different kind of flying.

          Yes, but this is an entirely different kind of flying.

          Yes, but this is an entirely different kind of flying.

          1. Will Godfrey Silver badge
            Happy

            Re: Hrumph

            I'm delighted that so many other commentards remember one of the best films ever made!

    4. Sgt_Oddball Silver badge

      Re: Hrumph

      Now the shits really hit the fan.

      1. Pedigree-Pete
        Coat

        Re: Hrumph

        /pedant

        What, more than 1 shit hit the fan.

        Now the shit's really hit the fan.

        /pedant

        Mines to he one with the OED.

  12. Anonymous Coward
    Anonymous Coward

    Old news

    http://www.theregister.co.uk/2013/04/11/hacking_aircraft_with_android_handset/

    It's been evident for nearly 2 years that there are ways to hack an aircrafts systems, and I feel that Boeing and Airbus are doing everything they can to cover the situation without fixing the issue.

    I believe that flight MH370 was compromised in this fashion and is a reason why the investigations are being hidden.

    1. Anonymous Coward
      Anonymous Coward

      Re: Old news

      How exactly is the MH370 investigation "hidden"? Interim report issued, status updates about sonar ships, etc, what more do you expect of an ongoing investigation - live-blogging and tweets about their choice of breakfast cereals? Several teams from several countries are working on a complex puzzle and often talking to insiders in confidence; of course they can't and won't just scratch our itch for updates.

      And as for the aircraft manufacturers doing nothing, that's just a silly claim: if such a problem exists then it's the biggest liability and reputational timebomb for decades and they'd be moving heaven & earth to (quietly) fix it. Just look at the damage Boeing took from the 787 battery fires.

    2. Yag

      Re: Old news

      Nope.

      MH370 was a relatively old B777.

      This kind of plane use "old school" avionic specific links (Arinc 429) which requires a very special kind of interface to be tampered with, and there's no way it can be connected to a W-LAN or an Ethernet network without significant interfacing HW and SW.

      Even if Boeing wanted an A429-to-Ethernet converter for providing the position/speed/alt to the IFE, there's no chance in hell they added the Ethernet-to-A429 conversion (for the simplest of reasons : costs!)

    3. streaky Silver badge

      Re: Old news

      I feel that Boeing and Airbus are doing everything they can to cover the situation without fixing the issue

      I'd lean towards agreeing with you, there's something about this story that doesn't add up. Either safety critical systems can be compromised this way, or they can not. The end.

      I believe that flight MH370 was compromised in this fashion and is a reason why the investigations are being hidden

      And then off the deep end. You have to find an aircraft before you can investigate what caused it to crash. It wasn't aliens, it wasn't Bin Laden. Shit disappears, it's a big ocean, relax before you have a stroke.

    4. Naughtyhorse

      hidden? HIDDEN?

      do they not have CNN in your country?

      all day everyday for 6 fucking months.

      and no news :-S

      no due to a coverup, more due to there being nothing to report

    5. Charles Manning

      Re: Old news

      Tin foil on special in Isle 3.

      Believing is bullshit. It is just feeling with no evidence.

  13. Scott Broukell
    Meh

    Obvious innit . . .

    I find this hardly surprising at all, I mean have you seen the sheer numbers of lunch-time courses, blatantly on offer, freekin everywhere I tell you, for those people who want to become airplane pilates !

    1. Anonymous Coward
      Anonymous Coward

      Re: Obvious innit . . .

      > airplane pilates

      Seems impractical. The aisle on an airliner is usually very narrow and there isn't anywhere to put the mat.

  14. Tannin

    Please learn how to spell aeroplane.

    1. DropBear Silver badge
      Headmaster

      Ooooh, I know those! The things that take off from and land on aerodromes, right...?

      1. Bunbury

        I think the chappie is actually referring to an aero-craft; the aeroplane - technically speaking, don'tcha know? - is merely the plane of the wing...

    2. Elmer Phud Silver badge
  15. hplasm Silver badge
    Coat

    Well, either he did it-

    Or the FB lie...

  16. Yag
    Headmaster

    Details, details...

    AFDX (Arinc 664 actually, AFDX is Airbus' property) HW layer is a redundant ethernet with a few gimmicks added.

    AFDX protocol layer is strangely similar to UDP/IP. We often used a plain old PC with Wireshark to investigate the traffic instead of using the cumbersome AFDX tools...

    However...

    * There's only a handful of planes that use AFDX, and two of those are either not yet widely deployed (there's 2 A350 flying around) or (and?) military (A400M). Which leave only the A380 and B787s.

    * Due to the constraints added by AFDX compared to your ol' Ethernet/IP/UDP, it's unlikely you can "spoof" one of the inboard equipment with a plain old PC, even if you're directly linked on the AFDX bus. The worse you might do is a DOS attack. But...

    * As stated on the article, the switches and routers between the AFDX network and the ethernet/IFE networks are not really of the "dumb" style, and filter all upcoming traffic, thank you.

    This is why this whole story smelled fishy to me from the start...

  17. SimonSplat

    @Robin - Cheese

    Apparently some cheese can look like plastic explosive when going through those scanners. So, that may be why they got suspicious!?

    1. Tom 7 Silver badge

      Re: @Robin - Cheese

      Try some cabralese - can kill from 10 paces and tastes superb!

  18. Gordon 10 Silver badge

    Maybe he's not a hacker at all

    Just merely a tester on a new Wing Commander game who accidently connected to the onboard systems when fighting the Kilrathi?

    http://en.wikipedia.org/wiki/Chris_Roberts_(game_developer)

  19. -tim
    Black Helicopters

    Say it isn't so!

    Rockwell Collins says their new moving map needs to be connected to the ARINC bus for some features:

    http://www.rockwellcollins.com/~/media/Files/Unsecure/Marketing%20Bulletins%20Rev1/BRS/MBAirshow%204000%20BRS110087.aspx

    Virtual pilot's eye view using the aircraft's flight and navigation information. Requires pitch and roll labels to be available on ARINC busses.

    1. JeffyPoooh Silver badge
      Pint

      Re: Say it isn't so!

      Systems can be designed to physically (hardware) restrict data to flow in only one direction.

      For example, hard wiring a 'RECEIVE ONLY' or 'XMIT DISABLE' pin as required.

      This is really basic Avionics 101.

  20. roger 8

    someone is going to be stupid enough to sit on a plane with lappy and joystick. every time you hit turbulance they are going to shake joystick. scaring the shit out off passengers.

    one way ticket to a very dark deep room

  21. Jay 2
    Happy

    Dilbert's PHB got there first...

    http://dilbert.com/strip/1997-09-10

  22. Bob Dole (tm)
    FAIL

    Real threats?

    Either put this guy in jail or simply ignore him. He's obviously into self promotion which the governments and various media outlets are falling all over themselves to help him with.

    What I don't understand is why the FBI and media outlets are spending so much time on a story about a guy boasting he can do something that they have no proof he actually did. Further, it something that industry experts say simply isn't possible.

    Are there no more real threats out there?

  23. Laura Kerr
    Thumb Up

    @Simon Watson

    "I read the whole comments section looking for a good Airplane gag."

    You read the entire comments section? Surely you can't be serious.

    1. Anonymous Coward
      Anonymous Coward

      Re: @Simon Watson

      Don't call me Shirley.

      1. David Roberts Silver badge

        Re: @Simon Watson

        Yes I did(am?)........

        .........and don't call me Shirley.

        /Pedant

        (with a dodgy memory)

  24. Anonymous Coward
    Anonymous Coward

    Don't take the claims at face value

    While I am inclined to believe that the electronics in an aircraft can be hacked, I would not take this guy's claims as being 100% legitimate. If he's a white hat gone astray then he should be able to demonstrate his skills in taking control of the aircraft electronic with the plane on the ground. If he can in fact do this then all aircraft makers need to get very serious about hardening their electronic systems.

  25. jimbo60

    way to much of a fish story here

    First off, the guy claiming to have made the hack doesn't even know proper aircraft terminology. He says he caused an engine to lift. Huh? Engines don't lift, they thrust. Sounds like he's trying to describe a slight roll without a turn, which would cause slip, which the engine won't do. Mismatched thrust would first cause yaw. Enough yaw can change the airspeed across the wings and cause roll, but at that point the plane would be off course and the flight crew and ATC would be freaking out.

    Now he claims to have hacked space station temperatures, and next he'll take the Mars rover out for a spin.

    I'm thinking this is an exercise in finding out how many gullible journalists there are in the world.

    1. Anonymous Coward
      Anonymous Coward

      Re: way to much of a fish story here

      "how many gullible journalists there are in the world"

      %FORT-W-INTOVF, Integer overflow probable at line 3

  26. ProfessorLarry

    Real possibilities

    "More difficult than you might think" is a far cry from "not possible." The press has been gleefully reporting "experts" and official spokespersons reassuring us that the IFE and critical flight control systems are "separate" systems that are not interconnected. However, in testimony before the US Senate, United president and CEO Jeff Smisek indirectly acknowledged that critical flight systems and passenger Wi-Fi are, in fact, interconnected. "There are clear firewalls between a Wi-Fi system and any kind of control." Firewalls, of course, can be breached, which is what hackers are good at.

    Boeing actually deliberately designed passenger cabin and flight systems on the 787 DreamLiner to share network components because it enabled them to save some 900+ kg, meaning there are any number of possible crossover points.

    Digital hijacking of a commercial airliner is an unlikely scenario but denial will not make very real and demonstrated vulnerabilities go away. Before Roberts flamboyantly grabbed the spotlight, other security researchers (Teso, Santamarta among them) had demoed techniques to accomplish what he has claimed.

    --Prof. Larry Constantine (pen name, Lior Samson, author of Flight track)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019