back to article 'Plane Hacker' Roberts hacks cows

"Plane Hacker" Chris Roberts managed to make it to Israel before delivering a barnstorming presentation at the nation's Cyber Week security conference. The larger-than-life Highland Games participant told delegates how he discovered it was possible to hack milking machines in the wake of 2014's Scottish referendum result. …

  1. Mark 85 Silver badge

    Why do we shoot the messenger still?

    Roberts is just one example of someone who finds a flaw and gets a butt-ache from either the company or the government or both when reporting it. They should at least get a "thank you" and then the flaw should be fixed.

    A miscreant will just steal (i.e." copy/download") what ever data they want and do with it what they want and/or upload ransomware which hits the bottom line and gives the IT staff a headache.

    This whole scenario lately makes me wonder what are our corporate and government masters thinking....

    1. Deltics

      Re: Why do we shoot the messenger still?

      Is just one example of someone who sets about finding "security flaws" in any potentially accessible system then talks up the "threat" that this poses.

      Hackable airplanes is one thing. People might die.

      Hackable milking machines. Streetlights. Seed drillers. ? The threat to life, liberty and justice is hardly measurable in these cases.

      1. Eddy Ito Silver badge

        Re: Why do we shoot the messenger still?

        Messing with milking and seeding machines may not seem to be an issue but it is messing with the food supply and potentially bankrupting to large portions of said supply. Economically this is not that much different than hacking the power grid but may have a delayed impact and not readily noticeable until an entire years yield is halved or more. Sure people might not suddenly die en masse but it's one of those potentially hidden failures that gets written off as bad luck until it really becomes serious.

      2. Peter Prof Fox
        Pirate

        Why this is it's important

        Because it brings the issue of cyber security to the public's attention via the Daily Fail etc. That we should actually expect and demand auditable security from say... Smart Meters, wireless door locks and cars.

        I can't derail a single train (or cause a collision which is a more likely scenario) with a crowbar and anyway what's the point... but just think what I could do if I could hack signalling software all over the country in the middle of Monday rush hour by turning all red lights green (probably a single DEFINE somewhere in the code.) I can't be arsed to climb the North Downs, but being first up the Everest of hacking, while stroking my white cat, might tickle my fancy.

        But instead I could decide on one of a hundred ways to make money out of my 'harmless' discoveries.

    2. chris 17 Bronze badge

      Re: Why do we shoot the messenger still?

      Did the FIA or other aviation bodies actually instruct airlines to make any changes as a result of this mans claims. if not I suspect his hacking claims are total bogus and onlynserved to cause fear uncertainty and damage to the airline industry's reputation amongst the travelling public.

    3. Richard 12 Silver badge

      Re: Why do we shoot the messenger still?

      Two reasons:

      1) He didn't hack the plane.

      He might possibly have been able to do something to part of the inflight entertainment system. Annoying, but not dangerous and not even that serious unless it was persistent, as that gets power cycled a *lot*.

      2) He claimed to have taken control of an actual live flight containing real passengers, without any permission whatsoever, apparently because he was a bit bored on the flight.

      That's practically the definition of an idiot script kiddy.

      1. Afernie

        Re: Why do we shoot the messenger still?

        "1) He didn't hack the plane."

        This. There may well be interesting vulnerabilities in non-obvious systems like milking systems, but his previous form on making (and failing to back up) outlandish claims regarding hacking avionics means I can't trust anything he says.

      2. Anonymous Coward
        Anonymous Coward

        Re: Why do we shoot the messenger still?

        1) He didn't hack the plane.

        No, but he showed information that suggested there was a pretty good chance he had gained access to the Flight Management System and if he did indeed access the FMS to read data, there would be nothing to stop him writing data instead.

        Only an idiot would hack an aeroplane when they are sat on it.

        1. GavinC

          Re: Why do we shoot the messenger still?

          "if he did indeed access the FMS to read data, there would be nothing to stop him writing data instead."

          well, apart from the fact it's a one way link between the FMS and IFE. You can read, but can't write.

  2. Ralph B

    Just Doing It versus Doing It Securely

    Say there's some benefit - X - that can be implemented non-securely in time T. Or you could implement it securely, which would involve multiplying T by S.

    - How critical must X be that it is worth spending T*S rather than T on it?

    - How useful or attractive must X be that it's worth rushing it out in T rather than T*S?

    - How important is it to be first-to-market that you'd rush out X in T, knowing that you (or a rival) will have to spend T*S later to do it again properly?

    Are these economics questions? Or business and/or social ethics? Or what?

    Finally, there's one practical IT question:

    - How can we reduce S towards 1?

    Any answers on that?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019