This is really scary.
was able to hack into the plane's IFE system using default IDs and passwords.
Their IT security should be sacked. What a risk. Imagine terrorists getting control this way. How easy it is if you have the right software on a machine that is connected and the smarts to go with it.
I have seen default passwords on many systems over the years. The most common way to hack into a place. I remember the default password was "password" to a major commercial institution in Melbourne. They got very unhappy when I told them I found it. It made them look very bad.
To prove the point after 2 weeks of them not changing it... I used this password to snif and take control of other peoples sessions including the system administrator.... then they got the message and changed it.
Planes should not have this problem. The security should be hardened. Passwords need to be set and maintained in an encrypted database. I expect it is too hard for the maintenance crew so they all know the password and leave it as default. No good enough guys.
Computer expert hacks into plane and makes it fly sideways, according to FBI
A computer security expert hacked into a plane's in-flight entertainment system and made it briefly fly sideways by telling one of the engines to go into climb mode.
Chris Roberts of One World Labs in Denver was flying on the plane at the time it turned sideways, according to an FBI search warrant filed in April.
The warrant was first publicized on Friday by APTN, a Canadian News Service.
Roberts told the FBI he had hacked into planes "15 to 20 times," according to court documents first made public Friday.
Roberts first made news in April when he was told he couldn't fly on United Airlines because of tweets he had made about whether he could hack into the flight's onboard computer settings.
The FBI search warrant describes him doing just that.
According to the document, in an interview on Feb. 13, 2015, Roberts told agents he had hacked into in-flight entertainment centers on Boeing 737s, 757s and Airbus A-320 aircraft "15 to 20 times."
The warrant describes how Roberts would wiggle and squeeze the Seat Electronic Box under his seat, which connected to the plane's in-flight entertainment system, or IFE.
He would then connect a cable to the box and connect it to his computer. From there, Roberts was able to hack into the plane's IFE system using default IDs and passwords.
He overwrote computer code for the planes' thrust management computer, which he told agents allowed him to make the plane climb on his command.
At least once, according to the document, he told one engine on a plane to climb, causing the plane to move sideways as it flew.
Roberts also used software to monitor traffic from the cockpit, according to the search warrant request.
Roberts is a well-known and respected expert on computer security. He told the FBI he was furnishing the information "because he would like the vulnerabilities fixed."
15 April possible tampering
FBI agents had spoken with Roberts several times, according to the document. They told him that accessing an airplane network without authorization was a violation of federal statues.
Roberts told them he understood and that he would not hack into any more airplanes, according to the document.
On April 15, Roberts flew United from Denver to Chicago. On the flight, he tweeted about the possibility of accessing the plane's In Flight Entertainment system.
The FBI sent an agent to inspect the flight when it arrived in Philadelphia, where it had flown after Chicago.
The agent inspected the Seat Electronic Box below seats 2A and 2B and found evidence of damage and tampering.
Roberts flew from Chicago to Syracuse, N.Y. When he arrived, FBI agents took him into custody and seized as digital evidence his computer, hard drives and other gear he had with him.
The search warrant application was for permission to search Roberts' computer gear.
Roberts has not been charged with any crimes.
Requests for comment from the FBI, United Airlines and Roberts' company produced no immediate response.
Copyright: USA Today
http://www.msn.com/en-gb/news/world/com ... ?ocid=iehp
Computer expert hacks into plane
Forum rules
It's such a fine line between stupid and clever. Random guest posting.
It's such a fine line between stupid and clever. Random guest posting.
- Super Nova
- Posts: 11787
- Joined: Sat Dec 15, 2007 12:49 am
- Location: Overseas
Computer expert hacks into plane
Always remember what you post, send or do on the internet is not private and you are responsible.
-
- Posts: 20
- Joined: Sat May 16, 2015 7:27 am
Re: Computer expert hacks into plane
WOW, that is really scarey all right
Years ago airports complained about Playstation (1 or 2 not sure) being an "interference" with their gyros etc
Guess they haven't improved that much
Years ago airports complained about Playstation (1 or 2 not sure) being an "interference" with their gyros etc
Guess they haven't improved that much
- Super Nova
- Posts: 11787
- Joined: Sat Dec 15, 2007 12:49 am
- Location: Overseas
Re: Computer expert hacks into plane
Interference is one thing. Allowing someone to be hacking in is just plain negligence on their part.roogal wrote:WOW, that is really scarey all right
Years ago airports complained about Playstation (1 or 2 not sure) being an "interference" with their gyros etc
Guess they haven't improved that much
Now a days you are allowed to use you laptop on planes. So if you can connect a cable... you can hack in. Hell, they now have WiFi on planes so I guess you can hack through there as well.
This guy did the airline industry and all of us a real service. he should be employed by the airline industry to white hat hack every plane.
Always remember what you post, send or do on the internet is not private and you are responsible.
- skippy
- Posts: 5239
- Joined: Thu Mar 24, 2011 3:48 pm
Re: Computer expert hacks into plane
Yea, if he could do it so could a terrorist with the same know how. They can confiscate all the nail files they like at airports but it will do bugger all against hijacks if tech heads can hack the system.
-
- Posts: 10255
- Joined: Mon Feb 28, 2011 7:52 pm
Re: Computer expert hacks into plane
Too scary.
~A climate change denier is what an idiot calls a realist~https://g.co/kgs/6F5wtU
Who is online
Users browsing this forum: No registered users and 79 guests