funsec mailing list archives
Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sun, 23 Jul 2006 17:05:47 +1200
Fergie wrote:
The system "which could only be controlled from the ground would conduct the aircraft posing a problem to the nearest airport whether it liked it or not," according to extracts from next Monday's Der Spiegel released Saturday.
How will typical avionics fail safe design requirements affect the design of this functionality and the component(s) that implement it? Or are we all happy to accept that _this_ sub-system should be designed to not fail-safe? Recall that the important end of the equipment that does the controlling _is on the plane_, as are the hijackers. Also note that avionics tend to be incredibly modular for all those good ease of testing, servicing and replacement reasons. I recently -- well nearly a year ago now -- was reminded of this when a plane I was on aborted a take-off (while approaching the final taxi-way on the ground) when a diagnostics routine indicated a problem with some computerized control involved in steering the front wheel. The plane went back to the gate (the steering was apparently working fine, despite the diagnostics), they ran (and ran and ran, then re-ran all over again) the complete diagnostics for this control mechanism and when it persistently failed (presumably after "re-booting" or its equivalent), an engineer pulled out the unit and slotted in a new one. (This also failed, for reasons that were never explained to us and we were eventually taken off the plane and bussed to another plane, but that's another story...) Do we really think they're going to be allowed to design such an "anti- hijacker" system _to bolt onto existing avionics systems_ so that, if it's module (and its hot-swap/fail-over backups) are physically pulled from their equipment slots, the plane will not revert to manual control, or at least to traditional assisted navigation under the control/direction of those on-board? And, as the intended use of this is once the bad guys are on board, what's to stop the badguys simply finding the antenna cable for this device's comms channels and yanking it? And would especially ruthless hijackers with, say, one of the new "super-jumbo" A380 planes with 500+ hostages not simply start killing hostages until the remote navigational override was turned off? Whose government would actually NOT succumb to such a threat?
From the purely technical perspective, I'm fairly sure you could design
such not-to-be-overridden navigation override functionality into a plane's navigation systems _from the ground up_, but doing it as a bolt- on for existing systems seems unlikely to be usefully workable.
The system would be designed in such a way that even a computer hacker onboard could not get round it.
Yeah, right. And it would be unhackable from the ground too, right? Which leaves the question -- is hacking really the thing we should be most concerned about in such a situation? Are they telling us that no-one would be able to kidnap a few family members of the staff of whatever organization will have physical access to the crypto keys (or whatever) that will be needed to enable this navigational override? If such a system can be compromised "on the ground" (which it almost surely can) then it may as useful as a weapon of terror to a purely ground-based attack with no hijackers on the plane... Methinks there are some harder problems to be solved here than the article touches... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Fergie (Jul 22)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Nick FitzGerald (Jul 22)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft der Mouse (Jul 22)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircraft Nick FitzGerald (Jul 23)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Brian Loe (Jul 24)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Drsolly (Jul 24)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Nick FitzGerald (Jul 24)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Brian Loe (Jul 25)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Drsolly (Jul 25)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Brian Loe (Jul 25)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Drsolly (Jul 25)
- Doonesbury (was: Backdoor Software Being Developed to Regain Control ofHijacked Aircra ft) Cornali Remo (Jul 26)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft der Mouse (Jul 22)
- Re: Backdoor Software Being Developed to Regain Control of Hijacked Aircra ft Nick FitzGerald (Jul 22)