On Mon, Feb 5, 2018 at 1:57 PM, Ron Natalie <ron@ronnatalie.com> wrote:
I've not seen that in an airplane.   I'd like a cite.

comp.risks:

 
Interconnection of Three Previously Separated Networks in Boeing 737
Joe Loughry <joe.loughry@stx.ox.ac.uk>
Wed, 11 Jun 2014 19:06:37 +0000
"Special Conditions" refers to the fact that certification rules haven't
kept pace. The three network domains (aircraft control, operator
information, and passenger entertainment) used to run on physically separate
wires, primarily for historical reasons, but having obvious engineering
benefits as well. In recent years, first the computers and now the networks
have migrated to virtual machine separation on shared hardware, for the
equally obvious space, weight, and power savings. The *Federal Register*
rule published this week mentions interconnection between at least two of
the three domains; I hope they paid close attention to UC Berkeley's
"Experimental Security Analysis of a Modern Automobile" (2010).

https://federalregister.gov/a/2014-13244

Source: "Special Conditions: The Boeing Company, Models 737-700, -700C,
-800, -900ER, -7, -8, and -9 Series Airplanes; Airplane Electronic Systems
Security Protection From Unauthorized External Access" [*Federal Register*
vol. 79, no. 109, June 6, 2014, pp. 32640-32641].

Joe Loughry, Doctoral Student in the Department of Computer Science
St Cross College, Oxford


and

Banned Researcher Commandeered a Plane (Kim Zetter)
"Peter G. Neumann" <neumann@csl.sri.com>
Fri, 15 May 2015 21:12:42 PDT
  (Courtesy of Dan Farmer: Fly the unfriendly skies?)

Kim Zetter, Feds Say That Banned Researcher Commandeered a Plane
http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/

A security researcher kicked off a United Airlines flight last month after
tweeting about security vulnerabilities in its system had previously taken
control of an airplane and caused it to briefly fly sideways, according to
an application for a search warrant filed by an FBI agent.

Chris Roberts, a security researcher with One World Labs, told the FBI agent
during an interview in February that he had hacked the in-flight
entertainment system, or IFE, on an airplane and overwrote code on the
plane's Thrust Management Computer while aboard the flight. He was able to
issue a climb command and make the plane briefly change course, the document
states.

FBI Special Agent Mark Hurley: “He stated that he thereby caused one of the
airplane engines to climb resulting in a lateral or sideways movement of the
plane during one of these flights, He also stated that he used Vortex
software after comprising/exploiting or hacking the airplane's networks. He
used the software to monitor traffic from the cockpit system.''

Hurley filed the search warrant application last month after Roberts was
removed from a United Airlines flight from Chicago to Syracuse, New York,
because he published a facetious tweet suggesting he might hack into the
plane's network. Upon landing in Syracuse, two FBI agents and two local
police officers escorted him from the plane and interrogated him for several
hours. They also seized two laptop computers and several hard drives and USB
sticks. Although the agents did not have a warrant when they seized the
devices, they told Roberts a warrant was pending.

A media outlet in Canada obtained the application for the warrant today and
published it online.

http://aptn.ca/news/2015/05/15/hacker-told-f-b-made-plane-fly-sideways-cracking-entertainment-system/

The information outlined in the warrant application reveals a far more
serious situation than Roberts has previously disclosed.

Roberts had previously told WIRED that he caused a plane to climb during a
simulated test on a virtual environment he and a colleague created, but he
insisted that he had not interfered with the operation of a plane while in
flight.

He told WIRED that he did access in-flight networks about 15 times during
various flights but had not done anything beyond explore the networks and
observe data traffic crossing them. According to the FBI affidavit, however,
he mentioned this to agents as well last February but also added that he had
briefly commandeered a plane during one of those flights. He told the FBI he
accessed the flights in which he accessed the in-flight networks more than a
dozen times occurred between 2011 and 2014, but the affidavit does not
indicate exactly which flight he allegedly caused to turn to the side.

He obtained physical access to the networks through the Seat Electronic Box,
or SEB. These are installed two to a row, on each side of the aisle under
passenger seats, on certain planes. After removing the cover to the SEB by
`wiggling and Squeezing the box', Roberts told agents he attached a Cat6
ethernet cable, with a modified connector, to the box and to his laptop and
then used default IDs and passwords to gain access to the inflight
entertainment system. Once on that network, he was able to gain access to
other systems on the planes.

Reaction in the security community to the new revelations in the affidavit
have been harsh. Although Roberts hasn't been charged yet with any
crime, and there are questions about whether his actions really did cause
the plane to list or he simply thought they did, a number of security
researchers have expressed shock that he attempted to tamper with a plane
during a flight.

“I find it really hard to believe but if that is the case he deserves going
to jail,'' wrote Jaime Blasco, director of AlienVault Labs in a tweet.

Alex Stamos, chief information security officer of Yahoo, wrote in a tweet,
“You cannot promote the (true) idea that security research benefits
humanity while defending research that endangered hundreds of innocents.''

  [Wonderful long item truncated for RISKS.  PGN]

-- Charles