My apologies if this has been previously posted. Still trying to catch up here, while keeping up with current news. I found this to be absolutley mind boggling..but then again, what isn't mind boggling about this missing plane?
Researcher hacks aircraft controls with Android smartphone
Hugo Teso, a security researcher at N.Runs and a commercial airline pilot, spent three years developing the code, buying second-hand commercial flight system software and hardware online and finding vulnerabilities within it. His presentation will cause a few sleepless nights among those with an interest in aircraft security.
Teso's attack code, dubbed SIMON, along with an
Android app called PlaneSploit, can take full control of flight systems and the pilot's displays. The hacked aircraft could even be controlled using a smartphone's accelerometer to vary its course and speed by moving the handset about.
First, Teso looked at the
Automatic Dependent Surveillance-Broadcast (ADS-B) system that updates ground controllers on an aircraft's position over a 1Mb/s data link. This
has no security at all, he found, and could be used to passively eavesdrop on an aircraft's communications and also actively interrupt broadcasts or feed in misinformation.
Also vulnerable is the
Aircraft Communications Addressing and Reporting System (ACARS), the communication relay used between pilots and ground controllers. Using a Samsung Galaxy handset,
he demonstrated how to use ACARS to redirect an aircraft's navigation systems to different map coordinates.
"
ACARS has no security at all. The airplane has no means to know if the messages it receives are valid or not," he said. "So they accept them and you can use them to upload data to the airplane that triggers these vulnerabilities. And then it's game over."
More at link:
http://www.theregister.co.uk/2013/04/11/hacking_aircraft_with_android_handset/
lease:
