If anything: this demonstration proves two points:
1. Cyber attacks are the future warheads. Maybe we will see also cold war of cyber threats.
2. Every Software and Hardware manufacturer, regardless of branch, needs to use the wake-up call to think through the real impact that increasingly powerful smartphones could have on their Systems.
/via +Eli Fennell
Hacker Demonstrates Ability To Remotely Hijack An Airplane Using A Smartphone | Cult of Android
You can get some pretty cool gadgets that can be remote controlled by your smartphones and tablets, such as helicopters, cars, and even tanks. But who wants one of those when you can control the real …
This post has been reshared 5 times on Google+
View this post on Google+
Alternatively, anyone from anywhere could route through China to mask their origin while another country gets the expected blame. They've got a lot of pirated Windows boxes in place to prey on, I'm sure.
+Abe Pectol Agreed, smartphones are not really relevant – just an example of an ubiquitous general computing device which everyone has and no one today can imagine as something that would be banned anywhere.
Just yet another story about the horrors of security realities of the modern embedded stuff.
Smartphones are barely relevant here, planes — merely incidental.
Also, +Scott Hatch, “kinetic force to strike back against enemy hackers” — I'd think the largest problem would be finding the hackers, not punishing them (or, for example, someone from china could mask as a mexican governmental hacker attacking united states government; that could get
funhorrible).http://www.forbes.com/sites/andygreenberg/2013/04/10/researcher-says-hes-found-hackable-flaws-in-airplanes-navigation-systems/
Quote: Spokespeople for the EASA, FAA and Rockwell Collins all echo Honeywell’s statement that while Teso’s attack works on PC simulation software, it wouldn’t give him control of a real plane’s certified flight management system… Teso believes that the bugs he’s discovered in those navigation systems can be fixed.
+Sophie Wrobel I don't see anywhere in the presentation assuming physical proximity. http://conference.hitb.org/hitbsecconf2013ams/materials/D1T1%20-%20Hugo%20Teso%20-%20Aircraft%20Hacking%20-%20Practical%20Aero%20Series.pdf
In fact, getting a good enough antenna should not be a problem at all.
+Víktor Bautista i Roca No, you don't need to be onboard. But you need to get to the aircraft communications, which in the simulation assumed physical proximity. The alternative is to hack into the ground systems, which is a bit more challenging.
«So, terrorists could theoretically bring a (modded) radio and smartphone on board, hijack an aircraft, and reroute it to the Pentagon.»
Are you sure about this? I've read a couple of articles and the presentation slides and nowhere does it say you need to be on board. You use the ACARS system to inject the code, I think. From the ground. http://en.wikipedia.org/wiki/ACARS
+Sophie Wrobel he used an Android phone. The solution is to make iOS mandatory.
http://www.ccdcoe.org/249.html
// The new Tallinn Manual on the International Law Applicable to Cyber Warfare, which lays out 95 core rules on how to conduct a cyber war, may end up being one of the most dangerous books ever written. Reading through the Tallinn Manual, it's possible to come to the conclusion that – under certain circumstances – nations have the right to use “kinetic force” (real-world weapons like bombs or armed drones) to strike back against enemy hackers. Of course, this doesn’t mean that a bunch of hackers in Shanghai are going to be taken out by a Predator Drone strike anytime soon – but it does mean that a nation abiding by international law conventions – such as the United States – would now have the legal cover to deal with enemy hackers in a considerably more muscular way that goes well beyond just jawboning a foreign government.
http://bigthink.com/endless-innovation/in-a-cyber-war-is-it-ok-to-kill-enemy-hackers
Not to freak anyone out unduly, but smartphones aren' the only potential problem. Even newsstand magazines can be weaponized.
http://blogs.computerworld.com/security/22026/beyond-tsa-checkpoints-weaponizing-everyday-items-sold-airports
Quote: You might never look at Zippo lighters, disposable lighters, a drone and tape the same again after watching Booth harvest parts and basically turn them into a bomb. His receiver and transmitter communicated via infrared light for line-of-sight, but Booth said that a Parrott AR.Drone, such as is sold at the airport Brookstone store, is controlled through a smartphone over Wi-Fi. He then discussed other possible weapons that could be built from store purchases beyond airport security checkpoints like a Taser, a tossable fireball and a shiv. Next, Booth gave three “plausible attacks” scenarios that ranged from getting into the cockpit, to causing a fire that was triggered to detonate via smartphone. He ended his presentation with “Have a safe flight home.”
It also means that anytime you have communication between systems without authentication/security – there will probably be an exploit in the future.
This is why I've gone against dumping mechanical overspeed protection on power plant turbines. EPRI and the DOE have some video of generators being commanded to self-destruct.
Sure beats taking over a plane with a box knife and flying it into a building with you inside it…
It means that security shouldn't be an afterthought in vital systems.
because the real problem isn't planes