Sign in / up

back to article Easy-to-hack combat systems, years-old flaws and a massive bill – yup, that's America's F-35

The F-35 aircraft remains woefully unprepared against malware infections and other cyber-attacks, according to POGO – the respected non-profit watchdog Project on Government Oversight. Dubbed the most expensive weapon system in history, the beleaguered fighter jet is plagued with problems, including a lack of protection …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *

Page:

  1. amanfromMars 1 Silver badge

    The Honest Truth .... in Current Cyberwar Warefare Operations.

    When IT and AI is a turkey shoot* there will be myriad new killing fields.

    amanfromMars [1903181624] replying to Solosides who commented on https://www.zerohedge.com/news/2019-03-28/china-reportedly-offers-major-concessions-technology-transfers-cloud-computing

    Solosides,

    Many will tell you … deposit money into any current or savings account and the banks will presume and assume it to be rightfully theirs to do with as they wish.

    And the System does not disavow them of that outrageous theft/perverse misappropriation.

    It is a fact, nothing valuable is safe from capture and exploitation. Therefore, peddlers of security who would be crazy enough to promise anyone anything otherwise are no more than simple hucksters, fraudulent trading? [emphasis added for El Regers]

    And grossly unethically too. It is difficult to not conclude they be designedly and decidedly parasitic.

    * ...... A turkey shoot is an opportunity for an individual or a party to take advantage of a situation very easily.

    2 3 Reply
  2. Anonymous Coward
    Anonymous Coward

    F-35.11.363

    Systems hot!

    Fire when ready.....

    [PLEASE WAIT, UPDATES BEING APPLIED, BE READY FOR A COMPLETE SYSTEM REBOOT]

    .................

    14 1 Reply
  3. Anonymous South African Coward Silver badge

    Arthur C Clarke's "Superiority" strikes again.

    16 0 Reply
    1. ecofeco Silver badge
      Reply Icon

      Perfect example.

      0 0 Reply
  4. Chris G

    'Lockheed designed it this way'

    Designed to be an ongoing gravy train until the end of piloted war planes I assume?

    Web browser reporting sounds like IoTof the skies with the same inherent dangers as the rest of IoT but with the potential to be carrying nukes.

    I once saw a poster in a German mess bearing the message ' Would you like a Lockheed Starfighter? Buy a farm and wait!'

    It may be time to run an updated version ready for when F-35s are a regular thing in the sky, if ever.

    15 1 Reply
  5. Sir Adam-All
    Mushroom

    surely, just enable Windows Defender :)

    2 0 Reply
    1. fobobob
      Reply Icon
      Trollface

      Was thinking Kaspersky Antivirus

      1 0 Reply
  6. Peter Ford

    the most expensive weapon system in history?

    What, more than the B1B, or the B2?

    Wow.

    0 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: the most expensive weapon system in history?

      If I remember correctly, the cost of the F35 is measured in Space Shuttles.

      9 0 Reply
    2. Cuddles
      Reply Icon

      Re: the most expensive weapon system in history?

      "What, more than the B1B, or the B2?"

      Per unit, no. Arguably the Manhattan project would win on that front. But for the project as a whole it's insanely expensive - where things like the B-2 have a unit cost in the billions, the whole project still only goes into the tens of billions. The F-35 is projected to cost in the trillions once operation and maintenance are considered. The problem isn't that the F-35 is expensive, it's that it's expensive for something intended to be a workhorse purchased and used in large numbers - a B-2 costs over $2 billion but there are only 20 of them; an F-35 only costs around $100 million, but there are planned to be somewhere over 3000 of them. And while a B-2 is expensive to maintain, they don't actually get used much. On the other hand, an F-15K actually costs about the same as an F-35, but the F-15 costs far less to keep it running.

      8 0 Reply
      1. SkippyBing
        Reply Icon

        Re: the most expensive weapon system in history?

        'On the other hand, an F-15K actually costs about the same as an F-35, but the F-15 costs far less to keep it running.'

        It's actually not that much less. F-35A is ~$29,500 an hour, F-15C is ~$24,000 an hour. Not sure about the K but it's not going to be that much less, and the F-35 is still in the developing stage where the F-15 is in the mature stage where they've used experience to lower the costs.

        https://www.businessinsider.com/price-military-aircraft-per-flight-hour-2016-8?r=US&IR=T#f-15c-6

        I've seen other lists that include the V-22 and that's more like $80,000 an hour vs $7,000 for a C-130.

        3 0 Reply
  7. Thunderpants
    Joke

    I take it they won't be installing Kaspersky AV/anti-Malware software to protect the F35 then? ;-)

    3 0 Reply
  8. Nolveys
    Windows

    One flaw, identified in 2012, would incorrectly report aircraft as unfit for service,

    Flaw, eh?

    19 0 Reply
  9. Anonymous Coward
    Anonymous Coward

    What shall we do with a . . . . .

    Future Target Tug perhaps?

    There's historical precedent, and it even allows the plane to remain in production:

    https://en.wikipedia.org/wiki/Boulton_Paul_Defiant

    How fab is that trough-a-teers?

    Alternatively, we could arrange for them to be given away to our enemies, possibly via a helpful third party, to avoid arousing too much suspicion. Then whenever international tension rises, release a flood of vulnerabilities even (hell, why not) nicely written exploit code.

    Only one thing shines out clearly, given the unholy conjunction of arms manufacture, complex networked systems and real time operating requirement. Can you guess what it is?

    1 0 Reply
    1. Mike 16
      Reply Icon

      Re: What shall we do with a . . . . .

      I'll admit I did not read the whole article, but one line early on struck me:

      "The Defiant found use in gunnery training"

      I'd love to know if the people being trained were actually _in_ the Defiant, or were trying to shoot it down.

      1 0 Reply
      1. SkippyBing
        Reply Icon

        Re: What shall we do with a . . . . .

        'I'd love to know if the people being trained were actually _in_ the Defiant, or were trying to shoot it down.'

        Sweat the assets, both at the same time.

        0 0 Reply
  10. steelpillow Silver badge
    Devil

    When does the hacking start?

    Given these things are so hackable, it cannot be beyond the wit of man nor woman in the enemy camp to poison the system with rootkits and trojans during peacetime. If a hot war breaks out, you just fire up your F-35 app and click "ATTACK THE WHITE HOUSE".

    Usefully, this technique also applies to autonomous drones and, with a little hooking into a flight sim and Google Maps, even the hijacking of ground-controlled drones.

    Now, let me think, who has thriving malware, flight sim and mobile app industries?

    And who is not routinely running comprehensive malware checks on their aircraft?

    2 0 Reply
  11. Andy00ff00

    Errrr

    <quote>“A successful attack on one of the systems the weapon depends on can potentially limit the weapon’s effectiveness, prevent it from achieving its mission, or even cause physical damage and loss of life,” said the GAO team. </quote>

    1 0 Reply
  12. Andy The Hat Silver badge

    "a lack of protection against software nasties that would cripple its critical systems"

    is reported as a result of ingrained, piss-poor software engineering practices on a massively expensive scale. But, not to worry, there will probably be security updates for those nations that buy and rely on those things that fly fast, are intrinsically explody and somewhat life-threatening.

    Yet when a Chinese company appears to have "piss poor software engineering practices" but apparently opens it's code so those problems can be identified and addressed, it's state-sponsored security holes and hardware must be ripped out in case Jimmy can't download his film over Netflix on 5G ...

    What's good for one ... start ripping that F35 flight software out ...

    3 1 Reply
  13. Roger Kynaston

    port 80 or 443?

    >(ALIS) – a network of on-board gear, and ground-based web-browser-accessed systems

    That said any death tech that doesn't work means it won't be used for killing anyone which is a bit of a plus really.

    2 2 Reply
    1. Roland6 Silver badge
      Reply Icon

      Re: port 80 or 443?

      Step one: First gain access to the ALIS

      Is this available to your typical (UK-based) teenager deciding to take a look at a US military system using well known credentials...

      AsideL I use UK-based as we don't hear about US-based teenagers pulling off the same trick...

      1 0 Reply
  14. emmanuel goldstein
    FAIL

    Just read the full POGO report...

    and immediately felt very depressed, then happy because I don't pay tax in the US, then almost cried when I realised how deeply the UK has committed to this expensive piece of shit. Un-fucking-believable.

    8 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Just read the full POGO report...

      It's what poodles do :/

      0 0 Reply
  15. jtaylor

    No surprise

    POGO has railed against the F-35 since forever. They have some valid criticisms, but also a consistent stand against the project. I rely on them to report one side of the matter, not an overview.

    In other news, TIGHAR has almost found Amelia Earhart. Again.

    1 3 Reply
  16. M7S

    Not even learning from recent IT hist

    I seem to recall something, not long ago, about a car ?Chrysler/Jeep? being “taken over” remotely, possibly via the entertainment system and braking being applied (not by the driver). I’d provide the links but now if I had time, but think there was a recall affecting large numbers of cars in the US. Perhaps a copy of El Reg’s articles and useful comments appended by readers could be forwarded to those making this technological mess, and perhaps also to any sensible military or political leaders with some power of oversight.

    1 0 Reply
    1. Yet Another Anonymous coward Silver badge
      Reply Icon

      Re: Not even learning from recent IT hist

      It's not even the plane that is insecure.

      This is the entire supply chain.

      The aircraft avionics can be super cyber ninja proof but if the engines wont start because the maintenance server is DDOSed or hackers manage to reroute a vital part from one of the 97 suppliers in 52 states the plane is just as useless as if it was blown up.

      2 0 Reply
  17. SNAFUology
    Angel

    Pyric Victory

    "Dubbed the most expensive weapon system in history"

    JSF35 Lightning (because of how quick you spend your money)

    The Abrams tank had $600.00 bolts, identical to those available at the local hardware for $6.00, US Army didn't notice for years.

    I smiled at these SNAFUs as all this expense could limit the WAR that they could make.

    The sinews of WAR infinite Money. (a little less infinite then is a good thing)

    0 2 Reply
    1. Trollslayer
      Reply Icon

      Re: Pyric Victory

      Check the specifications - the ones for the Abrahams will survive shock from the tank getting hit a lot better and be a more precise fit.

      2 0 Reply
  18. Sanguma
    Alert

    no one reads military history, it seems ...

    How do you make a weapon system obsolete? Get something that does the same only cheaper. Then profit!!!

    HMS Dreadnought - all big guns, except for a few anti-torpedo boat guns, and a smooth-running steam turbine engine setup that cost less to run and delivered more power continuously for longer. Outgunned all other battleships, outran all other battleships; they were instantaneously obsolete.

    You have an insanely expensive aircraft, you have amazingly insecure command and control computerized electronics systems, you have an insane system of command and control over the software - software patents and a punitive copyright regime combined with braindead arrogance and sit-on-your-hands-twiddling-your-thumbs (because it gets you off) bureaucratic uselessness, combined with a blame anyone and everyone else attitude ...

    All that some putative opponent - say China, or Brazil, or Iran, needs to do, is come up with something that actually works, and there's no contest. Or at the very least, a Battle-of-Jutland showing, where the RN shells were heavier than the German Imperial Kriegsmarine ones, but failed twice as often ...

    Happy happy joy joy!

    2 0 Reply
  19. Trollslayer
    Thumb Down

    This is supposed to replace the Warthog

    Yep, A10 beloved by US ground troops and armour because it can hang on close to the action and respond quickly to changing threats.

    Apparently the F35 is supposed to sit above and track targets by radar then drop guided weapons into the middle of a firefight missing the friendlies.

    6 0 Reply
  20. Anonymous Coward
    Anonymous Coward

    No doubt GCHQ will be insisting the software vulnerabilities are fixed

    Having identified them as a threat to UK security.

    Oh, sorry wrong thread.

    5 0 Reply
  21. devTrail

    The Saudi model

    It's done on purpose, they'll use the vulnerabilities to extend the Saudi model. The vassal state drops the bomb and takes the blame, the US decides when and where the bombs must be dropped.

    1 0 Reply
  22. DaveB

    Top Gun

    "I have a tone I am going to take a shot"

    Weapons system:- "Your software licence has expired, please contact support"......."Have a nice day!"

    4 0 Reply
  23. Anonymous Coward
    Anonymous Coward

    Absolutely not.

    0 0 Reply
  24. ZeroDrop
    FAIL

    People dig their own grave

    In IT, we say that the simpler option is the best.

    Why to increase complexity? F-15s, F-16s and F-18s are still doing a wonderful job today without the complex and troublesome systems F-35 has.

    Are those problematic systems really critical? How we ended up here today without them? Why the russian PAK-FA have none of these problems? Why the problems of years ago are still not fixed?

    Taxpayers would like to have a decent answer to these questions.

    0 0 Reply
  25. Snafu1

    Hey! A Smokie!

    "ALIS? ALIS? Who the f*** is ALIS?

    24 years.. ;)

    https://www.youtube.com/watch?v=4RsrYZ2PA3U

    0 0 Reply
  26. Snafu1

    I miss Lester :( RIP

    0 0 Reply

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like