Sign in / up

back to article This is your captain speaking ... or is it?

Vulnerabilities in Panasonic in-flight entertainment systems create a possible mechanism for attackers to control in-flight displays, PA systems and lighting, say researchers. Ruben Santamarta, principal security consultant at IOActive, said it had found vulnerabilities in Panasonic Avionic In-Flight Entertainment (IFE) …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Hans Neeson-Bumpsadese Silver badge

    On a 2014 flight from Warsaw to Dubai, I discovered I could access debug codes directly from a Panasonic inflight display.

    I know that this osrt of thing is done with wholesome intentions, but it does seem a bit irresponsible to try it on a live system that's 1000s of feet above the ground, where there could be a whole load od unpleasant unintended consequences.

    3 5 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Not at all, 'debug codes' in this case could just include hardware/firmware/software revision numbers, details on internal functioning, etc with no scope for interfering with the system.

      2 0 Reply
    2. Ian Michael Gumby
      Reply Icon

      @Hans Beeson-Numpsadese

      Look, who cares if you can hack the entertainment system. It is a separate system.

      All they have to do is turn it off and then when the plane lands you have X suspects. (And X is going to be a percentage of the passengers on the flight)

      0 1 Reply
      1. Hans 1
        Reply Icon
        Happy

        Re: @Hans Beeson-Numpsadese

        @Ian

        >Look, who cares if you can hack the entertainment system. It is a separate system.

        The whole point of this article is, the IES is vulnerable, which could allow hackers to cast doubt on the proper functioning of all electronic systems aboard. That can be quite dangerous, especially if pilots stop trusting their flight systems.

        The other point is, it is not quite clear that the systems are properly segregated, this is not the first dude to alert us ... sadly, the other got locked up because he foolishly tried to get into the inflight control systems on a flight, iirc.

        There are comment@rds here that claim the IES needs access to inflight data (speed/location/destination) so needs access to the avionics domain - I have already said that a simple GPS system in the IES would give it all required data, without the need to get access to the avionics domain. Problem is, this is the more expensive option (you need a separate GPS for the IES) and, of course, a company always wants to cut costs ...

        It is always MUCH safer to have white hats test these systems before black hats do ... probably something the aircraft manufacturers need to do ... they have some control over which IES are made available for a type of aircraft.

        Sadly, security through obscurity, aka the Microsoft way, is still deeply ingrained in developers, that's why we discover backdoors everywhere, from cars to webcams ....

        I find the extent of your faith disturbing ...

        2 1 Reply
      2. Hans Neeson-Bumpsadese Silver badge
        Reply Icon

        Re: @Hans Beeson-Numpsadese

        I agree that it's a separate system, but I can still foresee an unpleasant scenario or two. How about some action by the perp which causes all the screens on the entertainment system to display a message which freaks people out? All too easy to panic people in an environment like an aircraft high above the ground

        Bottom line is just because you are a security researcher or somesuch, it doesn't mean you have carte blanche to go wherever you please and do whatever you like on any network you like.

        0 0 Reply
  2. Anonymous South African Coward Bronze badge

    ...and nothing will get done.

    Until some kiddiot hacks things "just for fun" and terminate an entire airliner + passengers + part of a city/town unintentionally.

    0 4 Reply
    1. Cynic_999
      Reply Icon

      Nothing in the article suggests that a hacker could get anywhere near any of the flight systems. At most they might get a phone link to the pilot - but you can do that via any of the (unguarded) crew phones.

      4 0 Reply
  3. Dabooka
    WTF?

    Whoa, hang on

    Surely the entertainment and flight control systems are on separate unbridged networks?

    Right?

    Please say yes

    7 0 Reply
    1. Sgt_Oddball
      Reply Icon

      Re: Whoa, hang on

      Just put it all on different sub net. That'll do it just fine, surely?

      6 1 Reply
      1. Dwarf
        Reply Icon

        Re: Whoa, hang on

        @sgt_Oddball - you seem to have missed the joke icon (i hope)

        A subnet is not enough. The tern "Air gaped" is there for a reason, although in the days of bluetooth and WiFi, the concept is harder to achieve than ever.

        A different subnet is nowhere near enough separation for something like that. Even if connectivity was required between the different domains - and I can't really see any need for that. Displaying the location and speed is just eye candy, i'd hate to think that someone took the decision of eye candy over safety and security.

        Don't forget that proper separation requires additional hardware to sanitise the content and all of this shiny kit adds weight to the planes which increases running costs / maintenance.

        1 1 Reply
        1. Starace
          Reply Icon

          Re: Whoa, hang on

          What subnets? Or for that matter what Wifi or Bluetooth? In the context of the avionics there isn't any.

          But there are data diodes and gateways and things like that to ensure total isolation of passenger crap from real systems.

          It's not like it's exactly complicated to implement a hard one way link to feed speed/altitude/heading/location with zero possibility of anything going the other way.

          5 0 Reply
          1. Destroy All Monsters Silver badge
            Reply Icon

            Re: Whoa, hang on

            It's not like it's exactly complicated to implement a hard one way link to feed speed/altitude/heading/location with zero possibility of anything going the other way.

            This.

            Hell, at [redacted] we implemented an exchange between secure and nonsecure parts of the ground network where the nonsecure part would ask for new data using an SNMP packet, and the secure part would eject the data as needed. It's not rocket science!

            All these airgap theatrics seem to come from people who are entirely unsure that a computer can be designed to be a controlled, manageable and entirely inspectable device (yeah that costs), not some weird semi-intelligent goodie cobbled together by crazed junior coders in self-modifying JavaScript (yeah that costs a lot less).

            7 0 Reply
            1. Justicesays
              Reply Icon
              Facepalm

              Re: Whoa, hang on

              "Hell, at [redacted] we implemented an exchange between secure and nonsecure parts of the ground network where the nonsecure part would ask for new data using an SNMP packet, and the secure part would eject the data as needed. It's not rocket science!"

              And that's all fine until it turns out an unhandled buffer overflow in SNMP allows your "non-secure" request to hack the software on the "secure" system, right?

              Which is exactly the kind of issue that should be avoided by using actual physical separation , not just some firewalls or restricted port services.

              5 1 Reply
              1. Destroy All Monsters Silver badge
                Reply Icon
                Windows

                Re: Whoa, hang on

                And that's all fine until it turns out an unhandled buffer overflow in SNMP allows your "non-secure" request to hack the software on the "secure" system, right?

                Sure and pointy ananas will emerge from your fridge to attack you at night.

                Listen, making stuff up and declaring that there is a "potential exploit there" is all fun (and I indulge in this too) but, really. How about "you can't even overflow the buffer" (unless the CPU is not doing what it should in which case you may go home in any case)

                > firewalls

                Firewalls are a duck tape solution to restrict general purpose interfaces to some subset because one cannot fiddle with the general purpose interface. How about you don't even need a firewall?

                0 3 Reply
                1. Justicesays
                  Reply Icon

                  Re: Whoa, hang on

                  "you can't even overflow the buffer unless the cpu isn't doing what it's supposed to".

                  Even if (and I highly doubt this being the case on any modern system) you had a full state machine layout of your entire system and thus could make some assertions that no unexpected states existed, this would still overlook issues outside the logical system state that stray into physics territory (such as the ramhammer technique).

                  As a result, I would take askance at any assertions of 100% security, for any kind of interface where information is passed between two systems. The more complex the interface, the more likely some exploit is going to exist.

                  6 0 Reply
                  1. Vic
                    Reply Icon

                    Re: Whoa, hang on

                    Even if (and I highly doubt this being the case on any modern system) you had a full state machine layout of your entire system and thus could make some assertions that no unexpected states existed, this would still overlook issues outside the logical system state that stray into physics territory (such as the ramhammer technique).

                    I'm assuming you meant rowhammer, rather than ramhammer.

                    Rowhammer doesn't work over RS-232...

                    As a result, I would take askance at any assertions of 100% security, for any kind of interface where information is passed between two systems.

                    I wouldn't. High-reliability systems have been built for decades - I've built some of them. Whether the current crop of avionics can be considered high-reliability is not something I could answer, not having been in that industry for a few years - but that doesn't mean they couldn't be.

                    Vic.

                    0 0 Reply
                    1. Justicesays
                      Reply Icon

                      Re: Whoa, hang on

                      "Rowhammer doesn't work over RS-232..."

                      Sure, rowhammer (my mistake) doesn't work over RS-232 (as it requires fast memory access) ,and RS-232 is a simpler interface than a full 7 layer network stack, and therefore less likely to have exploitable vulnerabilities.

                      However, rowhammer is merely an example of a class of exploits that lie outside "state space analysis" (such as checking all inputs and outputs...) of a system. Even formally proven systems could be vulnerable to such attacks.

                      Like having unbreakable encryption, that is none the less broken because your CPU activity while decrypting gives clues to the keys and can be picked up by a hack into your sound card...

                      In most cases of course, it's often more cost effective to use an alternative method than trying to find some exploit.

                      for example, developing deep water submersible drones with electronic probes on them.

                      The big issue comes when COTS equipment and software is used (like TCP/IP networking kit, Intel Processors, Linux, Net-SNMP) etc. As these are extensively used, constantly attacked and are "generic" (in the sense they need to be flexible enough to cover a multitude of situations) it's almost inevitable that exploits are discovered against them. And should one or more of those exploits "line up" in just the wrong way, suddenly your "secure" system is exploitable by anyone who can run a script or two. And you only find out about it if the exploits are public, if they are one of the "hoarded" exploits then you may never find out. This of course ignores the fact that COTS and open source systems are also vulnerable to bad actors deliberately introducing flaws specifically to allow attacks to be carried out , if the attackers are dedicated or funded (or connected) enough. Even bespoke code can use generic compilers or libraries, or run on generic CPU's, BIOS/UEFI stacks etc.

                      0 1 Reply
                      1. Vic
                        Reply Icon

                        Re: Whoa, hang on

                        However, rowhammer is merely an example of a class of exploits that lie outside "state space analysis" (such as checking all inputs and outputs...) of a system.

                        No, it isn't. It's an example of an attack that lies outside a simplistic analysis; it's the sort of thing that would be found and flagged by anyone doing a more in-depth analysis, and mitigation procedures developed. Almost as if the designers of high-reliability equipment knew what they were doing.

                        Now of course such development is significantly more time-consuming than the more simplistic stuff - which is why it's vastly more expensive, and only carried out when such security is deemed necessary. Which is why it's such a laugh when people keep calling for consumer software to be made high-reliability; yes, that would make your desktop OS free from bugs, but you'd never be able to afford it in the first place.

                        Like having unbreakable encryption, that is none the less broken because your CPU activity while decrypting gives clues to the keys and can be picked up by a hack into your sound card

                        Again, side-channel attacks are a known issue. They are completely preventable - if you're prepared to pay for the development. That adds at least an order of magnitude to your costs - how many people do you think insist on such software?

                        We get these possibilities because people invariably go for the cheapest option until it bites them in the arse. That's not going to change in the near future - indeed, it's going to get worse because so many commentators "know" that "these things are unpreventable", thus conditioning the populace to accepting flawed code. The real truth is that a sufficiently-motivated development team *could* produce that avoids all these issues - but they're the only ones that would ever use it, because everyone else would be using something much cheaper that was available much earlier, and won't listen when told of its vulnerabilities.

                        And you only find out about it if the exploits are public

                        No, you find out about it when you put the effort into discovering how reliable your system is. Most vendors get that feedback form the field - but it woud be entirely possible for them to have found out before release, were they prepared to put the effort (=money) into doing so.

                        Vic.

                        1 1 Reply
                        1. Justicesays
                          Reply Icon

                          Re: Whoa, hang on

                          Obviously its was to dismiss already known issues as "of course we already know about that and therefor..."

                          I call bullshit on the magical system fairies that know all unknowables, encompass all conceptual spaces, can fully prove a complex system with state combinations well beyond the number of atoms in the universe, and never make mistakes. Oh, and do everything from scratch so they don't rely on possibly flawed work from outside.

                          Unless you never release of course, then all things are possible.

                          0 1 Reply
                2. Jon 37
                  Reply Icon
                  Boffin

                  Re: Whoa, hang on

                  Nobody has *ever* managed to make a computer system which they are *certain* is secure and is actually secure. Ever.

                  People regularly make a computer system which they are *certain* is secure, and it's always eventually hacked.

                  People have tried with formal proofs that their code does what they expect. But:

                  * People get the proofs wrong, leading to exploitable security bugs. (e.g. Tokeneer Project)

                  * You're often only proving your code matches the spec. Spec errors lead to exploitable security bugs. E.g. see Viper microprocessor

                  * You may have perfect high level or C code, then your compiler has a bug that leads to a security bug. (Viper had the hardware equivalent of this - their low-level "proven" design didn't match the hardware as manufactured)

                  * Even if the program is perfect, hardware has bugs that may lead to exploitable vulnerabilities (e.g. RowHammer, CPU errata)

                  The only way I'd trust a firewall between the aircraft control and passenger systems is if it was actually physically one-way data flow, e.g. there's a system connected to the aircraft control network that extracts the aircraft position/altitude/course and sends it down a one-way fibre-optic link to a separate system that's connected to the passenger network. That way, it's impossible for a hacker in the passenger systems to affect the aircraft control systems.

                  (By a "one way fibre optic link" I mean that the sending side has a LED or laser, but no light sensor, so it can't be affected by the system at the other end of the link).

                  4 0 Reply
                  1. Destroy All Monsters Silver badge
                    Reply Icon
                    Headmaster

                    Re: Whoa, hang on

                    In this thread: People discussing applying rowhammer from the in-flight entertainement system, theoretical possibilities of hacking just barely above subspace tachyon aether injection techniques, not realizing that "physical one-way link" are actually bog-standard two-way links (otherwise it would be called "tapping", right?) and other curiosities that Fox Mulder would be interested in.

                    GO BACK TO YOUR GEEK CORNERHACKERSPACE, FFS!

                    1 1 Reply
                    1. Justicesays
                      Reply Icon
                      Trollface

                      Re: Whoa, hang on

                      Well, smug "my security is perfect guy"

                      Riddle me this.

                      Do you ever apply patches to your oh so secure system?

                      0 0 Reply
                      1. Anonymous Coward
                        Reply Icon
                        Anonymous Coward

                        Re: Whoa, hang on

                        Patches are applied when the aircraft is in for maintenance, and its on the specific subsystem which can be plugged and unplugged.

                        So if you want to update your entertainment system. its a box they pull out and replace. Without that box, the screens or wifi based entertainment is useless.

                        0 0 Reply
                    2. Stoneshop
                      Reply Icon

                      Re: Whoa, hang on

                      not realizing that "physical one-way link" are actually bog-standard two-way links

                      A physical one-way link is one where you have an optical link with only a transmitter on the secure side

                      I want you to demonstrate how to get data from the insecure side to the secure side.

                      0 0 Reply
                  2. Vic
                    Reply Icon

                    Re: Whoa, hang on

                    Nobody has *ever* managed to make a computer system which they are *certain* is secure and is actually secure. Ever.

                    I have.

                    The interface was very simple, and fully characterised. The computer itself was welded into a metal box and dropped into very deep water - I was never allowed to know how deep, nor where it went.

                    That was a long time ago. I don't know if it's still there, nor even where "there" is. But I do know that it lasted the duration of the project and handled all inputs properly, since it had to be proven that it would before we committed to the final PCB.

                    Vic.

                    0 0 Reply
                    1. PeteA
                      Reply Icon

                      Re: Whoa, hang on

                      Ah, so it was NT 4.0 then - secure to C2 standards as long as you unplug the keyboard and network interfaces. https://msdn.microsoft.com/en-us/library/cc767090.aspx

                      0 0 Reply
            2. Stoneshop
              Reply Icon

              Re: Whoa, hang on

              Hell, at [redacted] we implemented an exchange between secure and nonsecure parts of the ground network where the nonsecure part would ask for new data using an SNMP packet, and the secure part would eject the data as needed. It's not rocket science!

              Tsk. Just blast the data every $num seconds over a physical one-way link. And if you really need event-driven data collection, create a specific link whose binary state signals whether new data is wanted.

              3 0 Reply
        2. Sgt_Oddball
          Reply Icon

          Re: Whoa, hang on

          Indeed, for future reference I should probably add the tags of sarcasm as well. But have you tried coding on a phone? It's an exercise in patience..

          0 0 Reply
    2. IanRS
      Reply Icon

      Re: Whoa, hang on

      You would hope so, wouldn't you? Stay off a Boeing 787 then.

      See https://www.schneier.com/blog/archives/2008/01/hacking_the_boe.html, but according to the FAA follow up, the plane is only allowed to fly if there are no vulnerabilities in the firewall. So that's alright then!

      0 0 Reply
    3. Ian Michael Gumby
      Reply Icon

      @Dabooka.Re: Whoa, hang on

      Yes. separate except that they can interrupt the com system and force the entertainment system to pause. So the crew cabin can override the entertainment, but not the otherway around.

      0 0 Reply
    4. RPF
      Reply Icon

      Re: Whoa, hang on

      Well the IFE gets an arrival time from somewhere.....and I think it's the Flight Management computers.

      So maybe not.

      0 0 Reply
      1. Vic
        Reply Icon

        Re: Whoa, hang on

        Well the IFE gets an arrival time from somewhere.....and I think it's the Flight Management computers.

        So maybe not.

        But the data is updated periodically, rather than in real-time.

        Almost as if it's being gathered from a data carousel transmission from the FMS, rather than being requested...

        Vic.

        0 0 Reply
        1. RPF
          Reply Icon

          Re: Whoa, hang on

          True. It would be comforting to know that to be the case.

          0 0 Reply

    5. This post has been deleted by its author

  4. allthecoolshortnamesweretaken

    Well, in-flight entertainment can only get better, so...

    2 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    storm in a teacup

    quoting a reg article in a reg article to calm things down. No way IFE can be used to affect the motion of the aircraft... the systems are isolated... plus human pilot overrides everything.

    http://www.theregister.co.uk/2014/08/10/why_hackers_wont_be_able_to_hijack_your_next_flight_the_facts/

    4 0 Reply
    1. a_yank_lurker
      Reply Icon

      Re: storm in a teacup

      May be a storm in a teacup. When a plane crashes there is the possibility of 100+ deaths real quick. So there needs to be a real concern about how the systems are interacting when needed and how they are isolated. Given that security is hard for experts, some concern is warranted about the security of avionics, etc.

      1 1 Reply
      1. Vic
        Reply Icon

        Re: storm in a teacup

        Given that security is hard for experts, some concern is warranted about the security of avionics, etc.

        Whilst this is, of course, completely true, it should also be considered that a bunch of anonymous people on an Internet forum may not actually be in quite such a good place to judge the security of the systems as the people who work on them every day and warrant that they are, indeed, secure.

        Vic.

        0 0 Reply
    2. raster
      Reply Icon

      Re: storm in a teacup

      isolation is only logical, not physical, on newer boeing models.

      I'd prefer physical, but then again in a fly by wire world there is a certain amount of mootness.

      https://www.regulations.gov/document?D=FAA-2014-0301-0001

      Saves like 1989's United Airlines flight 232 are less likely to happen. Of course it was quite the long shot on the odds even back then...

      https://www.youtube.com/watch?v=GhSoyUWDmt0

      0 0 Reply
  6. Rich 11

    An attacker might also compromise the "CrewApp" unit, which controls PA systems

    "Ladies and gentlemen, this is your captain speaking. We are currently experiencing an intrusion of snakes on the plane. Please remain in your seats while the issue is resolved. Thank you."

    5 0 Reply
    1. Nolveys
      Reply Icon

      "Prepare to jettison luggage."

      0 0 Reply
  7. Anonymous Coward
    Anonymous Coward

    Umm, ok...

    Hacker scared of flying tries to compromise aircraft he's flying on.

    He's not suicidal as well, is he? Or is it just a case of him going "See!! See!! I told you they were unsafe!!"

    2 0 Reply
    1. Anonymous South African Coward Bronze badge
      Reply Icon

      Re: Umm, ok...

      Was thinking about that - but what if he/she manages to create an "interesting" USB stick which will execute the next time the plane is in the air, and do naughty things to the network so as to cause a complete and utter titsup of all avionics systems while the real hacker is safe on the ground?

      I have no idea what the USB access ports looks like, but if you can manage to smuggle the right tools in, then you can modify the USB access port and add your own, unauthorized, erm, feature.

      0 0 Reply
      1. Destroy All Monsters Silver badge
        Reply Icon

        Re: Umm, ok...

        > a complete and utter titsup of all avionics systems

        Probably easier to "forget" a Tribble in the overhead luggage storage space.

        If it only existed.

        0 0 Reply
  8. Starace

    What a load of crap

    They've managed to get a load of coverage based on very little. Just like their previous efforts.

    They've maybe managed to hack a little into the IFE, so what? It's just a game/entertainment system built on COTS technology. And even being generous they barely scratched the thing.

    They've then managed to get a boost to their frankly amateurish 'hacking' by saying they think that maybe it might somehow be possible to do something to get at aircraft systems. Which it isn't. The language suggests they have no clue about the architecture and implementation but just a vague idea that hacking one bit might get access to other unconnected bits. Which you can't.

    A lot of so called security researchers these days seem to be at the level of teenage skiddies who are all about hype and nothing about actual real exploits. But they get coverage based on a load of 'what if' that works because the majority of press and public are just as ignorant as the people making the original claims.

    4 0 Reply
    1. Ian Michael Gumby
      Reply Icon

      Re: What a load of crap

      Its not exactly COTS. But its close enough, unless you shop at certain equipment suppliers you can't get certain connectors. (Microcenter, NewEgg, Amazon, etc don't sell them... )

      0 0 Reply
  9. Frozit

    What hacker

    is dumb enough to interfere with a plane they are flying on?

    Consequence 1: Death

    Plane crashes...

    Consequence 2: No anonymity

    Something obvious happens, authorities are called, they go through the list of passengers, and....

    The penalties for interfering with a flight like this would be in the terrorist/hijacker category, with SEVERE penalties.

    And yes, there are probably a few idiots that stupid...

    2 0 Reply
  10. Destroy All Monsters Silver badge
    Windows

    I don't really feel the force of this exploit

    "If all of these attacks are applied at the same time, a malicious actor may create a baffling and disconcerting situation for passengers."

    Flying and passing the security theatrics is already baffling and disconcerting, a bit of monkey business will hardly be noticed.

    2 0 Reply
    1. GrapeBunch
      Reply Icon

      Re: I don't really feel the force of this exploit

      This is the Captain speaking. On your monitors you will see:

      my stick (bwahahahahahaha) < delete this

      Those of you travelling today on the Port or left side of the aircraft will see nude videos of [handsome male celeb A] or [luscious female celeb B]. Those of you travelling today on the Starboard or right side of the aircraft will see on your monitors an abdominal surgery. I urge those of you on the Starboard side to take off your seatbelts, walk to your left, and partake of the, frankly, stunning videos enjoyed by those on the Port side. Any port in the storm they say, but these videos are really, really stunning. Please ignore the cabin crew, they are rather prudish.

      0 0 Reply
  11. Anonymous Coward
    Anonymous Coward

    I wouldn't mess with the actual flying or make people think they were going to die

    But Goatse-ing an entire plane would be lulzy as fuck. There is however the issue of jail time.

    0 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: I wouldn't mess with the actual flying or make people think they were going to die

      What about a good rickroll on repeat?

      1 0 Reply
  12. Anonymous Coward
    Anonymous Coward

    It's all fun and games until someone truly evil hacks it and forces everyone to watch the star wars holiday special.

    5 0 Reply
    1. usbac Silver badge
      Reply Icon

      I don't think even the worst terrorists are that truly cruel!

      0 0 Reply
      1. Destroy All Monsters Silver badge
        Reply Icon

        ...on EasyJet!

        0 0 Reply
    2. Ian Michael Gumby
      Reply Icon

      WTF?

      Sorry, but what Star Wars Holiday Special?

      If it had anything to do with someone using a light saber on the CGI, jar jar binks, I'm in.

      Or just shooting him full of blaster holes. ;-)

      But seriously... never heard of it. Maybe its a Brit thing?

      0 0 Reply
      1. ma1010
        Reply Icon
        Unhappy

        Re: WTF?

        A long time ago (not long enough) and on a network all too close to us (US), it did exist. Once.

        You can read about it at the link below. You can even watch it. Not recommended. You have been warned.

        http://www.starwarsholidayspecial.com/

        0 0 Reply
        1. GrapeBunch
          Reply Icon

          Re: WTF?

          Down in Nagasaki

          Where the princess chews Chewbaccy

          And Santa wicky waaaaacky-woo.

          (only a slight variation on the actual lyrics of the actual song Nagasaki)

          0 0 Reply
      2. Vic
        Reply Icon

        Re: WTF?

        But seriously... never heard of it

        You want to keep it that way. Trust me on this.

        Maybe its a Brit thing?

        Nope. It's all your fault...

        Vic.

        0 0 Reply
  13. raster

    Boeing has been using shared physical buses for a while now in newer 737s as well as 777, and 787s

    "Novel or Unusual Design Features

    The Boeing Models 737-700, -700C, -800, -900ER, -7, -8, and -9 series airplanes will incorporate the following novel or unusual design features: Digital systems architecture composed of several connected networks. This network architecture and network configuration may be used for or interfaced with a diverse set of functions, including:

    Flight safety related control, communication, and navigation systems (aircraft control domain);

    Operator business and administrative support (operator information domain); and

    Passenger information and entertainment systems (passenger entertainment domain), and the capability to allow access to or by external network sources.

    Discussion

    The proposed architecture and network configuration of the Models 737-700, -700C, -800, -900ER, -7, -8, and -9 series airplanes may allow increased connectivity to and access from external network sources and operations and maintenance networks to the aircraft control domain and operator information domain. The airplane control domain and operator information domain perform functions required for the safe operation and maintenance of the airplane. Previously these domains had very limited connectivity with external network sources."

    https://www.regulations.gov/document?D=FAA-2014-0301-0001

    1 0 Reply
  14. CrosscutSaw

    I love these articles

    I love these articles when they come out. I always try and find the first mention of air-gapped.

    And then the argument ensues. LOL. Great entertainment.

    Thank you all :)

    0 0 Reply
  15. Anonymous Coward
    Anonymous Coward

    Fit fr33

    I like getting my free WiFi in air. I promise to be good

    0 0 Reply
    1. GrapeBunch
      Reply Icon

      Re: Fit fr33

      I like getting my free WiFi in air. I promise to be good

      While you're high in the air there, could you download the Star Wars XYZmas Special for me? There's a good fellow.

      0 0 Reply
  16. Runty Dog

    Ha!

    Bet you'all can't hack my plane! (Piper J-3 Cub - no electrical system)

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like