Friday, April 17, 2015

Could a Hacker Shut Down the Engines Using Onboard Wifi?

Sitting down with my morning coffee and iPad, I came across a piece of aviation clickbait that seemed to be of the standard  "seven things pilots don't want you to know" variety. The report was about a computer security expert being pulled off a United Airlines flight and questioned by the FBI about hacking into airplane systems.

The expert being questioned was a man named Chis Roberts, CTO of One World Labs, who had previously claimed that vulnerabilities in aircraft in-flight entertainment systems could possibly be used to "turn the engines off at 35,000 feet". The tone of the report was that of the breathless whistleblower sort where a person with critical knowledge was being corralled by "the system". Think Erin Brockovich of the skies I suppose.

At first blush, I thought the whole concept of hackers infecting avionics was ridiculous and that this guy, who's firm had three employees in 2011, was simply a self promoter selling a bit of sensationalism. After listening to an interview with him, I'm not so sure that his premise is completely implausible.

For a hacker to gain access to aircraft data and control systems there has to be some sort of link. That is, if the systems are not physically connected, there can't be any way to get in. So I was thinking that's that: there's no connection between passenger entertainment systems and the cockpit, but I was wrong. There is.

Most entertainment systems, including the wifi on the planes I fly, feature flight tracking information which comes from the aircraft's air data and flight management computers. Information like arrival times, flight plan, altitude, heading and airspeed comes from flight computers and is relayed through a data bus to the wifi and entertainment systems.

Knowing that this data bridge exists, could a resourceful hacker exploit this path to cause trouble? My thought is that if there is a will there is a way. I am no computer guru as my expertise in coding consists of some Fortran language skills used in college many decades ago, but I also know that many computer experts consider no computer network to be completely invulnerable.

If anyone remembers the Stuxnet affair of a few years back, hackers (who were eventually revealed as US intelligence assets) were able to infiltrate Iranian computer networks. They inserted malware which found it's way to the controllers of the centrifuges the Iranians were using to purify uranium. The bug subtly caused the machines to tear themselves apart setting the program back years.

This was an international effort complete with skullduggery which included breakins at some Taiwanese firms to get computer keys which allowed access to the networks and centrifuges. I'm still waiting for the movie. So it seems to me to be at least plausible that airplane systems could be exploited.

I guess that begs the question of why someone would wish to sabotage an airplane on which they were riding, but I think we know the answer to that one. Or, should a method be perfected, an innocent mule could then be sent on a one way trip with a laptop.

Am I particularly worried about my engines shutting down unexpectedly on my next flight? Not really. The 737s I fly have old school hydraulic flight controls, and while the engine controls are electronic, the fuel shutoff valves are not. But on the newest Boeings and Airbuses, you can pretty much count on everything being controlled by some sort of computer.

Make no mistake, the computers on commercial aircraft are extremely robust and designed with multiple failure modes but they are still computers. Simple safety features such as air gaps to isolate critical systems or perhaps unwritable firmware might be employed as countermeasures. An even simpler solution might be to completely isolate all passenger and airplane systems. Get the inflight data from a parallel but separate system.

I can't imagine that this subject has not been discussed and considered by the designers of aircraft computer architecture. A quick search found at least one commercial firm offering software security services for airlines. Apparently the FBI had some concerns. And as the gentleman on the interview mentioned, such an effort would require an expert depth of knowledge of the design of many different control and software systems to pull it off.

It seems that not a day goes by where we don't hear about crappy software or shoddy network security practices resulting in the theft of millions of credit cards or corporate technology. Software designers of avionics have enough of a headache just getting all their millions of lines of code to work properly without having to consider the additional burden of potential malware gumming up the works.

Let's hope that they have this on their radar.

Monday, April 13, 2015

The Great Cockpit Photography Kerfuffle


Inarguably, one of the best parts of the job of being a pilot is the view from the office. It is simply incomparable. From a predawn takeoff where the oncoming glow on the horizon is set off by runway and city lights, to perhaps a night run over central Arkansas during a summer electrical storm where bolts of lightning dance around towering anvil topped clouds, the scenery is awe inspiring.

I never tire of flying the Expressway Visual into LaGuardia as it takes you directly over Brooklyn and Queens providing an unparalleled view of Manhattan (at least from the left seat). Every now and again we get to fly up the Hudson river when landing on Runway 13, giving copilots an even better view of downtown. The Gateway Arch, the Columbia River with Mt. Hood and Mt. Rainier lining up in a perfect frame, the turquoise blue water off southern Florida beaches or a view of Yosemite's Half Dome and El Capitan from above are all routine sights in this job.

I have over the years flown over places like Mt. Fuji, the Arabian Peninsula, Sydney and London to name only a few. Being naturally proud of what they do, pilots like to take pictures of where they've been and the sights they've seen. And the taking of pictures by pilots has never really been a problem as the photographs taken would usually end up in an album on a shelf somewhere or perhaps on a quickly forgotten hard drive.

That all changed with the coming of social media. For in the game of collecting likes and impressing your friends from school who took that accounting job, what better way could there be of showcasing your awesome life than to post pics and selfies from 35,000 feet? And that is more or less exactly what happened. Pictures and videos from the cockpit can, or rather could, be found all over the internet. That is until some killjoy asked the inconvenient question of umm, if you're being a tourist up there, then who's flying the jet?

It's a valid question. The answer is a simple one. The other guy or the autopilot. But of course that's an incorrect answer. The people who own the airplanes and the people who ride in the back generally think it best if both pilots are paying attention to the flying part. It's not an unreasonable request I suppose, and certainly not while on approach. This, then, is the setup for the great cockpit photography kerfuffle.

In December last year, an online magazine called Quartz published a piece detailing how cockpit photos had been showing up on Instagram, and how the taking of these photos violates FAA rules. In the course of gathering information for the article, author David Yanofsky scraped dozens of cockpit photos from the Instagram accounts of pilots who had neglected to set their privacy controls. These photos, including selfies with names, were then published in the article.

What happened next may serve as a signpost to how social media is changing culture or perhaps how already existing trends are highlighted by social media, because some of the pilots who were "outed" in the Quartz expose went on the attack. Author Yanofsky was harassed and threatened himself through many social media sites. Returning fire with fire, editors at Quartz then researched the information of the harassers and contacted the employer of at least one of them.

I guess one lesson learned here is that if you are going to engage in online guerrilla warfare, at least learn how to mask your own IP address.

As everyone from cops to pilots to doctors and other professionals is finding out, ubiquitous cell phone cameras coupled with social media are rapidly highlighting the fishbowl that modern society is becoming. Living in a panopticon society will have far reaching effects which can only be imagined at this point. This, coupled with a growing distrust of professionals and authority figures, may perhaps induce a reaction to publicly lived and posted lives. It certainly will for the pilots in this article.

I personally think that including the names and selfies of some pilots in the article was rather rude as Quartz could've made their point without publishing anyone's personal info. But then again these guys probably should've figured out how to control the privacy settings of their accounts or perhaps just not taken selfies while at work. And some of the pilots involved may not have known that they were breaking some rule or other.

In their defense, the rule prohibiting all photography, and not just that below 10,000 feet is relatively new but restrictions on any non-flight related activity below 10,000 feet have been around for awhile. The FAA has said it is not contemplating any enforcement actions as a result of this article and may actually be gratified that this event has served to publicize the new rules.

Will this kerfuffle stop pilots from taking pictures while flying? Probably not, but you are much less likely to see any such snaps online.

Friday, April 03, 2015

Lubitz Planned Mass Murder

New evidence has been uncovered by investigators suggesting that Andreas Lubitz premeditatively planned to crash his plane some time prior to the actual crash. From the Wall Street Journal:

The prosecutor heading the investigation said Thursday that a tablet computer found in Mr. Lubitz’s apartment contained a record of searches for medical treatments, suicide methods and cockpit security.

I'm no psychiatrist, but my feeling is that this act goes beyond the self destructive urges that may be visited upon a mind struggling with depression alone. Lubitz is beginning to look more like a psychopath. His act was immoral and evil.

Perhaps an argument can be made that he was by definition insane because mentally healthy people do not commit mass murder. And because of his illness, he is therefore absolved of any personal guilt. It's the old debate over the insanity defense.

But to deny any moral agency in a man who was otherwise able to function highly enough to be hired, trained, and employed in a highly trusted and technical job is too facile for my taste. I also can't help thinking that this argument is somewhat circular. Some apples are just bad.

This past week I flew a three day trip and was thankfully spared some of the usual smart remarks about being drunk or in this case being sane that some wiseacre can often be counted on to make while boarding. Truth be told, I am often tempted to respond with "not as far as you know" to the drinking accusations or "as long as I stay on my meds" to the latest questions of mental fitness.

But for obvious reasons I just smile and wave. Many people are nervous getting on an airplane, and I totally get that. A weak attempt at humor is an effort to dispel the unease which comes along with confining oneself like a sardine in an aluminum tube to be hurtled through the air at ungodly speeds. Some guys I fly with take great offense at such jests, but of all the insults to be suffered in life, this is a minor one.

It may be the reason, though, why more pilots seem reticent to greet customers as they board.

Black Box Found

Crash site searchers have located the DFDR, or digital flight data recorder from Flight 9525 which records actual flight parameters and control inputs. The data have revealed that multiple pilot inputs were made commanding the doomed jet to accelerate towards the ground.

These results add further confirmation to the conclusion that the Airbus was deliberately crashed into the Alps and that the crash was not the result of some malfunction in the aircraft. This should help to dispel some of the alternate narratives concerning mechanical causes of the crash.