
Wireless devices used by casual pilots vulnerable to hacking - lelf
http://www.jacobsschool.ucsd.edu/news/news_releases/release.sfe?id=1623
======
steven777400
As a pilot, I have some doubts about the impact severity of these weaknesses.
Portable devices of these types are not certified for IFR (bad-
weather/instrument conditions) use. Of course that doesn't mean pilots don't
use them in that way, but that the devices are not claiming to be sufficiently
secure and stable for critical purposes. They are designed for
advisory/supplement only.

Additionally, it appears that you have to intercept the tablet/device
communication (either WiFi or Bluetooth). These attacks don't appear to
involve falsifying or disrupting the ground-based or satellite-based XM, GPS,
or ADS-B signals. Therefore, the attacker would have to be physically in the
airplane with the pilot. A casual pilot using these devices is going to have
probably at most 4-6 seats in the airplane, and probably won't be flying
commercially. In other words, the attacker would be a personal friend or
family member who then also perish in the crash.

I appreciate research of this type, but I think the impact is overstated, and
I certainly don't want the FAA to regulate these devices any more than they
already do! We have a clear distinction between "certified" flight electronics
and non-certified. The non-certified are much cheaper precisely because they
don't have to show that they are secure against all attacks or failure modes.

