

Feds Say That Banned Researcher Commandeered a Plane - hackinsider
http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/

======
zxcvcxz
>used default IDs and passwords to gain access to the inflight entertainment
system. Once on that network, he was able to gain access to other systems
through the network.

This is pretty disgraceful. We put billions of dollars into stopping terrorism
and keeping people from hijacking planes and it turns out they can't even
secure the systems that control the plane. All they had to do was change the
default passwords! Stories like this sound like something made up by the
ministry of truth. Unbelievable.

------
davidf18
The avionics should be isolated through hardware, through wiring, from other
systems on the plane. If this is not the case, then the FAA should issue an
order to change the plane wiring to make this the case. Also, if the avionics
system is not isolated, it should call into question the FAA's approval
process for aircraft.

------
cgabios
It's one thing to demonstrate a PoC live on life/safety critical systems, it's
another to brag about sources & methods on social media, leave your machine
powered-on and blab contents to anyone and everyone whom can be called as a
witness (whether hostile, material or voluntary).

0\. NEVER TALK TO THE COPS. [0]

1\. NEVER LEAVE ENCRYPTED MACHINES HOT (decryption keys or filesystem cache in
memory). FireVault 2 optionally leaves keys in memory [1, 2]

2\. NEVER REUSE PASSWORDS OR PREVIOUSLY CONFISCATED GEAR (start fresh, beware
of firmware and other hard-to-detect hw mods)

Presume mil/gov vuln shops have high cost USB, FireWire and Thunderbolt DMA
memory cloning capabilities. If a machine has gone out of your possession,
good luck finding which injection-molded part now contains a keylogger which
will allow them to unlock your cloned disk images and RAM image after-the-fact
(to get your password to get your fv key). (It's not tinfoil far-fetched if
you go out of your way to get on one of the various govts department's radar.)

BTW, laptop was a MacBook Pro (Retina, 15-inch, Late 2013)

Valid Purchase Date A validated purchase date lets Apple quickly find your
product and provide the help you need.

Telephone Technical Support: Expired You are eligible to purchase telephone
technical support from an Apple Advisor. Contact Apple Support

Repairs and Service Coverage: Expired Our records indicate that your product
is not covered under Apple's 1-year limited warranty or AppleCare Protection
Plan for hardware repairs and service based on the estimated expiration date.

References:

0: [https://youtu.be/6wXkI4t7nuc](https://youtu.be/6wXkI4t7nuc)

1: destroyfvkeyonstandby
[https://developer.apple.com/library/mac/documentation/Darwin...](https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/pmset.1.html)

2: [https://security.stackexchange.com/questions/18720/how-
secur...](https://security.stackexchange.com/questions/18720/how-secure-is-
filevault-2-while-the-computer-is-in-sleep-mode)

------
jakeogh
I would rather fly an airline that has bug bounties for critical systems.

------
MichaelCrawford
At least it was a researcher and not someone from ISIS.

~~~
mavdi
Still an incredibly stupid thing to do. He increased power in one engine
causing it to fly sideways which could easily trigger a pilot confusion/error
to crash the plane.

Just what kind of an asshole would risk so many lives to make a point?

~~~
gus_massa
This is very stupid and dangerous if real, but it smell like a
misunderstanding.

He probably told the FBI (and Wired) about modifying the trust in the
simulation and about some peeping into an actual plane system, and the
information probably got mixed.

Perhaps the FBI exaggerated to male him look more dangerous, perhaps he was
confusing to gain some street credit, or perhaps it's true. Until the airline
release an official plane log dump, I won't be sure.

~~~
MichaelCrawford
I know from experience that prosecutors feel quite free to tell blatant lies.
If you don't believe me, go watch a criminal arraignment sometime.

Defense attorneys do to.

For the most part judges are clued into this. It's not testimony unless it's
under oath - and even then, sometimes witnesses commit perjury.

~~~
sukilot
Why don't judges call lying lawyers in contempt of court?

