It appears you have not yet registered with our community. To register please click here...

Go Back [M] > Madshrimps > WebNews
Hijack your plane with an Android phone Hijack your plane with an Android phone
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Hijack your plane with an Android phone
Thread Tools
Old 11th April 2013, 11:15   #1
[M] Reviewer
Stefan Mileschin's Avatar
Join Date: May 2010
Location: Romania
Posts: 130,931
Stefan Mileschin Freshly Registered
Default Hijack your plane with an Android phone

Anyone who thought that airport security would allow smartphone use on a plane in the future might be a little worried to know that it is possible to hijack a plane with one.

Hugo Teso, a security consultant at n.runs in Germany, told the Hack In The Box Conference in Amsterdam that it was completely realistic to hijack a plane using Android.

Teso, who has been working in IT for the last eleven years and has been a trained commercial pilot said that the security of aviation computer systems and communication protocols was pants.

According to Security, Teso built an exploit framework dubbed SIMON and an Android app (PlaneSploit) that delivers attack messages to the airplanes' Flight Management System. He demonstrated how it was possible to take complete control of an aircraft.
He proved his point by making virtual planes "dance to his tune".

His hack targeted the Automatic Dependent Surveillance-Broadcast (ADS-B), which sends information about each aircraft through an on-board transmitter to air traffic controllers. This allows aircraft equipped with the technology to receive flight, traffic and weather information about other planes nearby.

The other hack was of the Aircraft Communications Addressing and Reporting System (ACARS), which is used to exchange messages between the plane and air traffic controllers via radio or satellite, as well as to automatically deliver information about each flight phase.

He said that both technologies were massively insecure and are susceptible to a number of passive and active attacks.

In the attack, Teso misused the ADS-B to select targets, and the ACARS to gather information about the onboard computer as well as to exploit its vulnerabilities by delivering spoofed malicious messages that affect the "behaviour" of the plane.

Teso has developed the SIMON framework that is deliberately made only to work in a virtual environment and currently cannot be used on real-life aircraft.

He said it is nearly impossible to detect the framework once deployed on the Flight Management System, there is no need to disguise it like a rootkit.
Stefan Mileschin is offline   Reply With Quote

Similar Threads
Thread Thread Starter Forum Replies Last Post
Unannounced Motorola Android phone surfaces, isn't the fabled 'X phone' Stefan Mileschin WebNews 0 13th March 2013 09:09
Hands-on with HiSense's first quad-core Android phone, the U958 Stefan Mileschin WebNews 0 9th January 2013 12:26
ZTE quad-core Android phone for about $160 Stefan Mileschin WebNews 0 6th November 2012 08:09
Motorola RAZR i: hands-on with the 2GHz Android phone Stefan Mileschin WebNews 0 19th September 2012 08:05
Verizon gets an excellent smaller-sized Android phone Stefan Mileschin WebNews 0 9th July 2012 14:52
HBO Go and Max Go get Android 4.0 phone support Stefan Mileschin WebNews 0 7th May 2012 08:39
Windows Phone 7 beats iPhone 4 and Android ... in a grilling contest jmke WebNews 1 14th November 2010 09:32
Samsung Epic 4G Review: The Fastest Android Phone jmke WebNews 1 7th September 2010 14:53
Overclock Your (Android) Phone jmke WebNews 0 21st May 2010 23:10
Google and 34 Phone Industry Giants Launch Android OS jmke WebNews 0 5th November 2007 21:31

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT +1. The time now is 23:31.

Powered by vBulletin® - Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO