Lack of Security in the most unlikely places
Last week I read about two security related news articles that were so unbelievable they made me check multiple sources to verify the story. Unfortunately they both checked out.
The first story was about Boeing’s new 787 Dreamliner passenger jet, which they already have more then 800 advance orders for. The US Federal Aviation Administration (FAA) is worried that the onboard computer networks may be exposed to passengers. WHAT!!! That’s right, the system designed to give passengers in-flight internet access is also connected to the plane’s control and navigation systems, meaning the two networks are not physically separated. I can not even believe that the latest and greatest Boeing jet can be designed with something so moronic as allowing any physical connection between the control system and the passenger network. My home network has more security! The people involved in this design phase should be embarrassed….and fired.
The second story was about a 14 year-old boy in Poland who decided it would be cool to play with trains….literally. He modified a TV remote control, allowing it control all the junctions on the line. All fun and games until someone derails a train, or four, which he did. Props to the kid for having the curiosity and ingenuity to control the system, I mean this isn’t something he Googled how to do. On the flip side, he screwed up by wreaking havoc and derailing trains and as a result needs to be punished. Lets look at what what this means though….he was able to control the tracks via a modified infrared device! Where is the security? Non existent, that’s where. Sounds like the design is using the “security by obscurity” methodology, which we should all know just doesn’t work!
This is all just scary…..glad I’ll be driving to work tomorrow.
Filed under: Security | 3 Comments
Tags: Boeing, Hacking, Train