fred avolio's musings

I’ve saved this clipping in my “BlogMe” mailbox since February. How to Hack Into a Boeing 787. In a nutshell (in case the article is gone or you don’t want to bother) all variants of the jetliner “have three on-board computer networks. One network is for flight safety and navigation, a second is for administrative functions and the third handles passenger entertainment and Internet access.” You know the punch-line, right? All three are linked. (Probably, were, as Boeing says the design has been fixed.)

It reminds me of a story.

It takes place in 1992 or so, DARPA was funding a small computer security company to securely connect The White House (really the Executive Office Building) to the Internet. They came to this security company and asked “Do you know anything about ‘Internet firewalls?'” People at the company did. After lots of talking and planning someone with a clue said, “We need to do a network survey.” “Why?”

“We need to see what else is connected to your network.” Now remember, this was 1993, before everyone including your Aunt Tilly was on the Internet. Long story short, the company did the network survey and found that the White House network was already on the Internet. They were connected via NASA Goddard, which, at the time, was well-known in the local IP community for poor network security. They would have had a firewall in their front door with an unlocked back door.

Back to the jetliner. People tend to make these mistakes. Why, or why in the world are—sorry, were—the networks interconnected? I don’t know but experience tells me it was probably to save some copper (or fiber). No matter how smart you are (and the Boeing engineers are smart), always, always, always bring someone else in to look at your plans. And make sure some of those people know something about security and risks.

I heard from someone “in the know,” who shall remain nameless. “How to hack into a 787” was erroneous from the very beginning. It was a scare story launched by someone with no actual knowledge of the systems in question. While there are connections between the sub-networks on the B787, the interactions between the passenger-accessible network and the rest is strictly firewalled and sandboxed. The only data connection between the cabin network and the flight network is a very limited one that allows the cabin crew to talk to the flight crew over the IP-based interphone system. Having actually read the Specification Control Documents (SCDs) which control the design of the system, I can tell you that they were designed with data security issues very much in mind. Well, certainly good news, but my point remains. These are the times when you don’t just bring in application experts, or networking experts, but also security experts.