Wireless Devices & Apps Used By Casual Pilots For Data & GPS Vulnerable To Security Attacks
Researchers from University of California, San Diego Jacob School of Engineering and Johns Hopkins University have teamed up to present a study that shows how the wireless devices and apps used during private flights by casual pilots are vulnerable to a number of security attacks. The engineers & computer scientists were able to showcase how attackers could access & manipulate safety-critical real-time information to cause severe harm to the flight, only because several secure design practices were not followed while designing them. To demonstrate their findings, the researchers used a combo of apps & devices generally used by private pilots. These include the Garmin GDL 39 receiver-Garmin Pilot app, the Appareo Stratus 2 receiver-ForeFlight app (one of the top grossing apps on App Store) and the SageTech Clarity CL01-WingX Pro7 app.
These devices are usually paired with iPads (or other tablets) to display the information for the casual pilots. This information generally includes data about the weather, current position, direction indications, airspace restrictions and the location of nearby aircrafts. During their study, the computer scientists found that all there combinations of wireless devices and apps had significant safety loopholes. For instance, two of the systems can allow the attacker to completely replace the firmware or downgrade it, which means the attacker could gain control of the program that operates these devices. Moreover, all the three aforementioned devices let the hacker/attacker meddle with the communication between receiver and tablet.
This just goes on to say that if attacked, the results could be disastrous. For example, if the pilot receives incorrect aircraft position on his tablet during flight in poor weather conditions, it could collide with another aircraft or crash down. The researchers went on to propose the different practices that can be followed for secure design of the apps and wireless devices used by casual pilots. Some of them are - using cryptography to secure communication between the tablet and the receiver and pairing them, requiring user acknowledgement before updating firmware, downloading of data such as maps & location using HTTPS or digitally signatures by the vendor.
We could only hope that the developers of these systems are taking note and performing the necessary measures required to secure these vital systems for casual pilots. Interested people can take a look at the PDF submitted by the team. What are your thoughts on the new study? Share with us in comments below.
Source: #-Link-Snipped-#
These devices are usually paired with iPads (or other tablets) to display the information for the casual pilots. This information generally includes data about the weather, current position, direction indications, airspace restrictions and the location of nearby aircrafts. During their study, the computer scientists found that all there combinations of wireless devices and apps had significant safety loopholes. For instance, two of the systems can allow the attacker to completely replace the firmware or downgrade it, which means the attacker could gain control of the program that operates these devices. Moreover, all the three aforementioned devices let the hacker/attacker meddle with the communication between receiver and tablet.
This just goes on to say that if attacked, the results could be disastrous. For example, if the pilot receives incorrect aircraft position on his tablet during flight in poor weather conditions, it could collide with another aircraft or crash down. The researchers went on to propose the different practices that can be followed for secure design of the apps and wireless devices used by casual pilots. Some of them are - using cryptography to secure communication between the tablet and the receiver and pairing them, requiring user acknowledgement before updating firmware, downloading of data such as maps & location using HTTPS or digitally signatures by the vendor.
We could only hope that the developers of these systems are taking note and performing the necessary measures required to secure these vital systems for casual pilots. Interested people can take a look at the PDF submitted by the team. What are your thoughts on the new study? Share with us in comments below.
Source: #-Link-Snipped-#
Replies
-
augustine nishil raj.aits really informative even i'll try to follow these rules when i am working on my products(medical life support devices)
You are reading an archived discussion.
Related Posts
We have got two marine propellers manufactured for our project...we tried hard to find help for learning the design parameters from some professional but couldn't find anyone...so we asked the...
Officially unveiled on 3rd November by Maruti Suzuki India Limited, the all-new next-gen hatchback Alto K10 AMT is now launched in Lucknow and reports suggest that the car has a...
A new smartphone joining the league of octa-core smartphones in India is Panasonic Eluga S featuring some of the best in class specifications. Being marketed as the 'selfie smartphone', the...
LG Electronics has announced the arrival of the LG TONE INFINIM bluetooth stereo headset in India. Featuring an amazing new design that provides for much more than just listening to...
Wishing a very happy and prosperous birthday to @CIVILPRINCESS and @cooltwins . May this day bring all the joys and success to you.
PS: We all miss you at CE!...