Apps and wireless devices used by private pilots during flights may be vulnerable to various hack attacks, according to computer scientists at the University of California, San Diego (UCSD) and Johns Hopkins University.
The researchers examined three combinations of devices and apps used by private pilots. The devices and apps all must be paired with tablet computers to display information. "When you attack these devices, you don't have control over the aircraft, but you have control over the information the pilot sees," says UCSD's Kirill Levchenko, who led the study.
The researchers hope exposing the systems' vulnerabilities will raise awareness among users and lead to demands for change.
Two of the systems enabled an attacker to replace the firmware, which houses the programs controlling the devices.
Researchers recommend cryptographically securing communication between receiver and tablet, pairing the receiver with the tablet, signing firmware updates, and requiring explicit user interaction before updating device firmware. The researchers also say data such as maps and approach procedures should be downloaded to the tablet using HTTPS, or should be digitally signed by the vendor.
They presented their findings last week at the 21st ACM Conference on Computer and Communications Security in Scottsdale, AZ.
From Jacobs School of Engineering (UCSD)
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found