ACCORDING TO to the U.S. Federal Aviation Administration, the new Boeing 787 Dreamliner aeroplane may have a serious security vulnerability in its on-board computer networks that could allow passengers to access the plane's control systems.
The computer network for the Dreamliner's passengers, designed to give passengers in-flight internet access and entertainment, is connected to the plane's control, navigation and communication systems, the FAA report reveals (the report is mirrored here).
It also connects to the airline's business and administrative-support network, which communicates maintenance issues to ground crews.
The design "allows new kinds of passenger connectivity to previously isolated data networks connected to systems that perform functions required for the safe operation of the airplane," says the FAA report. "Because of this new passenger connectivity, the proposed data-network design and integration may result in security vulnerabilities from intentional or unintentional corruption of data and systems critical to the safety and maintenance of the airplane."
Boeing said it's aware of the issue and has designed a solution it will test shortly.
More worryingly, there seems to be some confusion at Boeing as to what exactly the situation is, as Boeing spokeswoman Lori Gunter said the wording of the FAA document is misleading, and that the plane's networks don't completely connect. Why are you testing a new solution then?
Gunter said Boring is employing a combination of solutions that involves some physical separation of the networks, known as "air gaps," and software firewalls. Gunter also mentioned other technical solutions, which she said are proprietary and didn't want to discuss in public.
Short of the necessity to pause programming for announcements by the crew, which could surely be routed by some safe means, we just cannot contemplate why on earth the navigation and control systems need to be connected to the on-boardpassenger entertainment network, and why this was ever thought plausible and safe in the first place.
In our opinion a system like this is never 100% safe unless the two networks are completely physically separated.
The INQ will stick to flying airships from now on. µ
We've had no luck so you don't have to...
Oh Microsoft... not again...
Hmmm... says Microsoft
No way, Norway