backtop


Print 83 comment(s) - last by AntDX316.. on Aug 28 at 1:58 AM


  (Source: travelbrook.com)
Report links flash drive to Flight 5022

A corrupted USB stick contributed to Spain's worst air disaster on record, according to a 12,000-page report cited by the Spanish newspaper El Pais and USA Today.

It was initially believed that the crash of Flight 5022 that killed 154 people in 2008 was the result of pilot error, but investigators have now concluded that a computer infection spread through an infected USB stick may have contributed to the crash. 

Investigators speculate that trojan malware may have slowed down system alerts at the airline's headquarters which could have canceled or delayed the doomed flight. The report indicates that the computer failed to detect three problems (including one issue with the airplane's wing flaps being in the incorrect position for takeoff) in a fail-safe monitoring system and that those problems were brought on by a malicious program that came from the USB thumb drive. 

Spanair has been ordered by a judge to provide all of the company's computer logs from the days before and after the crash.  A final report from crash investigators is expected by December.

One expert warns that with continued use of flash drives and other third party devices in systems like these, this type of tragedy could happen again.

Senior manager of security research at Arbor Networks, Jose Nazario, said that many USB thumb drive attacks take advantage of security weaknesses in Windows auto run, a basic component built into the Windows operating system.

"Think about how many USB sticks you have. You're probably under counting. Everyone does," said Nazario.  "Now think about how many sticks in the past month your laptop has used, and think about how many other systems you have used your USB sticks on. This is like those classic HIV commercials, where you're with everyone that person has been with before."

 



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

First Question
By SnakeBlitzken on 8/23/2010 4:23:47 PM , Rating: 5
There's no anti-virus/malware on flight computers? I wonder what part of the story we're missing?




RE: First Question
By Drag0nFire on 8/23/2010 4:31:52 PM , Rating: 5
Better yet, why on earth would you plug a USB drive into a flight computer?!

And why would a flight computer that accepts USB drives run an OS that is susceptible to a common Trojan?!


RE: First Question
By omnicronx on 8/23/2010 5:14:09 PM , Rating: 3
Better yet, why on earth is a flight system of any kind windows driven?????

Even if you were using Windows, there absolutely no reason why these systems should not have been locked down beyond belief (i.e the system should be on the domain and the user should only have enough privilages to open the program he needs to due his work duties, attacks that stem from things such as auto start of USB drives should be completely useless in this kind of environment) . There is absolutely no reason that these systems should be used for anything but air flight control.

Systems like these should be proprietary PERIOD. I'm sorry but no consumer OS of any kind should ever be used in such a system. I don't care how good its security is.


RE: First Question
By nangryo on 8/23/2010 5:50:25 PM , Rating: 4
Even if it was under domain, if those malware/virus is using windows vulnerability/bug it still by pass those restriction.

So I must agree that this kind of thing should use custom/propietary system.


RE: First Question
By omnicronx on 8/23/2010 6:12:57 PM , Rating: 3
quote:
Even if it was under domain, if those malware/virus is using windows vulnerability/bug it still by pass those restriction.
Oh for sure, but the article specifically mentions USB auto start as the possible culprit, and this sort of thing can't happen if its disabled. Someone would have to manually open/do something with the USB stick.

Still agree though, even if it is locked down, Windows is hardly a good fit for such a system such as this.


RE: First Question
By chick0n on 8/24/2010 10:01:38 AM , Rating: 3
Thats because most stupid "so called IT administrators" don't know wtf they're doing. They just can't lock the computers down for shit.

I use Windows server for all my servers, anybody can bring any Cd/USB/drive/whatever and try to see if any of the USB port would run anything. It won't. and all the workstation computers I secured it so tight that they can run any USB device they want, the virus will not have access to anything.

Anybody can be an "IT administrator", but my question is how many of them are actually good at it.


RE: First Question
By Chocobollz on 8/25/10, Rating: 0
RE: First Question
By GoodBytes on 8/23/2010 8:36:27 PM , Rating: 2
I have a feeling they were using Windows XP to make things worse.


RE: First Question
By Belard on 8/24/10, Rating: -1
RE: First Question
By XZerg on 8/24/10, Rating: 0
RE: First Question
By seamonkey79 on 8/24/2010 9:34:01 AM , Rating: 2
I have a feeling that most people will just run into something when their brakes fail and all they have left is a handbrake, or something of the like... airplanes should have more capable controls than that, though.


RE: First Question
By MrFord on 8/24/2010 4:09:58 PM , Rating: 2
The main crash cause was attempting takeoff without flaps. It is doable, but you most likely will end up running out of runway or exceed rated tire speed limit.

In that case, they tried to rotate at the calculated Vr for a properly configured take-off and ended up stalling as soon as they lost ground effect.

The whole malware on the computer thing is just a monitoring computer for dispatch that would've alerted them that something wasn't normal with the plane at that point, and with the previous 2 aborted take-off, it would've raised a flag.

But in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


RE: First Question
By leexgx on 8/25/2010 7:45:49 PM , Rating: 2
quote:
but in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


but the computer most likely issued that warning, computer fail no warning


RE: First Question
By leexgx on 8/25/2010 7:49:06 PM , Rating: 2
ok its DT been gay with its Wording again of the article, Virus was not on the plane was in the monitoring systems


RE: First Question
By drycrust3 on 8/27/2010 5:11:47 PM , Rating: 2
From the sounds of it, it sounds like the plane's avionics required computers that weren't on the plane to do anything. Maybe the problem wasn't so much the virus but the link between the computers and the plane.


RE: First Question
By AntDX316 on 8/28/2010 1:58:51 AM , Rating: 2
it's like playing on a computer game online where you have hacks and scripts to run, once admins and the game developers see what is happening, they implement measures to prevent and deny hacks from using the same method, games and operating systems rn't designed to think out what loopholes could happen until they happen, it's like learning new advanced math in school when you only know kindergarten math then you find out you can make fomulas and other things with advanced math like calculus, once u learn calculus u know how to fix and what is wrong because u know how it works, until then u cannot fix it or make preventive measures unless u have people on the job to create problems and find ways to fix but that cost money and the government won't spend unless its absolutely necessary, they will just say don't plug USB things into the computer if they do and they r caught on camera they will be jailed


RE: First Question
By MrFord on 8/24/2010 4:10:34 PM , Rating: 2
The main crash cause was attempting takeoff without flaps. It is doable, but you most likely will end up running out of runway or exceed rated tire speed limit.

In that case, they tried to rotate at the calculated Vr for a properly configured take-off and ended up stalling as soon as they lost ground effect.

The whole malware on the computer thing is just a monitoring computer for dispatch that would've alerted them that something wasn't normal with the plane at that point, and with the previous 2 aborted take-off, it would've raised a flag.

But in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


RE: First Question
By cjc1103 on 8/26/2010 8:43:26 AM , Rating: 2
It was pilot error, attempting a takeoff without flaps. The Takeoff Warning System (TOWS) is supposed to sound a warning if the throttles are advanced for takeoff without the flaps extended, but it was malfunctioning. Ed Bott over at ZDNet has an exhaustive report on what went wrong - it has nothing to do with a virus on a flight computer, the airplane in question is not even controlled by a computer, it's all cables and hydraulics.
http://www.zdnet.com/blog/bott/fact-check-malware-...


RE: First Question
By Etern205 on 8/23/2010 5:46:24 PM , Rating: 1
Better yet does onboard flight computers even have any USB ports?

Also USB flash drive should have a hardware write protect switch (like them SD cards)to prevent malware from affecting the flash drive. Some of them old drive have it, don't know why the new ones doesn't.


RE: First Question
By Belard on 8/24/2010 5:21:52 AM , Rating: 3
Ya know... if you read the article, you'd know they were NOT talking about the onboard flight computer - but the central servers/workstation that monitor the planes's health.

Like when the AIR France that went down over the Atlantic, all dead and no "black box" recovered because the plane went down in basically an under-water mountain range. That Plane was reporting its basic info and errors over the air-waves.

Science and tech is fun this way. Its not magic.


RE: First Question
By Funksultan on 8/24/2010 8:29:44 AM , Rating: 5
LoL, don't bother Belard. I think more people are interested in venting rage, wrong or right, rather than actually READING THE ARTICLE.

(perhaps the issue is people are better at venting than reading)

"USB stick" "Plane" "Crash"

ZOMG ZOMG ZOMG!! WHY THE HELL WAS THE PILOT TRYING TO STEER THE PLANE WITH A USB STICK?!? WHY DIDN'T HE USE HIS HANDS!?!1?!ONE!ONEONE

At least it's entertaining...


RE: First Question
By flatrock on 8/24/2010 1:05:42 PM , Rating: 2
From the article:

Investigators speculate that trojan malware may have slowed down system alerts at the airline's headquarters which could have canceled or delayed the doomed flight.

The trojan wasn't on a flight computer. It wasn't on the plane at all. It was apparently on a computer used to analyze data gathered about their planes and look for potential problems.

Why someone inserted a USB stick into those computers is an equally good reason. I think the point being made is that if these other computers play such an important role they need to limit how those systems are accessed and make sure not to use infected media.

For a flight critical system you need to use a DO178B complian OS such as Green Hills Integrity. This system wasn't really flight critical, so using Windows may not be inappropriate if proper security measures are in place and followed. The hardest part is getting people to actually follow security proceedures.


RE: First Question
By Cheesew1z69 on 8/23/2010 4:32:01 PM , Rating: 3
I would begin with more of this question, why in the hell is anyone allowed to plug in a USB stick in the first place. Most companies have policies against this type of thing specifically for this reason.


RE: First Question
By Lerianis on 8/24/2010 1:06:27 PM , Rating: 2
A lot of companies are having to back off those policies, because of the people who work on these things needing a USB drive or something similar to transfer data.


RE: First Question
By Cheesew1z69 on 8/24/2010 1:09:50 PM , Rating: 2
Then they need to provide a way for that specific user that access, not everyone. And most companies aren't backing off that policy as it's a disaster waiting to happen as we have seen here. And not everyone needs USB access to do their job.


RE: First Question
By funkyd99 on 8/23/2010 4:32:59 PM , Rating: 3
And since when do flight computers run Windows and have USB connectivity? I'm thinking there is a huge part of the story that we're missing...


RE: First Question
By mjcutri on 8/23/2010 4:35:01 PM , Rating: 5
Misleading headlines once again from Dailytech. This had nothing to do with the aircraft flight computers.
From the USA Today Article:
quote:
The report says a malicious program precipitated failures in a fail-safe monitoring system at the airline's headquarters in Palma de Mallorca. The system was slow in sending out alerts that might have led to delaying or canceling the departure.


So a USB drive infected a DESKTOP computer in the airline's headquarters that slowed down alerts that may have delayed/stopped that flight from departing. It didn't actually have anything to do with the plane crash itself.


RE: First Question
By Cheesew1z69 on 8/23/2010 4:37:20 PM , Rating: 2
Regardless, there should have been a policy against employees using USB sticks at work. I almost guarantee after this, there will be no such thing allowed.


RE: First Question
By Reclaimer77 on 8/23/2010 6:43:16 PM , Rating: 2
Policies don't mean someone still wont do it. Look at all the policies and rules that were ignored/broken leading up to the BP oil spill.

The system is flawed imo, not the policies.


RE: First Question
By flatrock on 8/24/2010 1:13:48 PM , Rating: 2
Getting people to follow policies is much harder than making them. Even if you have such a policy, there is a need to move data onto computer systems, even if it is only for a software update.

Auto-run viruses can also be transferred by CD or USB Hard Drive. You can scan the media, but there is often a lag between when a vulnerability is discovered and when there is a anti-virus signature added to detect it. Some times it can be a pretty long lag if the person discovering the vulnerability is more interested in exploiting it than notifying someone who will fix it.


RE: First Question
By funkyd99 on 8/23/2010 4:52:28 PM , Rating: 1
Also, the logged errors had nothing to do with vital systems in the plane... they noted a temperate sensor not required for the flight was inoperative. The pilot didn't know the sensor was inoperative and was going to turn back to the airport to land.


RE: First Question
By funkyd99 on 8/23/2010 5:07:03 PM , Rating: 2
Annnd the article is edited to include more information, making all of our bitching irrelevant.


RE: First Question
By MrTeal on 8/23/2010 4:39:50 PM , Rating: 5
The malware wasn't on the flight computer, it was on the airline's central computer. The crash itself was caused by the plane taking off in an incorrect configuration with the flaps and slats retracted. It was the fault of the pilot and copilot. The malware just prevented the airline HQ from detecting the problem and stopping the flight.

And just to clarify and lift a quote from XKCD, if you need anti-virus on your flight computer "you're doing it wrong"


RE: First Question
By PrinceGaz on 8/23/2010 9:29:04 PM , Rating: 1
That's quite correct.

Of course things have moved on from then and you'd probably be safer today on a plane with a "pilot" which was actually a triple-parallel system each running under Windows 7 which flew the plane provided two of the three agreed, with a trained human pilot on standby should the computers be unable to come to a majority decision or should automated landing guidance be unavailable.

Who would you trust most to fly your plane? A human pilot who may be distracted by personal issues, or three PCs running Windows 7?


RE: First Question
By robinthakur on 8/24/2010 6:59:35 AM , Rating: 2
Whilst I like Windows 7 on my desktop, there's no way in hell I would trust my life to even 3 seperate computers running it. I would bet you anything that if it became known that a Microsoft OS was basically flying your plane, nobody would want to fly anymore...


RE: First Question
By GotDiesel on 8/24/2010 11:48:20 AM , Rating: 2
The pilot of course..


"Can anyone tell me what MobileMe is supposed to do?... So why the f*** doesn't it do that?" -- Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki