backtop


Print 83 comment(s) - last by AntDX316.. on Aug 28 at 1:58 AM


  (Source: travelbrook.com)
Report links flash drive to Flight 5022

A corrupted USB stick contributed to Spain's worst air disaster on record, according to a 12,000-page report cited by the Spanish newspaper El Pais and USA Today.

It was initially believed that the crash of Flight 5022 that killed 154 people in 2008 was the result of pilot error, but investigators have now concluded that a computer infection spread through an infected USB stick may have contributed to the crash. 

Investigators speculate that trojan malware may have slowed down system alerts at the airline's headquarters which could have canceled or delayed the doomed flight. The report indicates that the computer failed to detect three problems (including one issue with the airplane's wing flaps being in the incorrect position for takeoff) in a fail-safe monitoring system and that those problems were brought on by a malicious program that came from the USB thumb drive. 

Spanair has been ordered by a judge to provide all of the company's computer logs from the days before and after the crash.  A final report from crash investigators is expected by December.

One expert warns that with continued use of flash drives and other third party devices in systems like these, this type of tragedy could happen again.

Senior manager of security research at Arbor Networks, Jose Nazario, said that many USB thumb drive attacks take advantage of security weaknesses in Windows auto run, a basic component built into the Windows operating system.

"Think about how many USB sticks you have. You're probably under counting. Everyone does," said Nazario.  "Now think about how many sticks in the past month your laptop has used, and think about how many other systems you have used your USB sticks on. This is like those classic HIV commercials, where you're with everyone that person has been with before."

 



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: First Question
By Drag0nFire on 8/23/2010 4:31:52 PM , Rating: 5
Better yet, why on earth would you plug a USB drive into a flight computer?!

And why would a flight computer that accepts USB drives run an OS that is susceptible to a common Trojan?!


RE: First Question
By omnicronx on 8/23/2010 5:14:09 PM , Rating: 3
Better yet, why on earth is a flight system of any kind windows driven?????

Even if you were using Windows, there absolutely no reason why these systems should not have been locked down beyond belief (i.e the system should be on the domain and the user should only have enough privilages to open the program he needs to due his work duties, attacks that stem from things such as auto start of USB drives should be completely useless in this kind of environment) . There is absolutely no reason that these systems should be used for anything but air flight control.

Systems like these should be proprietary PERIOD. I'm sorry but no consumer OS of any kind should ever be used in such a system. I don't care how good its security is.


RE: First Question
By nangryo on 8/23/2010 5:50:25 PM , Rating: 4
Even if it was under domain, if those malware/virus is using windows vulnerability/bug it still by pass those restriction.

So I must agree that this kind of thing should use custom/propietary system.


RE: First Question
By omnicronx on 8/23/2010 6:12:57 PM , Rating: 3
quote:
Even if it was under domain, if those malware/virus is using windows vulnerability/bug it still by pass those restriction.
Oh for sure, but the article specifically mentions USB auto start as the possible culprit, and this sort of thing can't happen if its disabled. Someone would have to manually open/do something with the USB stick.

Still agree though, even if it is locked down, Windows is hardly a good fit for such a system such as this.


RE: First Question
By chick0n on 8/24/2010 10:01:38 AM , Rating: 3
Thats because most stupid "so called IT administrators" don't know wtf they're doing. They just can't lock the computers down for shit.

I use Windows server for all my servers, anybody can bring any Cd/USB/drive/whatever and try to see if any of the USB port would run anything. It won't. and all the workstation computers I secured it so tight that they can run any USB device they want, the virus will not have access to anything.

Anybody can be an "IT administrator", but my question is how many of them are actually good at it.


RE: First Question
By Chocobollz on 8/25/10, Rating: 0
RE: First Question
By GoodBytes on 8/23/2010 8:36:27 PM , Rating: 2
I have a feeling they were using Windows XP to make things worse.


RE: First Question
By Belard on 8/24/10, Rating: -1
RE: First Question
By XZerg on 8/24/10, Rating: 0
RE: First Question
By seamonkey79 on 8/24/2010 9:34:01 AM , Rating: 2
I have a feeling that most people will just run into something when their brakes fail and all they have left is a handbrake, or something of the like... airplanes should have more capable controls than that, though.


RE: First Question
By MrFord on 8/24/2010 4:09:58 PM , Rating: 2
The main crash cause was attempting takeoff without flaps. It is doable, but you most likely will end up running out of runway or exceed rated tire speed limit.

In that case, they tried to rotate at the calculated Vr for a properly configured take-off and ended up stalling as soon as they lost ground effect.

The whole malware on the computer thing is just a monitoring computer for dispatch that would've alerted them that something wasn't normal with the plane at that point, and with the previous 2 aborted take-off, it would've raised a flag.

But in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


RE: First Question
By leexgx on 8/25/2010 7:45:49 PM , Rating: 2
quote:
but in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


but the computer most likely issued that warning, computer fail no warning


RE: First Question
By leexgx on 8/25/2010 7:49:06 PM , Rating: 2
ok its DT been gay with its Wording again of the article, Virus was not on the plane was in the monitoring systems


RE: First Question
By drycrust3 on 8/27/2010 5:11:47 PM , Rating: 2
From the sounds of it, it sounds like the plane's avionics required computers that weren't on the plane to do anything. Maybe the problem wasn't so much the virus but the link between the computers and the plane.


RE: First Question
By AntDX316 on 8/28/2010 1:58:51 AM , Rating: 2
it's like playing on a computer game online where you have hacks and scripts to run, once admins and the game developers see what is happening, they implement measures to prevent and deny hacks from using the same method, games and operating systems rn't designed to think out what loopholes could happen until they happen, it's like learning new advanced math in school when you only know kindergarten math then you find out you can make fomulas and other things with advanced math like calculus, once u learn calculus u know how to fix and what is wrong because u know how it works, until then u cannot fix it or make preventive measures unless u have people on the job to create problems and find ways to fix but that cost money and the government won't spend unless its absolutely necessary, they will just say don't plug USB things into the computer if they do and they r caught on camera they will be jailed


RE: First Question
By MrFord on 8/24/2010 4:10:34 PM , Rating: 2
The main crash cause was attempting takeoff without flaps. It is doable, but you most likely will end up running out of runway or exceed rated tire speed limit.

In that case, they tried to rotate at the calculated Vr for a properly configured take-off and ended up stalling as soon as they lost ground effect.

The whole malware on the computer thing is just a monitoring computer for dispatch that would've alerted them that something wasn't normal with the plane at that point, and with the previous 2 aborted take-off, it would've raised a flag.

But in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


RE: First Question
By cjc1103 on 8/26/2010 8:43:26 AM , Rating: 2
It was pilot error, attempting a takeoff without flaps. The Takeoff Warning System (TOWS) is supposed to sound a warning if the throttles are advanced for takeoff without the flaps extended, but it was malfunctioning. Ed Bott over at ZDNet has an exhaustive report on what went wrong - it has nothing to do with a virus on a flight computer, the airplane in question is not even controlled by a computer, it's all cables and hydraulics.
http://www.zdnet.com/blog/bott/fact-check-malware-...


RE: First Question
By Etern205 on 8/23/2010 5:46:24 PM , Rating: 1
Better yet does onboard flight computers even have any USB ports?

Also USB flash drive should have a hardware write protect switch (like them SD cards)to prevent malware from affecting the flash drive. Some of them old drive have it, don't know why the new ones doesn't.


RE: First Question
By Belard on 8/24/2010 5:21:52 AM , Rating: 3
Ya know... if you read the article, you'd know they were NOT talking about the onboard flight computer - but the central servers/workstation that monitor the planes's health.

Like when the AIR France that went down over the Atlantic, all dead and no "black box" recovered because the plane went down in basically an under-water mountain range. That Plane was reporting its basic info and errors over the air-waves.

Science and tech is fun this way. Its not magic.


RE: First Question
By Funksultan on 8/24/2010 8:29:44 AM , Rating: 5
LoL, don't bother Belard. I think more people are interested in venting rage, wrong or right, rather than actually READING THE ARTICLE.

(perhaps the issue is people are better at venting than reading)

"USB stick" "Plane" "Crash"

ZOMG ZOMG ZOMG!! WHY THE HELL WAS THE PILOT TRYING TO STEER THE PLANE WITH A USB STICK?!? WHY DIDN'T HE USE HIS HANDS!?!1?!ONE!ONEONE

At least it's entertaining...


RE: First Question
By flatrock on 8/24/2010 1:05:42 PM , Rating: 2
From the article:

Investigators speculate that trojan malware may have slowed down system alerts at the airline's headquarters which could have canceled or delayed the doomed flight.

The trojan wasn't on a flight computer. It wasn't on the plane at all. It was apparently on a computer used to analyze data gathered about their planes and look for potential problems.

Why someone inserted a USB stick into those computers is an equally good reason. I think the point being made is that if these other computers play such an important role they need to limit how those systems are accessed and make sure not to use infected media.

For a flight critical system you need to use a DO178B complian OS such as Green Hills Integrity. This system wasn't really flight critical, so using Windows may not be inappropriate if proper security measures are in place and followed. The hardest part is getting people to actually follow security proceedures.


"Can anyone tell me what MobileMe is supposed to do?... So why the f*** doesn't it do that?" -- Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki