backtop


Print 83 comment(s) - last by AntDX316.. on Aug 28 at 1:58 AM


  (Source: travelbrook.com)
Report links flash drive to Flight 5022

A corrupted USB stick contributed to Spain's worst air disaster on record, according to a 12,000-page report cited by the Spanish newspaper El Pais and USA Today.

It was initially believed that the crash of Flight 5022 that killed 154 people in 2008 was the result of pilot error, but investigators have now concluded that a computer infection spread through an infected USB stick may have contributed to the crash. 

Investigators speculate that trojan malware may have slowed down system alerts at the airline's headquarters which could have canceled or delayed the doomed flight. The report indicates that the computer failed to detect three problems (including one issue with the airplane's wing flaps being in the incorrect position for takeoff) in a fail-safe monitoring system and that those problems were brought on by a malicious program that came from the USB thumb drive. 

Spanair has been ordered by a judge to provide all of the company's computer logs from the days before and after the crash.  A final report from crash investigators is expected by December.

One expert warns that with continued use of flash drives and other third party devices in systems like these, this type of tragedy could happen again.

Senior manager of security research at Arbor Networks, Jose Nazario, said that many USB thumb drive attacks take advantage of security weaknesses in Windows auto run, a basic component built into the Windows operating system.

"Think about how many USB sticks you have. You're probably under counting. Everyone does," said Nazario.  "Now think about how many sticks in the past month your laptop has used, and think about how many other systems you have used your USB sticks on. This is like those classic HIV commercials, where you're with everyone that person has been with before."

 



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: First Question
By omnicronx on 8/23/2010 5:14:09 PM , Rating: 3
Better yet, why on earth is a flight system of any kind windows driven?????

Even if you were using Windows, there absolutely no reason why these systems should not have been locked down beyond belief (i.e the system should be on the domain and the user should only have enough privilages to open the program he needs to due his work duties, attacks that stem from things such as auto start of USB drives should be completely useless in this kind of environment) . There is absolutely no reason that these systems should be used for anything but air flight control.

Systems like these should be proprietary PERIOD. I'm sorry but no consumer OS of any kind should ever be used in such a system. I don't care how good its security is.


RE: First Question
By nangryo on 8/23/2010 5:50:25 PM , Rating: 4
Even if it was under domain, if those malware/virus is using windows vulnerability/bug it still by pass those restriction.

So I must agree that this kind of thing should use custom/propietary system.


RE: First Question
By omnicronx on 8/23/2010 6:12:57 PM , Rating: 3
quote:
Even if it was under domain, if those malware/virus is using windows vulnerability/bug it still by pass those restriction.
Oh for sure, but the article specifically mentions USB auto start as the possible culprit, and this sort of thing can't happen if its disabled. Someone would have to manually open/do something with the USB stick.

Still agree though, even if it is locked down, Windows is hardly a good fit for such a system such as this.


RE: First Question
By chick0n on 8/24/2010 10:01:38 AM , Rating: 3
Thats because most stupid "so called IT administrators" don't know wtf they're doing. They just can't lock the computers down for shit.

I use Windows server for all my servers, anybody can bring any Cd/USB/drive/whatever and try to see if any of the USB port would run anything. It won't. and all the workstation computers I secured it so tight that they can run any USB device they want, the virus will not have access to anything.

Anybody can be an "IT administrator", but my question is how many of them are actually good at it.


RE: First Question
By Chocobollz on 8/25/10, Rating: 0
RE: First Question
By GoodBytes on 8/23/2010 8:36:27 PM , Rating: 2
I have a feeling they were using Windows XP to make things worse.


RE: First Question
By Belard on 8/24/10, Rating: -1
RE: First Question
By XZerg on 8/24/10, Rating: 0
RE: First Question
By seamonkey79 on 8/24/2010 9:34:01 AM , Rating: 2
I have a feeling that most people will just run into something when their brakes fail and all they have left is a handbrake, or something of the like... airplanes should have more capable controls than that, though.


RE: First Question
By MrFord on 8/24/2010 4:09:58 PM , Rating: 2
The main crash cause was attempting takeoff without flaps. It is doable, but you most likely will end up running out of runway or exceed rated tire speed limit.

In that case, they tried to rotate at the calculated Vr for a properly configured take-off and ended up stalling as soon as they lost ground effect.

The whole malware on the computer thing is just a monitoring computer for dispatch that would've alerted them that something wasn't normal with the plane at that point, and with the previous 2 aborted take-off, it would've raised a flag.

But in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


RE: First Question
By leexgx on 8/25/2010 7:45:49 PM , Rating: 2
quote:
but in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


but the computer most likely issued that warning, computer fail no warning


RE: First Question
By leexgx on 8/25/2010 7:49:06 PM , Rating: 2
ok its DT been gay with its Wording again of the article, Virus was not on the plane was in the monitoring systems


RE: First Question
By drycrust3 on 8/27/2010 5:11:47 PM , Rating: 2
From the sounds of it, it sounds like the plane's avionics required computers that weren't on the plane to do anything. Maybe the problem wasn't so much the virus but the link between the computers and the plane.


RE: First Question
By AntDX316 on 8/28/2010 1:58:51 AM , Rating: 2
it's like playing on a computer game online where you have hacks and scripts to run, once admins and the game developers see what is happening, they implement measures to prevent and deny hacks from using the same method, games and operating systems rn't designed to think out what loopholes could happen until they happen, it's like learning new advanced math in school when you only know kindergarten math then you find out you can make fomulas and other things with advanced math like calculus, once u learn calculus u know how to fix and what is wrong because u know how it works, until then u cannot fix it or make preventive measures unless u have people on the job to create problems and find ways to fix but that cost money and the government won't spend unless its absolutely necessary, they will just say don't plug USB things into the computer if they do and they r caught on camera they will be jailed


RE: First Question
By MrFord on 8/24/2010 4:10:34 PM , Rating: 2
The main crash cause was attempting takeoff without flaps. It is doable, but you most likely will end up running out of runway or exceed rated tire speed limit.

In that case, they tried to rotate at the calculated Vr for a properly configured take-off and ended up stalling as soon as they lost ground effect.

The whole malware on the computer thing is just a monitoring computer for dispatch that would've alerted them that something wasn't normal with the plane at that point, and with the previous 2 aborted take-off, it would've raised a flag.

But in any case, malware or not, take-off with no flaps was pretty much impossible. There is a Take-off configuration warning that i supposed to sound in the cockpit when something like this happens, maybe the breaker was pulled?


RE: First Question
By cjc1103 on 8/26/2010 8:43:26 AM , Rating: 2
It was pilot error, attempting a takeoff without flaps. The Takeoff Warning System (TOWS) is supposed to sound a warning if the throttles are advanced for takeoff without the flaps extended, but it was malfunctioning. Ed Bott over at ZDNet has an exhaustive report on what went wrong - it has nothing to do with a virus on a flight computer, the airplane in question is not even controlled by a computer, it's all cables and hydraulics.
http://www.zdnet.com/blog/bott/fact-check-malware-...


"My sex life is pretty good" -- Steve Jobs' random musings during the 2010 D8 conference














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki