backtop


Print 83 comment(s) - last by AntDX316.. on Aug 28 at 1:58 AM


  (Source: travelbrook.com)
Report links flash drive to Flight 5022

A corrupted USB stick contributed to Spain's worst air disaster on record, according to a 12,000-page report cited by the Spanish newspaper El Pais and USA Today.

It was initially believed that the crash of Flight 5022 that killed 154 people in 2008 was the result of pilot error, but investigators have now concluded that a computer infection spread through an infected USB stick may have contributed to the crash. 

Investigators speculate that trojan malware may have slowed down system alerts at the airline's headquarters which could have canceled or delayed the doomed flight. The report indicates that the computer failed to detect three problems (including one issue with the airplane's wing flaps being in the incorrect position for takeoff) in a fail-safe monitoring system and that those problems were brought on by a malicious program that came from the USB thumb drive. 

Spanair has been ordered by a judge to provide all of the company's computer logs from the days before and after the crash.  A final report from crash investigators is expected by December.

One expert warns that with continued use of flash drives and other third party devices in systems like these, this type of tragedy could happen again.

Senior manager of security research at Arbor Networks, Jose Nazario, said that many USB thumb drive attacks take advantage of security weaknesses in Windows auto run, a basic component built into the Windows operating system.

"Think about how many USB sticks you have. You're probably under counting. Everyone does," said Nazario.  "Now think about how many sticks in the past month your laptop has used, and think about how many other systems you have used your USB sticks on. This is like those classic HIV commercials, where you're with everyone that person has been with before."

 



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

mission critical OS
By jconan on 8/23/2010 6:52:59 PM , Rating: 1
If airplanes rely on mission critical OS, why are they running Windows? More so is the version of Windows a Mission Critical version otherwise this incident would never have happened.




RE: mission critical OS
By GreenEnvt on 8/24/2010 8:29:34 AM , Rating: 2
The Dailytech staff got this article quite overhyped and inaccurate.

The infected computer was a computer on the ground at the airlines office. If a plane had the same failure reproted X times in Y days, it would send an alert that would get the plane pulled from service for maintenance. This plane did have the same issue a few times, a sensor overheating. The sensor had absolutely nothing to do with the crash though. The sensor has a backup, which was working fine.

The crash itself was caused by the pilots forgetting to extend the flaps on take off, which means the plane couldn't take off a the normal speed.

The physical plane in use really didn't matter in this crash. The issue was the pilots getting distracted during their checklist which caused them to not set the flaps.


RE: mission critical OS
By GotDiesel on 8/24/2010 11:55:10 AM , Rating: 3
Aircraft flight systems use a proprietary FAA validated OS, build with validated tools.. as stated above, the plane was not compromised.. it was the ground system.
Windows is not and never will be a mission critical OS.. it was designed from the ground up ( no pun intended ).. to be a desktop OS. you would have to be a total moron to put Windows or Linux in control of any vehicle in a public place.


RE: mission critical OS
By Justin Time on 8/25/2010 9:35:12 PM , Rating: 2
Exactly, Windows is not used on flight systems (nor would Linux be used).

Furthermore, MS don't even warrant or approve Windows for this type of application or any real-time scenario.

To quote MS KB-22523: In no sense can Microsoft Windows be considered a "real-time" system. It is a message-driven, event-polling system, with nonpreemptive scheduling.


RE: mission critical OS
By Justin Time on 8/25/2010 9:44:19 PM , Rating: 2
Note: Obviously this refers to 16-bit versions and the nonpreemptive scheduler bit doesn't apply to the NT family, but the messaging and event handling systems are still the main reason it's not a real-time O/S.


"I mean, if you wanna break down someone's door, why don't you start with AT&T, for God sakes? They make your amazing phone unusable as a phone!" -- Jon Stewart on Apple and the iPhone














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki