Print 83 comment(s) - last by AntDX316.. on Aug 28 at 1:58 AM

Report links flash drive to Flight 5022

A corrupted USB stick contributed to Spain's worst air disaster on record, according to a 12,000-page report cited by the Spanish newspaper El Pais and USA Today.

It was initially believed that the crash of Flight 5022 that killed 154 people in 2008 was the result of pilot error, but investigators have now concluded that a computer infection spread through an infected USB stick may have contributed to the crash. 

Investigators speculate that trojan malware may have slowed down system alerts at the airline's headquarters which could have canceled or delayed the doomed flight. The report indicates that the computer failed to detect three problems (including one issue with the airplane's wing flaps being in the incorrect position for takeoff) in a fail-safe monitoring system and that those problems were brought on by a malicious program that came from the USB thumb drive. 

Spanair has been ordered by a judge to provide all of the company's computer logs from the days before and after the crash.  A final report from crash investigators is expected by December.

One expert warns that with continued use of flash drives and other third party devices in systems like these, this type of tragedy could happen again.

Senior manager of security research at Arbor Networks, Jose Nazario, said that many USB thumb drive attacks take advantage of security weaknesses in Windows auto run, a basic component built into the Windows operating system.

"Think about how many USB sticks you have. You're probably under counting. Everyone does," said Nazario.  "Now think about how many sticks in the past month your laptop has used, and think about how many other systems you have used your USB sticks on. This is like those classic HIV commercials, where you're with everyone that person has been with before."


Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: mission critical OS
By GotDiesel on 8/24/2010 11:55:10 AM , Rating: 3
Aircraft flight systems use a proprietary FAA validated OS, build with validated tools.. as stated above, the plane was not compromised.. it was the ground system.
Windows is not and never will be a mission critical OS.. it was designed from the ground up ( no pun intended ).. to be a desktop OS. you would have to be a total moron to put Windows or Linux in control of any vehicle in a public place.

RE: mission critical OS
By Justin Time on 8/25/2010 9:35:12 PM , Rating: 2
Exactly, Windows is not used on flight systems (nor would Linux be used).

Furthermore, MS don't even warrant or approve Windows for this type of application or any real-time scenario.

To quote MS KB-22523: In no sense can Microsoft Windows be considered a "real-time" system. It is a message-driven, event-polling system, with nonpreemptive scheduling.

RE: mission critical OS
By Justin Time on 8/25/2010 9:44:19 PM , Rating: 2
Note: Obviously this refers to 16-bit versions and the nonpreemptive scheduler bit doesn't apply to the NT family, but the messaging and event handling systems are still the main reason it's not a real-time O/S.

"People Don't Respect Confidentiality in This Industry" -- Sony Computer Entertainment of America President and CEO Jack Tretton

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki