[video=youtube;jjRzqGUFECI]http://www.youtube.com/watch?feature=player_detailpage&v=jjRzqGUFECI[/video]
If you are one of those folks with a fear of flying you may want to skip reading this article. Apparently, all you need to remotely hijack an airplane is some aviation software that can be found on eBay, an Android phone and an app. A gentleman named Hugo Teso, who also happens to be a professional security expert, hacker and retired commercial airline pilot, just showed a live demonstration of this at an Amsterdam security conference recently. Here's a quote with more of the details,
It turns out that two important aviation systems — the Automated Dependent Surveillance-Broadcast (ADS-B) and the Aircraft Communications Addressing and Reporting System (ACARS) — are completely unencrypted and unauthenticated, allowing anyone with the right tools and a little know-how to access the system remotely without too much trouble.
Teso simply hit up eBay for “actual flight code software” that’s normally used for training pilots, as well as nabbing a radio transmitter. During the demonstration, Teso audited real aircraft code by searching for vulnerabilities on a fleet of virtual aircrafts (using real airplanes in this case would obviously be unethical and quite illegal. Along with an Android app called PlaneSploit (which won’t be hitting the Google Play store), Teso was able to control the steering of a Boeing jet, as long as the plane was in autopilot mode.
Teso has been working in the IT industry for 11 years now, and before that he was a trained and licensed commercial pilot for 12 years. His 23 years of combined experienced with the two professions has led him to teach the public about the state of the security of aviation computer systems and communication protocols, which are actually not that secure, as Teso demonstrated.
If that doesn't freak you out, even just a little, then your "flight or flight" funny bone is perhaps too desensitized. Regardless, it makes you wonder how on earth the electronic security of our aviation industry could be so archaic. At least someone is pointing out the holes so we can fix them. It's a good thing that most criminals and terrorists aren't as savvy as this guy...
Source: SlashGear