FOX News: Hacking airplanes in flight? I did that a year ago, Brad 'RenderMan' Haines says

FOX News FOXNews.com - Breaking news and video. Latest Current News: U.S., World, Entertainment, Health, Business, Technology, Politics, Sports. // via fulltextrssfeed.com

Hacking airplanes in flight? I did that a year ago, Brad 'RenderMan' Haines says Apr 12th 2013, 15:30 Security researchers have revealed scary flaws in the software used to route planes that could allow a malicious party to create "sizeable chaos."AP Photo/Brennan Linsley A Spanish researcher this week claimed a simple Android app can take control of an airplane in flight, thanks to security flaws in the FAA's 25-year-old communications software. That comes as no surprise to Brad Haines, a hacker who made remarkably similar claims almost a year ago. "The fact that you've got another guy coming up with the same conclusion ... this is suddenly proving things," Haines told FoxNews.com Friday. 'If you see 50 extra flights, that's probably not a technical glitch. It's someone attacking you. Call the guys with the jackboots and guns.' - Brad "Renderman" Haines Safety officials and FMS, the maker of the software that Spanish researcher Hugo Teso exploited, have said there are fundamental differences between the flight simulator the hacker used for his app and the real software. But in a presentation Thursday at the the Infiltrate hacker conference in Miami, Haines made an eye-opening revelation: The next-generation software being built partly to replace it may be just as flawed. "The FAA says 'trust us.' I'm sorry, I don't -- and so far they have yet to put anything out there saying how they mitigated any of this stuff," Haines told FoxNews.com. Haines, a 33-year-old Canadian who goes by the name RenderMan, is something of a celebrity in hacker circles. His presentation was terrifyingly titled "Attacking the Next Generation Air Traffic Control System." And those attacks are surprisingly easy to carry out, according to Haines. "Anyone can listen on this to find the location of a plane in real time," he said. The NextGen system is intended to help the FAA keep tabs on every plane in flight, using GPS data rather than traditional radar. The FAA says it will allow far more refined tracking of planes, and let pilots choose more direct routes. It also replaces a system that detractors say is overwhelmed, antiquated, costly and slow. NextGen comes at a cost in the billions of dollars, and is still being implemented. But NextGen may contain the same flaw that Teso's Android app revealed: Location data being passed between the plane and the control towers is unencrypted and unauthenticated, leaving them open to potential hacker attack. Working with partner Nick Foster, Haines found a way to allow anyone with surprisingly inexpensive gear to influence the data that shows up, adding dozens of false flights to screens, for example, and in general creating "sizeable chaos," he said. Haines isn't a malicious hacker himself: A frequent speaker at conferences around the world, he spends his days fixing security flaws and his nights locating them. Haines says he took his findings to the FAA (and the TCCA, Canada's version of the FAA) but received only a canned statement. He responded by going public with his findings. The FAA did not immediately respond to a FoxNews.com request for comment. The challenge is that encrypting the information would be a management nightmare that could cause even more problems, Haines said. So what to do? "You can use [these findings] to educate traffic controllers and pilots," he told FoxNews.com. "Maybe we should build some protocols to flag things on the 'weirdo' meter. If you get 50 extra flights, that's probably not a technical glitch. It's someone attacking you. Call the guys with the jackboots and guns." "For the longest time it was, oh it's too expensive, you need specialized hardware. Now with software-defined radios and technology that has come so far, I don't need half an airplane cockpit to talk to this this stuff." Related Stories Google tool lets users decide what happens to their 'digital afterlife' Review: Facebook Home shields you from non-Facebook tasks Nuclear fusion rocket could reach Mars in 30 days Iranian scientist claims to have invented time machine

You are receiving this email because you subscribed to this feed at blogtrottr.com. If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions