Hacker Demonstrates Ability To Hijack Plane Using Smartphone

by Libby Zay on

Imagine this: you’ve fallen asleep on a plane headed to your dream vacation when suddenly erratic flight movement stirs you awake. The cabin is chaotic, and what’s even worse, in the cockpit the pilot has no idea what is happening. All systems have been overridden, and – although the pilot doesn’t know it – someone is controlling the plane from within the cabin.

Hacker Hugo Teso demonstrated he could do just that at a recent conference in Amsterdam. Using a smartphone app called PlaneSploit, Teso showed he could essentially turn a commercial aircraft into a remote control toy. He had the ability to redirect a flight, activate a plane’s alarms and dash lights, and even crash a jet – and he did it all remotely with the touch of a few buttons.

He claims to be able to take control by intercepting and repurposing the data the go to the flight systems.

The demonstration points out weaknesses and lack of security in several plane systems, including the automatic dependent surveillance-broadcast, which is crucial in the radar tracking of planes, as well as the text system used to communicate between aircraft and ground control. It’s a scary thought, but luckily Teso has no plans to make the app available for download. Furthermore, just because he was able to get access to the communications, it doesn’t mean he could necessarily crash the aircraft. Our own resident pilot, Kent Wien, says:

“The idea that someone can gain modify the FMS (flight management system) on an airliner is pretty far fetched. The FAA claims that there’s no way this person could gain access to an FMS in this way.

Setting that aside, if our FMS, which is similar to a GPS in a car, were modified inflight it wouldn’t go un-noticed by the pilots. And once discovered, a simple change in autopilot mode would result in the airplane flying to wherever the pilots wanted it to go. Not to mention the even more simple move-clicking off the autopilot. I’d love to hear his presentation about how he can access an FMS, but it’s not like he’s able to take over control of the airplane through that box.”

[via Phandroid]

[Photo credit: Flickr user hugokernel]

Turn Your Phone Into A Subway Card

by Jeremy Kressmann on

If you’ve ever visited one of the more technologically advanced Asian metropolises like Tokyo or Hong Kong, you’re probably already familiar with the easy-to-use technology called RFID. It works like this – instead of paying cash for a bus or subway fare, you hold up a simple plastic card (or a chip embedded in your cellphone) to the ticket gate, and voila! You’ve paid and gotten on your way without pulling a dime out of your wallet.

Wouldn’t it be great if that same technology worked back in the USA, dear reader? Well, now you too can embed an RFID reader inside your fancy iPhone, thanks to a little creative hacking and a DIY company called Adafruit Industries. Using a relatively inexpensive tool kit sold by the company, they’ve put together the nifty video above showing how to install your very own RFID card for use with your iPhone. Not all cities have RFID payment systems, but an increasing number of American cities accept it on their mass transit systems. Care to give it a try? Check out the video above for a tutorial.

Hotels top target for hackers

by Tom Johansmeyer on

According to online security trade publication DarkReading.com, hackers went after the hotel sector more than any other in 2009. And, they didn’t get caught: it took hotels an average of 156 days to discover a security breach. A study by Trustwave’s SpiderLabs of 218 security breach investigations in 24 countries found that 38 percent hit the hospitality industry, 19 percent for financial services, 14 percent for retailers and 13 percent for food and beverage.

So, why are hackers poking around in hotel systems? Credit cards!

Hackers are looking for payment information that they can steal and use elsewhere. This information that can be converted to cash quickly, says Trustwave SpiderLabs executive Nicholas Percoco. Other sensitive information wasn’t nearly as popular, with the likes of financial, authentication and healthcare information good for only 1 percent of what was stolen.

Passenger rights advocate sues Delta over alleged e-mail hacking

by Tom Johansmeyer on

Is Delta Airlines really a den of hackers? Passengers’ rights advocate Kate Hanni thinks so and is suing the world’s largest carrier over it. Hanni, of FlyersRights.org, alleges that Delta conspired with Dulles, Virginia-based Metron Aviation to yank e-mails from her computer in an effort to stall her “efforts to protect air travelers from lengthy tarmac delays and other inconveniences.”

She’s found an easy target for a war in the press – nobody is in favor of most of what airlines put us through. Hanni is asking for at least $11 million in damages and the opportunity to present her case before a jury. But, now that this has entered the legal system, we have to be especially careful not to indulge a public battle over everything except the evidence.

Delta spokesperson Trebor Banstetter can’t comment beyond, “Obviously, the idea that Delta would hack into someone’s e-mail is clearly without merit,” which was released in an e-mail to The Associated Press.

Hanni claims that her service provider, AOL (which owns Gadling), confirmed that her e-mail had been hacked. She also says, in the court filings, that Metron officials revealed that Delta provided the stolen e-mails, which included lists of donors and personal files.

The linchpin in all this is a graduate student, employed by Metron, with whom Hanni was sharing information. Metron executives confronted the student with the e-mails and said that Delta wasn’t happy that Hanni was receiving information that would facilitate the passage of the passenger bill of rights. The contents of the messages were not clear from the lawsuit.

Metron provides services around research, airspace design and environmental analysis to the global air traffic industry, and it has Delta as a client. The company didn’t immediately respond to requests by the AP for comment.

It’s too soon to draw any conclusions from the lawsuit; clearly, there’s a lot of information that has yet to be located and released. So, let’s sit back and watch this unfold before drawing any conclusions.

Spring photography roundup

by Jeremy Kressmann on

Travel photography enthusiasts will be pleased to hear about the flurry of recent product launches and news floating around the web. Perhaps everything was timed to the warm weather and extra daylight of Spring? Those tricky camera manufacturers – how diabolical. Anyway, here’s a quick rundown of some of the more interesting news.

Panasonic’s Lumix DMC-LZ10

Engadget has the scoop on Panasonic’s new 10-megapixel Lumix DMC-LZ10. I’m not the biggest fan of Panasonic’s digital cameras, but Engadget and Photography Blog both give it high marks, calling it “one of the most versatile compacts in its class.” They were particularly impressed with the camera’s manual controls and image quality. Considering it retails for less than $250, it could be a nice model to snap up for those family vacation photos. Remember, if you’re in the market for a point and shoot digital camera, don’t get too caught up with the number of megapixels. A better optical zoom and a quick startup/shutter speed are much better indicators of quality.

Hacking your Canon digital camera

Enterprising Canon camera owners should also head over to Wired, where they’re offering a cool Wiki on how to modify your camera’s software. Why would you do such a thing, you might ask? Because digital camera hardware can often do much more than is allowed by its standard software. For instance, Canon only allows shutter speeds up to 1/1,600 of a second, but the camera is actually capable of up to 1/60,000! Once you’ve installed the hack, you’ll unlock all manner of cool functions like super-long exposure shots, RAW file format and battery readout. I tried it last night on my Canon SD630 and it worked like a charm. It’s worth noting that the process can get a bit technical – make sure you know what you’re doing and that you have a compatible Canon camera before giving it a try. Jump over to Wired for full instructions and FAQ.

The Ultra-fast Casio Exilim EX-F1 SLR

Meanwhile, New York Times gadget guru David Pogue reviews Casio’s speedy new semipro Exilim EX-F1 digital camera. A typical digital camera snaps about one picture per second, but the Exilim, which is billed as the world’s fastest camera, can take up to sixty. Remember that shot of the cheetah chasing the antelope you missed on safari because you couldn’t get your camera snapping in time? This is the model you’re looking for. It also has a motion detector which will wait, for hours if necessary, until motion is detected and then automatically snap a rapid fire of 60 shots. Pretty awesome. The Exilim retails for $1,000.