WTF is Boeing on? Not just customer databases lying around on the web. 787 jetliner code, too, security bugs and all



Black Hat A Black Hat presentation on how to potentially hijack a 787 – by exploiting bugs found in internal code left lying around on a public-facing server – was last night slammed as “irresponsible and misleading” by Boeing.

At the hacking conference in Las Vegas on Wednesday, Ruben Santamarta, principal security consultant at pen-testing biz IOActive, told attendees he had found bugs in software used aboard the jetliners.

It is important to note that there are essentially three electronic networks on a 787: the first is home to non-critical stuff like the in-flight entertainment system; the second is used by slightly more important applications reserved for crew and maintenance teams; and the third is used by the vital avionics gear that controls the airplane’s flight and reads its sensors.

Read more…