Ask the Pilot

Could an exploit via an Android app really hijack a plane? Not so, says a prominent pilot/author

Finally, some sanity. After many a blog post this week re-reported Help Net Security's "Hijacking airplanes with an Android phone" piece -- in which security consultant and pilot Hugo Teso apparently demonstrated how he could theoretically interfere with an aircraft's flight management system -- and headlines grew more and more alarmist, Patrick Smith, editor of the popular "Ask the Pilot" blog has a few things to say about the matter.

Starting with, "This is my pre-emptive plea, an open letter to the media to rein in this silly airplane story before it gets too much traction."

We're listening.

The story really grew legs, of course, because a mobile device was involved. Wrote Help Net Security:

To make things even more interesting - or easier - Teso showcased an Andorid [sic] application that uses SIMON's powers to remotely control airplanes on the move. The application, fittingly named PlaneSploit, sports a clean and simple interface, but is packed full with features. This is a remarkable example of technology evolution - ten years ago we barely had phones with a color screen, today we can use them to hack aircraft.

The penultimate paragraph, however, grossly tempers the alarmist prose that comes before it:

There is a solution for pilots to regain the control of the plane and land it safely, he says. Attacks of this kind work only when the auto-pilot is on, so the trick is to switch it off, then fly the plane by using analog instruments. 

Pilots actually flying the planes themselves? That's still a thing in 2013? Yes. It most certainly is.

Smith, whose columns often aim to dispel common misconceptions about flying (his favorite is that pilots don't actually fly the plane), fired back today.

Hugo Teso, the person behind this lecture/experiment, seems to have a rudimentary understanding of how planes fly, and seems somewhat familiar with the way pilots and their technology interact, but he’s extrapolating wildly — or the media is extrapolating wildly based on some of the things he’s said.  

Smith sums it up in once sentence, really: "The sorts of problems [the exploit] might conceivably cause is nothing a crew couldn’t notice and easily override in about five seconds."

We recommend reading Smith's entire column on this, especially if you want a more detailed, technical answer. (And check out his others. You'll learn something.)

And, yes. You still need to turn off your gear below 10,000 feet.

Ed note: Changed the headline from "refutes" to "downplays," which I agree is more accurate here. - Phil

 

Reader comments

Actual pilot downplays theoretical takeover of an airline by way of Android app

35 Comments

"The sorts of problems [the exploit] might conceivably cause is nothing a crew couldn’t notice and easily override in about five seconds."

This is supposed to make me feel *better*??? On some long distance flights, the crew is allowed to *sleep* while the plane is on autopilot. While they certainly "could" recognize illicit activity, do we want them to need to in order to keep the passengers safe?

No flight deck crew in the US, while on duty as the pilot in command and the first officer, is EVER allowed to sleep. Period. Are there relief crews on the widebodies that rest while *out of the cockpit*? Sure, but the two in the cabin at the controls are *never* allowed to sleep.

Would YOU notice if your car started going a different direction while you were at the wheel? Or if the wheel started turning on its own? talk to a pilot some time, you'll learn something.

I sure would notice - because, one, I don't have autopilot on my car, and, two, I don't ever drive in conditions that provide no visual reference points. Maybe you should try flying in the soup some time.

The documented exploit includes hacking ACARS. What if the hacker sent a spoofed message and the pilot changed course ON PURPOSE because of the spoofed message he received?

If your GPS told you to drive off a bridge, would you do it without a second thought? You're not giving pilots much credit. There is no doubt in my mind that they would check the legitimacy of any messages they received. This is exactly the alarmist sort of extreme extrapolation that this article is referring to.

pilots are highly trained, more than 1/2 of them are trained by the military with thousands of hours and then go to commercial flight school to qualify and fly. The first thing they'll notice is the instrument panels and the artificial horizon moving, you can't hack the instruments, they don't need land reference points to know the plane is deviating from it's course.

Because all would-be troublemakers fly inside the US, right? International crews flying under other regulatory systems are allowed controlled naps during flight.

On long distance flights, there are two flight crews. It may vary from airline to airline, but typically one crew handles takeoffs and landings, while the other crew handles the "middle" of a flight. While a plane is on autopilot, that second crew constantly checks that everything is as it should, and they have to periodically contact the nearest airport (especially when you're flying over an ocean) and give them (and confirm) your coordinates, and log everything throughout their shift. My father-in-law (who is a recently retired 747 pilot) says that you can disable autopilot pretty quickly if something was amiss.

I love Ask the Pilot. Patrick Smith is an outstanding writer who has the added benefit of being constantly right. Definitely read the whole column.

"The sorts of problems [the exploit] might conceivably cause is nothing a crew couldn’t notice and easily override in about five seconds."

A small change in altitude could put planes on a collision course and go un-noticed. Also, 5-10 seconds is all it would take to put the plane in a dangerous roll before I pilot could attempt to disengage the auto pilot and regain control of the plane. Even after reading this a fail to see how this is not a really big freaking deal. If someone can take over a plane's auto pilot until someone manually disengages it, I don't care whether he needs a super computer or a phone, that is not ok and needs to be brought to attention and solved.

It has been brought to people's attention. It's just that this particular assclown decided to do it through the media rather than actually going to people who matter. Talk to a pilot some time, it would take more than a small change in altitutde and passenger jets don't exactly go into rolls easily. Believe me, if they could, my jackass father-in-law (former fighter pilot, current airline pilot) would be doing it.

How do you know he didn't try to go to people who matter first? My experience is that "people who matter" (especially in big government agencies) often won't give the time of day to "whistleblowers" - until the whistleblower makes a public scene.

Because if he HAD, then he would have said "Hey, I brought this info to the FAA?Boeing/Delta, etc. and they haven't done anything about it." That would feed his ego and make him look even better. But he didn't, so it's a pretty safe bet that he went to the press first rather than doing something responsible.

"People who matter" often have an attitude like yours, combined with some arrogance. And so they scoff at people like Hugo Teso, when they try to bring a problem to their attention quietly.

Wow, two responses to the same post?
Teso is an attention-seeking d-bag. That's why he went to the press. He wanted to see his name in print or even better, get on TV. That's why he did what he did, pure and simple. Maybe someone would have scoffed (but I doubt it, in fact, I scoff at that). Maybe not. But he chose the irresponsible path so he could get his 15 minutes.

Nothing like an article about how the media extrapolates things to wildly false conclusions - that extrapolates things to a wildly false conclusion.

The headline of this article (the one here on AndroidCentral) is headlined: "Actual pilot refutes theoretical takeover of an airline by way of Android app".

And has a subheading of: "Could an exploit via an Android app really hijack a plane? Not so, says a prominent pilot/author"

In fact, the author of Ask The Pilot did NOT refute what Hugo Teso said. And ATP did NOT say that this exploit could not be used to hijack a plane.

What ATP said boils down to "it's very unlikely, and it would be easy for the crew to defeat the hijacking attempt IF they notice it."

Good job, AC. Your journalism is completely on par with the mainstream media.

"Your journalism is completely on par with the mainstream media."

In fairness to AC, have you actually read anything by the mainstream media recently? Compared to most of the mainstream media, this article is pretty damn reasonable in tone and conclusions.

I agree that "refutes" probably wasn't the right word there, and I've changed it to "downplays" (and noted as such at the bottom).

Thanks for your understanding.

@StuartV:

I think it boils down to exactly what Smith said, and what I said Smith said: "The sorts of problems [the exploit] might conceivably cause is nothing a crew couldn’t notice and easily override in about five seconds."

I agree with you on the "refute" thing though, and I changed the headline. 

Smile. It's nice outside. :)

Whoa! Somebody's a little fired up about hijacking a plane with a phone. And my guess is that Phil doesn't believe it could happen, and I'd bet you the BOX from the HTC One that I'm not going to win that I'm right.

And a giant asteroid COULD hit the planet and wipe out all life on Earth. So why don't all you numbskulls who think this it actually a big deal go find your own planet to live on. That way you don't have to worry about planes getting hijacked by phones or getting hit by asteroids, and us sane people don't have to listen to your inane babbling...oh noes, a gust of wind could rip the wing off the plane...hurry up and fix it...AAAGGGGHHHH!!!

Actually a giant asteroid WILL hit the Earth. Its a matter of when and not if. You think the moon has all those craters because its an asteroid magnet?

As for the plane thing its a big deal. I don't think we have anything to worry about at the moment. But I'm pretty sure folks are scrambling right now to rethink this. Doesn't matter if its 5 seconds of hijacking I don't think the FAA, airlines, or aerospace manufacturers want to leave this risk out there.

In every aircraft that I'm familiar with the ACARS is not part of the flight management system. ACARS is used to receive weather and talk to company dispatch (ACARS is similar to texting or email). Almost all of the ACARS messages are initiated by the cockpit crew. So an appropriate response would be expected. You cannot steer the autopilot through ACARS nor does Air traffic control communicate through ACARS to change altitude or routing.

Teso's brief was more of a Proof of Concept. He left a lot of information out. It would take access to the aircraft to maliciously upload code and it would also require an extensive hardware modification to the aircraft before anything like that would be possible.

In other words, it would have to be an enormous conspiracy involving many people with access to the actual aircraft to make anything like that work.

Although, I do think aircraft manufactures and the FAA need to beef up security with ADS-B and ACARS

Good explanation. Thanks!

And FWIW, I think folks don't give pilots enough credit. Unless you guys know something about that I don't. :)

With all of the drunk and stoned pilots now-a-days it is highly likely that they wouldn't notice something wrong until it was too late.

I can't wait to see what Apple iPhone fanboys are saying about this. :)

By the way, I could swear that the hacker who made this announcement
was also supposed to a commercial pilot. (at least according to the
CNN article)