Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
U.S. Air Traffic Control Found Vulnerable
Kevin Poulsen, SecurityFocus 2004-10-14

The Federal Aviation Administration (FAA) has agreed to examine computer security at air traffic control centers around the country, following a government audit that found the systems insufficiently secured against cyber attacks.

Comments Mode:
U.S. Air Traffic Control Found Vulnerable 2004-10-15
Anonymous
49.7 days? Win95/98 only! 2004-10-18
Anonymous (1 replies)
Or any code using GetTickCount() without handling rollover 2004-10-20
Anonymous
U.S. Air Traffic Control Found Vulnerable 2004-10-21
Anonymous
I despair of these fools. Maybe some real prison time is required to slap some *&^(*&^%( sense into them. 2004-10-25
Roger
So last year it turned out that a nuclear power plant was operating a critical monitoring system on Windows, had it connected to the 'net, and it was infected by Slammer.

Now it turns out that the FAA has air traffic control systems running on Windows and connected to the 'net, and there's a strong hint that the flavour of Windows was 9x. (Even if it wasn't Win 9x, at least its application software was so badly written it had the same effect, and its management was so lackadaisical it required a *manual* reboot once a month.)

9x Windows running air traffic control. Oh. My. God. How the hell do people of such low calibre of intelligence or technical competence get such dangerous jobs?!? Surely there are government guidelines for them to follow, even if they are too dull-witted to work it out for themselves? There is no excuse for this. Arguments like "ease of management" just don't cut the mustard for such critical applications.

Systems such as these - systems where failures can result in mass fatalities - should never be connected to the 'net, or any system which might get connected to the 'net. (That doesn't mean "firewalled off", that means air gap. Need your nodes to talk to each other? Fine, get a private line.) And they should be HAL-6.

Requiring that the system be certified to HAL-6 means that Windows NT/2K is not good enough. *Neither is Linux*. The only computing systems that achieve the necessary extreme ratings are highly specialised OSes running on clusters of specialised, highly fault tolerant, very expensive hardware (e.g. S/390, or AS/400 for slightly less critical apps). Clustered Linux solutions have allegedly delivered HAL-5 (I don't know of any independent determination of this). Clustered NT solutions have allegedly delivered HAL-5, but independent assessments were more like HAL-3-and-a-bit. Neither is good enough.

In any case, these clowns apparently aren't using clustered anything.

These clowns are packing hundreds of people into metal tubes and sending them into the stratosphere under the guidance of one lousy Windows 9x box. Hands up everyone who feels confident that it even has ECC memory and a UPS?

We need to ensure that these jobs are taken over by competent, professional engineers with the authority to do the job right. We need to slap some *&$%( sense into the managers who employed the "interested amateurs".

Someone needs to go to jail for this. I really mean it. Does anyone know how we can help to make that happen?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/9729/28839#28839




 

Privacy Statement
Copyright 2008, SecurityFocus