Q

Is introducing Wi-Fi to airplanes is a good idea security-wise?

Wi-Fi on airplanes seems like it will be unavoidable in the future, but what security risks does it pose? In this security threats expert response, learn what airplane Wi-Fi might mean for security, and what precautions to take to protect sensitive data.

Do you think introducing Wi-Fi to airplanes is a good idea security-wise?
You are no doubt referring to the article in Wired Magazine that appeared in January 2008 about the wireless functionality offered in Boeing's new 787 airliner. It's not the Wi-Fi itself that is a concern. Passengers surfing the Internet from the comfort of their own seats on a plane is no more or less dangerous than those same users doing the same thing at a coffee shop, provided that the network they use is isolated from other critical networks.

And that's what's so alarming about the Wired article, which describes an FAA document about special conditions in the new 787's wireless functionality. It appears that the networks associated with "flight-safety-related control and navigation" are "connected by electronics and embedded software" to the networks associated with "passenger entertainment, information and Internet services.".

Given the issues raised in the Wired article and the associated FAA document, consider this scenario. An innocent user on a plane surfs the Internet using an unpatched laptop machine, inadvertently accessing a website run by an attacker on the ground. The attacker delivers an exploit to the laptop, now controlling that one machine on the plane. The attacker may look at the IP address of the system he or she just compromised, realizing that it has come from an airline, possibly inferring that it is a machine on board a plane. Heck, the attacker might even look through the file system of the victim's machine and see the travel itinerary of the passenger stored in email. The attacker could then use the compromised laptop on the plane to try to pivot and attack the other network on the plane, associated with control and navigation. The attacker may attempt a denial of service attack, or perhaps system compromise of machines on the other network.

Call me old fashioned, but I don't think we should interconnect such things together. Each network should be completely isolated, and ideally each should use different protocols just in case they are accidentally connected together. Although using the same equipment and protocols likely lowers cost and weight, it introduces significant danger, in my opinion. Trying to isolate traffic on networks that are physically connected is difficult, and firewalls aren't perfect. To answer your question directly, I think this is a profoundly bad idea.

More information:

This was first published in June 2008

Dig deeper on Handheld and Mobile Device Security Best Practices

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close