One Article Review
| Source |  Reversemode |
|---|---|
| Identifiant | 8654605 |
| Date de publication | 2022-04-21 12:59:05 (vue: 2025-03-07 20:12:10) |
| Titre | Le gars avec des outils rudimentaires qui ont excité des choses The guy with rudimentary tools who hyped things |
| Texte | I\'ve just released a new research that describes in detail the reverse engineering methodology and vulnerabilities found in a DAL-A, safety-critical, certified avionics component: Collins\' Pro Line Fusion - AFD-3700, a LynxOS-178 based system deployed in both commercial and military aircraft. At the time of writing this I don\'t know exactly what will happen after the disclosure. However, this time, I certainly know what will not happen. I understand this statement does sound a little bit cryptic, so you should keep reading to understand the context; from where this situation is coming and why this point has been reached. Right, the title is probably more suited for a cheap sequel of Stieg Larsson\'s "Millenium" trilogy rather than for the usual technical contents I publish over here, so for the fans of that saga I would kindly ask you to forgive the liberty of giving myself that license. You\'ll understand that title afterwards.This post contains traces of a \'plot\' spanning several years now. As a compulsive fiction reader I didn\'t want to miss this opportunity to follow a dramatic structure, thus having a little bit of fun out of situation that, for me, has been everything but fun. That said, I\'ve learnt a lot along the way, which is probably the only thing that paid off.In this story there are no evil or good characters, I guess it\'s just people doing their job the best they can. Obviously there has to be some kind of conflict, which emerges from the fact that the nature of their jobs, although theoretically pursuing the same objectives, usually makes them clash. There is also an escalation on the action over the years, some plot twists included, until reaching a high tension moment that determines how the conflict will be resolved. The resolution is yet to be written...As one would have expected I\'ll write this story from my perspective, others may have a different one. Let\'s start.Index1. 20182. 20193. 20204. 20215. 20226. Paper7. Personal Statement2018.During a flight to Copenhagen, aboard a Norwegian Boeing 737, I noticed something weird in the In-Flight WiFi, which was provided by a satellite network. Once at the hotel I found out it was possible to reach, over the internet through a misconfigured SATCOM infrastructure, tens of in-flight aircraft from different airlines. We coordinated |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | i nation paperfor this with 11 20182 a also anyway as backed before fool having https://aerospace6 https://etendering https://twitter https://www i in later nowadays obviously so the 178 2008 2011 2012 2014 2018 2019 20193 2020 20204 2021 20215 2022 20226 30march 3700 3rd 665 737 787 791 86this a dramatic ability able aboard about absence access accomplish according account accurate accuse accused achieve acknowledged acknowledging action actions activated actively actors actual actually addition addressed addressing adduced admit adversarial adversary aerospace afd affected after afterwards again against agreed agreement aircraft airlines all allegations allowed almost along already also although always analysis analyze analyzed announcements another antennal anticipate any anyone anything anyway applicant applications/service applied appreciate approach approach toward approach: are arinc arm around arrogant articles aside ask asked asking aspect assess assessed assets assumed assuming assumption at: attack attacks authentication authorship available aviation avionics avoid aware back backed basecamp based basically because been before being bell below best better bit blackhat boeing both break btw but call can capabilities carefully case certain certainly certified challenge change changed characters cheap check: chose circles claim claims clarified clarify clash clearly clemency closed coincidentally collins com/easa/status/1504418170328788994 com/en/~/media/aero coming commercial common commonly communicate companies company competent complex compliance compliant component: components compromise compulsive conclusion conclusions conditions conference confess confirm conflict congressional consequences considered consistent constant contains content/epicinds/docs/news/idm content/epicinds/docs/news/inds202108applicationsnoticev2pdf contents context; continue continuous control controlled controllers controllogix controls convenient conversations cool coordinate coordinated copenhagen core could couldn covered critical cross cryptic curious current cybersecurity dal dale damn dare data days dead decide decision defcon defended defending defense demonstrate:inconsistent depend deployed deployment deputy derived described describes design desist desktop despite detail details determines device devices did didn different digital diminished directly disabled disappointed disciplines disclosed disclosing disclosure discover discredit discuss discussions dispute disputed docid=113997as document documents does doing domains don done dragos due during easier easily efforts either elaborated elaborating emerges enabled encryption end ended endowing engage engagement engaging engineered engineering enough entire entities environment environments escalation especially essentially etc ethernet/ip eu/cft/cft europa europe european evaluated even eventually every everyone everything evidence evil exactly example excited exercise expect expectations expected experience experiences explain explains explicitly exploited exposed extend eyes faa faa stated:11 face facilities: facing fact factors fair fall familiar fans faqs feedback feelings: i fiction figure figured file finally find fine firmware firmwares first flight focus follow following following:once fool fooled forget forgive formal former forward found freedom from fss fully fun further fusion gao gave general genuinely get giving gods going good google got gov/assets/gao gov/products/gao grade ground grounded guess guy hack had hands happen happened happy has have having headlines healthy heard hearings helped here hey high highlighted hirf honest honest: honeywell horizon hotel hour hours how however html https://www hyped hyping ics ida identified identify ignorance ignore image impacting implemented implemented correctly implementing incident included in |
| Tags | Hack Tool Vulnerability Threat Studies Industrial Conference Technical Commercial |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.