We value your privacy

This website uses cookies to ensure you get the best experience on our website. Learn more

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

  > News >  

Hacking the Sky

May 25, 2015  | Written by Jordan Yerman
Author Photo

Share

APEX-hacking-1

This article originally appeared in The Technology Issue of APEX Experience.

Speaking on an International Conference on Consumer Electronics panel previewing tech trends of the next five years, Dr. Scott Linfoot, senior research systems engineer for MASS Consultants Ltd., pegged cyber-security as a key concern. After speaking with security consultants and hackers (a bit of overlap there) about networked technology, he declared, “Security is currently viewed in that domain as a joke.”

APEX technical director Bryan Rusenko responded: “I am of the opinion that our industry should take more seriously the thought of a hacker opening up a seat partway and tapping into a physical network. I think people would be curious about doing that simply to relieve the boredom on a long flight.”

The more devices networked, the greater the payoff for a hacker: Linfoot warned that a weakness in one networked device would compromise the entire network. A cabin full of interconnected devices, then, equals heightened exposure to risk.

Linfoot cited the case of former US vice-president Dick Cheney, who had the wireless capabilities of his pacemaker deactivated so nobody could hack his heart. But there are several ways to maintain security in a more vulnerable world, Linfoot elaborated, such as adaptive security that changes over time, and device DNA, which allows communication only with specifically trusted partner-objects.

“I am of the opinion that our industry should take more seriously the thought of a hacker opening up a seat partway and tapping into a physical network.” – Bryan Rusenko

Michael Childers, chair of the APEX Technology Committee, said that Hollywood studios are particularly worried about piracy in a wireless-IFEC (in-flight entertainment and communications) environment, saving their newest content for IFEC systems that are solely controlled by the airline. Systems that allow your iPad to show movies end up with older fare.

Technology such as Toshiba’s TransferJet may be explored as an in-cabin option. Using Near Field Communications technology, which facilitates contactless exchanges between devices, a passenger would use TransferJet to transfer larger chunks of data (such as video or a digital in-flight magazine), interacting only with her own IFEC unit, and not with the entire cabin’s network. The result would be a series of one-way conversations, rather than a massive group-chat of passenger- and airline-owned devices.

Childers says that any IFEC content should be encrypted, adding, “Streaming, of course, is inherently more secure than downloading,” since a pirate would have to scrape streamed content frame by frame. Key management – the management of the encryption and decryption keys that are used to lock and unlock content files – is also crucial, he adds.

Balancing security requirements with passenger expectations means that we must first understand those requirements. Linfoot said, “Security needs to be the primary building-block for devices, and should not be an afterthought.”