Published April 12, 2013
A Spanish researcher this week claimed a simple Android app can take control of an airplane in flight, thanks to security flaws in the FAA’s 25-year-old communications software.
That comes as no surprise to Brad Haines, a hacker who made remarkably similar claims almost a year ago.
“The fact that you’ve got another guy coming up with the same conclusion ... this is suddenly proving things,” Haines told FoxNews.com Friday.
The FAA told FoxNews.com that Spanish researcher Hugo Teso's software wouldn't work as claimed: There are fundamental differences between the flight simulator the hacker used for his app and the real certified flight hardware.
"A hacker cannot obtain 'full control of an aircraft' as the technology consultant has claimed," said Laura J. Brown, deputy assistant administrator for public affairs. But in a presentation Thursday at the the Infiltrate hacker conference in Miami, Haines made an eye-opening revelation: The next-generation software being built partly to replace it may be just as flawed.
“The FAA says ‘trust us.’ I’m sorry, I don’t -- and so far they have yet to put anything out there saying how they mitigated any of this stuff,” Haines told FoxNews.com.
Haines, a 33-year-old Canadian who goes by the name RenderMan, is something of a celebrity in hacker circles. His presentation was terrifyingly titled “Attacking the Next Generation Air Traffic Control System.”
And those attacks are surprisingly easy to carry out, according to Haines. “Anyone can listen on this to find the location of a plane in real time,” he said.
The NextGen system is intended to help the FAA keep tabs on every plane in flight, using GPS data rather than traditional radar. The FAA says it will allow far more refined tracking of planes, and let pilots choose more direct routes. It also replaces a system that detractors say is overwhelmed, antiquated, costly and slow. NextGen comes at a cost in the billions of dollars, and is still being implemented.
But NextGen may contain the same flaw that Teso’s Android app revealed: Location data being passed between the plane and the control towers is unencrypted and unauthenticated, leaving them open to potential hacker attack.
Working with partner Nick Foster, Haines found a way to allow anyone with surprisingly inexpensive gear to influence the data that shows up, adding dozens of false flights to screens, for example, and in general creating “sizeable chaos,” he said.
Haines isn’t a malicious hacker himself: A frequent speaker at conferences around the world, he spends his days fixing security flaws and his nights locating them.
Haines says he took his findings to the FAA (and the TCCA, Canada's version of the FAA) but received only a canned statement. He responded by going public with his findings.
The FAA's Brown told FoxNews.com there is a thorough process in place to identify possible risks to the new system.
"The air traffic system is based on redundancies to ensure safe operations. The FAA plans to maintain about half of the current network of secondary radars as a backup ... in the unlikely event it is needed," she said.
One challenge raised by Haines's findings: encrypting the information would be a management nightmare that could cause even more problems. So what to do?
“You can use [these findings] to educate traffic controllers and pilots,” he told FoxNews.com. “Maybe we should build some protocols to flag things on the ‘weirdo’ meter. If you get 50 extra flights, that’s probably not a technical glitch. It’s someone attacking you. Call the guys with the jackboots and guns.”
“For the longest time it was, oh it’s too expensive, you need specialized hardware. Now with software-defined radios and technology that has come so far, I don’t need half an airplane cockpit to talk to this this stuff.”