DOCSLIB.ORG

Slashdot | Boeing 787 May Be Vulnerable to Hacker Attack

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Slashdot | Boeing 787 May Be Vulnerable to Hacker Attack Slashdot | Boeing 787 May Be Vulnerable to Hacker Attack Slashdot Log InCreate AccountSubscribeFirehose Why Log In?Why Subscribe? Sections Boeing 787 May Be Vulnerable to Hacker Attack ● Main Nickname Posted by Zonk on Sat Jan 05, 2008 04:32 PM ● Apple from the does-anyone-speak-l33t dept. ● AskSlashdot Password palegray.net writes ● Backslash "An article posted yesterday on Wired.com notes that 'Boeing's new 787 ● Books Dreamliner passenger jet may have a serious security vulnerability in its Public Terminal onboard computer networks that could allow passengers to access the ● Developers plane's control systems, according to the U.S. Federal Aviation ● Games Administration.' They're already working on solutions to the problem - including placing more physical separation between aircraft networks and [ Create a new account ] ● Hardware implementing more robust software-based firewalls." ● Interviews Related Links [+] security, cylonattack, transportation, boeing787, wormsonaplane (tagging beta) ● IT ● Compare prices on Security Software & ● Linux Related Stories Related Items ● Mobile ● palegray.net Firehose:Boeing 787 May Be Vulnerable to Hacker Attack by palegray.net (1195047) ● Politics ● may have a serious security vulnerability ● Science ● More Security stories ● YRO ● More Transportation stories Help ● FAQ This discussion has been archived. No new comments can be posted. ● Bugs Stories The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way. ● Old Stories http://it.slashdot.org/article.pl?sid=08/01/05/2057247 (1 of 10)24.1.2008 9:11:00 Slashdot | Boeing 787 May Be Vulnerable to Hacker Attack ● Old Polls ● ● Topics Restriction on software during flight? (Score:5, Funny) ● Hall of Fame by El_Muerte_TDS (592157) <[email protected]> on Saturday January 05, @04:33PM (#21926524) Homepage ● Bookmarks No more playing MS Flight Sim. ● Submit Story About ❍ ● Supporters Re:Restriction on software during flight? (Score:5, Funny) ● Code by nospam007 (722110) on Saturday January 05, @11:46PM (#21929536) Services Bluetooth alert: New device detected, Boeing 787 Dreamliner, install? ● Jobs [ Parent ] ● PriceGrabber ● Special Offers ● ● Sponsor Solutions I don't get it... (Score:5, Insightful) by Spalti (210617) on Saturday January 05, @04:35PM (#21926538) Homepage ● Surveys Jobs Why aren't both networks physically completely seperated from each other? Flash Developer New York, NY ❍ R/GA Re:I don't get it... (Score:4, Insightful) World-Class Design Lead by Brian Gordon (987471) on Saturday January 05, @04:39PM (#21926594) New York, NY (Fla... Angelsoft Why can you remotely control aircraft systems at all? There should be no network equipment to compromise in the first place! Web Business Systems Engineer [ Parent ] Cambridge, MA GuildCafe Enterta... ■ More Jobs > Re:I don't get it... (Score:5, Informative) Post a Job > by badasscat (563442) <[email protected]> on Saturday January 05, @04:47PM (#21926698) Homepage Why can you remotely control aircraft systems at all? There should be no network equipment to compromise in the first place! http://it.slashdot.org/article.pl?sid=08/01/05/2057247 (2 of 10)24.1.2008 9:11:00 Slashdot | Boeing 787 May Be Vulnerable to Hacker Attack The 787 is fly by wire, like most new aircraft designs. It's all computer controlled, not mechanical. My guess is this [aviationtoday.com] - the "common core system" designed by Honeywell - has something to do with the various systems being connected. This is a system designed to simplify the airplane's various systems and reduce the number of separate systems (which means fewer failure points - usually a good thing in engineering). I do believe Boeing when they say that there are built-in separations and that the two systems are not completely tied together, but obviously it wasn't enough for the FAA. So they're fixing it. Nothing really all that unusual about a new airplane design; there are always various issues that need to be addressed before first flight. [ Parent ] ■ Re:I don't get it... (Score:5, Insightful) by fartingfool (1208968) on Saturday January 05, @05:10PM (#21926916) My guess is it has to do with controlling the actual system for the passenger use. Pilots gotta have access to the No Smoking sign switch for example. So without any real technical background in how these systems work, I'd say they were simply given a switch to turn access on or off etc, and that simply meant some sort of basic connection had to be issued between the cockpit systems and passenger entertainment systems. The FAA report doesn't say exactly what the connection is between the systems, it just says there is a connection. My guess is it's the FAA over-hyping a situation, or someone else, to try and get these birds as safe as possible. Although I would agree that the passenger system should be as isolated as possible, and if control of these systems is needed, just run separate lines that link only to that system, even if it is basically pointless if the connection I assume it is really is that simple. I guess i welcome my first post to /. too after reading it for a year or so and keepin my thoughts to myself =D [ Parent ] ■ Re:I don't get it... (Score:5, Insightful) by rlk (1089) on Saturday January 05, @05:49PM (#21927272) "Not completely connected" is a very strange phrase. I could say that my laptop is "not completely connected" to the internet because there's a router between them. But either there's a connection between the two networks or there isn't. I don't know what it means to be connected at some points and not at others. The pilots certainly do need access to some of the cabin systems, for the seatbelt sign, for example. They may also need to be able to turn the cabin network off altogether. But those switches should have no signal connection of any kind to the maintenance and monitoring/control systems. The two networks should be physically partititioned. The way I read the article, there really are some connections between the networks (my guess is that it was simply cheaper or more convenient to link them), and the FAA's not happy with that state of affairs. I can't say I blame them. http://it.slashdot.org/article.pl?sid=08/01/05/2057247 (3 of 10)24.1.2008 9:11:00 Slashdot | Boeing 787 May Be Vulnerable to Hacker Attack Somehow I have a suspicion that someone will crack this sooner or later, and the TSA will react by banning use of laptops or something equally foolish, rather than addressing the more basic fact that the plane's systems have not been hardened appropriately (in this case, by being physically partitioned). [ Parent ] ■ ■ ■ Re:I don't get it... (Score:5, Funny) by Fred_A (10934) <[email protected] minus distro> on Sunday January 06, @06:30AM (#21931056) Homepage So, to be clear. Every seat has a seat-back screen in front of it, capable of displaying messages - but you would prefer a separate wire going to every seat to power a 'fasten your seatbelts' bulb? Uh, OK. I'm in favor of a full fledged IRC server so that the pilots can talk to the passengers. After all if you have a network why not use it. /join UA435 --- Welcome to Flight United Airlines 435 to Tokyo --- Please read the safety card in the back of the seat on fron of you <seat44G> HOW DOES THIS THING WORK? <seat112A> LOL n00b !!! <Pilot> Please fasten your seatbelts [ Parent ] ■ A little perspective (Score:5, Insightful) by mcrbids (148650) on Saturday January 05, @08:06PM (#21928368) Homepage Journal Queue up 11,000 A/C posts about H4X0RZ Cr45h1n6 for REALZ Do0DEZ!. This is not a "Windows vs Linux" thing. These are highly specialized data networks designed specifically for aircraft. The typical running life of a big jet is some 40 years or more - the idea of a consumer O/S such as Windows (or even Linux) being suitable for such a situation is simply stupid. Everything is coded in firmware, micro-processor based, with a likelyhood of actually crashing accidentally being somewhat less likely than getting struck by lightning on a sunny day while sitting in the cellar of your 4-story house. Not bloody likely. http://it.slashdot.org/article.pl?sid=08/01/05/2057247 (4 of 10)24.1.2008 9:11:00 Slashdot | Boeing 787 May Be Vulnerable to Hacker Attack But, actual, malicious attack? Possible - and if there was *ANY* connection between the passenger data networks and the main control networks, that's an issue that must be addressed. Most likely, the FAA found some part that was connected to both networks, that itself was not capable of actually transmitting data. But they're being car eful, as is their job, since lives are on the line. Go FAA! [ Parent ] ❍ Re:I don't get it... (Score:4, Insightful) by Nibbler999 (1101055) <tom_atkinson AT fsfe DOT org> on Saturday January 05, @04:39PM (#21926598) Homepage Probably to save weight on cabling/hardware. [ Parent ] ❍ Re:I don't get it... (Score:5, Funny) by dunezone (899268) on Saturday January 05, @04:41PM (#21926628) Journal Exactly, who the hell thought that it would be a good idea to allow the passenger network and pilot network system to even communicate with each other. Oh wait I got it, what if terrorist took over the cabin, but then a passenger(Justin Long) who is a master hacker controls the plane from his seat using his cell phone, and safely lands the plane but after he flipped it a few times so the terrorist would be knocked unconscious.
Load more

Recommended publications
  • The Culture of Wikipedia
    Good Faith Collaboration: The Culture of Wikipedia Good Faith Collaboration The Culture of Wikipedia Joseph Michael Reagle Jr. Foreword by Lawrence Lessig The MIT Press, Cambridge, MA. Web edition, Copyright © 2011 by Joseph Michael Reagle Jr. CC-NC-SA 3.0 Purchase at Amazon.com | Barnes and Noble | IndieBound | MIT Press Wikipedia's style of collaborative production has been lauded, lambasted, and satirized. Despite unease over its implications for the character (and quality) of knowledge, Wikipedia has brought us closer than ever to a realization of the centuries-old Author Bio & Research Blog pursuit of a universal encyclopedia. Good Faith Collaboration: The Culture of Wikipedia is a rich ethnographic portrayal of Wikipedia's historical roots, collaborative culture, and much debated legacy. Foreword Preface to the Web Edition Praise for Good Faith Collaboration Preface Extended Table of Contents "Reagle offers a compelling case that Wikipedia's most fascinating and unprecedented aspect isn't the encyclopedia itself — rather, it's the collaborative culture that underpins it: brawling, self-reflexive, funny, serious, and full-tilt committed to the 1. Nazis and Norms project, even if it means setting aside personal differences. Reagle's position as a scholar and a member of the community 2. The Pursuit of the Universal makes him uniquely situated to describe this culture." —Cory Doctorow , Boing Boing Encyclopedia "Reagle provides ample data regarding the everyday practices and cultural norms of the community which collaborates to 3. Good Faith Collaboration produce Wikipedia. His rich research and nuanced appreciation of the complexities of cultural digital media research are 4. The Puzzle of Openness well presented.
    [Show full text]
  • Introduction: Connections
    Wikipedia @ 20 Introduction: Connections Joseph Reagle, Jackie Koerner Published on: Aug 22, 2019 Updated on: Jun 04, 2020 License: Creative Commons Attribution 4.0 International License (CC-BY 4.0) Wikipedia @ 20 Introduction: Connections Image credit: William Warby, Vasco da Gama Bridge B&W, 2018. Introduction: Connections Joseph Reagle and Jackie Koerner Twenty years ago, Wikipedia set out on its path toward providing humanity with free access to the sum of all knowledge. Even if this is a mission that can’t be finished, Wikipedia has made remarkable progress toward the impossible. How so? Wikipedia is an encyclopedia built on a wiki. And never has an application, gathering the sum of human knowledge, been so suited to its medium, easily interconnected web pages. Encyclopedias have long been reliant on interconnections. In 1755, the Encyclopédie’s Denis Diderot wrote that the use of cross-references (or renvois) was “the most important part of our encyclopedia scheme.”1 This feature allowed the Encyclopédie’s editors to depict the connective tissue of Enlightenment knowledge and to dodge state and church authorities by way of facetious and satirical references. For example, they expressed skepticism about the “Eucharist” and “Communion” by linking to them from the article on “Cannibals.” At the onset of each new informational medium—from paper, to microfilm, to silicon—connectivity was the impetus. There are many examples, but consider the names of the following. Among the documentalists of the early twentieth-century, there was Wilhelm Ostwald’s Brücke, a bridge, and Suzanne Briet’s indice, an indicator. Such documentalists advanced indexing and classification schemes to improve interconnections between information.
    [Show full text]
  • From Warwick University to Apple Inc California…
    DCS News Online January 2009 From Warwick University to Apple Inc California… infancy and development environments consisted Less than ten years after graduating from the of nothing Department of Computer Science (DCS), Hugo Fiennes was head hunted by Apple Computer Inc California to manage the hardware team responsible for a little known device called an ‘iPhone’. One year later the ‘iPhone’ is named Time magazines invention of the year, selling by conservative estimates over half a million units in its first weekend…So how did a relatively unknown student go from hacking code in the “Fyshbowl” to working on one of the most iconic multimedia smart-phones of the 21st Century? Rewind to 1994 Chandler, Monica and Friends have just premiered on US television, the first web browser “Netscape Navigator‟ is circulating the information super highway and a young Hugo Fiennes has arrived at the University of Warwick Hugo Fiennes outside his Apple HQ office in California to begin his undergraduate studies. At 23 Hugo more than text editors, compilers and low level was older than almost everyone else when he optimizers. For many DCS students, the first burst in on the infamous Warwick bubble. fyshbowl was home: it engendered a truly He didn't take a gap year after A-Levels; he took collaborative liberal atmosphere, supported in five, during which he built up his own company part by a AM-radio quality jukebox that students selling communications software and expansion had fashioned from a homebrew multi-user chat cards for the now legendary Acorn Computers. system. Sitting in the kitchen of his halls of residence, surrounded by a group of teenagers Hugo is Third Year Project feeling a little bit shocked at first, but trepidation In 1997, after years spent building everything soon turns to excitement as everyone becomes from a barcode reader to ping pong on a scope, intimately acquainted with the student union Hugo was ready to put everything he had learned and the tremendously potent wine & cider into practice building a networked webcam.
    [Show full text]
  • A Case Study of the Reddit Community
    An Exploration of Discussion Threads in Social News Sites: A Case Study of the Reddit Community Tim Weninger Xihao Avi Zhu Jiawei Han Department of Computer Science University of Illinois Urbana-Champaign Urbana, Illinois 61801 Email: fweninge1, zhu40, [email protected] Abstract—Social news and content aggregation Web sites have submission. These comment threads provide a user-generated become massive repositories of valuable knowledge on a diverse and user-curated commentary on the topic at hand. Unlike range of topics. Millions of Web-users are able to leverage these message board or Facebook-style comments that list comments platforms to submit, view and discuss nearly anything. The users in a flat, chronological order, or Twitter discussions that are themselves exclusively curate the content with an intricate system person-to-person and oftentimes difficult to discern, comment of submissions, voting and discussion. Furthermore, the data on threads in the social news paradigm are permanent (although social news Web sites is extremely well organized by its user-base, which opens the door for opportunities to leverage this data for editable), well-formed and hierarchical. The hierarchical nature other purposes just like Wikipedia data has been used for many of comment threads, where the discussion structure resembles other purposes. In this paper we study a popular social news a tree, is especially important because this allows divergent Web site called Reddit. Our investigation looks at the dynamics sub-topics resulting in a more robust overall discussion. of its discussion threads, and asks two main questions: (1) to In this paper we explore the social news site Reddit in order what extent do discussion threads resemble a topical hierarchy? and (2) Can discussion threads be used to enhance Web search? to gain a deeper understanding on the social, temporal, and We show interesting results for these questions on a very large topical methods that allow these types of user-powered Web snapshot several sub-communities of the Reddit Web site.
    [Show full text]
  • High-Performance Play: the Making of Machinima
    High-Performance Play: The Making of Machinima Henry Lowood Stanford University <DRAFT. Do not cite or distribute. To appear in: Videogames and Art: Intersections and Interactions, Andy Clarke and Grethe Mitchell (eds.), Intellect Books (UK), 2005. Please contact author, [email protected], for permission.> Abstract: Machinima is the making of animated movies in real time through the use of computer game technology. The projects that launched machinima embedded gameplay in practices of performance, spectatorship, subversion, modification, and community. This article is concerned primarily with the earliest machinima projects. In this phase, DOOM and especially Quake movie makers created practices of game performance and high-performance technology that yielded a new medium for linear storytelling and artistic expression. My aim is not to answer the question, “are games art?”, but to suggest that game-based performance practices will influence work in artistic and narrative media. Biography: Henry Lowood is Curator for History of Science & Technology Collections at Stanford University and co-Principal Investigator for the How They Got Game Project in the Stanford Humanities Laboratory. A historian of science and technology, he teaches Stanford’s annual course on the history of computer game design. With the collaboration of the Internet Archive and the Academy of Machinima Arts and Sciences, he is currently working on a project to develop The Machinima Archive, a permanent repository to document the history of Machinima moviemaking. A body of research on the social and cultural impacts of interactive entertainment is gradually replacing the dismissal of computer games and videogames as mindless amusement for young boys. There are many good reasons for taking computer games1 seriously.
    [Show full text]
  • Vintage Filings, LLC (A PR Newswire Company)
    PART I ITEM 1. Business Special Note Regarding Forward-Looking Statements This Form 10-K contains forward-looking statements that involve risks and uncertainties. Words such as ‘‘may,’’ ‘‘could,’’ ‘‘anticipate,’’ ‘‘potential,’’ ‘‘intend,’’ ‘‘expect,’’ ‘‘believe,’’ ‘‘in our view,’’ and variations of such words and similar expressions, are intended to identify such forward-looking statements, which include, but are not limited to, statements regarding our expectations and beliefs regarding future revenue growth; and sources of revenue; gross margins; sales and marketing expenses; research and development expenses; absence of cash flows from discontinued operations; bearer risk associated with our ARS Right with UBS; financial performance and results of operations; technological trends in, and demand for online advertising; changes to our relationship with third-party vendors; management’s strategy, plans and objectives for future operations; employee relations and our ability to attract and retain highly qualified personnel; our intent to continue to invest in establishing our brand identity and developing of our web properties; competition, competitors and our ability to compete; liquidity and capital resources; changes in foreign currency exchange rates; the outcome of any litigation to which we are a party; our accounting policies; and sufficiency of our cash resources and investments to meet our operating and working capital requirements. Actual results may differ materially from those expressed or implied in such forward-looking statements due to various factors, including those set forth in this Business section under ‘‘Competition’’ and in the Risk Factors contained in Item 1.A of this Form 10-K. We undertake no obligation to update the forward-looking statements to reflect events or circumstances occurring after the date of this Form 10-K.
    [Show full text]
  • Antitrust, Intellectual Property, and the Itunes Ecosystem
    533 ANTITRUST, INTELLECTU AL PROPERTY, AND THE ITUNES ECOSYSTEM: A STUDY OF THE ANTITRUST IMPLICATIONS OF APPLE’S FAIRPLAY TECHNOLOGY WITH A NOD TO THE PECULIARITIES OF • INTELLECTUAL PROPERTY WILLOW NOONAN* I. INTRODUCTION In December 2008, Apple’s iTunes online music store surpassed Wal- Mart as the largest music retailer in the world.1 In the closely related portable music player market, Apple’s iPod enjoys similar success.2 Undoubtedly, Ap- ple’s insight and innovation won much of this eminence. However, a close look at Apple’s business practices reveals some conduct that draws a suspicious eye from antitrust and intellectual property laws. The first part of this article traces the development of online music and the subsequent proliferation of copyright infringement. The next part outlines the technical details, benefits, and drawbacks of Apple’s iTunes ecosystem, a notable combination of Apple products and services. The third part undertakes a traditional antitrust analysis of Apple’s conduct and suggests the need for dee- per inquiry. The next part investigates how Apple’s conduct implicates intellec- tual property law. The fifth part reviews the doctrine of intellectual property misuse and how it might apply to Apple. The final part revisits the antitrust • 2009 IDEA Student Intellectual Property Writing Competition Winner. * Candidate for Juris Doctor, 2010, The George Washington University Law School. 1 Press Release, Apple, Inc., iTunes Store Top Music Retailer in the US (Apr. 3, 2008), http://www.apple.com/pr/library/2008/04/03itunes.html [hereinafter iTunes Store]. 2 Jessica Hodgson, Leap Year Trips Zune in Black Eye for Microsoft, WALL ST.
    [Show full text]
  • UNIX and Linux Fundamentals
    UNIX and Linux Fundamentals Workbook December 2004 © Alan Johnson Revision 1.38 i UNIX Fundamentals Disclaimer The information provided in this manual is provided with the best intent. No responsibility is assumed for any errors or omissions resulting from the use of this document. The document is a work in progress and will be updated regularly. All trademarks acknowledged. Copyright © Alan Johnson http://www.alan.johnson.org ii UNIX Fundamentals Typographical Conventions This document uses the following typeface conventions: • The default font is Times New Roman. • Keywords and important concepts are introduced with italicized text. • File names, commands and computer output is shown in Courier font. • Bold type is used for emphasis • Shell prompt changes to reflect user - # for root and $ for ordinary user. • Angled brackets <> denote an option such as # mount /dev/sda1 /mnt/<mountpoint> iii UNIX Fundamentals Edit History • Version 1.0 June 2001 o Section 1, 2 and 3 added • Version 1.1 Feb 2002 o Added in section 4 to cover Solaris 2.8 disk admin and other miscellaneous functions o setuid information added to section 2. • Version 1.2 Sept. 2002 o Minor edits • Version 1.3 Nov. 2002 o Added in a new section involving advanced topics such as driver modules and kernel compiling • Version 1.31 Dec. 2002 o Added exportfs command after nfs section o Added in section to load device driver modules and creating new ramdisks • Version 1.32 February 2003 o Added in more kernel/ramdisk topics • Version 1.33 March 2003 o Minor kernel/ramdisk edits • Version 1.34 May 2003 o Minor edits • Version 1.35 July 2003 o Added section on Red Hat Advanced Server 2.1 Clustering • Version 1.36 July 2003 o Added section on client server operation with X • Version 1.37 May 2004 iv UNIX Fundamentals o Added in Appendix A to show SuSE installation screenshots • Version 1.38 Dec 2004 o Added example showing how to pass multiple LUN support with the insmod command.
    [Show full text]
  • The Tldr Interface for Exploring and Navigating Large-Scale Discussion Spaces
    Proceedings of the 43rd Hawaii International Conference on System Sciences - 2010 Not too long to read: The tldr Interface for Exploring and Navigating Large-Scale Discussion Spaces Srikanth Narayan Coye Cheshire School of Information, UC Berkeley School of Information, UC Berkeley [email protected] [email protected] Abstract the practical purpose of answering questions, these We present a new interface for exploring and systems also encourage open-ended discussions navigating large-scale discussions on the internet. Our between stable and ephemeral groups of users. Once system, tldr, focuses on three primary user goals: viewed as revolutionary, the ubiquity of chat rooms finding, navigating and filtering content based on the and web boards over the past few decades has made users’ own relevance criteria. We employ a these large-scale discussion spaces an ordinary and progressive design approach that combines user conventional way to communicate with others on the research from the popular web site Reddit.com and internet [19]. visualizations from existing discussion data. Based on The number of large-scale discussion spaces lessons gleaned from previous research and our own continues to grow on the internet, in large part because user studies, we argue that the tldr interface can lessen many web destinations incorporate discussion the problems of information overload and inefficient components into their existing systems. Discussions on navigation in large-scale discussion spaces. Current popular websites grow proportionally with traffic, and implementation and next steps for wider deployment as a result, it is not uncommon to encounter are discussed. discussions with hundreds or thousands of messages.
    [Show full text]
  • Google Announces Chrome OS, for Release Mid
    Google Announces Chrome OS, For Release Mid-... http://tech.slashdot.org/story/09/07/08/0953238/... Slashdot Stories Slash Boxes Comments Search Deals new SlashTV Jobs Newsletter Submit Login Join Slashdot81 Full 19 stories Abbreviated can be 0listened Hidden to in audio form via an RSS feed,/Sea as read by our own robotic overlord. Score: 5 4 3 2 Nickname: 1 0 -1Password: 989 More Login Public Terminal Nickname:Log In Forgot your password? Sign in with Password: Google Public Terminal Twitter Log In Forgot yourFacebook password? Close LinkedIn Close Close Stories Submissions Popular Blog Slashdot Build Ask Slashdot Book Reviews Games Idle YRO Technology Cloud Hardware Linux Management Mobile Science Security Storage 1 of 31 03/01/15 17:19 Google Announces Chrome OS, For Release Mid-... http://tech.slashdot.org/story/09/07/08/0953238/... Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?) Close, and don't show me this again Google Announces Chrome OS, For Release Mid-2010 1089 Posted by timothy on Wednesday July 08, 2009 @07:14AM from the bring-on-the-shiny dept. Zaiff Urgulbunger writes "After years of speculation, Google has announced Google Chrome OS, which should be available mid-2010. Initially targeting netbooks, its main selling points are speed, simplicity and security — which kind of implies that the current No.1 OS doesn't deliver in these areas! The Chrome OS will run on both x86 and ARM architectures, uses a Linux kernel with a new windowing system. According to Google, 'For application developers, the web is the platform.
    [Show full text]
  • Chapter 13 MAC OS X FORENSICS
    Chapter 13 MAC OS X FORENSICS Philip Craiger and Paul Burke Abstract This paper describes procedures for conducting forensic examinations of Apple Maca running Mac OS X. The target disk mode is used to create a forensic duplicate of a Mac hard drive and preview it. Procedures are discussed for recovering evidence from allocated space, unallocated space, slack space and virtual memory. Furthermore, procedures are described for recovering trace evidence from Mac OS X default email, web browser and instant messaging applications, as well as evidence pertaining to commands executed from a terminal. Keywords: Macintosh computers, Mac OS X forensics 1. Introduction Since its introduction in 1984, the Apple Macintosh has an enjoyed a small, albeit vocal, user base. Nevertheless, it is surprising that very little has been published regarding forensic examinations of Macintosh computers. This paper describes procedures for conducting forensic examinations of Apple Macs running Mac OS X. Due to space limitations, certain as- sumptions are made to limit the scope of our coverage. These assump- tions are: (i) The forensic computer and the suspect's computer run version 10.4.3 of Mac OS X, the latest version as of November 2005; (ii) the suspect has not set the Open Firmware password (Open Firmware is a processor and system-independent boot firmware used by PowerPC- based Macs, analogous to the x86 PC BIOS); (iii) the suspect has not used encryption via the Mac OS X FileVault, a virtual volume encrypted with 128-bit AESj and (iv) the suspect's hard drive is formatted with the Hierarchical File System Plus , commonly referred to as HFS+, the default file system since Mac OS X's release in 2000.
    [Show full text]
  • Malicious Apple Chargers August 2013
    the Availability Digest www.availabilitydigest.com Malicious Apple Chargers August 2013 Researchers at the Georgia Institute of Technology have discovered an unlikely back door into Apple devices. Billy Lau, Yeongjin Jang, and Chengyu Song have demonstrated that they can easily build an Apple device charger that can infect an iPhone or an iPad. Known for its high level of security and vetting of apps, Apple devices are seldom compromised by hackers (not so for Android devices). Apple has quickly responded with an upgrade to close the security flaw. The key to compromising an iPhone or an iPad is the fact that such devices are charged through a USB port. The USB port supplies not only a provision for charging the internal batteries of the device but also provides a gateway to the device’s operating system and applications. This is, of course, the primary purpose of the USB port – to provide (presumably secure) access to the iOS internals for external devices. The researchers used the USB portal into the devices to infect them within sixty seconds of being plugged in. Fortunately, there are no known instances of this hack being used in the real world – yet. The Disclosure Georgia Tech’s Information Security Center notified Apple in June, 2013, so that Apple could patch its operating system before the researchers went public with their discovery. The researchers then described their technique and demonstrated a working proof of concept at the Black Hat USA 2013 security conference held at Caesar’s Palace in Las Vegas from July 27 through August 1, 2013.
    [Show full text]