Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It clearly hasn’t become too much of a problem yet, but I feel pretty concerned that, given my understanding, it appears there’s only one layer of defense against this type of attack. The response requires 1) the ATC to figure out what happened, 2) the ATC to promptly cancel the takeoff clearance, and 3) the pilot receiving+responding to the cancelled clearance with enough time.

Too many things in that chain can go wrong, especially so given this would all need to happen in just a few seconds. A sophisticated attacker might even be able to jam the signal right after they give the fake clearance or (not entirely certain this is possible) use a highly directional transmitter that would allow the targeted plane to receive the message but not others.

I’m definitely not an expert in this area, so I wouldn’t be surprised if I missed something, but if I didn’t, this appears to be an astonishingly large vulnerability.



It’s just simply something that isn’t as big of a deal as you’re thinking. Hell, we have problems today with idiots on frequency that are technically qualified to be there but are gumming up the works.

When was the last time you authenticated that construction worker directing traffic on the ground?

Pilots fly without a control tower all the time. They’re also the final authority to the safe operation of that aircraft. If anything is amiss, we’ll do something else. Maybe that’ll mean contacting a different facility on a different frequency, or declare lost comms via transponder and go to our filed alternate while things are worked out.

Try listening to LiveATC for an uncontrolled field on a nice weekend day. (Or even a towered airport like KCMA on a Saturday at noon.) It’s controlled chaos and yet we all make it work.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: