Oh Great, Someone’s Made An App That Can Bring Down A Commercial Airplane

PlaneSploit works by using a code which Teso built himself named SIMON (as in Simon Says, yet more Die Hard throwbackery), embedded in an Android-based smartphone or similar device. SIMON sends messages via Flight Management System (FMS) hardware and software, which I’m sure you’ll be delighted to know is publicly available, to a pair of electronic tools which are standard for commercial aircraft.

The Automatic Dependent Surveillance-Broadcast (ADS-B) makes up the core of a plane’s navigation system and sends information like altitude and coordinates to air traffic controllers, receiving air traffic and weather data in return. The other, Aircraft Communications Addressing and Reporting System (ACARS, Christ look at all these goddamn acronyms), keeps planes and air traffic controllers in constant communication via radio or satellite. Teso’s app can breach both of these like a pisshead crashing a wedding reception, with similarly messy results.

â˜› More Messy Results With Computers: Angry Dad Shoots Daughter’s Laptop

PlaneSploit can send instructions to an aircraft in order to change its altitude, direction or speed. At one point during his demonstration Teso used it to issue the command “visit ground”, which deliberately makes the plane miss its trajectory and sends it plummeting into the ground in a giant fiery deathball. Bet the audience were thrilled.

[yframe url=’http://www.youtube.com/watch?v=km27QN8Zq00′]

After spotting the gaping holes in ACARS security, Teso told Forbes magazine: “The airplane has no means to know if the messages it receives are valid or not,” he says. “So they accept them and you can use them to upload data to the airplane that triggers these vulnerabilities. And then it’s game over.” Game over, man!

[yframe url=’http://www.youtube.com/watch?v=dsx2vdn7gpY’]

For the sake of balance (and our own sanity), it’s worth pointing out that PlaneSploit is based off of simulation software. Any attempt to use it in real-life would be far harder to pull off and the pilot would also be able to spot that aircraft was being tampered with and manually override any tomfoolery. Still, it is somewhat nightmarish to think that if Instagram and Candy Crush just aren’t doing it for you anymore, you may soon be able use your Samsung Galaxy to reign death and terror down upon the heads of hundreds of innocent people. Have a nice flight!

[yframe url=’http://www.youtube.com/watch?v=xlDXQdgx_QU’]