At one of the companies I worked at, years ago, a service discovery system I wrote did a very light scan of every listening port bound on every system. One thing it did was an HTTP GET.

One of the core apps had a control port that implemented HTTP. Unfortunately, my GET hit a route that didn't exist, and that caused a small memory leak every time.

Nothing too bad happened; the leak was slow, and even though the app stayed up many months at a time, we did notice the leak and figured out what was causing it.

As others have stated elsewhere, I've seen completely 'easy going' TCP connections to embedded devices cause immediate crashes.

I had a projector firmware freeze up hard on me during a port scan. There is some risk there.

I used to work at a university, and would routinely (with authorisation) nmap the entire /16. I discovered this would freeze the TCP/IP stack on a bunch of VMS boxes on campus - luckily on VMS that was restartable without bouncing the box :-)

So what does that say about the wisdom of port scanning a machine your life is currently depending on?

It would probably not harm the aircraft but would be bad enough if it freezes the entertainment system for all passengers. If the ~300 other people on board find out that you're the one responsible for their boredom on a 10 hour flight, you won't have a great time.

Has anyone taken a 10h flight where the IFE was not rebooted due to some problem?

Agree the IFE could crash, but can't see how there is even a remote risk to critical systems, or any risk to the IFE that isn't solved by (yet another) reboot of it.

If that plane ever plans to enter US or EU airspace, there is a literal air-gap between the IFE and the flight systems.

The Federal Aviation Administration has issued special conditions for the certification of the 787 to deal with the fact that there is no "literal airgap" in recent airliners even though that was initially mandated by the airworthiness standards:

> These special conditions are issued for the Boeing Model 787-8 airplane. This airplane will have novel or unusual design features when compared to the state of technology envisioned in the airworthiness standards for transport category airplanes. The architecture of the Boeing Model 787-8 computer systems and networks may allow access to external systems and networks

[1] https://www.federalregister.gov/documents/2007/12/28/E7-2507...

Then how is it showing the flight metrics?

I wouldn’t guess they would add double sensors for all that information.

Or did you mean well protected, instead of literal air gap?

I am not a Boeing engineer, but I do have some experience in avionics design.

The flight critical systems would be isolated from in-flight entertainment system (IFE). The IFE probably has a listen-only tap to flight metric info on an ARINC databus from the flight computer. I did a quick search and looks like 787 uses ARINC 667, a fiber optic interconnect.

One way connection of some kind? Its not an air gap but may functionally work the same way.

Optoisolators are a prolific and an extremely cheap electrical component that performs the "air-gap" functionality.

Electrical safety airgapping and information security airgapping are different, and entirely unrelated. If data can pass from one side to the other it's not airgapped (from an infosec perspective).

Fiber needs transmitter and receiver transducers. If each side has only one of those, data can literally flow only in one direction. So it's still infosec-airgapped in the other.

No, data diodes are a different (but related) concept. An airgap implies no information transfer, either in or out. Use an airgap when information leakage must be stopped (as well as remote attacks), use a data diode when information can be released but you need to stop remote attacks.

Fiber optic connections aren't required, anything with separate transmit and receive lines can be turned into a data diode (as long as the protocols used permit it). RS232 null modem cables with the RX lines disconnected are a classic.

No, that's not airgapping.

I don't know enough about airplanes to know if it would be unencrypted but they radio all of that same data to the ground in some way, could the IFE system just passively listen to that broadcast?

GPS + external sensors for pressure, wheels, …

He probably should've done his port scan once the plane was on the ground. Though I'd be REALLY worried if there was even the slightest risk of network access to the IFE causing a flight control device of any kind to seize up, and would hope that someone at Boeing made sure that was not possible.

Do you honestly believe your life depends on the stability of an in flight entertainment computer?

If your fellow passengers found out who killed the movies in the middle of a long flight... in this particular case, yes, it might.

Scanning can lead to arrest in some places.

In the UK for example, the computer misuse act says that using any tool with the intent of accessing a system (without actually doing so, let alone doing so successfully) is an offence.

It could easily be interpreted as a CFAA violation in the US as well. I'm a professional pen tester, and there's no chance I'd port-scan any system on an aircraft without permission.

It's almost like theres a reason every computer security class and every scanning software written has a disclaimer saying "NEVER SCAN A SYSTEM WITHOUT AUTHORIZATION".

I wondered the same. Right or wrong some equipment does not respond well (lockup, reset...) to port scanning.