• Steve H. Hanke
    05/04/2016 - 08:00
    Authored by Steve H. Hanke of The Johns Hopkins University. Follow him on Twitter @Steve_Hanke. A few weeks ago, the Monetary Authority of Singapore (MAS) sprang a surprise. It announced that a...

U-2 Spy-Plane-Inspired Radar Crash Was Sparked By Insufficient RAM

Tyler Durden's picture




 

Having admitted that last week's air traffic control system crash was due to the fact that a U-2, Cold War-era, spy plane still in use by the U.S. military sparked a "glitch" in radar systems and grounded all west coast planes for over 45 minutes, Reuters reports that an inside account suggests this was due to a common design problem in the U.S. air traffic control system  - a lack of memory in the computer! What is perhaps more worrisome, in theory, the same vulnerability could have been used by an attacker in a deliberate shut-down, the experts said, and "shows a very basic limitation of the system," and could be used as a new "attack surface."

As Reuters reports, a common design problem in the U.S. air traffic control system made it possible for a U-2 spy plane to spark a computer glitch that recently grounded or delayed hundreds of Los Angeles area flights, according to an inside account and security experts.

As aircraft flew through the region, the $2.4 billion system made by Lockheed Martin Corp, cycled off and on trying to fix the error, triggered by a lack of altitude information in the U-2's flight plan, according to the sources, who were not authorized to speak publicly about the incident.

 

...

 

FAA spokeswoman Laura Brown said that process "used a large amount of available memory and interrupted the computer's other flight-processing functions".

 

The FAA later set the system to require altitudes for every flight plan and added memory to the system, which should prevent such problems in the future, Brown said.

The U-2 had a complicated flight plan which blew the system...

The ERAM system failed because it limits how much data each plane can send it, according to the sources. Most planes have simple flight plans, so they do not exceed that limit.

 

But a U-2 operating at high altitude that day had a complex flight plan that put it close to the system's limit, the sources said.

 

The plan showed the plane going in and out of the Los Angeles control area multiple times, not a simple point-to-point route like most flights, they said.

 

The flight plan did not contain an altitude for the flight, one of the sources said. While a controller entered the usual altitude for a U-2 plane - about 60,000 feet - the system began to consider all altitudes between ground level and infinity.

 

The conflict generated error messages and caused the system to begin cycling through restarts.

 

"The system is only designed to take so much data per airplane," one of the sources said. "It keeps failing itself because it's exceeded the limit of what it can do."

But it opens up a host of concerns...

"If it's now understood that there are flight plans that cause the automated system to fail, then the flight plan is an 'attack surface,'" said Dan Kaminsky, co-founder of the White Ops security firm and an expert in attacks based on over-filling areas of computer memory.

 

"It's certainly possible that there are other forms of flight plans that could cause similar or even worse effects," Kaminsky said. "This is part of the downside of automation."

 

Moss said many hackers have been studying aspects of a new $40 billion air traffic control system, known as NextGen, which encompasses ERAM, including its reliance on Global Positioning System data that could be faked.

In conclusion - as one former military pilot noted...

"It would be hard to replicate by a hostile government, but it shows a very basic limitation of the system."

0
Your rating: None
 

- advertisements -

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Mon, 05/12/2014 - 14:06 | 4751485 RacerX
RacerX's picture

Nice. Next thing they'll tell us it's written in ADA.

Mon, 05/12/2014 - 14:09 | 4751494 cossack55
cossack55's picture

How do they still get parts for the Commodore and Atari systems?

Mon, 05/12/2014 - 14:09 | 4751499 fonestar
fonestar's picture

Through fonestar at localbitcoins.com.

Mon, 05/12/2014 - 14:14 | 4751518 indygo55
indygo55's picture

Wasn't that the period that the Russian bombers were flying just outside the 200 mile limit?

Mon, 05/12/2014 - 14:19 | 4751530 ZerOhead
ZerOhead's picture

"The system is only designed to take so much data per airplane," one of the sources said. "It keeps failing itself because it's exceeded the limit of what it can do."

Perhaps they could call up the NSA for some extra RAM. They don't seem to have any limits on the amount of data they can collect. I suspect they have plenty to spare...

Mon, 05/12/2014 - 14:22 | 4751544 eclectic syncretist
eclectic syncretist's picture

They're still running the old 386's with big floppy drives.

Mon, 05/12/2014 - 14:25 | 4751560 12ToothAssassin
12ToothAssassin's picture

This is an obvious cover story. The real issue was more likely a test run of precision directed energy weapons designed to take out radar systems. The U2 is the test bed and a great distraction component.

Mon, 05/12/2014 - 14:28 | 4751576 Cap Matifou
Cap Matifou's picture

Possibly the Ruskies fried the system from the distance.

Air Force TIMES sez: U-2 did not scramble LAX computers

 

Mon, 05/12/2014 - 14:43 | 4751626 ZerOhead
ZerOhead's picture

Whaaa?...

Perhaps a controller entered in 6,000 ft vs. 60,000 ft in a classic "not-so-fat-finger" error?

The computer would then be going nuts trying to reroute flights to avoid imaginary collisions while the U2 overflew at Mach 3.

Mon, 05/12/2014 - 14:45 | 4751654 Joe Davola
Joe Davola's picture

I'm sure non-friendlies would never attempt to exploit a buffer overflow vunerability.

Mon, 05/12/2014 - 15:17 | 4751692 Manthong
Manthong's picture

 

What’s the big deal?

It’s only the air traffic control system.

The money, time and effort to add RAM to that optional system is better expended on getting education, health care and EBT to illegal aliens.

Oh. what's that you say,.. it's just more .gov BS?

No matter what the truth or excuse is,  .gov is proven again to be a bunch of idiots.

Mon, 05/12/2014 - 15:24 | 4751847 knukles
knukles's picture

The DoJ has officially retired the U-2 more times than Osama has been killed.
So, the "WTF?" factor remains "stratospheric"

Mon, 05/12/2014 - 15:46 | 4751956 Beam Me Up Scotty
Beam Me Up Scotty's picture

U-2's and SR-71's are two different airplanes. SR-71's can go Mach 3 and are retired. U-2's do not fly at Mach 3. They aren't supersonic.

Mon, 05/12/2014 - 19:23 | 4752702 StychoKiller
StychoKiller's picture

No one mentioned SR-71's till you showed up, but yeah, the U2 ain't gonna haul @ss at Mach 3.  BTW, the top end of the SR-71 is still classified.

Mon, 05/12/2014 - 23:16 | 4753395 Andre
Andre's picture

Umm...

Look at the picture. That's a U2/TR1, operating in high subsonic region. Wings like that rip off too close to Mach 1.

The SR71 is what you are thinking of. Long out of service now, and totally different beast.

Mon, 05/12/2014 - 14:41 | 4751633 stacking12321
stacking12321's picture

"640k of memory is more than anyone will ever need".

-bill gates

Mon, 05/12/2014 - 16:35 | 4752173 Cap Matifou
Cap Matifou's picture

If you wanna be on the loop, listen to the "Father of Internet", LOL.

(This was once truly said about the vaccine crazed mofo by a clueless presstitute. Microsoft slept over the Internet gold rush completely, W95 came out back then without any internet connectivity.)

Mon, 05/12/2014 - 19:52 | 4752800 StychoKiller
StychoKiller's picture

Then they used Internet Explorer to access the internet, which is a lot like sending your young children to play Doctor with pedophiles!

Mon, 05/12/2014 - 14:50 | 4751679 lakecity55
lakecity55's picture

If the U2 did not, then it would have been the Russky Bears flying offshore just outside US airspace.

It is not advertised in the USGMSM, but the Russians have developed very sophisticated ECM systems.

Mon, 05/12/2014 - 15:21 | 4751827 Save_America1st
Save_America1st's picture

that's what I've been seeing on the 'ol interwebz as well.  I mean, really?  A fucking U2?  I'm calling B.S. on that story, because why in the hell should we ever believe anything that comes out of the administration or their propaganda media anyway?  Screw them.

The so-called "alternative" media (which are really the real media these days) all say it was the Russians trying out some jamming systems and that it wasn't a U2.

I'll go with their explanations every freakin' time cuz 99% of the time anymore they're the ones telling the truth. 

Man, I bet the sociopaths in D.C. and the NWO are just dying to shut down the 'ol interwebz.  It's gotta really piss them off that it's been used for good, freedom, and finding out all the information they had been trying to keep from us for so many decades. 

I bet Alex Jones at Infowars.com really drives the sociopaths crazier than they already are when he starts blasting away at them and telling all their secrets on air.

I love it

Mon, 05/12/2014 - 17:00 | 4752278 taoJones
taoJones's picture

"On the lighter side of things... seems that the crew responsible for the demolition of the old Bailey, wanted to give the old girl a grand, albeit improvised, sendoff.  Although the demolition had been planned for some time, the music and the fireworks were, according to the crew chief... definitely not on the schedule... we'll be right back..." - BTN

Mon, 05/12/2014 - 23:20 | 4753420 Andre
Andre's picture

True, the Russians have not been sleeping vis-a-vis  ECM, but civilian systems have always been a turkey shoot for that. Most flight plans of that type are ELINT or SIGINT - poke the frog and see what happens.

Mon, 05/12/2014 - 14:35 | 4751601 The Phu
The Phu's picture

This makes me curious why U-2's are flying over LA in the first place...  I hope it wasn't anything more than a training flight...

Mon, 05/12/2014 - 14:50 | 4751659 ZerOhead
ZerOhead's picture

Kieth Alexander assures us it was a simple training flight.

Mon, 05/12/2014 - 18:33 | 4752550 Aussie V
Aussie V's picture

Knowing LAX maybe the Baggage Handlers stole the ram from the computers on night shift? "Just take 64meg at a time and no one will notice"

Mon, 05/12/2014 - 17:49 | 4752409 A Nanny Moose
A Nanny Moose's picture

DENIAL of SERVICE...bytchez!

Kaminsky said. "This is part of the downside of automation."

Not entirely correct. This is the downside of highly centralized systems, especially those that are woefully out of date....a common malady of any centralized system. FAA - just another Gummint program by the central planners. As is your Social Security number. The real attack surface for automation being, when the power goes out (another centrally planned government program), nobody will remember which switch to flip, button to push, valve to open, or liquid to pour....at the designated point in time. All the people who do know these things, will be dead in 25 years.

In other news: MH340 Reappears after radar services restored.

Mon, 05/12/2014 - 14:33 | 4751592 Bankster Kibble
Bankster Kibble's picture

Perhaps it is an old Y2K problem?  They used a "windowing" fix and forgot to update after 2010?

Mon, 05/12/2014 - 15:14 | 4751794 The_Dude
The_Dude's picture

I know the guy that gets called in to work on the flight systems at SFO.  

His expertise...he was a TV repairmen from the 70s~90s and the only one around that still has the skills/understanding to work on these antique systems.....

Mon, 05/12/2014 - 20:04 | 4752833 StychoKiller
StychoKiller's picture

Ya mean this Guy's dad?

Mon, 05/12/2014 - 15:18 | 4751818 lasvegaspersona
lasvegaspersona's picture

Y2K finally hits!

Mon, 05/12/2014 - 15:10 | 4751777 onthesquare
onthesquare's picture

Lets see what the new Iranian Clone Drone will do in such a case.

Mon, 05/12/2014 - 14:39 | 4751617 Kirk2NCC1701
Kirk2NCC1701's picture

They buy them at Pawnstars.com?  We'll all be pawnstars soon.

Mon, 05/12/2014 - 14:55 | 4751703 fonestar
fonestar's picture

What will Chum Lee offer me for 3 BTC?

Mon, 05/12/2014 - 20:06 | 4752838 StychoKiller
StychoKiller's picture

Sorry, but I'm hanging onto my old C-64 (for games not available on other platforms!)

Mon, 05/12/2014 - 15:31 | 4751881 TheABaum
TheABaum's picture

They trade surplus TRS-80 (aka Trash 80) parts.  

Tue, 05/13/2014 - 00:59 | 4753671 Nobody Important
Nobody Important's picture

I don't know. But i've got 2 or 3 old Commodores laying around I'll sell them real cheap (by government standards) :)

Mon, 05/12/2014 - 14:09 | 4751497 twh99
twh99's picture

Probably Pascal.

Mon, 05/12/2014 - 14:19 | 4751536 Headbanger
Headbanger's picture

I think LISP

Mon, 05/12/2014 - 14:26 | 4751564 CPL
CPL's picture

Java actually; the platform-less platform language that comes with free memory leaks that are 'standard' across all Oracle/Sun products.  At no extra cost of course. 

Then add in how butchered the entire IT industry is, combined with the software on demand model.  Sprinkle in junior programmers without senior programmer guidance to the SDLC and instead use a business/marketing manager to drive the end solution.

http://www.ibm.com/developerworks/library/j-leaks/

http://www.appdynamics.com/solutions/appdynamics-java-monitoring/memory-...

http://www.javacodegeeks.com/2011/07/java-and-memory-leaks.html

http://www.toptal.com/java/hunting-memory-leaks-in-java

 

Mon, 05/12/2014 - 14:45 | 4751647 Oh regional Indian
Oh regional Indian's picture

CPL, pretty soon the pilots will get thier guidance from the "Cloud" they are flying through.

SAAS, in this case a recepie for diSAASter....

But it's coming, you can bet on it.

 

Mon, 05/12/2014 - 15:06 | 4751756 RaceToTheBottom
RaceToTheBottom's picture

Nancy from Bombay will be speaking at you in shortly

Mon, 05/12/2014 - 16:50 | 4752233 chinaboy
chinaboy's picture

You are just one idot who hates Java. There is no report linking Java to to the Radar computer. And you cannot produce any evidence of the link.

Mon, 05/12/2014 - 14:41 | 4751630 Kirk2NCC1701
Kirk2NCC1701's picture

Algol, Cobol, Lisp, Pascal?  Maybe even Hypo?

And those darn 8086 processors!

Mon, 05/12/2014 - 15:24 | 4751846 Pure Evil
Pure Evil's picture

Youse guys aren't even close.

Its all written in Jovial and CMS2.

Mon, 05/12/2014 - 15:26 | 4751862 knukles
knukles's picture

That's funny

Mon, 05/12/2014 - 20:08 | 4752844 StychoKiller
StychoKiller's picture

FORTRAN-IV on paper-tape FTW!

Mon, 05/12/2014 - 14:12 | 4751511 JLee2027
JLee2027's picture

Having worked at the FAA, in Air Traffic, I can tell you this article is completely untrue.

The local yoko customizes the air space. In other words, just a routine software bug, affecting one site and not anyone else.

Mon, 05/12/2014 - 14:22 | 4751546 Oh regional Indian
Oh regional Indian's picture

Seriously, really thin story, lack of RAM? In 2014?

Fuck, you could run an airport on networked smart fones today if you were smart enough.

Mon, 05/12/2014 - 14:27 | 4751570 i_call_you_my_base
i_call_you_my_base's picture

Just a point of clarity, but calculations "to infinity" like this one constitutes a runaway process, which means no amount of ram could accomodate. It sounds like bullshit from a different angle. The whole thing amounts to input error, which is an outlandish claim. If you didn't account for this you'd be an idiot programmer. And the error probably would have surfaced before.

Mon, 05/12/2014 - 14:57 | 4751712 Uncle Remus
Uncle Remus's picture

.

If you didn't account for this you'd be an idiot programmer.

It's not like there's a shortage...

Do NOT follow this link or you will be banned from the site!