This page has been archived and commenting is disabled.
U-2 Spy-Plane-Inspired Radar Crash Was Sparked By Insufficient RAM
Having admitted that last week's air traffic control system crash was due to the fact that a U-2, Cold War-era, spy plane still in use by the U.S. military sparked a "glitch" in radar systems and grounded all west coast planes for over 45 minutes, Reuters reports that an inside account suggests this was due to a common design problem in the U.S. air traffic control system - a lack of memory in the computer! What is perhaps more worrisome, in theory, the same vulnerability could have been used by an attacker in a deliberate shut-down, the experts said, and "shows a very basic limitation of the system," and could be used as a new "attack surface."
As Reuters reports, a common design problem in the U.S. air traffic control system made it possible for a U-2 spy plane to spark a computer glitch that recently grounded or delayed hundreds of Los Angeles area flights, according to an inside account and security experts.
As aircraft flew through the region, the $2.4 billion system made by Lockheed Martin Corp, cycled off and on trying to fix the error, triggered by a lack of altitude information in the U-2's flight plan, according to the sources, who were not authorized to speak publicly about the incident.
...
FAA spokeswoman Laura Brown said that process "used a large amount of available memory and interrupted the computer's other flight-processing functions".
The FAA later set the system to require altitudes for every flight plan and added memory to the system, which should prevent such problems in the future, Brown said.
The U-2 had a complicated flight plan which blew the system...
The ERAM system failed because it limits how much data each plane can send it, according to the sources. Most planes have simple flight plans, so they do not exceed that limit.
But a U-2 operating at high altitude that day had a complex flight plan that put it close to the system's limit, the sources said.
The plan showed the plane going in and out of the Los Angeles control area multiple times, not a simple point-to-point route like most flights, they said.
The flight plan did not contain an altitude for the flight, one of the sources said. While a controller entered the usual altitude for a U-2 plane - about 60,000 feet - the system began to consider all altitudes between ground level and infinity.
The conflict generated error messages and caused the system to begin cycling through restarts.
"The system is only designed to take so much data per airplane," one of the sources said. "It keeps failing itself because it's exceeded the limit of what it can do."
But it opens up a host of concerns...
"If it's now understood that there are flight plans that cause the automated system to fail, then the flight plan is an 'attack surface,'" said Dan Kaminsky, co-founder of the White Ops security firm and an expert in attacks based on over-filling areas of computer memory.
"It's certainly possible that there are other forms of flight plans that could cause similar or even worse effects," Kaminsky said. "This is part of the downside of automation."
Moss said many hackers have been studying aspects of a new $40 billion air traffic control system, known as NextGen, which encompasses ERAM, including its reliance on Global Positioning System data that could be faked.
In conclusion - as one former military pilot noted...
"It would be hard to replicate by a hostile government, but it shows a very basic limitation of the system."
»
- 9377 reads
- Printer-friendly version
- Send to friend
- advertisements -
Nice. Next thing they'll tell us it's written in ADA.
How do they still get parts for the Commodore and Atari systems?
Through fonestar at localbitcoins.com.
Wasn't that the period that the Russian bombers were flying just outside the 200 mile limit?
"The system is only designed to take so much data per airplane," one of the sources said. "It keeps failing itself because it's exceeded the limit of what it can do."
Perhaps they could call up the NSA for some extra RAM. They don't seem to have any limits on the amount of data they can collect. I suspect they have plenty to spare...
They're still running the old 386's with big floppy drives.
This is an obvious cover story. The real issue was more likely a test run of precision directed energy weapons designed to take out radar systems. The U2 is the test bed and a great distraction component.
Possibly the Ruskies fried the system from the distance.
Air Force TIMES sez: U-2 did not scramble LAX computersWhaaa?...
Perhaps a controller entered in 6,000 ft vs. 60,000 ft in a classic "not-so-fat-finger" error?
The computer would then be going nuts trying to reroute flights to avoid imaginary collisions while the U2 overflew at Mach 3.
I'm sure non-friendlies would never attempt to exploit a buffer overflow vunerability.
What’s the big deal?
It’s only the air traffic control system.
The money, time and effort to add RAM to that optional system is better expended on getting education, health care and EBT to illegal aliens.
Oh. what's that you say,.. it's just more .gov BS?
No matter what the truth or excuse is, .gov is proven again to be a bunch of idiots.
The DoJ has officially retired the U-2 more times than Osama has been killed.
So, the "WTF?" factor remains "stratospheric"
U-2's and SR-71's are two different airplanes. SR-71's can go Mach 3 and are retired. U-2's do not fly at Mach 3. They aren't supersonic.
No one mentioned SR-71's till you showed up, but yeah, the U2 ain't gonna haul @ss at Mach 3. BTW, the top end of the SR-71 is still classified.
Umm...
Look at the picture. That's a U2/TR1, operating in high subsonic region. Wings like that rip off too close to Mach 1.
The SR71 is what you are thinking of. Long out of service now, and totally different beast.
"640k of memory is more than anyone will ever need".
-bill gates
If you wanna be on the loop, listen to the "Father of Internet", LOL.
(This was once truly said about the vaccine crazed mofo by a clueless presstitute. Microsoft slept over the Internet gold rush completely, W95 came out back then without any internet connectivity.)
Then they used Internet Explorer to access the internet, which is a lot like sending your young children to play Doctor with pedophiles!
If the U2 did not, then it would have been the Russky Bears flying offshore just outside US airspace.
It is not advertised in the USGMSM, but the Russians have developed very sophisticated ECM systems.
that's what I've been seeing on the 'ol interwebz as well. I mean, really? A fucking U2? I'm calling B.S. on that story, because why in the hell should we ever believe anything that comes out of the administration or their propaganda media anyway? Screw them.
The so-called "alternative" media (which are really the real media these days) all say it was the Russians trying out some jamming systems and that it wasn't a U2.
I'll go with their explanations every freakin' time cuz 99% of the time anymore they're the ones telling the truth.
Man, I bet the sociopaths in D.C. and the NWO are just dying to shut down the 'ol interwebz. It's gotta really piss them off that it's been used for good, freedom, and finding out all the information they had been trying to keep from us for so many decades.
I bet Alex Jones at Infowars.com really drives the sociopaths crazier than they already are when he starts blasting away at them and telling all their secrets on air.
I love it
"On the lighter side of things... seems that the crew responsible for the demolition of the old Bailey, wanted to give the old girl a grand, albeit improvised, sendoff. Although the demolition had been planned for some time, the music and the fireworks were, according to the crew chief... definitely not on the schedule... we'll be right back..." - BTN
True, the Russians have not been sleeping vis-a-vis ECM, but civilian systems have always been a turkey shoot for that. Most flight plans of that type are ELINT or SIGINT - poke the frog and see what happens.
This makes me curious why U-2's are flying over LA in the first place... I hope it wasn't anything more than a training flight...
Kieth Alexander assures us it was a simple training flight.
Knowing LAX maybe the Baggage Handlers stole the ram from the computers on night shift? "Just take 64meg at a time and no one will notice"
DENIAL of SERVICE...bytchez!
Not entirely correct. This is the downside of highly centralized systems, especially those that are woefully out of date....a common malady of any centralized system. FAA - just another Gummint program by the central planners. As is your Social Security number. The real attack surface for automation being, when the power goes out (another centrally planned government program), nobody will remember which switch to flip, button to push, valve to open, or liquid to pour....at the designated point in time. All the people who do know these things, will be dead in 25 years.
In other news: MH340 Reappears after radar services restored.
Perhaps it is an old Y2K problem? They used a "windowing" fix and forgot to update after 2010?
I know the guy that gets called in to work on the flight systems at SFO.
His expertise...he was a TV repairmen from the 70s~90s and the only one around that still has the skills/understanding to work on these antique systems.....
Ya mean this Guy's dad?
Y2K finally hits!
Lets see what the new Iranian Clone Drone will do in such a case.
They buy them at Pawnstars.com? We'll all be pawnstars soon.
What will Chum Lee offer me for 3 BTC?
Sorry, but I'm hanging onto my old C-64 (for games not available on other platforms!)
They trade surplus TRS-80 (aka Trash 80) parts.
I don't know. But i've got 2 or 3 old Commodores laying around I'll sell them real cheap (by government standards) :)
Probably Pascal.
I think LISP
Java actually; the platform-less platform language that comes with free memory leaks that are 'standard' across all Oracle/Sun products. At no extra cost of course.
Then add in how butchered the entire IT industry is, combined with the software on demand model. Sprinkle in junior programmers without senior programmer guidance to the SDLC and instead use a business/marketing manager to drive the end solution.
http://www.ibm.com/developerworks/library/j-leaks/
http://www.appdynamics.com/solutions/appdynamics-java-monitoring/memory-...
http://www.javacodegeeks.com/2011/07/java-and-memory-leaks.html
http://www.toptal.com/java/hunting-memory-leaks-in-java
CPL, pretty soon the pilots will get thier guidance from the "Cloud" they are flying through.
SAAS, in this case a recepie for diSAASter....
But it's coming, you can bet on it.
Nancy from Bombay will be speaking at you in shortly
You are just one idot who hates Java. There is no report linking Java to to the Radar computer. And you cannot produce any evidence of the link.
Algol, Cobol, Lisp, Pascal? Maybe even Hypo?
And those darn 8086 processors!
Youse guys aren't even close.
Its all written in Jovial and CMS2.
That's funny
FORTRAN-IV on paper-tape FTW!
Having worked at the FAA, in Air Traffic, I can tell you this article is completely untrue.
The local yoko customizes the air space. In other words, just a routine software bug, affecting one site and not anyone else.
Seriously, really thin story, lack of RAM? In 2014?
Fuck, you could run an airport on networked smart fones today if you were smart enough.
Just a point of clarity, but calculations "to infinity" like this one constitutes a runaway process, which means no amount of ram could accomodate. It sounds like bullshit from a different angle. The whole thing amounts to input error, which is an outlandish claim. If you didn't account for this you'd be an idiot programmer. And the error probably would have surfaced before.
.
It's not like there's a shortage...
I think they import them by the butload, or is that boatload, on H1-B visas.
That's not going to curry favor ya know.
There's at least one website devoted to Idjut Programmers: http://thedailywtf.com/
How complex is flight plan data?
Is is storing a plot point every second, or just position, angle, speed at each turn?
Do all military flights need a flight plan?
What happens if a plane goes off its flight plan?
The article says the ATC put in an altitude of 60,000 feet and the system began calculating for every possible altitude between ground and infinity ... is the system hard-coded with a limit of 40 or 45,000 feet, and any number above that is invalid? Does the system have input validation? What if someone puts in a negative number, or adds an extra zero?
If the computer is running off calculating an infinite number of possibilities, adding more RAM is not going to solve the problem.
USAF flies anywhere the fucking want to.
With a tanker and drone entourage to boot.
Commercial jets (AFAIK) can't go above 45,000 ft anyway, which would leave the U2 (@60K ft) nearly 3 miles away from any potential target. So I'm not sure what the hell it was calculating. Now only 6,000 feet would really stir things up. However, there were errors reported at 4 airports in greater SoCal as well as San Jose airport (Bay area) some 400 miles north. There's definitely something wrong with the picture they're trying to paint.
The FAA has multple centers nationwide (ARTCC) to track between airports. My guess is the Center had the problem, located in Oakland. But that's a complete guess, and it's unfair to say it's certain.
I forget to mention that a Center handles multiple airports, so your flight is always under radar coverage.
Perhaps the input error was a zero (or no entry) for min alititude, and 60,0000 feet for max altitude. Combined with the number of other flights and the complexity of the U2's flight plan, the system was pushed further than in any of its test cases (in this scenario it would have been heavily taxed to calculate every possible interaction). What I suspect is being covered up is the vulnerability of the system to a data-entry error ... after all, the public wants to know this is "solved" and could never happen again ....
If I'm right (big IF here), then RAM *may* be only part of the story, and the CPU bandwidth might have been exceeded. The RAM upgrade could be a quick (partial) fix, but as others have pointed out, the program should have checked the input data for sanity (trouble is, what if the U2 took off or landed locally -- then a zero min altitude would have been correct and ... hmmm ... uh-oh ....).
Houston, I think we have a problem [as there could be a fundamental issue here that is NOT easily fixed properly/reliably] ....
p.s. Chime-ins from those with technical expertise in this area would be highly appreciated.
p.p.s. Perhaps we'll see the FAA propose modernizing this equipment (at least at major airports) in a few months ... for "general" safety mind you (gosh those old systems work just *fine* but ... parts are hard to get ... HAHAHA).
If the amount of calculations is "infinite" then the amount of RAM that must be added is infinite. Same with processing power. There should never be infinite loops or recursion.
Agreed, but I'm not sure I believe that part (although it's possible with a s/w bug, but why didn't it show up earlier? Huh? Huh?).
How complex is flight plan data?
Matt,
The air space itself is defined. Think 3D, height, width, depth with boundary to the next radar coverage area, all customized locally as all are different. There can be some very wierd shapes. All incoming flight data needs to fit inside that definition, or it should be somebody else's radar coverage and responsibility. Sometimes, higher altitude stuff is off-limits, reserved for military.
smart fones.
Hey, it's XP with 128MB of RAM and a 56K hook up.
It don't get much better than that..
Windows ME. You're talking about Windows ME.
The best OS on the market.
You could play Redneck Rampage to your hearts content.
What?!? No "Deer Hunting with Jesus" level?
Is that anything like "Custer's Revenge?"
seriously?? ZH looks for conspiracies in whether climate change causes fish to fart bubbles or not, and then "Tyler" posts an article accepting what has to be a total BS story about lack of RAM crashing a $2.8B air traffic control system? in 2014, when you can buy 32gb RAM sticks?
c'mon, let's get creative here.
was the air force trying out a new stealth system, or perhaps testing a new system to zap out enemy radar? or maybe Iran is getting even for Stuxnet. or maybe the Russian's infected the system with nanobots.
but ... lack of RAM??
A modern desktop PC with a $500 video card can do way more in real time than what these fuckers claim. Gimme a break.
Oh hell yeah!
http://www.flightradar24.com/38.47,-122.71/7
But the software is not written for that. Here's a new phrase for you: "legacy system".
In other werdz, more lying BS from the Govt!
I remember seeing an RFP for that system (or predecessor?) in the 90s, and it was definitely during the ADA push. The error handling was supposed to be its strength, don't remember the bit about looping reboots, but I was studying it over lunch, may have glossed over that.
Keep using foreign software developers and save that 15%. What could go wrong.
1st world countries do not stay 1st world countries with a transformation to a 3rd world population.
Politics follows biology.
Latest scientific proove: South Africa.
Got that pogues?
Complicate the reasons why enough and...case closed
Lockheed Martin, huh? Sue 'em and get a new system from China.
Faus frag!
Wrong spot...
Crose enough...
More like crappy programming.
Agree. Looks like they didn't validate the input. All they needed was a failure when no altitude is entered.
Or 60,000 feet is not considered within valid range for some reason, like if the system was designed for civilian air traffic and had a maximum altitude it could handle.
Right, that seems possible.
But it took that "bad data" and then went to infinity? That's some serious crazy.
Wouldn't that be an amazing thing if you could build software with every line of code covered with both expected and unexpected conditions run against the code base with every commit? Let's call it "unit testing" ... no but of course a small time company like Lockheed Martin couldn't afford that!
"Hell of a memory leak ya got there pal."
Wha...? :>D
So the system was running at 99% of capacity? Brilliant.
pods
Yeah Pods, interesting that the serf's mission critical airt traffic control runs on frigging 486's and a U2's flight path ALONE can supposedly blow the whole system?
Even ATC personnel are famously stressed, lots of drugs and all, harrowing tales of near misses...
pretty crazy....serf's are statistics...
Reminds me of the Electronic Warfare systems that can create ghost images on radar. Me thinks they were flying with the wrong switch in the on postition.
Imagine that the U2 created 100 aircraft out of no where. That would create an issue for the computer, the operator etc.
Very interesting and feasible hypothesis there....
By hostile government, I think we can safely assume the pilot was talking about our own.
http://www.cnet.com/news/truck-driver-has-gps-jammer-accidentally-jams-newark-airport/
Remember what Billy said, 640 kB is more than enough!
Damnit, this was the snarky post I was gonna make!
Smooth move Ex-Lax.
Complete numb-nutz programming at work.
And as usual, by the low bidder, no doubt.
You're not gonna get a "low bid" from inside the MIC.
Hmmm, good to see the FAA agrees with me. Or am I now part of the cabal?
As a software guy, there's nothing shocking about these bugs at all. It all comes back to the idea that you can't prove a negative, so infinity wins every time.
Applications are never nearly as black-box as one might think they should be.
Especially when the phrase "And the bid goes to..." is part of the equation.
I'm currently watching a multi-million dollar ERP deployment, that is an absolute POS. It's likely less integrated than the package they've had for twenty years. But hey, the kids wanted silverlight instead of a green screen, so the kids get pretty things that don't work.
A brand new, data free time keeping/scheduling system was eating a gigabyte an hour simply idling. Quick fix? Double the ram, and cut the problem in half!
Two questions the low bidder always asks themselves.
1. What did I miss?
2. Where do I get change order forms?
A brand new, data free time keeping/scheduling system was eating a gigabyte an hour simply idling. Quick fix? Double the ram, and cut the problem in half!
It seems proper testing is always the first thing cut as projects expand. Developers these days, really need more to learn to properly test. I call it the dumbing down of the industry. All most do is write a module and hand it off. They have no idea and don't care how to make it work. They met spec and that's it. The industry is way overspecialized - a specialist gets the business requirements, another turns them into technical specifications, another writes a module spec, another codes it, maybe someone tests it...no matter some manager calls it completed and working give me my bonus....Don't even get me started......
We're all beta testers now...
BULL.FUCKING.SHIT!
There's no shortage of the feral Federal government lies and them RAMMING us up the ass!
I'm also quite sure that the space shuttle has made fast high level passes over Commiefornia airspace. Why didn't that trigger this problem?
They patched the airspace for some reason in the past few months, and it all worked ok until the U2 showed up at high altitude. Probably.
Stuff happens. One day a nameless controller had some kind of breakdown and told all incoming aircraft to hold and not to land. The airport called the center about 45 minutes later asking where all the flights were, as traffic had stopped. They were all on hold and circling, per instructions. Thank GOD someone caught it before they all ran out of fuel. Needless to say, procedures were changed after that. Now you sit on a runway, waiting for clearance all the way through before take off.
Didn't the DoD specifically say that the U2 plane didn't cause the crash? That's what started the "THE RUSSIANS DID IT!" hype both here and other sites. Now all of a sudden we know the exact reason it crashed. How convenient.
You think that's bad, truth is air traffic control was using Internet Explorer.
so let's see: the sources of all this info are Reuters, US govt, US military, FAA - all pathological liars
I heard a farily reliable source say that Russian bombers were flying near the west coast during that time.
That same source also said a few Russian fighters "jammed" the US Navy's targeting radar systems in the black sea a few days ago.
I think they were running MS Windows and playing solitare. --Hence the system crash.
Nice cover story. Id bet Russia did it.
Wow, never though I'd say that in seriousness.
I suppose this is a sgn of the times. The NSA has enough memory and processing power to store every single communication globally in real time and one outdated spy plane crashes the commercial air traffic control system. It would be funny if not so tragic.
Those corrupoted parasites who "believe" they are superior and in control must be having a laugh.
Time for a $500 billion overhall of air traffic systems.
Shovel ready jobs.
i guess they are running dos? any modern operating system, including windoz, would have used virtual memory when physical ram ran out ...
haha, they are still using Intel 8088s!
with 1 meg of RAM!
I bet they still have tubes in the power supplies, hahahha.
Well, that certainly improves their EMP resistance.
Yep, 50# transformer and diodes about 2" in diameter!
And think of the heating savings in winter!
You know that Lockheed Martin and the "defense" sector must be complete retards if they are unable to model a flight path for an airplane and do some of the most basic tests on the product before releasing it. Obviously living too long on the pork fat that comes from big governent. Never mind, just print up a few billion more and give the project to Team Obamacare!
And what about the apocryphal story of Russian fighter planes shutting down US Navy radar in the Black Sea? Seems a little more credible now don't it?
Why do we keep advertising our vulnerabilities. Is it that we live in a world where the rulers keep secrets and can lie with impunity but the foundations of our security are broadcast on Facebook and Twitter in a continual steam of 'come as get us here, here and here'
It's the rulers that stop us fixing our vulnerabilities. Developers would find exploits and share the information with the community and work on a fix. Now they get bounties from the NSA to hand over exploits and shut up about it. If it's true that a plane at 60,000 feet can crash air traffic control then the system was built by amateurs and there simply is no fix for that. Not a fix that would be very easy anyway - the fix is getting lobbyists out of government and harpooning bloated defense contractors and other leeches feeding at the government teet. The money junkies get paid whatever products they produce with no attention to quality and no concern for consequences because there are none.
The Russkies advertised it. The media is now covering it up best they can. Don't worry, the extra RAM will 'solve' the problem.
(10) - 8-inch floppy drives operating on a Trash-80 processor.
Took 'em over a decade ( or two ) to get off of vacuum tubes. Not a shocker.
Should have kept the tubes & some good 'ole solid state technology.
Let a Canadian rewrite the programs.
Would that be the same group that wrote the interface for Obamacare?
640K ought to be enough for anybody
Bill GatesBilly Gates is a commie fag.
He is also an international jetsetter and spokesmodel for sterilizing, poisoning, and killing, with live vaccines. "OH MY DADDY WAS THE INVENTOR OF PLANNED PARENTHOOD"
I wish Bill's dad had planned better, one more abortion would have prevented Windows 7.
To the Malthusians I always say, "You First!"
the pilot knew he was in trouble when he was forced to reboot and the Windows 95 screen came up...
I like the "Do you want to stop running this script?" dialog box comes up. If they can program the thing to ask me, why can't they program it to stop or correct the error caused by the script?
Bill Gates is a communist and REALLY SUX at software.
Unless they are using outdated systems based on 386 processors, I am not buying it. With prices for RAM so low they can have enough memory for their systems. This was some sort of test.
Are we still believing this was merely a computer glitch?
My money is on an extraterrestrial abduction.
My money is on advanced EW platform fielded by the Russians in their new Cold War pokings and proddings strategy.
Hey! Gary Powers,
This story is dead, follow ups are dead. Maybe you're looking at week old statistics. This psy-op needs no further massaging. Please move on to some other section. The group working on demonizing Russia needs help: they're putting out a constant stream of laughable drek. They rachet between the "Russian Bear KGB Oligarch" and other stupidly transparent themes. As a taxpayer I'm not getting my money's worth. Don't tell me you're outsourcing propaganda now? Is some Indian guy typing with one hand and reading Samuel's History of America with the other hand?
Highschool grade stuff here. Crap really. As my grandfather used to say after his stroke, "Stink Awful!"
All I gotta say is make sure Marvin Bush or the Israeli's aren't running security... Remember what happened last time.
And people wonder why I don't fly...
LOL, we can have Mil bases in over 130 countries and we can't afford a few sticks of RAM.
Fuck yea, USSSSSAAAAAA!
Shit. Where
It opens up a 'host of concerns' -- not the least of which is 'WHY IS THE U-2 SPY PLANE FLYING OVER LOS ANGELES AND IS DUCKING IN AND OUT OF LOS ANGELES AIR SPACE????'
It's Los Angeles dude, including where these things were built and maintained, adjacent to Edwards and other military desert bases, we got everything in Los Angeles air space from chop suey to guys in lawn chairs and helium balloons, Marine One, stealth helicopters watching over Algore, blimps, dirigibles, and a black cloud that hovers over Donald Sterling.
So, in light of this revelation, please explain how all the abuse of, spying on, and hatred of US citizens by government is justified?
Are they sure it was a U-2? This Russian plane looks a lot like a U-2.
http://englishrussia.com/2014/05/08/the-soviet-stratospheric-planes/#more-146650
This was nothing more than the US Government's first EMP weapon's test on civilians.