AircraftNews.Com

At every level there is doubt about the efficacy and indeed the common sense of the security regulations and responses we now have to deal with since 911 and Osama unless he is in his grave must be laughing his head off at the enormous cost he has been able to get us to inflict on ourselves as a society.
As I suspect everyone has ruminated at some time or another as they have had some innocent object confiscated by some officious goon or gooness (in my case a small shifting spanner about 2 inches long) always with the excuse “I am just following rules” it is obvious that much silliness goes on in the name of security.
The absurdly extreme measures which exist serve, as is so often correctly stated, only to inconvenience the law abiding in society without doing more than give minor pause to the destructive amongst us.
So far there has not been much of a bite back from the public because they can usually be scared into submission by saying “terrorism” but sooner or later simple economics may lead to a search for a better paradigm.
In what may perhaps be the beginnings of a movement in the direction of sanity a recent speech by an American professor of Biology has suggested that a different take might be very rewarding.
The basic concept is that organisms constantly face security threats and they respond in an adaptable and flexible local level and so are able to respond very quickly and appropriately.
The top down – it has been ruled that nail clippers are not allowed onto aircraft (whereas plastic coat hangers which when broken make much better weapons than nail clippers are) approach is so predictable that it is easily circumvented. Whereas an appropriately empowered and savvy local defence security apparatus might be much more effective Read more…

In a scary presentation at the Defcon hacker conference, a security researcher showed how easy it is to compromise the Federal Aviation Administration’s air traffic control system.

Righter Kunkel was careful not to show exactly how to bring aircraft out of the sky. But he showed how its easy to shut down information going into an air traffic control tower, jam radar, submit a fake aircraft flight plan, get recognized as a pilot even if you aren’t a pilot, and stop planes from taking off at an airport.
Kunkel laid out the process. You could get a fake identification (which is illegal). Go to the doctor and get an aviation medical certificate which shows you are fit to fly. With that, you can get a student pilot’s certificate number. Then you can log into the FAA’s pilot registration site. Then you can submit yor own flight plans. Read more…

Why are we not surprised. In a classical case of lets find a bogie that can’t defend itself and lets make a huge fuss of how we are going to cope with it GA has been targeted globally with onerous and lets admit it ridiculous security measures that have cost many dearly, caused much aggravation and inefficiency and made our enemies laugh.
A recent report tells us what we all knew and also highlights the not entirely innocent role of sections of the media embroiled in the shock horror end of the industry..

In an important finding The Homeland Security Department’s inspector general said Wednesday the national security threat posed by general aviation is “limited and mostly hypothetical.” Read more…

May 08, 2009

U.S. air traffic control systems are at high risk of attack due to their links to insecure Web applications run by

aviation authorities around the country, according to a U.S. Department of Transportation audit.

Penetration testers found 763 high-risk vulnerabilities in 70 Web applications used for functions such as

distributing communications frequencies for pilots and controllers to the public and other applications used for

internal air traffic control (ATC) systems within the U.S. Federal Aviation Administration (FAA), the report said.

A high-risk vulnerability is classified as one where an attacker could take control over a computer, modifying

systems or stealing data. Testers also found 504 medium-risk and 2,590 low-risk vulnerabilities, such as the use of

weak passwords and unprotected critical file folders, the report said.

“In our opinion, unless effective action is taken quickly, it is likely to be a matter of when, not if, ATC systems

encounter attacks that do serious harm to ATC operations,” the report concluded. Read more…