Not a thought of Security…

I was dismayed at a recent article on a web site that calls itself the Airline News Resource. A young student, Mr. Toms Purgailis, from Latvia wrote an article about the future of IFE (In Flight Entertainment) in which he advocates the passengers on the airplanes using iPads and laptops and just sharing their movie collections, regardless of whether or not it is piracy to share the files. More disturbing is how he attempts to rationalize that if you have illegal files and share them via USB or email then it is more or less legal. This is one student who is going to have a very tough time in school if he has professors that require well thought out arguments.

Ethics aside, the author is completely oblivious to security. Sharing files is pretty much as close to sharing needles as computers get. This is a dangerous practice. Let’s start with the harmless pirated movies that have no malicious content in them. These files find their way on to business laptops and then get backed up to the corporate network and put the business at legal risk.

Next, there is all of the malware that uses autorun (not an iPad/Mac problem). Simply plugging the USB flash drive into the computer can infect the computers. We really need an airplane virus epidemic, don’t we? The thought is bizarrely amusing. I can just hear the announcement now… “Ladies and gentleman, in the likely case that your laptop gets infected, we have a member of the Geek Squad in seat 15D who can fix your computer for a nominal fee.”
The next scenario is deliberate malware. A person says “you’ll need this codec to play the movie, so run setup.exe”. Woo hoo, in-flight botnet!!!

Illegal file sharing remains a prime infection vector. I am confident that there is not an airline in the world that is taking Mr. Pugailis’ suggestion seriously.

Randy Abrams
Director of Technical Education


Author , ESET

  • Charles

    There's a lot of truth to this; Richard Clarke's Cyberwar book actually dives into this as a scenario for malware and flight control operation corruption. Recommendation was to completely segment the two data pipelines and 'never the twain shall meet'.

Follow us

Copyright © 2016 ESET, All Rights Reserved.