gabe@gabegold.com
Date: Thu, 8 Aug 2019 23:36:06 -0400
But Boeing counters that it has both "additional protection mechanisms" in
the CIS/MS that would prevent its bugs from being exploited from the ODN,
and another hardware device between the semi-sensitive IDN -- where the
CIS/MS is located -- and the highly sensitive CDN. That second barrier, the
company argues, allows only data to pass from one part of the network to the
other, rather than the executable commands that would be necessary to affect
the plane's critical systems.
"Although we do not provide details about our cybersecurity measures and protections for security reasons, Boeing is confident that its airplanes are safe from cyberattack," the company's statement concludes.
Boeing says it also consulted with the Federal Aviation Administration and the Department of Homeland Security about Santamarta's attack. While the DHS didn't respond to a request for comment, an FAA spokesperson wrote in a statement to WIRED that it's "satisfied with the manufacturer' s assessment of the issue."
https://www.wired.com/story/boeing-787-code-leak-security-flaws/
...or not.