[130421] in North American Network Operators' Group
Re: AS11296 -- Hijacked?
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Sat Oct 2 18:47:18 2010
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <8CC300ED-C243-4186-A9BE-C36EF854145D@delong.com>
Date: Sat, 2 Oct 2010 18:47:01 -0400
To: Owen DeLong <owen@delong.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Oct 1, 2010, at 7:00 51PM, Owen DeLong wrote:
>=20
> On Oct 1, 2010, at 2:31 PM, George Bonser wrote:
>=20
>>=20
>>=20
>>> -----Original Message-----
>>> From: wherrin@gmail.com=20
>>> Herrin
>>> Sent: Friday, October 01, 2010 2:27 PM
>>> To: George Bonser
>>> Cc: Christopher Morrow; nanog@nanog.org
>>> Subject: Re: AS11296 -- Hijacked?
>>>=20
>>>=20
>>> Death by IP address?
>>>=20
>>> -Bill
>>=20
>> Quite possible if one is using it to distribute a virus. RE: Spanair
>> flight JK-5022
>>=20
>> =
http://www.monstersandcritics.com/news/europe/news/article_1578877.php/C
>> omputer-viruses-may-have-contributed-to-Spanish-2008-plane-crash
>>=20
>>=20
>=20
> =
http://aircrewbuzz.com/2008/10/officials-release-preliminary-report-on.htm=
l
>=20
> A more recent Interim report:
>=20
> =
http://www.fomento.es/NR/rdonlyres/AADDBF93-690C-4186-983C-8D897F09EAA5/75=
736/2008_032_A_INTERINO_01_ENG.pdf
>=20
> The crew apparently skipped the step where they were supposed to =
deploy
> the slats/flaps prior to takeoff.
>=20
> Additionally, the warning system on the aircraft which should have =
alerted
> the crew to the failure to extend the flaps/slats also failed to =
sound.
>=20
> A computer virus may have had a small contribution to the failure to =
detect
> the warning system failure in the maintenance process, but, it did not =
cause
> the accident.
>=20
> The accident is clearly the result of pilot error, specifically the =
failure to
> properly configure the aircraft for takeoff and failure to take =
remedial
> action upon activation of the stall warning system during the initial
> climb.
>=20
There's more to the story than that. There was a problem with a sensor =
-- the heater for it was running when the plane was on the ground, which =
it shouldn't do. The mechanic couldn't reproduce the problem; since =
there was no icing likely and the heater was only needed if there was =
icing, the pilot flipped the breaker to disable it. (The virus-infected =
computer was the one that should have been used to log two previous =
reports of that same heater problem, but no one even tried entering the =
reports until after the crash, so the virus wasn't at all the problem.) =
Because of the distractions -- the return to the gate, the co-pilot =
making a call to cancel dinner planes, a third person in the cockpit, =
the pilots indeed forgot to set the flaps -- and just breezed through =
the checklist item (which they did recite) rather than actually paying =
attention to it.
However... the accident investigators learned that in almost all =
previous instances, worldwide, of that heater problem, the cause was a =
failed relay in the "I'm on the ground" circuit. That same relay was =
used to activate the Takeoff Configuration Warning System -- which =
didn't alert the pilots to the flaps problem because the relay failed =
again after the plane left the gate for the second time. In other =
words, a crucial safety system had a single point of failure -- and that =
failure also contributed to the distraction that led to the pre-takeoff =
pilot error.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
