Harald Welte's blog

Seeing netfilter/iptables boot-up messages in an airplane

I've read a couple of blog posts about the suspicion (or even confirmation) that some of the in-flight entertainment systems are using Linux. It's completely understandable that if you have to put 400+ such systems into a plane, you'd rather use free software for the economics of licensing costs.. imagine 400+ windows licenses :)

Now in any case, during my Taipei-Singapore flight enroute my trip back from OpenMoko headquarters to Berlin, I was amazed by the new big-screen entertainment systems that Singapore airlines is apparently using in some of their planes. This particular plane was a Boeing 777-300R. The screens are not the usual 4" or similar, but actually something like 10" - and that in economy class. Also, they're really high-res, and seem to be entirely controlled digital, i.e. no blurry PAL/NTSC or VGA resolution, but actually something on the order of (guessing) XGA.

The second unusual bit was the three connectors on the right hand side of the screen. Ethernet (!), USB host and composite video-in. I've never seen something similar in an airplane before.

Now unfortunately the system on my seat was stuck. I called the flight attendant, who then issued a remote system reset. To much of my surprise, I could soon see the BIOS boot screens of a VIA based embedded system. Afterwards, it executed RedBoot, followed by a Linux kernel, to be followed later by an X server (you could see the grey background pattern with the X cursor for quite some time), and then some custom X11 applications.

As the RedBoot message suggests, the system was implemented by Panasonic Avionics.

The first thing worth mentioning was the incredibly slow boot progress. They must be running those systems at low clock speed, and boot them over the network, even though the rootfs was ext2. I didn't see the details since I was too busy grabbing my camera to take this photograph.

The amazing thing about this system is that it has 512MB RAM per seat, dissipates a dangerous amount of heat (you can feel it getting very uncomfortably warm under that screen, where probably the entire system is located, similar to a "tablet PC" form-factor). Still, it is very slow. And then look at the details. Why on earth do you need a wifi stack and netfilter/iptables, including ip_conntrack on such a system inside the airplane? I severely doubt that they use packet filtering to prevent a hacker to get from one seat to another - and thus connection tracking adds anything aside a performance hit.

So what's it with those connectors? I couldn't get the Ethernet part. And for whatever reason, I didn't have a patch cable in my carry-on luggage either. Maybe the entertainment system might have been even more entertaining that way, who knows :(

The USB connector is meant for a user-provided USB memory stick, where you can then watch your own pictures, or use a word processor or spreadsheet to view / create / edit documents. The software used for this is - unsurprisingly - a customized version of StarWriter/StarCalc, based on OpenOffice.org. I've played a bit around with it. Using the controller, you can actually resize the window from full-screen to something smaller, but there's nothing interesting in the background. I've tried to see if one can somehow change the print command to "/bin/sh" and then print a document - but the printing functionality had been removed altogether, so no luck here.

I decided to sleep for the rest of the flight, rather than trying different attack vectors. If I run into such a system again, I'm probably quite tempted to do so again. Would be fund to get an entire plane full of Linux hackers (let's say: OLS attendees) and have them play around with it to see how well is is done from a security point of view. I guess the worst-case scenario is something like people connecting their USB hard drives (or laptops via Ethernet) and then ripping the entire entertainment library during the duration of a 12 hour intercontinental flight. I'd suppose they actually should have looked a fair bit at the security of such a system. But then, the same is true for many systems, and developers still neglect that aspect way too often.

Heading back to Germany

So, after roughly two weeks of OpenMoko Taipei headquarters, I'm now heading back to my Home+Office in Berlin. And I'm really looking forward to it. During the last couple of months I've tried my best to help the transition from OpenMoko a a project inside a FIC business unit to OpenMoko, Inc. the independent company inside the FIC Group. I've helped with tons of things that are definitely by no means related to kernel/bootloader development, or even the hardware architectural planning that I've been heavily getting involved starting with GTA02.

So now it is a good time to finally focus again on what my actual and original task is: Software development. This can be done much better remotely, so I'll expect to be able to work way more from Berlin. Which makes me happy, since it always was and still is my favorite city. And I definitely missed it a lot during the last year of intensive OpenMoko work. Now I'm on my way back, and I'm looking forward to spending more time with my friends, the CCC Berlin. Being able to go to concerts and clubs that play music I actually like. Being able to work on finally improving (or rather: finishing) home improvement in my apartment, and many other things.

So don't get this wrong. I'm very much continuing my technical work for OpenMoko, and as the first developer on this entire project and a OpenMoko core team member, I'm always going to maintain an influential role in the project. But finally, I can go home, feel better, work more focused and efficiently, and improve the technical quality of our products even more :)

Since OpenMoko now actually has three full-time paid project members in Berlin, It's also going to be nice to closer cooperate with them. (or co-work, like the Chinese English speaking would say)

Harald Welte's blog

	RSS Categories Root (688) ccc (20) electronics (8) gsm (3) knf (4) linux (510) a780 (39) ath-driver (1) conferences (79) cyberjack (4) gnuradio (4) gpl-violations (103) gspc (6) mrtd (29) netfilter (114) ct sync (6) openmoko (29) opentom (7) misc (10) personal (80) bollywood (14) photography (9) politics (21) swpat (3) Archives 2008 (29) May (5) April (6) March (6) February (7) January (5) 2007 (53) December (9) November (5) October (3) September (6) August (3) July (3) June (3) April (3) March (6) February (7) January (5) 2006 (154) December (12) November (9) October (8) September (12) August (10) July (13) June (21) May (13) April (23) March (6) February (14) January (13) 2005 (248) December (8) November (25) October (33) September (22) August (17) July (30) June (27) May (21) April (14) March (22) February (13) January (16) 2004 (198) December (8) November (18) October (18) September (15) August (19) July (17) June (11) May (5) April (22) March (13) February (24) January (28) 2003 (5) December (3) November (1) September (1) 2002 (1) February (1) Harald's Web gnumonks.org hmw-consulting.com dunkelromantik.org Projects netfilter/iptables ulogd asis gspc opentom.org librfid openmrtd gpl-devices.org gpl-violations.org OpenPCD OpenBeacon OpenMoKo Other Bloggers Rusty Russell David Miller Martin Pool Lawrence Lessig Sirtaj Singh Kang Jeremy Kerr Atul Chitnis Frank Rosengart (German) Tim Pritlove fukami Michael Lauer Stefan Schmidt Kalyan Varma Aggregators kernelplanet.org planet.netfilter.org planet.openezx.org planet.openmoko.org planet.foss.in Articles on this blog/journal are licensed under a Creative Commons Attribution-NoDerivs 2.5 License.	Fri, 19 Oct 2007 Seeing netfilter/iptables boot-up messages in an airplane I've read a couple of blog posts about the suspicion (or even confirmation) that some of the in-flight entertainment systems are using Linux. It's completely understandable that if you have to put 400+ such systems into a plane, you'd rather use free software for the economics of licensing costs.. imagine 400+ windows licenses :) Now in any case, during my Taipei-Singapore flight enroute my trip back from OpenMoko headquarters to Berlin, I was amazed by the new big-screen entertainment systems that Singapore airlines is apparently using in some of their planes. This particular plane was a Boeing 777-300R. The screens are not the usual 4" or similar, but actually something like 10" - and that in economy class. Also, they're really high-res, and seem to be entirely controlled digital, i.e. no blurry PAL/NTSC or VGA resolution, but actually something on the order of (guessing) XGA. The second unusual bit was the three connectors on the right hand side of the screen. Ethernet (!), USB host and composite video-in. I've never seen something similar in an airplane before. Now unfortunately the system on my seat was stuck. I called the flight attendant, who then issued a remote system reset. To much of my surprise, I could soon see the BIOS boot screens of a VIA based embedded system. Afterwards, it executed RedBoot, followed by a Linux kernel, to be followed later by an X server (you could see the grey background pattern with the X cursor for quite some time), and then some custom X11 applications. As the RedBoot message suggests, the system was implemented by Panasonic Avionics. The first thing worth mentioning was the incredibly slow boot progress. They must be running those systems at low clock speed, and boot them over the network, even though the rootfs was ext2. I didn't see the details since I was too busy grabbing my camera to take this photograph. The amazing thing about this system is that it has 512MB RAM per seat, dissipates a dangerous amount of heat (you can feel it getting very uncomfortably warm under that screen, where probably the entire system is located, similar to a "tablet PC" form-factor). Still, it is very slow. And then look at the details. Why on earth do you need a wifi stack and netfilter/iptables, including ip_conntrack on such a system inside the airplane? I severely doubt that they use packet filtering to prevent a hacker to get from one seat to another - and thus connection tracking adds anything aside a performance hit. So what's it with those connectors? I couldn't get the Ethernet part. And for whatever reason, I didn't have a patch cable in my carry-on luggage either. Maybe the entertainment system might have been even more entertaining that way, who knows :( The USB connector is meant for a user-provided USB memory stick, where you can then watch your own pictures, or use a word processor or spreadsheet to view / create / edit documents. The software used for this is - unsurprisingly - a customized version of StarWriter/StarCalc, based on OpenOffice.org. I've played a bit around with it. Using the controller, you can actually resize the window from full-screen to something smaller, but there's nothing interesting in the background. I've tried to see if one can somehow change the print command to "/bin/sh" and then print a document - but the printing functionality had been removed altogether, so no luck here. I decided to sleep for the rest of the flight, rather than trying different attack vectors. If I run into such a system again, I'm probably quite tempted to do so again. Would be fund to get an entire plane full of Linux hackers (let's say: OLS attendees) and have them play around with it to see how well is is done from a security point of view. I guess the worst-case scenario is something like people connecting their USB hard drives (or laptops via Ethernet) and then ripping the entire entertainment library during the duration of a 12 hour intercontinental flight. I'd suppose they actually should have looked a fair bit at the security of such a system. But then, the same is true for many systems, and developers still neglect that aspect way too often. [ /linux \| permanent link ] Heading back to Germany So, after roughly two weeks of OpenMoko Taipei headquarters, I'm now heading back to my Home+Office in Berlin. And I'm really looking forward to it. During the last couple of months I've tried my best to help the transition from OpenMoko a a project inside a FIC business unit to OpenMoko, Inc. the independent company inside the FIC Group. I've helped with tons of things that are definitely by no means related to kernel/bootloader development, or even the hardware architectural planning that I've been heavily getting involved starting with GTA02. So now it is a good time to finally focus again on what my actual and original task is: Software development. This can be done much better remotely, so I'll expect to be able to work way more from Berlin. Which makes me happy, since it always was and still is my favorite city. And I definitely missed it a lot during the last year of intensive OpenMoko work. Now I'm on my way back, and I'm looking forward to spending more time with my friends, the CCC Berlin. Being able to go to concerts and clubs that play music I actually like. Being able to work on finally improving (or rather: finishing) home improvement in my apartment, and many other things. So don't get this wrong. I'm very much continuing my technical work for OpenMoko, and as the first developer on this entire project and a OpenMoko core team member, I'm always going to maintain an influential role in the project. But finally, I can go home, feel better, work more focused and efficiently, and improve the technical quality of our products even more :) Since OpenMoko now actually has three full-time paid project members in Berlin, It's also going to be nice to closer cooperate with them. (or co-work, like the Chinese English speaking would say) [ /linux/openmoko \| permanent link ] Sun, 07 Oct 2007 Back to Taipei Today I got back to Taipei, almost three weeks later than originally anticipated. More news after at least one night of full sleep and the first day at the office... [ /linux/openmoko \| permanent link ]