They were probably just putting enough of a roadblock into the process to stop 98% of people from copying or selling nonauthorized cards. Also the "encrypt/decrypt" needed to be fast on the hardware of the time so it would necessarily be something pretty simple.

If you own an airplane, you can afford to buy avionics updates legitmately, and will likely make very little effort to seek out unauthorized sources.

> If you own an airplane, you can afford to buy avionics updates legitmately, and will likely make very little effort to seek out unauthorized sources.

Not only this, but the method here is definitely non-compliant with FAA regs. You aren't even allowed to pull the sled out of the panel by yourself (you need a FAA-certified mechanic for all removal/installation of avionics), there's no way that the FAA would be cool with you flashing a reverse-engineered database onto it.

To be clear: by all means go ahead and do this. If the database on the unit is outdated then it's functionally useless for any purpose. It's totally legal to have a GPS in the cockpit that you use for VFR operation, so it's still worthwhile. Have a mechanic pull the sled and reinstall it when you're done, it's the law.

But your GPS is no longer rated for IFR operation. If you have an accident while flying IFR on unrated equipment the FAA will see the removal and reinstallation of the sled in your maintenance logbooks and they will come down on you like a hundred tons of bricks.

I never claimed to flying on a database updated thusly or removing my GPS from the panel. Both spare cards and spare GPSs are on ebay easily

No, you toe that line very carefully. You do mention removal (not sure if removing sleds is actually OK, I'll defer to you there, but in the general case avionics installation/removal is not OK), never mention flying on it, or quite explicitly state that this modification is legal. You just state that you have "a nice IFR-certified GPS" (not after this procedure you don't), and state that this procedure is "third option" to a legal-but-expensive service by a certified mechanic or illegally hacking in a connector for the official installation utility.

Again, to be clear, doing the mod is legal(-ish, probably violates DMCA but who cares). Flying IFR on it is not. Pulling and installing your own avionics is not. Flying VFR on it is... questionable, but not likely to end poorly.

This whole thing has giant red "DANGER" signs all over it and you should be making it very clear what the exact bounds of the law here are. Selling unpopulated PCBs is treading very close to the edge, that's farther than I would go personally. Selling finished units would definitely be over the line, you would certainly have liability if something happened to an aircraft because of your device. You need to be very clear about the fact that this database is not legal for IFR and the other caveats involved.

Again, I think the actual risk here is low for VFR flight, and I also think you got your reverse engineering correct and checked your work. But from the FAA's perspective: what if you actually did fuck up the reverse engineering, in-flight the unit hangs in a loop, overheats, and starts a fire in your cabin? That's not the perspective HackerNews likes to take, but it's the perspective the FAA does its regulation under. After all, until like 2012 you weren't even allowed to flash your own GPS database, you had to have a mechanic insert the connector and doubleclick the EXE for you. They are not DIY friendly people.

I don't think they'd be OK with a user-upgraded DB that was not done through an official installation tool. I think it's legally dubious even having that card installed in your aircraft (regardless of actual risk), flying IFR on it is right out.

Pulling your own avionics is legal if your airplane is experimental. If you want to hack your airplane, you should clearly have an experimental, not a certified one.

It is my understanding that, in an experimental, you can even legally fly IFR with a GPS you built yourself, as long as it complies with the performance standards and you document the test data that verifies that it does so. Whether it's wise to do so is a different question.

I didn't consider experimental and I agree it sounds more reasonable there. I'm not super familiar with experimental regs, other than the obvious "no commercial use" rule and the necessity of hanging on real tight while you bump and wobble your way down the strip :P

Interesting about the fact that you can fly IFR on your own GPS. I would not have figured that would be allowed since you will be around other aircraft under similar weather conditions/operating rules. Particularly in Class Bravo airspace where it's busy. Or are there other restrictions about experimental aircraft in Class B?

Why wouldn't you? You can fly IFR with a paper map and a few instruments.

As long as the paper maps and your instruments are accurate, that's perfectly legitimate.

There's no guarantee that a random GPS you built yourself is anywhere near accurate, doesn't have random edge cases, etc. That's problematic when there's a high density of other aircraft containing hundreds of people around.

Not saying it's not legal, it just surprises me because the FAA is usually really cautious.

> They are not DIY friendly people.

Actually, yes they are. You just register your aircraft as an experimental aircraft and bingo you're free to do repairs, maintenance and modification to it as you like. However, as an experimental aircraft you're restricted from using it for commercial uses.

Experimental is fantastic for private pilots and families. In fact, Experimental aviation is where the majority of the small aircraft market has moved to, as well as /all/ of the progress.

EDIT: also, you can purchase a certified aircraft and have it reclassified to an experimental as you will. Some people to it to things like Cessna's in order to change the engine/props. Though it's much more common to start off building an experimental from scratch.

While I get your point, an in-flight device that gets stuck in an infinite loop should not cause an in-flight fire. If that still happens, then it's safe to say that more than one mistake was made. Otherwise you're basically assuming that an untampered vendor model of that unit is so perfect that it would never get stuck in a loop. And as we all know in aviation, to assume anything is making an ass out of 'u' and me. Especially when you assume that something is perfect and cannot fail.

Notwithstanding this, I totally get what would happen in the scenario you describe, and I think it's pretty accurate.

Again - like I said, I don't think that's a likely scenario at all. I think this guy did his stuff right and so on.

But there's all kinds of unanticipated failure modes when someone without actual knowledge of a device generates a data structure that mostly kinda sorta works, and the FAA does not do anything halfway. The people who designed it okay it, or you get it re-certified, or else it's not approved (except experimental certification, based on what people are saying).

Everyone in this business is 'more Catholic than the Pope' for a very good reason. Almost every single one of the rules we find so restrictive is so restrictive because it was bought and paid for with someone's life -- and often the lives of the innocent who trusted them as well.

Being certified and claiming to others to be certified is a promise. It's a position of trust in much the same way is anyone with a licence to practice medicine and who actually does practice is trusted.

We guard the system so jealously because have to trust in the system. Without it, it's far too dangerous for any rational person to even consider stepping foot on a plane or in an emergency room.

> and often the lives of the innocent who trusted them as well.

This is the most crucial part. Maybe you, personally, are OK with modifying your plane and you accept the possibility that your tinkering may cause the plane to crash. But unless you're flying in the middle of Siberia, there are others.

The people in the house you may crash in, the people in the other plane you may have just clipped in the runway, the SAR crew that may drown trying to rescue you after your corrupted GPS database diverted the plane to open ocean in stormy IFR conditions. Please everyone, think of their lives even if you're open to risk yours.

There's a reason for that. Quite a lot of people in this business end up splashed all over terra firma. Like I literally guarantee anyone who's an active pilot knows someone who has died or had some really fucking close calls.

I grew up in a house that's adjacent to a small grass airstrip. You walk across a grassy field for 50 feet and around a barbed wire fence, there's a barn on your right that opens onto the airstrip. The guy who owned that barn died when the wing fell off his buddy's ultralight down in Florida. Now it belongs to his kids and they're keeping some construction equipment in there until it finishes decaying and falls down.

My dad belonged to an aviation club at a municipal airport (different from the grass strip) with four aircraft for about a decade when I was a kid. I can remember no less than three major accidents.

Once, the mechanic was changing the oil and stuffed a paper towel into the oil drain cock to catch those last annoying drips of oil that gunk up the cowling. He forgot about it and it held well enough for the pilot to make it off the ground, then popped loose. She saw the oil pressure gauge drop and decided it was a bad gauge and proceeded on. She made it about 30 miles and seized the engine, then put it down on Milford Proving Grounds.

Another time, a club member was making a night approach into Lansing and got a little low. Apparently he noticed that the runway lights were starting to sparkle, and that's when he clipped the tree canopy (low-wing aircraft). He jerked the yoke back and floored it and managed to climb out. Thanks to the adrenaline rush he made the worst decision of his life. He called the 24/7 staffed tower at a mid-tier international airport with fire rescue service and requested direct clearance back to his home-field where the tower had closed at sundown, without mentioning that he'd flown his plane into a fucking tree. On the hour long flight back he had some time to cool off and think about it, which turned out to be the best decision of his life. He realized how totally fucked he was flying at night with a derelict aircraft into a municipal airport with no tower and no fire service, and started thinking. He reckoned that since he'd been doing 75 knots when he jerked the yoke back, the aircraft would be flyable at that speed. So his plan was to fly it all the way down to the ground at 75 knots. Turned out to be a great decision - a Piper Archer normally lands at 50kts, he flared at 75 kts and the aircraft fell out of the air onto the runway. When he could get some lights on he saw that he'd knocked several feet out of the leading edge of one of his wings. Repairable, the club fixed it and eventually sold the airplane.

Much simpler one, someone fucked up and ran the plane out of gas and parked it in a cornfield. That's the good kind of accident, everyone involved is real happy to walk away and come hire a trailer to come and get the plane.

That includes the FAA. To be brutally honest the FAA is the poster child of a cooperative regulatory agency. If you make an oopsie and have an accident, you come clean and tell them what happened. They track all that shit, they have probably the world's most accurate picture of the kind of accidents that happen in their field. They know everyone is human and mistakes happen, if you come clean and weren't grossly negligent then you are likely to walk away with a "this is a life lesson: do better next time". Or maybe some remedial flight training if you were a total knucklehead. But if they catch you doing something like modifying your avionics or pencil-whipping your maintenance logs they will come down on you like a fucking ton of bricks and you will never again set foot on any airplane where the flight attendants don't do a song-and-dance before takeoff.

I myself had a semi-close call when I was a kid. We had a father-son outing where my dad flew me, his instructor, and his instructor's kid across the state to a really cool aircraft museum attached to an airport (nowadays they have an SR-71). On the way back they noted the oil pressure was getting a little low, topped it up, and marked it in the log. The maintenance guy took a look at it. Cracked crankcase, don't remember if it was major service or a new engine. Could have been a problem if someone else had flown it for a couple more hours before us and hadn't noted it. That's the kind of shit that gets you if you're not careful about it. One pilot - not even the pilot actually flying the airplane at the time - making an oopsie at a bad time, or in too much hurry to mark that they added some oil in the maintenance log, and that could have been it. You're fucked if it seizes on climbout - and that's when you're pushing the engine hardest.

Ever heard the saying? There's old pilots and there's bold pilots, but there's no old, bold pilots. The truth is the FAA is just the hired gun here. Around good pilots - nobody pencilwhips the logs because if that's the norm then next time it might be them, or their buddy. The FAA rules are there for a reason, hard learned reasons, and airmen don't want to kill each other either or the public. The risks of flying around a several-ton missile full of fuel at 100kts are absolutely palpable in this hobby. A good airman will drive the plane down into the ground rather than hit something that might have people in it. That could be you or your friend.

---

It's kind of sad because I know the airstrip is toast as soon as the 85 year old who owns it croaks. His son is raring to sell it.

On the other hand once I got to see someone bring this CASA-212 twin-engine cargo plane into this tiny grass strip, turn around, and do a takeoff. Must have been someone on their checkride - spec sheets says the plane can do it, so let's see it. Damndest thing I've ever seen, I wish I had video.

http://www.jetphotos.net/showphotos.php?regsearch=N687MA

Jack Roush (the racecar driver) also used to buzz the airfield in his T-6 Texan and P-51 Mustang. We would always run out and watch, and one time he landed and asked if it was cool if he buzzed the runway and we were like "hell yeah!?". Then our asshole neighbors who unknowingly bought airport-fronting real estate got butthurt because he was waking up their infant and reported reported him to the FAA for doing low level acrobatics. He got a suspension and never came back again.

Not strictly legal with the license he had, and that's how the FAA plays the game. He stepped over the line and he got slapped for it. But he wasn't really being dangerous and it was so cool to see, he'd dive and come by 30 feet off the deck, then do a sick climbout, maybe with like a roll or something. One time we heard him make a pass and then rushed my grandma out without telling her what was happening, and he came by and gave her the scare of her life. I miss you buzzing the field, buddy, come land again and say hi sometime :(

Another time, my sister and I witnessed a plane crash. Living next to an airfield you get a sense for how fast a plane needs to be going to take off. I saw this Cessna come by way fucking slow. Like probably 30mph, 150 feet from the end of the runway, on the ground. There's a point on the runway called V1 where you're committed , usually below the speed where you can take off safely, so you're in it for the long haul. There's a displaced threshold on that runway because of a gigantic fucking tree 50 feet off the end of the runway. This guy was way below where he needed to be, he was fucked, and he realized it, and he pushed it back onto the ground, jammed the brakes, and swerved into a field of soy (60 ft wide with a busy road on the other side). Clipped a wingtip (high wing), torqued it around 270 degrees, and ripped one of his gear off. But it was the good kind of crash. He walked away and the trailer came and picked up his plane.

We'd sometimes get Blackhawks from Selfridge ANGB and shit in the middle of night practicing their rustic-site operations. Never knew what you'd get, really. One time 7-year-old me helped launch a hot-air balloon that had decided to ride out some inclement weather on our field.

But yeah, in 10 years tops it'll all be a subdivision because the son of the owner is chomping at the bit to sell and develop that shit, since it's several hundred acres of woods with several lakes included. Used to take my dog running down the twotrack and see the lakes. 25 years ago a tornado ripped all the siding off the only permanent hanger and threw it into a tree, and it's only been getting worse since. The owner hardly ever plows the field anymore (used to use a vintage Korean War Deuce-and-a-half to plow and roll). We've been the ones who do the mowing for quite a while now. All those moments will be lost, like tears in rain. At least my parents tell me that they're filming a Netflix movie called "Crystal" there (production codename?) so I hope it will be immortalized.

https://en.wikipedia.org/wiki/GMC_CCKW#/media/File:GMC_2_Hal...

I should get a drone and do some flyarounds for posterity. I used to fly R/C airplanes there all the time, we get a landing like once a month nowadays and I'm 100% willing to trash the R/C airplane to avoid hitting a real plane if it comes down to it.

PS: as far as I know all of those pilots flew again. Except the ultralight guy of course.

The air traffic controllers are there for you. They are waiting for you to declare an emergency so they can use their superpowers to help - I've literally heard a controller prompt a distressed pilot to make a declaration. Once you say those magic words, "[tail number] declaring an emergency", you literally can request any clearance or approach and reject anything they grant if that's what you need in order to get onto the ground. They will bend heaven and earth to get you back down safely - they will divert multiple airliner traffic for you if that's what it takes. Tell them what is wrong and they will rally ground resources for you and tell you from a 3rd party perspective what they think your best move is. They are there to help you, the pilot who is fighting a losing battle in their tiny, fragile, flammable little bubble of a world, and the FAA will likely forgive all if you weren't a total retard about the whole accident. Admitting you made a mistake is 75% of the battle.

That's the deal, you tell daddy and everything will be OK. They need to know what actually happened so they can address the actual risks of aviation. If people are flying tired, they want to know. If digital cockpits are too complex, they want to know. Etc etc. That's their mandate. General aviation is a super fucking risky business, they know it, there's tons of hardware failure and pilot error and combinations thereof, and they want to try and make it safer.

But if you try to fuck the system then you will be taken out and shot out back as far as the FAA is concerned. Lying to them is the worst offense you can possibly do as a pilot, either in an incident report or in your maintenance logs. If they catch that it's over.

They track every problem back relentlessly and they will have a very solid chance of catching you in a lie, because they want to make damned sure nobody else ever dies needlessly to the same thing that downed your aircraft. There is no such thing as "nobody's fault" as far as the FAA is concerned and they will bend heaven and hell just as hard to find out what really happened. Every part in every system on your plane has a page in a binder that lists everyone who touched it - they will find it eventually.

If you have a problem, you fess up to your lie right then and there, or you better hope you crash so bad that when you hit every chip on that memory card is shattered beyond repair. You get to choose, either confess and live, or die and keep your secret, or live and keep your secret and spend the rest of your life as a paraplegic. Either way it will be on the ground where you belong.

It took a very dedicated engineer 3 days to decrypt it, using tools and knowledge 20 years into the future.

That's pretty good encryption in my book.

Decryption aside, reverse-engineering anything is extremely difficult - I've seen projects like this take much, much longer than 3 days even when no encryption is involved. But as for the encryption itself, the author says himself: "the 'encryption' method was laughably simple." That may be "good" encryption from a hacker perspective, in that it's easy to work around, but it's not "strong" encryption in any book.

I have seen this quite often in legacy devices. 20 years ago there wasn't ida-pro, and the designers probably felt more secure about leaving all the pieces of the puzzle in the hands of the enduser. Real cryptography was more difficult on 8 bit hardware, as well as being export-controlled.

The last one I encountered was an s-box, where the s-box material was included in the update file. The only secret was the initial substitution ('seed' if you will.) They kept it in firmware until the very last product to use this scheme, whose windows app decrypted the update to learn some details about the update before it was loaded into the embedded device.

IDA Pro might not have existed 20+ years ago but other tools certainly did. I can recall using SoftICE as a teenager to "crack" door games for my BBS. Thanks for the flashback. :)

I do understand your point, though.

I still use SoftICE (DOS) for its debugger! (I still get legacy projects from time to time.) But it requires a lot more manual labor to understand a binary.

I'd like to think it was 3, just because the design has just enough of a PITA factor that it's just plain easier to pay Honeywell for updates so long as the program exists. But as soon as the program doesn't exist, at the least the hardware isn't a brick.

Another possibility is that they designed it as just a thin brick wall for the consumer, never suspecting or caring if they'd reverse engineer it one day, while making it easy for them to do these updates by mail. By making a system easy for Honeywell to provide mail-in updates, they unwittingly made it easyish to hack 20 years later.