Hacking a starship

Discuss the Traveller RPG and its many settings
phavoc
Cosmic Mongoose
Posts: 4028
Joined: Tue Nov 04, 2008 6:13 pm

Hacking a starship

Postby phavoc » Tue Nov 14, 2017 2:41 am

Not sure how many players run hacking ops, but here's a real-world article about them hacking a 757. It doesn't go into details of exactly how, but you can Google other stories about hacks of vehicles like cars to get a better understanding of what's possible.

http://www.dailymail.co.uk/sciencetech/ ... unway.html

In this particular case they didn't have to jack into the system (which if a person were on a starship they'd have to). While systems are different I think you can gain an understanding of what's possible (and countermeasures) by doing this. In the case of worrying about passengers hacking a ship in-flight, you could have the ships control systems on an entirely separate network from what passengers have access too. This would be less likely on smaller tramp freighters, but it would be reasonable to have a paranoid owner re-wire a few things to do this. And you could toss in ways to make it hard to bust, like quantum encryption on the fiber optics (or whatever passes for that in the future) which makes physical interaction pretty damn impossible. An enterprising hacker might be able to create a method that would allow them to 'sniff' the transmissions, but not necessarily hijack them w/o say setting up a feedback loop and tricking the system into thinking his commands are the correct ones.

Just one idea. There are literally too many to calculate, so use your imagination refs!
baithammer
Banded Mongoose
Posts: 366
Joined: Wed May 31, 2017 2:21 am

Re: Hacking a starship

Postby baithammer » Tue Nov 14, 2017 6:05 am

There has been a number of hacks on airliners, one of them was a usb charging port that had a data line to the charging computer which was hooked into the overall computer system with no security; Another one was through a inflight wifi connection which once again was connected to the main computer system with little to no security.

At least traveller gives us access to the security program that increases the task target and the anti-hijack program that imposes a dm penalty.
Condottiere
Chief Mongoose
Posts: 5511
Joined: Mon Sep 23, 2013 8:23 pm

Re: Hacking a starship

Postby Condottiere » Tue Nov 14, 2017 11:03 am

Presumably after millenia of attempts at this, ship computers would require physical contact for hacks, and are shielded against bridging tries over airgaps.
baithammer
Banded Mongoose
Posts: 366
Joined: Wed May 31, 2017 2:21 am

Re: Hacking a starship

Postby baithammer » Wed Nov 15, 2017 3:09 am

And the weakest point is always social engineering, just one crewman being not too savy and hooking up a data source can result in a compromised system. ( Especially the degree of integration in traveller.)
Condottiere
Chief Mongoose
Posts: 5511
Joined: Mon Sep 23, 2013 8:23 pm

Re: Hacking a starship

Postby Condottiere » Wed Nov 15, 2017 9:03 am

Image
heron61
Mongoose
Posts: 144
Joined: Thu Oct 16, 2014 9:43 pm

Re: Hacking a starship

Postby heron61 » Thu Nov 16, 2017 9:28 am

baithammer wrote:
Wed Nov 15, 2017 3:09 am
And the weakest point is always social engineering, just one crewman being not too savy and hooking up a data source can result in a compromised system. ( Especially the degree of integration in traveller.)
Presumably one popular tactic for hackers would be to have some sort of device that appears innocuous that you get a particularly clueless crew member to hook up to test it, download the latest episode of X holovid that you heard them talking about or whatever, and then once it's in the system, it resets of a few passwords and door lock biometrics so you can go in and take over the system at your leisure. If you have a particularly clueless crew member, you could even find a reason for them to leave your device plugged in for an hour or two, and you pair it to your hand computer and hack the hell out of the ship.

You could even use this method to do subtle stuff like changing the biometrics of passenger lockers/safes for valuables to include you (and the original owner so as not to raise suspicions), grab various valuables near the end of the trip and then make sure you are one of the first people off the ship. If you're lucky, by the time anyone notices, you're well into the high port and using another ID, and some sort of disguise to fool facial recognition software.

It seems certain that airgaps and other security measures would have become standard millennia ago, but given that even after that time, entirely bug proof software won't exist, so there will be ways to alter and reset locks and similar features, and if you can get some clueless but helpful crew member to give you just a bit more access than you should have, any security measure can be compromised.
phavoc
Cosmic Mongoose
Posts: 4028
Joined: Tue Nov 04, 2008 6:13 pm

Re: Hacking a starship

Postby phavoc » Thu Nov 16, 2017 2:46 pm

heron61 wrote:
Thu Nov 16, 2017 9:28 am
baithammer wrote:
Wed Nov 15, 2017 3:09 am
And the weakest point is always social engineering, just one crewman being not too savy and hooking up a data source can result in a compromised system. ( Especially the degree of integration in traveller.)
Presumably one popular tactic for hackers would be to have some sort of device that appears innocuous that you get a particularly clueless crew member to hook up to test it, download the latest episode of X holovid that you heard them talking about or whatever, and then once it's in the system, it resets of a few passwords and door lock biometrics so you can go in and take over the system at your leisure. If you have a particularly clueless crew member, you could even find a reason for them to leave your device plugged in for an hour or two, and you pair it to your hand computer and hack the hell out of the ship.

You could even use this method to do subtle stuff like changing the biometrics of passenger lockers/safes for valuables to include you (and the original owner so as not to raise suspicions), grab various valuables near the end of the trip and then make sure you are one of the first people off the ship. If you're lucky, by the time anyone notices, you're well into the high port and using another ID, and some sort of disguise to fool facial recognition software.

It seems certain that airgaps and other security measures would have become standard millennia ago, but given that even after that time, entirely bug proof software won't exist, so there will be ways to alter and reset locks and similar features, and if you can get some clueless but helpful crew member to give you just a bit more access than you should have, any security measure can be compromised.
All good reasons why you should physically isolate your networks from one another. If you do this when you are starting out, it's not that much more expensive. It's not done now because (a) the people that make the decisions don't understand it, (b) network admins don't like it because they have to use two separate systems, (c) users bitch and moan. You wouldn't do something like this on say a scout ship. Maybe a free trader on up. But there's really no need to have crew cabins or passenger areas able to access ship systems.
Condottiere
Chief Mongoose
Posts: 5511
Joined: Mon Sep 23, 2013 8:23 pm

Re: Hacking a starship

Postby Condottiere » Thu Nov 16, 2017 4:15 pm

You can carry your entire media library and personal communicator on your ePhone XXX, so all you need is to have the common and cabins wired for communications, security and environmental monitoring, which can run on a separate system, though presumably, they could try it in a firewalled virtual machine.
Rikki Tikki Traveller
Cosmic Mongoose
Posts: 3314
Joined: Mon Aug 06, 2007 3:20 pm
Location: Arlington, TX USA

Re: Hacking a starship

Postby Rikki Tikki Traveller » Thu Nov 16, 2017 5:59 pm

baithammer wrote:
Tue Nov 14, 2017 6:05 am
There has been a number of hacks on airliners, one of them was a usb charging port that had a data line to the charging computer which was hooked into the overall computer system with no security; Another one was through a inflight wifi connection which once again was connected to the main computer system with little to no security.

At least traveller gives us access to the security program that increases the task target and the anti-hijack program that imposes a dm penalty.
That connection allowed VIEWING only. There was no connection that allowed control. The systems are "connected" only in the sense that the IFE/Wifi system can detect important things like "Weight on Wheels". There is no way to use that connection to do anything to the plane.

Sorry - I had to clarify that.
My friends call me Richard.
You can call me Sir.
baithammer
Banded Mongoose
Posts: 366
Joined: Wed May 31, 2017 2:21 am

Re: Hacking a starship

Postby baithammer » Thu Nov 16, 2017 6:03 pm

No, there were at least two full access exploits discovered and thankfully were done by whitehats that passed on the details to the manufacturers.

Who is online

Users browsing this forum: Bing [Bot] and 14 guests