I've been trying to ignore this story about Boeing's alleged security weaknesses in its 787 networking, but it has legs: I keep reading references to it, so here goes. The Boeing 787, the Dreamliner, a plane that's remarkable and daring in so many aspects, doesn't have Wi-Fi on board. In their failed effort to meet their original deadlines for delivery, Boeing jettisoned the Wi-Fi system in favor of Ethernet to each seat, which, due to the structured wiring approach they have, reduced weight by 150 pounds. Go figure. (Boeing also showed a fully assembled plane a few months, the first, and then proceeded to disassemble it to make it work, which was why the head of the division was reassigned and the plane is now many months overdue, although they may meet their revised deadlines.)
This Wired article seems to be making a huge mountain out of the molehill that the FAA releasing a report that documented what it calls new forms of passenger connectivity that could allow vulnerabilities allowing passengers to gain access to flight systems. Now I find this all rather dubious for a few reasons. It's not like Boeing is new to making aircraft. It's not like Boeing didn't have (and shutter) the first in-flight broadband network. It's not like the FAA doesn't release reports like this all the time to make sure that there's full disclosure to the aeronautic community about particular issues in new planes. This is all part of the procedure.
Wired quotes a single analyst working for a company in "stealth mode" who most likely brought this FAA document to the Wired reporter. The analyst could, in fact, be set up to provide consulting to the airline industry, and thus have a vested interest in raising FUD about it.
I'm not saying that Boeing couldn't have developed a system with specific risks that they haven't well addressed. Rather, that we're still at a routine point in this development, and that the FAA highlights risks of this sort to make sure--in a manner that most government agencies and industries don't--that parties involved are aware of potential problems.
Boeing may have made huge mistakes, but I expect they have not. I expect the system will be correctly hardened, partitioned, and logically and physically segmented to prevent flight system access.
what I remember from a AEEC meeting was Boeing going for the 802.11 N standard because the IFE was going to go wireless. I don't think the N standard is complete or maybe it is just finished. I suspect Boeing didn't want to wait for than standard.
I agree with you, Boeing does very complete tests and takes security very seriously.