Hacker News new | past | comments | ask | show | jobs | submit login

I'd be surprised if aviation systems are much better. They're really into putting everything on the same physical network too, but employing these things called "data diodes". As if that's a real thing, practically speaking.



You can even imagine that Dilbert manager telling you to put those diodes back...


The problem is having virtual 'data diodes', or doing things like vlans on shared complex switches.

A real data diode is easy. You hook up half a serial port.


Sure, but the infotainment system isn't connected via a serial port.


It absolutely could be, though. Or you could use half an ethernet port. The idea of a data diode is fine, it's the [lack of] implementation that's at fault.


I mean, those movies being played on the back of seats aren't being run through a serial port. Given the move to an "on demand" scheme, they're not one way. The data diode is clearly meaningless when there's obviously two way traffic.


I don't understand. You wouldn't store the movies on the avionics systems in the first place. That's all inside the infotainment system, on one side of the diode. The things going over the diode would be stuff like current location and tire pressure.


Ultimately the whole point of having these systems connected on both cars and planes is to save weight on wiring. Their data diodes are just vlans.


Which are often insecure, making them not actually data diodes.

Which is where we started.

And still the problem is not the idea of a data diode, it's implementation.


> "data diodes". As if that's a real thing, practically speaking.

On CAN bus, it actually can be.

I've seen CAN bus participants with the transmit pin not connected. They were physically incapable of writing to the bus (granted, this drastic solution only works in very simple cases).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: