Sometimes software problems are a nuisance. Sometimes they cause your brand to lose face – and customers. Occasionally, a software glitch can endanger innocent lives. This edition of The Week in Software Failure includes some issues in the latter category.
If you’re ever tempted to skip a test, delay a test or forego testing altogether to meet a deadline or rush a product out, we urge you to take a breath and read some of these horror stories. Don’t let this be you.
Security firm says iOS vulnerability lets hackers exploit wireless hotspots
Users of Apple’s iOS are fond of thinking their favorite tech gadgets are invulnerable to hacks, adware and other pesky problems long endured by Windows users. Well, it’s not always so.
According to Bloomberg reports, the iOS operating system contains a bug that allows attackers to crash your iPhone or iPad by sneaking in via a wireless hotspot.
The vulnerability has to do with manipulated SSL encryption certificates, according to the security company Skycure Ltd.
“When their programs crash, people tend to put this off as a quality issue,” said Skycure’s CEO, Adi Sharabani. “But it can be a serious vulnerability.”
Apple is declining to comment.
Oof. Third-party iPad software glitch grounds AA flights
Passengers on an American Airlines flight said their trip from Dallas to Austin was grounded because the pilot and copilot both suffered iPad outages. You read that right. iPad outages.
Here’s how passenger Philip McRell explained it to appleinsider.com: “The pilot came on and said that his first mate’s iPad powered down unexpectedly, and his had too, and that the entire 737 fleet on American had experienced the same behavior.”
Apparently, the problem affects crews’ software that displays terminal maps. It’s the official software approved by the Federal Aviation Administration for gate-to-gate use, and apparently, it’s glitchy. Another report said about two-dozen flights were delayed.
Appleinsider said the iPads allowed American to do away with 3,000 pages of documents that crews used to carry on-board. Ditching the 35 pounds of docs saves fuel. However, if the iPads don’t work, the planes aren’t going anywhere. Surely, the folks at American are rattling cages at Jeppesen Mobile, a division of Boeing ,which provides the Jeppesen FliteDeck Pro app.
Warning: Glitch can crash Boeing 787 Dreamliners
Speaking of something glitchy in the air, the Federal Aviation Administration issued an Airworthiness Directive about Boeing’s new 787 Dreamliner. The problem is no big deal, if you consider the possible loss of all AC electrical power “no big deal.”
Yep, this glitch can crash a jumbo jet by causing the total loss of control.
According to a report, the glitch was revealed in laboratory tests and can cause electrical generators on the big jet to fall into failsafe mode every 248 days. At that time, all four main electrical generators will fail simultaneously.
As a temporary workaround, the company plans to periodically shut down – reboot – power systems as part of routine maintenance. Meanwhile, Beoing is working on a bug fix.
When software glitches threaten national security …
Two years ago, hackers broke into third-party software to access the personal files of government and contract workers who had access to classified intelligence. Now we know why.
According to nextgov.com, the problem appears to have been a flaw – a glitch – in ERP software provided by SAP. Left unclear is whether there was a patch available and whether such a patch would have been the responsibility of SAP or USIS the government’s largest provider of information and security services.
A report on the glitch was compiled by Stroz Friedberg, a digital forensics firm hired by USIS. It was written late last year.
“Forensic evidence shows the cyberattacker gained access to USIS systems through an exploit in a system managed by a third party, and from there migrated to company managed systems,” the report says.
As nextgov.com noted, defects in programs used by the government and its contractors sometimes languish for years after a weakness or vulnerability is known.
If only there were a way to avoid such defects in the first place. Oh yeah, there is.