back to article Orion hacker sends stowaway into SPAAAAACE

One of the 1.3 million names sent into space aboard NASA's Orion test capsule was a stowaway, uploaded to NASA's database by a security researcher who found and exploited a vulnerability. The name 'Payload1 Payload2' was one of three uploaded to the NASA Orion database that collected names to be later transferred to a chip …

  1. Lusty

    hacking

    Is this just a really long way to say SQL injection attack and inexperienced web author? Let's face it, getting a name into a list on a database which will be written to a chip isn't exactly a security threat to NASA compared to adding yourself to the list of astronauts going to the ISS for 6 months, or adding yourself to the door entry list for JPL.

    1. Glen 1

      Re: hacking

      Tell that to the admins at "Little Bobby Tables"' school.

      On a slightly more serious note, its a point of ingress which may be possible to exploit further if the attacker was so minded.

      1. Grikath

        Re: hacking

        what Glen1 said...

        It's a point of ingress in a field where there's absolutely no tolerance for error. Space is rather unforgiving....

        In this case the chip just "sat" there.. Now imagine that instead of just having it tag along, they would have done something silly, but ego-stroking, like having the list of names read out over radio during the flight over frequency [x] , if only to test a secondary channel in a public and sort-of-engaging way.. Now imagine the number of *innocent* pranks you could have pulled with that one... A malicious attack would have been a lot harder, but Spacecraft and Murphy are cousins...

        1. MD Rackham

          Re: hacking

          If they were going to read the names out from space, I suspect it would be easier to just register "Ben Dover," "Mike Hunt," and "Tyrone Shoelace" than engage in any hacking.

          Even in space, some things just never get old.

  2. Ole Juul

    security researcher who found and exploited a vulnerability

    Maybe I'm just a bit thick at the moment, but I wouldn't mind if the author told us something about that.

  3. jake Silver badge

    Why the fuck ...

    ... did NASA feel the need to send 1.3 million "names" into space? Surely the idiots making their names available realize that if they use cell phones, their names are already in space?

    Oh. Wait. Idiots. Space-cadet wannabes. Rah-rah cheerleaders for the future.

    Never-mind.

    1. h4rm0ny

      Re: Why the fuck ...

      Maybe they're just not as jaded as you and they really like the idea of their names being lasered onto a chip and hurtling 6,000km over our heads around the Earth.

      Childhood enthusiasm for rockets - losing it is a choice.

      1. an it guy

        Re: Why the fuck ...

        how about this (guesswork):

        The porpose of the trip was to test radiation hardening of systems as well, so LEV on a chip produces small channels that cosmic radiation could distort.

        The second chip had data flashed onto it, so checking if radiation damaged is a quick way of checking that the radiation shielding worked (or not), and if the circuitry had radiation induced shorts/data failure.

        This would be why the chips were sent into space in my opinion

        1. Where not exists

          Re: flying chips

          Sounds reasonable. NASA is unlikely to just throw something out into space without a purpose for it.

        2. I am not spartacus

          Re: Why the fuck ...

          Well, at least that's broadly plausible.

          I came here (the comments section) to find out what the story was actually about - without knowing why the 'names in space' thing was going on, it is impossible to assess the risks in someone subverting the process.

          So, a plausible story is 100% more than I felt that the original author gave me. Make your own decision about whether that is significant.

      2. John Brown (no body) Silver badge
        Paris Hilton

        Re: Why the fuck ...

        "their names being lasered onto a chip and hurtling 6,000km over our heads around the Earth."

        Maybe if it was a deep space probe or at least a multi-year orbital mission. But just for two orbits in less than 4.5 hours followed by a splashdown? It sounds like the sort of publicity stunt the Reg SPB would do with with a balloon launched rocket powered 3D printed spaceplane rather than multi-billion funded NASA :-)

        1. h4rm0ny

          Re: Why the fuck ...

          >>"Maybe if it was a deep space probe or at least a multi-year orbital mission. But just for two orbits in less than 4.5 hours followed by a splashdown? It sounds like the sort of publicity stunt the Reg SPB would do with with a balloon launched rocket powered 3D printed spaceplane rather than multi-billion funded NASA :-)"

          Well I'm sorry that you don't get out of bed for less than a hundred complete orbits, but if others get a kick out of this - good for them. The thing about "publicity stunts" is that they're only a negative for bad causes. If this gets schools, enthusiasts or anyone else paying attention to spaceflight, that's a good thing, imo. Have you even looked at their site? Here it is:

          http://mars.nasa.gov/participate/send-your-name/orion-first-flight

          Go on - take a look. This is fun stuff if you're a kid, it's got a mock-up "boarding pass" for your name, you sign up for updates and you get to see maps of where it is and learn more about it.

          Didn't you all get the memo? Being a jaded above-it-all cynic is so Nineties. Enjoying stuff and being enthusiastic is what the cool kids are doing these days. Go and listen to your Cure albums or something if you don't like it. :p

          1. I ain't Spartacus Gold badge
            Happy

            Re: Why the fuck ...

            Go and listen to your Cure albums or something if you don't like it.

            H4rm0ny,

            I just mis-read that as go and listen to your Corrs albums. Wondered what the hell you were on about, went back and re-read it. And now I have the mental image of Morrissey singing light folk/pop with his more attractive sisters, while still managing to be very very depressed...

    2. Gene Cash Silver badge

      Re: Why the fuck ...

      > Space-cadet wannabes.

      Yup, that's me!

      > Rah-rah cheerleaders for the future.

      Last week, I designed a coin box for my motorcycle myself with a computer, and transmitted the design across a worldwide network to a robot that automatically created my design for a small fee.

      This week, I'm riding an electric motorcycle, with a portable connection to that same world wide network of computers, that can locate itself and show me on a map where the nearest charging station is.

      It don't get much more "future" than that.

  4. Anonymous Coward
    Anonymous Coward

    Would've been way cooler if...

    ...the name had been 'Major Tom'.

  5. Florida1920
    Megaphone

    Boys and their toys -- in spaaaace

    El Reg has Playmonauts, NASA has frickin' laser-engraved chips. Your move, Vulture Central. We're waiting for Playmonauts with frickin' lasers.

    1. h4rm0ny

      Re: Boys and their toys -- in spaaaace

      <a href="http://www.ruralking.com/media/catalog/product/cache/1/image/9df78eab33525d08d6e5fb8d27136e95/p/l/playmobil_toys_shark_7006.jpg>This one</a> first!

      1. ukgnome
        FAIL

        Re: Boys and their toys -- in spaaaace

        Oh Dear h4rm0ny - looks like a HTML fail.

        I'm sad for you.

        1. NumptyScrub

          Re: Boys and their toys -- in spaaaace

          The dangers of one stray double quote :'(

  6. Stevie

    Bah!

    Very good.

    Now explain why in Goddard's name a rocket* needs to be connected to the internet in the first place and we are good to go.

    * aka Intercontinental Ballistic Can Of Very Explosive Chemicals We Just Set Fire To.

  7. Anonymous Coward
    Anonymous Coward

    Strange....

    the Yanks call Chips 'French Fries'..........would've been funny if they'd put 2 french fries in the capsule......might also be a better test for the Radiation Shield! If they sent them up uncooked and they came back a lovely Golden Brown, then they'd know for certain that the Shield was for shit.....don't know what they would've done with 2 Radioactive French Fries though?

  8. rickyjames

    Orbital vs. Suborbital

    Um, Orion was an orbital flight, not a "sub-orbital" one. Its flight lasted only about four hours, but definitely multiple orbits - anything that stays up over 90 0r so minutes always is.

    1. Anonymous Coward
      Anonymous Coward

      Re: Orbital vs. Suborbital

      0r so Glassh0pper.

    2. Afernie

      Re: Orbital vs. Suborbital

      Two, to be precise. As mentioned in the last paragraph of the article, subheading not withstanding. :-)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like