| Subj: | More on electronic hijacking -- scary! |
| Date: | 10/15/01 5:07:24 AM Pacific Daylight Time |
This web page is something of an overwritten mess, but since it says
"This report may be republished unedited for non-commercial reasons in
the interests of public safety" I copied it in its entirety. Your link
to
the Rumor Mill News article pointing out disrepancies in passenger
lists
sure makes me wonder if any Arabs were on
board.
Video...
http://geocities.com/joevialls/homerun.html
is not one I'd previously seen.
See what you think...
http://geocities.com/mknemesis/homerun.html
Click here to view approach and attack profile video of United Flight
175 (World Trade Center #2)
In the mid-seventies America faced a new and escalating
crisis, with
US commercial jets being hijacked for geopolitical purposes. Determined
to gain the upper hand in this new form of aerial warfare, two
American
multinationals collaborated with the Defense Advanced Projects
Agency
(DARPA) on a project designed to facilitate the remote recovery of
hijacked American aircraft. Brilliant both in concept and
operation,
“Home Run” [not its real code name] allowed specialist ground
controllers
to listen in to cockpit conversations on the target aircraft, then
take
absolute control of its computerized flight control system by
remote
means.
From that point onwards, regardless of the wishes of
the hijackers
or flight deck crew, the hijacked aircraft could be recovered and
landed
automatically at an airport of choice, with no more difficulty than
flying a radio-controlled model plane. The engineers had no idea that
almost thirty years after its initial design, Home Run’s top
secret
computer codes would be broken, and the system used to facilitate
direct
ground control of the four aircraft used in the high-profile attacks on
New York and Washington on 11th September
2001.
Before moving on to the New York and Washington attacks,
we first
need to look at the ways in which an aircraft is normally controlled by
its pilot, because without this basic knowledge, Home Run would make
no
sense. In order to control an aircraft in three-dimensional space, the
pilot uses the control yoke (joystick) in front of him, rudder pedals
under his feet, and a bank of engine throttles located at his side.
Without engine thrust the aircraft would not fly at all, so the
throttles
are largely self explanatory: For more speed or altitude increase
throttle, for less speed or altitude decrease throttle.
In order to raise or lower the nose of the aircraft,
the pilot pulls
or pushes on the control yoke, which in turn raises or lowers the
elevators on the horizontal tailplane. To bank the aircraft left or
right, the pilot moves the control yoke to the left or right, which in
turn operates the ailerons on the outer wings. Lastly, to turn left or
right at low speed or “balance” turns at high speed, the pilot
presses
the left or right rudder pedals as required, which in turn move the
rudder on the vertical stabilizer.
Back in the early days of flight, the control yoke and
rudder pedals
were connected to the various flight control surfaces by thin
cables,
meaning the pilot had direct physical control over every movement
the
aircraft made. This was no great problem for an average man flying a
small biplane, but as aircraft grew ever bigger, heavier and faster over
the years, the loadings on the control yoke and rudder pedals became
huge, certainly well beyond the ability of a single pilot to
handle
unaided.
By the late fifties we were well into the age of hydraulics,
where
just like the power steering on your automobile, hydraulic rams were
placed in line between the pilot’s control cables and each
individual
control surface. Now when the pilot moved the control yoke, the
cables
activated sensors, which in turn activated one or more hydraulic rams,
which in turn moved one or more control surfaces. For the first time
since Bleriot and the Wright brothers, pilots were of necessity
being
steadily distanced from direct control of their own aircraft.
When the multinationals and DARPA finally came on the
scene in the
mid-seventies, aircraft systems were even more advanced, with
computers
controlling onboard autopilots, which in turn were capable of
controlling
all of the onboard hydraulics. In combination these multiple
different
functions were now known as the “Flight Control System” or FCS,
in turn
integrated with sophisticated avionics capable of automatically
landing the aircraft in zero visibility conditions. In summary, by
the
mid-seventies most of the large jets were capable of effectively
navigating hundreds of miles and then making automatic landings at
a
selected airport in zero-zero fog conditions. All of this could
be
accomplished unaided, but in theory at least, still under the watchful
eyes of the flight deck crews.
In order to make Home Run truly effective, it had to
be completely
integrated with all onboard systems, and this could only be
accomplished
with a new aircraft design, several of which were on the drawing boards
at that time. Under cover of extreme secrecy, the multinationals and
DARPA went ahead on this basis and built “back doors” into the
new
computer designs. There were two very obvious hard requirements at
this
stage, the first a primary control channel for use in taking over the
flight control system and flying the aircraft back to an airfield of
choice, and secondly a covert audio channel for monitoring flight
deck
conversations.
Once the primary channel was activated, all aircraft functions
came
under direct ground control, permanently removing the hijackers and
pilots from the control loop.
Remember here, this was not a system designed to
“undermine” the
authority of the flight crews, but was put in place as a
“doomsday”
device in the event the hijackers started to shoot passengers or
crew
members, possibly including the pilots. Using the perfectly
reasonable
assumption that hijackers only carry a limited number of bullets, and
many aircraft nowadays carry in excess of 300 passengers, Home Run could
be used
to fly all of the survivors to a friendly airport for a safe auto
landing. So the system started out in life for the very best of reasons,
but finally fell prey to security leaks, and eventually to
compromised
computer codes.
In light of recent high-profile CIA and FBI spying trials,
these
leaks and compromised codes should come as no great surprise to anyone.
Activating the primary Home Run channel proved to be
easy. Most
readers will have heard of a “transponder”, prominent in most
news
reports immediately following the attacks on New York and
Washington.
Technically a transponder is a combined radio transmitter and receiver
which operates automatically, in this case relaying data between the
four
aircraft and air traffic control on the ground. The signals sent provide
a unique “identity” for each aircraft, essential in crowded airspace
to
avoid mid-air collisions, and equally essential for Home Run
controllers
trying to lock onto the correct aircraft. Once it has located the
correct
aircraft, Home Run “piggy backs” a data transmission onto the
transponder
channel and takes direct control from the ground. This explains why none
of the aircraft sent a special “I have been hijacked” transponder
code,
despite multiple activation points on all four aircraft. Because
the
transponder frequency had already been piggy backed by Home
Run,
transmission of the special hijack code was rendered impossible. This
was
the first hard proof that the target aircraft had been
hijacked
electronically from the ground, rather than by [FBI-inspired] motley
crews of Arabs toting penknives.
The Home Run listening device on the flight deck utilizes
the
cockpit microphones that normally feed the Cockpit Voice Recorder (CVR),
one of two black boxes armored to withstand heavy impact and thereby
later give investigators significant clues to why the aircraft
crashed.
However, once hooked into Home Run, the CVRs are bypassed and
voice
transmissions are no longer recorded on the 30-minute endless loop
recording tape. If Home Run is active for more than thirty minutes,
there
will therefore be no audible data on the Cockpit Voice Recorders. To
date, crash investigators have recovered the CVRs from the Pentagon
and
Pittsburg aircraft, and publicly confirmed that both are completely
blank. The only possible reason for this, is data capture by Home
Run,
providing the final hard proof that the attack aircraft were
hijacked
electronically
from the ground, rather than by “Arab terrorists”.
Many readers might by now be indignant; convinced this
is incorrect
or misleading information because of “those telephone calls from
the
hijacked aircraft”. Which telephone calls exactly? There are no
records
of any such calls, and the emotional claptrap the media fed you in
the
aftermath of the attack was in all cases third-person. We had the
media’s
invisible “contact” at an airline who “said” a hostess
called to report a
hijacking, and we had a priest (?) who “said” he received a call
from a
man asking him in turn to call his wife and tell her he loved her.
Presumably this man would have had his wife’s name
filed in his
cellphone, and faced with imminent death would have called her direct.
The FAA helped out by claiming that it had “overheard” a heated
argument
from a cockpit where the radio transmit switch had been left in the
“on”
position. When push came to shove, the FAA was forced to retract, and
admit that the mythical argument was not on the tapes at all.
Critically, the passenger manifests for all four aircraft
serve as
the final (independent) proof that no alleged hijackers or anyone of
Arabic name boarded any of the four aircraft used in the attacks.
As
Laurence T. May points out:
"On September 11, airline check-in counters were the only places in
the
United States that required travellers to present a photo ID in order
to
travel. A photo ID meant (and still means) a card issued by some branch
of civil government. Years ago, the United States government took the
first step toward a national ID card when it mandated the
requirement
that all passengers present a photo ID card before being allowed to get
on a commercial airplane.
"This means that the tightest security that the typical
American
ever confronts is airport security. This is the model for all other
security systems governing the general public. Let's go through the
check-in routine together.
Pretend that it's September 11, and you are a check-in agent at either
a
United Airlines counter or an American Airlines counter. It is your job
to ask the standard questions. "Did you pack your own luggage? Have you
had it in your possession at all times?" Then you ask for a photo ID.
The
name on the ID must match the name on the ticket. The photo must match
the person presenting the card." .. And, you guessed it, the name on
the
ID
must match that on the passenger manifest held by the airline
ground
staff! It seems highly likely that these revealing passenger
manifests
will magically disappear when the American Government realizes the
dangers of allowing the public access to such incriminating documents.
For that reason I have listed the full manifests on a separate page.
To
visit that page and copy the lists, click here.
Whether more information will be forthcoming about Home
Run is
unknown, but nowadays there are large numbers of people apart from
the
author privy to the basic data. As long ago as the early nineties, a
major European flag carrier acquired the information and was
seriously
alarmed that one of its own aircraft might be “rescued” by the
Americans
without its authority. Accordingly, this flag carrier completely
stripped
the American flight control computers out of its entire fleet, and
replaced them with a home grown version. These aircraft are now
effectively impregnable to penetration by Home Run, but that is more
than
can be said for the American aircraft fleet.
A casual count indicates that more than 600 aircraft
in the USA and
elsewhere are still vulnerable and could be used in further attacks at
any time, which might help explain why America has been bombing
the
Afghans primarily with bags of wheat. For the first time in US
history,
American officials appear to be genuinely fearful of future reprisals,
and justifiably so with 600 giant bombs parked on the wrong side of
their
missile defence shield.
It is a “Catch 22” situation. In order to make
all of the aircraft
safe, the flight control systems would have to be stripped out and
replaced, at a cost of billions of dollars the airlines cannot
afford
because they are going broke. Nor is there enough time. The most
innovative anti-hijacking tool in the American arsenal, has now become
the biggest known threat to American national security.
For the purpose of public reassurance I would like to
publish a
complete list of aircraft which cannot be affected by Home Run, but I
cannot do so for legal reasons. Any aircraft manufacturer not on the
list
might feel inclined to sue me for defamation and I can’t afford
that.
However, there is nothing to stop me publishing my personal choice
of
aircraft for a flight from, say, Atlanta to Singapore via JFK,
Frankfurt,
and Kuala Lumpur.
From Atlanta to JFK I would probably travel on a Boeing
737, and
connect with a Boeing 777 for the onward flight to Frankfurt.
At
Frankfurt I would probably board an Airbus A340 for Kuala Lumpur, and
finish the journey on a DC9 or a Fokker 100. Naturally I might be
unlucky
and pick an aircraft with an intoxicated pilot, or an unrelated
mechanical problem, but apart from those minor risks I’d feel
pretty
safe.
Update 15 October 2001
After this page had been hit on by more than 10,000
curious
visitors, the current issue of "Business Week" (22Oct) decided
to
publish an unusual letter, suggesting that the events of the 11th
of
September would have ended rather differently if there was a capability
for Ground Tower Control to "take over the controls of a hijacked
plane"
(issue still available at any US newsagent).
Remember, the American Federal Government kept Reagan
National
airport in downtown Washington, DC shut, despite the fact that none of
the "hijacked" planes came from there. However, if it were possible to
"take over the controls" of a plane, then it would take less than a
minute for planes close to DCA airport to be diverted to a target
anywhere in the capital. There were just two aircraft types involved on
the 11th of September.
Eventually, after much reluctance, the government has
now opened up
Reagan National airport again, but ONLY for planes with less than 156
seats. Now what kind of planes previously operating happily out of
Reagan
National will this new "seating" restriction exclude? Hint: Among a
few
others, the Boeing 757 and 767.
Cynics might be tempted to conclude that, as usual,
"important"
politicians and bureaucrats are being provided with discreet
special
protection from Home Run, while everyday Americans are left to take
their
chances as best they can, and run the continual risk of being shot down
by one of their own F16 fighters. Ignorance may be bliss for some folk,
but not for those who have studied this page and realized
the
implications.
The author is a former member of the
Society of Licenced Aeronautical Engineers &
Technologist, London
This report may be republished unedited
for non-commercial reasons in the
interests of public safety