The other big difference is that (for the most part) keeping a passenger plane in the air isn't an adversarial task. Actual breaches are the result of active bad actors, which is completely different from the problems you encounter in designing a plane.
So criminal action seems crazy to me, though I can definitely see a great case for changing the incentives around storing user data. Could definitely see a good case for fines (and even an ongoing per-user tax, to make it an up front cost) for storing PII.
Wang&already, 2006: “Information leakage through covert channels and side channels is becoming a serious problem, especially when these are enhanced by modern processor architecture features. We show how processor architecture features such as simultaneous multithreading, control speculation and shared caches can inadvertently accelerate such covert channels or enable new covert channels and side channels. We first illustrate the reality and severity of this problem by describing concrete attacks. We identify two new covert channels. We show orders of magnitude increases in covert channel capacities. We then present two solutions, Selective Partitioning and the novel Random Permutation Cache (RPCache). The RPCache can thwart most cache-based software side channel attacks, with minimal hardware costs and negligible performance impact.”
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.190...
