'[ISN] Researcher who joked about hacking a jet plane barred from United flight'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Researcher who joked about hacking a jet plane barred from United flight
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2015-04-20 9:41:29
Message-ID: alpine.DEB.2.02.1504200941170.13303 () infosecnews ! org
[Download RAW message or body]

http://arstechnica.com/security/2015/04/researcher-who-joked-about-hacking-a-jet-plane-barred-from-united-flight/


By Dan Goodin
Ars Technica
April 19, 2015

A researcher who specializes in the security of commercial airplanes was 
barred from a United Airlines flight Saturday, three days after he tweeted 
a poorly advised joke mid-flight about hacking a key communications system 
of the plane he was in.

Chris Roberts was detained by FBI agents on Wednesday as he was deplaning 
his United flight, which had just flown from Denver to Syracuse, New York. 
While on board the flight, he tweeted a joke about taking control of the 
plane's engine-indicating and crew-alerting system, which provides flight 
crews with information in real-time about an aircraft's functions, 
including temperatures of various equipment, fuel flow and quantity, and 
oil pressure. In the tweet, Roberts jested: "Find myself on a 737/800, 
lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? 
'PASS OXYGEN ON' Anyone ? :)" FBI agents questioned Roberts for four hours 
and confiscated his iPad, MacBook Pro, and storage devices.

   Find myself on a 737/800, lets see Box Box-IFE-ICE-SATCOM, ? Shall we
   start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)

   — Chris Roberts (@Sidragon1) April 15, 2015

On Saturday night, Roberts faced more fallout, this time from the airline 
itself. Shortly after passing TSA screening and arriving at the gate to 
board a San Francisco-bound flight, members of United Corporate Security 
were there to stop him from getting on the plane. They told him United 
officials would inform him by mail of the reason within the next two 
weeks. Roberts was able to book last-minute travel on a Southwest flight 
and arrived in San Francisco late Saturday night, three days ahead of a 
presentation he's scheduled to present at next week's RSA security 
conference.

"Nevertheless, United's refusal to allow Roberts to fly is both 
disappointing and confusing," wrote attorneys from the Electronic Frontier 
Foundation, who are providing Roberts with legal representation. "As a 
member of the security research community, his job is to identify 
vulnerabilities in networks so that they can be fixed. Indeed, he was 
headed to RSA speak about security vulnerabilities in a talk called 
'Security Hopscotch' when attempting to board the United flight."

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic