Biodun Iginla, BBC News

Biodun Iginla, BBC News

Monday, April 20, 2015

United bans researcher from flight after 'joke tweet'

by Tamara Kachelmeier and Biodun Iginla, Technology reporters, Reuters and BBC News, San Fransisco

4 hours ago


United Airlines banned a security researcher from a flight after he tweeted that he might be able to hack the aircraft's systems.
Chris Roberts was due to fly from Colorado to San Francisco to talk at a major security conference on Saturday.
Earlier, he tweeted he thought he could deploy the oxygen masks on board.
Despite the ban, United said: "We are confident our flight control systems could not be accessed through techniques [Mr Roberts] described."

Engine control

Mr Roberts is the founder of cybersecurity firm, One World Labs that tries to find vulnerabilities in IT systems and alert companies to them before they are exploited by criminals.
Last Wednesday, Mr Roberts was removed from another United flight by the FBI who took his laptop away, and questioned him for four hours.

Chris Roberts's tweet:
"Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)"

As part of his job, Mr Roberts had given several interviews to the media in recent weeks in which he commented on the possible weak points of airline systems. He told Fox News:
"Quite simply put, we can theorise on how to turn the engines off at 35,000ft (10,668m) and not have any of those damn flashing lights go off in the cockpit."
He also told CNN that he could connect to a computer under his seat to view data from the aircraft's engines, fuel and flight-management systems.

No threat

Asked why United had prevented Mr Roberts from taking his flight, spokesman Rahsaan Johnson said:
"Given Mr Roberts's claims regarding manipulating aircraft systems, we've decided it's in the best interest of our customers and crew members that he not be allowed to fly United.
"However, we are confident our flight control systems could not be accessed through techniques he described."

Asked why United had refused to allow Mr Roberts to fly if its systems were not vulnerable, Mr Johnson said:
"We made this decision because Mr Roberts has made comments about having tampered with aircraft equipment, which is a violation of United policy and something customers and crews shouldn't have to deal with."

'Vital ally'

United said it would send a letter to Mr Roberts to explain its decision within the next two weeks.
The Electronic Frontier Foundation (EFF) which campaigns for greater openness and transparency online and represents Mr Roberts said:
"It is disappointing that United refused to allow him to board, and we hope that United learns that computer security researchers are a vital ally, not a threat."
EFF lawyer Nate Cardozo said on Sunday that he hadn't seen a copy of the search warrant that would have been used to seize Mr Roberts's electronics, and that he was working to get the devices returned to him.

No comments:

Post a Comment