FBI grounds security researcher for pointing out bug

bugUnited Airlines stopped a prominent security researcher from boarding a California-bound flight late, following a social media post by the researcher days earlier suggesting the airline’s onboard systems could be hacked.

Chris Roberts was trying to fly from Colorado to San Francisco to speak at a major security conference there this week, but was stopped by the airline’s corporate security at the gate.

Roberts had been removed from a United flight on Wednesday by the FBI after landing in Syracuse, New York, and was questioned for four hours. He had jokingly suggested on Twitter he could get the oxygen masks on the plane to deploy.

Authorities also seized Roberts’ laptop and other electronics, although his lawyer says he hasn’t seen a search warrant.

Apparently United are sending him a letter in a couple of weeks.

Compounding the problem of looking like stupid goons who read people’s tweets and do not understand that they are being mocked, United seems to think that it has done the right thing.

“Given Mr. Roberts’ claims regarding manipulating aircraft systems, we’ve decided it’s in the best interest of our customers and crew members that he not be allowed to fly United,” an airline spokesman told the Associated Press.

“However, we are confident our flight control systems could not be accessed through techniques he described.”

So it claimed that the flight security could not be accessed by Roberts, and yet grounded him. How did that work?

The United Spokesman said that it made this decision because Roberts has made comments about having tampered with aircraft equipment, which is a violation of United policy and something customers and crews shouldn’t have to deal with.

Roberts has been giving some airline passengers some scary news about plane hacks lately. He told Fox that in theory it is possible to turn the engines off at 35,000 feet and not have any of those damn flashing lights go off in the cockpit.
Roberts also told CNN he was able to connect to a box under his seat at least a dozen times to view data from the aircraft’s engines, fuel and flight-management systems.

The Government Accountability Office said last week that some commercial aircraft may be vulnerable to hacking over their onboard wireless networks. “Modern aircraft are increasingly connected to the internet. This interconnectedness can potentially provide unauthorised remote access to aircraft avionics systems,” its report found.

Roberts travelled on Southwest Airlines and arrived in San Francisco. Curiously he did not use the trip to take control of the plane. Going by current airline records you are more likely to crash from a suicidal or incompetent pilot, than you are from a terrorist threat.