The cybersecurity world is voicing concern after an expert on airline computers systems was detained for joking about hacking a flight’s on-board communications system.
Chris Roberts, a professional white-hat hacker with One World Labs, tweeted a joke mid-flight about releasing the plane’s oxygen masks by taking control of the engine-indicating and crew-alerting systems.
{mosads}When he arrived at his destination, Roberts was reportedly detained by FBI agents who questioned him for four hours and took his iPad, MacBook Pro and several storage devices.
Several days later, Roberts was banned from boarding a United flight by airline officials in relation to the same tweet.
“Given Mr Roberts’s claims regarding manipulating aircraft systems, we’ve decided it’s in the best interest of our customers and crew members that he not be allowed to fly United,” airline spokesman Rahsaan Johnson said.
“We made this decision because Mr Roberts has made comments about having tampered with aircraft equipment, which is a violation of United policy and something customers and crews shouldn’t have to deal with.”
United said its planes’ systems could not be accessed in the way Roberts described in his tweet.
Roberts, along with many of his security research colleagues, have criticized the FBI and United for their actions.
“Feds have known about issues in planes for years. Why are they hot now? I’m a researcher; that’s what I do. I don’t go out to harm or hurt. Why pick on researchers? If not us, then who will find flaws?” Roberts told Forbes.
The incident has stoked worries among cybersecurity researchers who fear they will be punished for their work.
“The real issue here is the chilling effects on security research. Security researchers who point out security flaws is a good thing, and should be encouraged,” author and Resilient Systems CTO Bruce Schneier wrote Tuesday on his blog.
Schneier also pointed out that there has to be some “serious surveillance going on” for the FBI to have noticed and acted on Roberts’s tweet, especially within just a few hours.