Airline stops security researcher from boarding plane after hacking tweet

The security researcher had made a Twitter post several days earlier that he could hack airlines system while onboard; he was stopped from boarding the flight and his computers were seized.

United Airlines stopped a prominent security researcher from boarding a California-bound flight late Saturday, following a social media post by the researcher days earlier suggesting the airline's onboard systems could be hacked.

The researcher, Chris Roberts, attempted to board a United flight from Colorado to San Francisco to speak at a major security conference there this week, but was stopped by the airline's corporate security at the gate. Roberts founded One World Labs, which tries to discover security risks before they are exploited.

Roberts had been removed from an earlier United flight Wednesday by the FBI after landing in Syracuse, New York, and was questioned for four hours after jokingly suggesting on Twitter he could get the oxygen masks on the plane to deploy. Authorities also seized Roberts' laptop and other electronics, although his lawyer says he hasn't seen a search warrant.

A lawyer for Roberts said United gave him no detailed explanation Saturday why he wasn't allowed on the plane, saying instead the airline would be sending Roberts a letter within two weeks stating why they wouldn't let him fly on their aircraft.

"Given Mr. Roberts' claims regarding manipulating aircraft systems, we've decided it's in the best interest of our customers and crew members that he not be allowed to fly United," airline spokesman Rahsaan Johnson told The Associated Press. "However, we are confident our flight control systems could not be accessed through techniques he described."

Johnson did not respond to a follow-up question Sunday why Roberts would still be a threat if he couldn't, in fact, compromise United's control systems.

In recent weeks, Roberts gave media interviews in which he discussed airline system vulnerabilities. "Quite simply put, we can theorize on how to turn the engines off at 35,000 feet and not have any of those damn flashing lights go off in the cockpit," he told Fox News.

Roberts also told CNN he was able to connect to a box under his seat at least a dozen times to view data from the aircraft's engines, fuel and flight-management systems.

"It is disappointing that United refused to allow him to board, and we hope that United learns that computer security researchers are a vital ally, not a threat," said Nate Cardozo, a staff attorney with the San Francisco-based Electronic Frontier Foundation, which represents Roberts.

Cardozo said Sunday he hasn't seen a copy of a search warrant that would have been used to seize Roberts' electronics, and that he's working to get the devices returned.

The FBI declined to comment on the matter Sunday.

The Government Accountability Office said last week that some commercial aircraft may be vulnerable to hacking over their onboard wireless networks. "Modern aircraft are increasingly connected to the Internet. This interconnectedness can potentially provide unauthorized remote access to aircraft avionics systems," its report found.

Roberts took an alternate flight on Southwest Airlines and arrived in San Francisco Saturday evening. He speaks this week at the RSA Conference about computer security vulnerabilities.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.