United bans researcher from flight after 'joke tweet'

  • Published
A United aircraft at San Francisco airportImage source, Getty Images
Image caption,
United said it was confident its systems could not be compromised but it still stopped Chris Roberts from boarding his flight

United Airlines banned a security researcher from a flight after he tweeted that he might be able to hack the aircraft's systems.

Chris Roberts was due to fly from Colorado to San Francisco to talk at a major security conference on Saturday.

Earlier, he tweeted he thought he could deploy the oxygen masks on board.

Despite the ban, United said: "We are confident our flight control systems could not be accessed through techniques [Mr Roberts] described."

Engine control

Mr Roberts is the founder of cybersecurity firm, One World Labs that tries to find vulnerabilities in IT systems and alert companies to them before they are exploited by criminals.

Last Wednesday, Mr Roberts was questioned by the FBI after another United flight on which he tweeted that he might try to access the aircraft systems. The FBI confiscated Mr Roberts laptop and other electronic equipment.

Chris Roberts's tweet:

"Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)"

As part of his job, Mr Roberts had given several interviews to the media in recent weeks in which he commented on the possible weak points of airline systems. He told Fox News:

"Quite simply put, we can theorise on how to turn the engines off at 35,000ft (10,668m) and not have any of those damn flashing lights go off in the cockpit."

He also told CNN that he could connect to a computer under his seat to view data from the aircraft's engines, fuel and flight-management systems.

No threat

Asked why United had prevented Mr Roberts from taking his flight on Saturday, spokesman Rahsaan Johnson said:

"Given Mr Roberts's claims regarding manipulating aircraft systems, we've decided it's in the best interest of our customers and crew members that he not be allowed to fly United.

"However, we are confident our flight control systems could not be accessed through techniques he described."

Image source, Thinkstock
Image caption,
Chris Roberts was turned away at the check-in desk but was not told why he could not fly

Asked why United had refused to allow Mr Roberts to fly if its systems were not vulnerable, Mr Johnson said:

"We made this decision because Mr Roberts has made comments about having tampered with aircraft equipment, which is a violation of United policy and something customers and crews shouldn't have to deal with."

'Vital ally'

United said it would send a letter to Mr Roberts to explain its decision within the next two weeks.

The Electronic Frontier Foundation (EFF) which campaigns for greater openness and transparency online and represents Mr Roberts said:

"It is disappointing that United refused to allow him to board, and we hope that United learns that computer security researchers are a vital ally, not a threat."

EFF lawyer Nate Cardozo said on Sunday that he hadn't seen a copy of the search warrant that would have been used to seize Mr Roberts's electronics, and that he was working to get the devices returned to him.

Related Internet Links

The BBC is not responsible for the content of external sites.