Last Wednesday, Chris Roberts, a security researcher, posted an interesting message on twitter from his plane, headed to Syracuse.
This may seem like gibberish to most people, but Roberts’ specialty is airplane computer systems. He is saying that he was able to hack into the airplane’s computer system, and was toying with the idea of turning on the Engine-Indicating and Crew-Alerting System (EICAS), more specifically, deploying the oxygen masks. This tweet was found by the FBI, and Roberts was taken off the plane in Syracuse. He was questioned by the FBI, and his electronics were confiscated.
How had he done this? He was able to connect his laptop to a box beneath the airline seat, and was able to see data from the avionics control systems. Roberts said that he has tested this on at least 15 actual flights.
Roberts said that the tweet was supposed to be a warning to the plane manufacturers AirBus and Boeing. He and his company, One World Labs, research systems for vulnerabilities. They had found the vulnerability, and had warned AirBus and Boeing in previous years. Roberts was frustrated that the flaw existed. Roberts ultimately said that he may have been a little blunt, but if he didn’t push the rules a bit, he wouldn’t be doing the work he does.
– Sandra Lovejoy