Back to Squawk list
  • 35

Hacker on a Plane: FBI Seizes Researcher’s Gear

Enviado há
The FBI seized equipment from noted security researcher Chris Roberts on Wednesday, alleging that Roberts may have tampered with the systems aboard a United flight to Chicago, based upon a tweet he made about purportedly being able to access the aircraft's EICAS system. Roberts denies the claim. ( Mais...

Sort type: [Top] [Newest]

Thomas Zollars 8
Y'all are overlooking the obvious, 737's have never had an EICAS system. “PASS OXYGEN ON” is a simple light activated via an electrical circuit in no way connected to a network! Therefore, this guy is seeking publicity and a contract for his vaporware.
Jack370 3
Thomas, if that's true then this guy is about the dumbest hacker I've ever heard of and should be charged with threatening a commercial flight at the minimum.
But this hacker is closely monitored by the FBI because of his claims and it would surprise me if he is really that much of a quack.
Thomas Zollars 3
Jack, I don't know him, or any hacker. But if he had asked any Mechanic, Engineer or Pilot with 737 experience he would have learned they don't have EICAS as he directly claimed! He also could have learned that the relatively recent addition of WiFi to the aircraft means it is an isolated system with no interconnection with the aircraft systems. While there are digital data busses between boxes, they are not networked to anything with WiFi capability. Give Boeing Engineers some credit!
All I know is his claim was specific to 737's and their EICAS system and I know 737's don't have EICAS. I also know that "pass oxygen on" is a light message with a very simple, directly wired circuit. Therefore, I know he's full of shit. Res ipso facto.
Jack370 1
Maybe this guy is a complete hack or maybe it was just his sense of humor but he was on his way to a security convention where he was scheduled as a speaker.
The technical specifics of what this guy is hacking through the wifi may have been obscured but the FBI is obviously taking it seriously.
It will be interesting to what the facts are that emerge from the investigation.
You are a spy trying to defer the attention away from the obvious hysteria that is so well deserved ;-)
Jeremy Chen 2
The obvious answer would be that the 737 does not have an EICAS systems. Even if it does, it is not necessarily a network. I highly doubt you can start messing with an EICAS without some serious action that will be noticed QUICKLY.
David Aaron 3
The guy made some bogus claims and the FBI seized the opportunity to check him out further, teach him a lesson and investigate his actual capabilities.
You cannot sit back in the passenger cabin of an airliner and gain access to the gear up in the cockpit via your laptop, although for some reason there are those that want people to believe otherwise.
joel wiley 0
NSA has long had ove-air content analysis capability. Has the FBI duplicated that or did NSA feed it to them?
As a conmputer person who has done forensic anlysis of networks for everything from Sar-Ox to HIPAA to County Govt's (clerks, courts, police)...the level of access to ISP's that "The Man" has is simply crazy. They can simply install something as basic as "WebSense" at an ISP and see every little thing you do. No hiding behind Tor (et al) or spoofing your MAC.

Want to do something illegal? Steal a device and DONT use a McDonals WiFi (as you will be on their cameras). No matter what you are on, or where you are at - they can find you if hey so wish.
joel wiley 2
As Gleaton's Law states "no matter how paranoid you are, they are always doing more than you realize"
Eric Merillat 2
Before you start making judgements about what Mr. Roberts can or can't do from the cabin you should probably educate yourselves on the research that is out there in this field and what Mr. Roberts motives really are. I saw Mr. Roberts presentation two years ago at a security conference on this very subject and I can tell you his initial research had nothing to do with WiFi and everything to do with the fact that all of the planes critical and non-critical systems were interconnected. All of the research findings were turned over to the manufacturers at least two years ago and they have not fixed this.
joel wiley 1
Ignore the man behind the curtain! is not a valid security protocol. Neither is security by obscurity.
He should have called an hour before and let them know where he was going...oh, wait, that only works for gyrocopters...
William Barnes 1
Typical ham-fisted approach I'd expect from US cops.
Why not research and investigate THEN act and detain and search.
Matt Hauke 1
Yes, the old let's wait and see approach has worked really good in the past. The guy tweeted that he was going to attempt to hack into the planes systems. What more research should the "US cops" have done?
Jack370 1
Tweet: "“Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? :)”

Obviously this guy wanted to be detained or arrested in order to force the security issue. Hopefully something will be done about these vulnerabilities now instead of just ignoring the issues. The FAA should be contracting guys like this to fix the security problems.
Jack370 4
They should check this guy out and if his claims are valid, simply turn off the wifi access until the problems are fixed. That has no cost to anyone except for reduced amenities. This guy claims that he can take over control systems thru the wifi and if there is any possibility of that, it needs to be addressed now and not later.

As for the FBI detaining him, hats off to the FBI for spotting that activity. It's not any different from someone threatening to hijack an airliner in flight.
Matt LaMay 1
I ask you; what control system can he take control of? What system is connected via satcom that is a vital system on a 737-800? ACARS? Every other system is controlled by onboard computers that are incapable of receiving commands via wifi or any other method other than direct interface.
Jack370 2
The hacker claims that he can affect the status of indicators. While this is not direct control of the flight surfaces, it still constitutes taking over control of indicators with extremely serious implications. If he can do that, what else could he do?

It's not likely that this flaw was known when the new wifi systems were integrated and the security weakness need to be addressed sooner rather than later. wifi on commercial planes is a new luxury and if it's possible to interfere with anything in the cockpit it should be completely turned off until the problems are fixed.
Daniel Ramos 1
For the no so much computer expert or for the computer expert as well, what about if a guy just simply say at loud in the middle of the flight, hey I HAVE A SCREW DRIVER IN MY POCKET AND I AM GOING TO FIDLE AROUND WITH THIS AIRCRAFT AND SEE WHAT CAN I FIND, AND THEN, WHILE IN THE BATHROOM YOU HEAR, I FOUND SOME WIRES THAT THINK CONTROLS THE PLANE SO IM GOING TO PULL ON THEM, what would you Do? Sitting while in the same flight with your family, even if you know or assume that critical flight controls do not go through the the bathroom, you know it's not good, or may do some damage that you were not expected., so may as well restricted until you are sure it is safe, just saying.........
Matt LaMay -1
Yet another "expert" feeding his pocket book off of the fear and ignorance of the general public (just read some of the comments on here.) There is no way to bring down a modern commercial airliner with a competent crew via wifi. The only thing this guy (or anybody else) would do is to screw up the wifi.
Matt Hauke 1
Because the general public should be experts on modern aircraft systems and computer hacking?
Thomas Zollars 1
No Matt, the general public shouldn't feel bad about their ignorance. However the news media should! They always trot out their "experts", who are generally pilots. Pilots are good to interview on the subject of flying, but are not the best to go to when the systems need explaining. Get a good Mechanic or Engineer from Boeing to make the public know this guy is a lying shitheel!
Paul Thomas 0
A big part of "hacking" is "social engineering" - convincing people that you've done, or are able to, things that seem plausible, regardless of feasibility or ability. It's a great way to get attention, which is pretty much what he was looking for, and got - just maybe not the kind for which he hoped.
Edmund Benz 0
There may be an obvious answer to this but I don's see any scheduled 737 service into KSYR from Chcago. Only regional jets. CRJ, Embraer. UAL 737s connect with regionals in Newark. Possible that tweets originated while on the ground?
egnilk66 0
The guy's just looking for a network security contract. Brills.
Gene Nowak 0
“It feels like this industry is going through the same issues. The problem is, if I break a F5 device or a Cisco device, I’m not harming anybody. I screw around with an airplane, I’m taking 100 to 400 people out of the sky and you’re not recovering from that.” And now we are talking about drone cargo/passenger airplanes without pilots. Someone better start rethinking that one.
(Duplicate Squawk Submitted)

Aviation security researcher tweets about "playing" with onboard systems, get visit from FBI

I guess it's just another one if those things you can't say (or tweet) on a plane. . .


Não tem uma conta? Registre-se agora (gratuito) para funcionalidades personalizáveis, alertas de vôo e mais!
Esse site utiliza cookies. Ao usá-lo e continuar a navegar, você concorda com isso.
Você sabia que o rastreamento de voos da FlightAware é patrocinado por anúncios?
Você pode nos ajudar a manter o FlightAware gratuito, permitindo anúncios de Trabalhamos muito para manter nossa publicidade relevante e discreta para criar uma ótima experiência. É rápido e fácil permitir anúncios no FlightAware ou, caso prefira, considere nossas contas premium.