Chris Roberts, a prominent computer security expert, was aboard a United Airlines flight last week when he tweeted about a potential security flaw he found on the plane’s on-board Wi-Fi. Big mistake.
Airline personnel saw the tweet and alerted authorities at Syracuse Hancock International Airport where the flight was scheduled to land. Roberts exited the plane and was quickly detained by the FBI. Roberts, the founder and chief technical officer of the Denver security firm One World Labs, said the agents questioned him, confiscated several of his electronic devices, and then let him go. “Lesson from this evening, don’t mention planes,” he later tweeted. “[T]he feds ARE listening, nice crew in Syracuse, left there naked of electronics.”
But the story doesn’t end there. Roberts Saturday attempted to board a United flight headed to San Francisco where he was to speak at the RSA computer security conference. Roberts made it through security, but when he arrived at the United gate, he was met by airline security who denied boarding.
Now, he’s teamed with the Electronic Frontier Foundation to condemn the airline’s decision to ban him from the flight.
“United’s refusal to allow Roberts to fly is both disappointing and confusing,” EFF staff attorney Andrew Crocker wrote Saturday. “As a member of the security research community, his job is to identify vulnerabilities in networks so that they can be fixed.” [Their emphasis.]
Thankfully, the good-natured Roberts was able to book a last-minute flight aboard another airline, and will present his speech titled “Security Hopscotch” at the conference, which begins Monday. The focus of the speech, tellingly, is many of the devices we use every day — in addition to the planes on which we fly — are connected to the Internet. “We’re moving into the ‘Age Of Everything,'” Roberts says in a description of his upcoming speech. “And we are vulnerable.”