|FROM ||Ruben Safir
|SUBJECT ||Subject: [NYLXS - HANGOUT] Plane Hacking
|From owner-hangout-outgoing-at-mrbrklyn.com Wed May 27 03:04:19 2015
Received: by mrbrklyn.com (Postfix)
id 86AB616115D; Wed, 27 May 2015 03:04:19 -0400 (EDT)
Received: by mrbrklyn.com (Postfix, from userid 28)
id 7477B161161; Wed, 27 May 2015 03:04:19 -0400 (EDT)
Received: from mailbackend.panix.com (mailbackend.panix.com [18.104.22.168])
by mrbrklyn.com (Postfix) with ESMTP id A8CC816115D
for ; Wed, 27 May 2015 03:03:54 -0400 (EDT)
Received: from [10.0.0.19] (www.mrbrklyn.com [22.214.171.124])
by mailbackend.panix.com (Postfix) with ESMTPSA id 4ACE714688
for ; Wed, 27 May 2015 03:03:53 -0400 (EDT)
Date: Wed, 27 May 2015 03:03:52 -0400
From: Ruben Safir
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
Subject: [NYLXS - HANGOUT] Plane Hacking
Content-Type: text/plain; charset=utf-8
List-Id: NYLXS General Discussion Forum
FBI: Plane hacker claims he hacked hard and often
Admitted to making plane change course
By Dave Neal
Mon May 18 2015, 11:43
The FBI says that a hacker really hacked a plane in flight
*DOCUMENTS PULLED* from the FBI reveal that Chris Roberts, the security
researcher who was removed from a flight over security concerns, carried
out a number of attacks and even managed to make a plane change course.
The FBI interviewed Roberts at the time, and got him to reveal exactly
what sort of stuff he was getting up to. He admitted to as many as 20
attacks, including one that really concerned the intelligence agency.
FBI documents made their way to Canadian news organisation APTN, which
reports on the affidavit and other information.
"[Roberts] stated that he successfully commanded the system he had
accessed to issue the ‘CLB' or climb command
He stated that he thereby caused one of the airplane engines to climb
resulting in a lateral or sideways movement of the plane during one of
these flights," said the affidavit signed by FBI agent Mike Hurley.
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we
start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)
— Chris Roberts (-at-Sidragon1) April 15, 2015
"We believe Roberts had the ability and the willingness to use the
equipment then with him to access or attempt to access the [inflight
entertainment system] and possibly the flight control systems on any
aircraft equipped with an [inflight entertainment system] and it would
endanger the public safety to allow him to leave the Syracuse airport
that evening with that equipment."
Research is one thing, endangering life is another, and the security
industry has not exactly embraced the ad hoc research by Roberts.
Alex Stamos, CISO at Yahoo, was critical
. "You cannot
promote the idea that security research benefits humanity while
defending research that endangered hundreds of innocents," he said.
United Airlines, which was the airline from which Roberts was removed,
said at the time that it would prefer not to offer him carriage.
However, it did say that the methods and means reported at the time of
the earlier reports would not have affected transportation, which is
something that the FBI information would seem to dispute.
"Given Mr Roberts's claims regarding manipulating aircraft systems,
we've decided it's in the best interest of our customers and crew
members that he not be allowed to fly United," the airline said in April.
"However, we are confident that our flight control systems could not be
accessed through the techniques he describes." µ