Sunday, April 19, 2015

Embarassing Airlines By Pointing Out Their Security Flaws Is A No No Apparently

For all the childish security theater we have seen in the last 14 years you would think that these air carriers would be serious about fixing security flaws as soon as they found out about them.

Instead it seems they rely on the TSA groping,fondling and intimidation to scare people into believing they are safe after they finally get on an airplane.

Because when a security expert Tweets that he believes that their onboard flight systems can be hacked, they freak the hell out and ban the guy from flying on their airplanes.

One more glaring example of just how pathetic all this hokem security flim flammery really is.


Researcher denied flight after tweet poking United security

 

WASHINGTON (AP) — United Airlines stopped a prominent security researcher from boarding a California-bound flight late Saturday, following a social media post by the researcher days earlier suggesting the airline's onboard systems could be hacked.
The researcher, Chris Roberts, attempted to board a United flight from Colorado to San Francisco to speak at a major security conference there this week, but was stopped by the airline's corporate security at the gate. Roberts founded One World Labs, which tries to discover security risks before they are exploited.
Roberts had been removed from a United flight on Wednesday by the FBI after landing in Syracuse, New York, and was questioned for four hours after jokingly suggesting on Twitter he could get the oxygen masks on the plane to deploy. Authorities also seized Roberts' laptop and other electronics, although his lawyer says he hasn't seen a search warrant.
A lawyer for Roberts said United gave him no detailed explanation Saturday why he wasn't allowed on the plane, saying instead the airline would be sending Roberts a letter within two weeks stating why they wouldn't let him fly on their aircraft.

There is no need for a letter, a Post It Note saying "We are mad at you for making us look like idiots" should cover it.

So much for that "if you see something, say something" hooey.

It's all about the show people.
Don't pay any attention to that little man behind the curtain.

In recent weeks, Roberts gave media interviews in which he discussed airline system vulnerabilities. "Quite simply put, we can theorize on how to turn the engines off at 35,000 feet and not have any of those damn flashing lights go off in the cockpit," he told Fox News.

Roberts also told CNN he was able to connect to a box under his seat at least a dozen times to view data from the aircraft's engines, fuel and flight-management systems.

"It is disappointing that United refused to allow him to board, and we hope that United learns that computer security researchers are a vital ally, not a threat," said Nate Cardozo, a staff attorney with the San Francisco-based Electronic Frontier Foundation, which represents Roberts.
Cardozo said Sunday he hasn't seen a copy of a search warrant that would have been used to seize Roberts' electronics, and that he's working to get the devices returned.
The FBI declined to comment on the matter Sunday.

My emphasis.

If his being able to hook into their flight data at will doesn't scare the shit out of you I don't know what will.

That is criminal stupidity on their part for making that capability available in the first place.

Are you fucking kidding me?
That's a hackers wet dream come true and most likely means that some asshole with bad intentions could tap into that and start wreaking havoc with their data.

Unbelievable stupidity on someones part.

 



No comments:

Fair Use Notice

Fair Use Statement: This site may contain copyrighted material, the use of which may not have been authorized by the copyright owner. I am making such material available in an effort to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. I believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: “http://www.law.cornell.edu/uscode/17/107.shtml” If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.