Login Register Subscribe
Current Issue

United gives security expert the no-fly treatment

Reprints

Cyber security experts are in demand right now as all industries grapple with the evolving risk.

But one expert found himself hoist by his own petard recently when an airline refused to let him board after he had posted on social media that he believed the airline’s onboard systems could be hacked.

Chris Roberts, who founded One World Labs Inc., a company that tries to discover security risks before they are breached, was stopped by United Airlines Inc. corporate security as he tried to board a flight from Colorado to San Francisco to — natch — speak at a major security conference.

The previous week, Mr. Roberts had been removed from a United Flight after landing in Syracuse, New York, after tweeting — jokingly, he says — that he could make the oxygen masks on the plane deploy, SFGate.com reports.

He was, the website reports, questioned by the FBI for four hours.

A spokesman for United said that while the airline was confident its flight control systems could not be accessed through the techniques Mr. Roberts had described, it had “decided it’s in the best interests of our customers and crew members that he not be allowed to fly United.”

An attorney at the San Francisco Electronic Frontier Foundation, which represents Mr. Roberts, said he hoped that United would learn that computer security researchers are “a vital ally, not a threat.”

Mr. Roberts was able to take a flight on a different airline to San Francisco.

But those among us who are soon to board flights to New Orelans for the RIMS conference likely will want to heed the risk management lesson to be careful what we post on social media.