Chris Roberts will have a lot to say next week at RSA Conference 2015 where he is scheduled to present a talk “Security Hopscotch” after his experience this week being hauled in by the FBI, apparently for tweeting about “playing with” the onboard communications systems of the plane he was traveling on.
Roberts, founder, CISO and CTO of One World Labs, a Colorado-based enterprise security assessment and consulting firm, was detained by the FBI after his flight landed in Syracuse, N.Y., and questioned for four hours.
The FBI confiscated his iPad Air, MacBook Pro, three hard drives, seven thumb drives, a Bluetooth USB adapter and a USB cable. All the devices were encrypted, according to a story posted by Forbes.
The incident could make fresh fodder for his RSA talk, which is described in part in the agenda as, “We have been made aware of the [electronic domains within our lives] in the transportation we use and the interactions with the world around us, but now we’re moving into the “Age Of Everything”. And we are vulnerable.”
That could include vulnerabilities he has discovered and discussed publicly before – he says it’s theoretically possible to bring a plane down by hacking its communications systems - as well as his experience yesterday with the FBI.
Roberts’ troubles started after he posted this tweet: "Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)\ "
That’s a description of his plane (Boeing 737-800), mention of the in-flight entertainment (IFE) box, satellite communications (SATCOM) and the engine indicating and crew alerting system (EICAS), which is used to alert crew about engine status and other onboard functions. According to Wikipedia, “EICAS has high connectivity & provides data acquisition and routing.”
The FBI apparently took the tweet to mean he intended to hack the systems. His Twitter profile reads: “InfoSec stuff, focusing on planting flags, annoying TSA, breaking planes and defining Threat Intel in a meaningful manner...”
Given his reputation as a white-hat hacker who alerts businesses and government to potential security risks it’s likely that the tweet was just Roberts having a little joke. At the same time the FBI has to forego a sense of humor and take potential threats seriously, despite the smiley emoticon.
He's already tweeted about the replacement electronics he's bought: Note to self, don't get the new stuff confiscated or seized..."
It will be interesting to see if he ever gets his old gear back.