As some of you might have noticed last week: Hacker and IT Security Consultant Chris Roberts has been seized of all of his computers and hard drives while going through security routines at a domestic US flight. Since he refused to give out passwords to the authorities they simply decided to keep his hardware.
Interestingly, Chris Roberts is an expert on IT security (not only) of aircraft vehicles and has been interviewed various times on national television in the US. And he tweeted just before boarding the plane which might have led to his following delay for several hours and the seizure.
We were wondering if one single tweet could be the trigger and asked Chris for an interview. Although he’s been having a rough week due to all the hassle at the airport, he took the time to answer a couple of questions for us. Here we go.
Für eine deutsche Übersetzung bitte hier entlang.
netzpolitik.org: First of all, did you get your hardware back already? If you didn’t, do you have any idea when they will return it?
Chris Robert: Nope, no sign of it, last I knew the Denver FBI office has requested it from the Syracuse bunch… no clue on next steps.
netzpolitik.org: Did you encounter any hassle on borders or airports before that incident on April, 16th?
Chris Robert: Not that’s worth writing about… I have „Global Entry“ which lets me bypass a lot of the hassle areas…
netzpolitik.org: Did you encounter any kind of „shooting the messenger“-incidents before?
Chris Robert: Yep, several times, automotive industry but they eventually came round and we’ve been working with them, SCADA’s still stubborn, Healthcare’s still a freaking mess.
netzpolitik.org: Will you take legal steps and if so, will you be supported by the EFF?
Chris Robert: EFF’s got the case and they are helping… I’m letting them work out next steps.
netzpolitik.org: Do you believe or have you been told that your tweet before boarding prompted the incident or do you see or know of a connection to your interviews about airplane security on „Fox News“ in March and April?
Chris Robert: Yep, the tweet was the direct reason for the incident, looks as if United were monitoring and informed the FBI that I was a threat.
netzpolitik.org: Did they tell you directly what caused the incident?
Chris Robert: Nope, worked it out from the documentation that I’ve seen so far.
netzpolitik.org: It is true that none of the contents of your harddrives could be accessed because you protected all your data using encryption?
Chris Robert: Yep, the systems AND the drives are all encrypted, some have separate (additional) layers of protection built ontop of the baseline encryption.
netzpolitik.org: With computers holding sensitive data from costumers, are there standard procedures regarding encrypting and back-ups you usually do because of boarding a flight?
Chris Robert: YES, as a rule the entire company has their systems encrypted, all computers and portable media has to be…we have a ZERO tolerance for any non-encrypted devices.
netzpolitik.org: In general, do you think you were treated properly?
Chris Robert: Everyone was polite and civilized but the overall response I do not think was warranted, let alone United subsequent response.
netzpolitik.org: While searching, did they find anything in your luggage which will be used against you?
Chris Robert: Nope, luggage clean.
netzpolitik.org: Will you be marked or selected in any way, when you attempt to fly in the future?
Chris Robert: Good question, who knows….logic has to assume that I’m under increased „review“.
netzpolitik.org: Regarding the attack vectors you described in the interviews on „Fox News“, what was the reaction of vendors and officials who are responsible for flight safety?
Chris Robert: They blew the issues off, we have had no traction since bringing this to light back in 2010 or thereabouts.
netzpolitik.org: In 2014, Ruben Santamarta described an attack using the board-entertainment-system. Are the reactions to your interviews this year different from reactions back then?
Chris Robert: Nope, it’s pretty much similar “oh that’s nice/bad” and then they go back to doing the same stuff.
netzpolitik.org: Would you like to add something?
Chris Robert: Nope, think you’ve covered it all..sorry if the answers are short…it’s been a long week! :)
Sadly, after he gave the interview, he reported in a tweet:
United have cancelled ALL my trips… and my daughters
In Germany, we have the expression „Sippenhaft“, which means something like clan or family liability.