A security researcher was apparently able to access a plane's control system mid-flight according to an FBI warrant application.
Chris Roberts was banned from all United Airlines flights in April after tweeting a joke about flight control vulnerabilities while on a plane, Wired reports.
Roberts had previously met with the FBI in February of this year to discuss vulnerabilities with In Flight Entertainment systems.
He reportedly told agents that he was able to exploit these vulnerabilities 15 to 20 times from 2011 to 2014.
Roberts claimed it was possible for him to gain access to the IFE system through the Seat Electronic Box located under seats containing video monitors, according to the FBI affidavit.
Roberts was able to connect his laptop to the IFE system, overwrite code on the aircraft's Thrust Management Computer and issue flight commands from his seat.
However, there are some discrepancies between the FBI's version of things and Roberts' own story.
The warrant application suggests Roberts issued the CLB or "climb command" while on a flight, causing one of the engines to climb and "resulting in a lateral or sideways movement" of the aircraft.
But Roberts told Wired that while he was able to hack into the IFE system, he never commandeered the flight. He says he has only caused a plane to rise during a simulated test. On Twitter, Roberts claims much of the affidavit takes things he said out of context:
"I’m obviously concerned those [conversations] were held behind closed doors and apparently they’re no longer behind closed doors," Roberts told Wired.
When FBI agents searched the plane after the flight, they found SEBs under two of the aircraft's seats "showed signs of tampering," according to the warrant application.
But when Wired asked Roberts if he had connected his laptop to the SEBs on that flight, he reportedly said, "Nope I did not. That I’m happy to say and I’ll stand from the top of the tallest tower and yell that one."
"We believed that Roberts had the ability and the willingness to use the equipment then with him to access or attempt to access the IFE and possibly the flight control systems on any aircraft equipped with an IFE system, and that it would endanger public safety," the affidavit reads.
Roberts helped found the company One World Labs, and told Wired yesterday that several investors had already withdrawn funding as a result of the incident. Roberts has not yet been charged with a crime.
Read the original story here.