For people choosing to travel via air, security on the plane is of the utmost importance. That is why news of a security researcher claiming he was able hack into the computer systems of several airplanes while aboard is really scaring some air travelers, and setting law enforcement on edge.

#CyberSecurity Researcher Hacks and Controls Plane – Hero or Villain? http://t.co/4eKMmkJAdb pic.twitter.com/K32kB5g0I4

— vpnforus (@vpnforus) May 18, 2015

Wired magazine reported that Chris Roberts, a security researcher with One World Labs, first told the FBI in February that he was able to hack the in-flight entertainment system (IFE) and control parts of the plane while aboard various airlines. Roberts claims that he conducted the research in order to expose the potential vulnerabilities in in-flight software. In an FBI search warrant application for Robert’s digital devices and data FBI Special Agent Mark Hurley details Roberts’ previous hacking attempts, writing:

He [Roberts] stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights. He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system.

The search warrant was filed after Roberts was removed from a United Airlines flight from Denver  after sending out a tweet while aboard, joking about hacking the plane and setting off the emergency oxygen masks.

According to CNN, FBI agents tracked down his plane after being informed of the tweet and “found signs of tampering and damage to electronic control boxes that connect to in-flight entertainment systems.” The boxes tampered with just so happened to be under where Roberts was sitting and the seat in front of him. Despite this, Roberts insists he did not hack that particular flight.

At the time FBI agents also seized two laptop computers and several hard drives and USB sticks from Roberts without a search warrant, telling Roberts that a warrant was pending. It’s the information in that newly obtained warrant that is cause for concern.

In the warrant, Roberts is quoted as telling the FBI that he accessed the in-flight networks more than a dozen times between 2011 and 2014 and had briefly commandeered a plane during one of those flights. This contradicts an interview he had previously given to Wired, where he claimed he had only explored the networks and observed data traffic.

However, some aircraft experts seriously doubt Roberts was able to hack IFEs in order to commandeer a plane. Business Insider reports that industry expert Peter Lemme told “Runway Girl Network” blogger Mary Kirby that  “the IFE ARINC 429 interfaces are not capable of changing automatic flight control modes” and “the claim that the Thrust Management System mode was changed without a command from the pilot through the mode control panel, or while coupled to the Flight Management System is inconceivable.” Boeing has issued statements saying that its entertainment systems are isolated from flight and navigation systems. CNN writes,

It is worth noting that Boeing airplanes have more than one navigational system available to pilots. No changes to the flight plans loaded into the airplane systems can take place without pilot review and approval. In addition, other systems, multiple security measures, and flight deck operating procedures help ensure safe and secure airplane operations.

If Roberts is not exaggerating his hacking claims, these IFEs do pose a very plausible threat to aircraft security that needs to be addressed. So far no charges have been filed against Roberts, but he could end up in some serious trouble for conducting these unauthorized tests. If he did hack those planes with passengers aboard, and in one instance even tilt the plane, he was irresponsibly putting numerous lives at stake.

Alexis Evans

Alexis Evans is an Assistant Editor at Law Street and a Buckeye State native. She has a Bachelor’s Degree in Journalism and a minor in Business from Ohio University. Contact Alexis at aevans@LawStreetMedia.com.

The post Security Researcher Sparks Fear With This Plane Security Hack appeared first on Law Street.

This week’s weird arrests involve some misbehaving adults, and a few misbehaving young people as well. Check out the slideshow below:

[SlideDeck2 id=37708 ress=1]

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post Weird Arrests of the Week appeared first on Law Street.

Welcome back to work! OK, so if you’re like me you’ve been back to work for a week now, but it still feels like the first Monday after vacation doesn’t it? In case you weren’t into your normal routine of obsessively scrolling through the news last week, you can catch up on Law Street’s top three articles. Number one was brought to you by Marisa Mostek in her series about the dumbest laws in the United States–this time it was Utah and Nevada. The number two story was from Hannah R. Winsten who had five actionable ideas for making this your most feminist New Year yet. And the third most popular story of the week was an issue brief on hacking as a tool of war by Mike Sliwinski. ICYMI, here is the Best of the Week from Law Street.

#1 The Dumbest Laws in the United States: Utah and Nevada

Nevada is home to legal prostitution and Sin City. Yet, it is surprisingly not home to many stupid laws. However, its neighbor Utah makes up for that with a whole long list of weird laws on the books. Let’s start with Nevada. In Reno, sex toys are outlawed, and it is illegal to lie down on the sidewalk, no matter how drunk and tired you are. Read the full article here.

#2 Five Resolutions for a More Feminist New Year

Folks, the New Year is upon us. Time to break out your most bedazzled dress, pop the champagne, and party your way into 2015, am I right? Fuck yeah I am. But, while New Year’s Eve is a night of epic intoxication, huge crowds, and glittery debauchery (if you’re at the right party), it’s also notorious for being the pre-game to a little thing we all do every New Year’s Day. Resolution making. Read the full article here.

#3 Hacking: The New Kind of Warfare

Following the recent fiasco at Sony, hacking has been catapulted squarely into the spotlight. But hackers are doing more than just delaying movie premieres–they are causing serious damage and have the capability to cause much more. Before we get too scared of these anonymous boogeymen, however, it is important to understand what hacking is and who the hackers are. Read the full article here.

Chelsey D. Goff

Chelsey D. Goff was formerly Chief People Officer at Law Street. She is a Granite State Native who holds a Master of Public Policy in Urban Policy from the George Washington University. She’s passionate about social justice issues, politics — especially those in First in the Nation New Hampshire — and all things Bravo. Contact Chelsey at staff@LawStreetMedia.com.

The post ICYMI: Best of the Week appeared first on Law Street.

Fingerprint technology has long been hailed as the next great frontier in security features. Whether that’s because pretty much every spy movie includes a fingerprint scan scene, or because of all the hubbub over various tech companies like Apple releasing fingerprint technology for their new devices, it’s hard to tell. But for a long time a lot of us have believed that fingerprints are so unique that they would make for safe security features. Unfortunately, that may not actually be the case. According to a German hacker, it may be pretty simple to copy fingerprints…and all you need is a camera and some luck.

Hacker Jan Krissler (alias “Starbug”) of the hacking group Chaos Computer Club (CCC) in Hamburg, Germany, presented his fingerprint-stealing theory at a conference earlier this week. Krissler chose German Defense Minister Ursula von der Leyen as his example target. He used high resolution photographs that had been taken of von der Leyen–and he had a lot to choose from, given that she’s a pretty high profile figure in Germany. The photographs were all able to be zoomed in on to see her fingers. Then, using a readily available app called VeriFinger, he processed and reproduced her fingerprint.

CCC, which says that it’s the largest hacking group in Europe, has long tried to show how relatively unsafe fingerprint technology is. When Apple released the iPhone 5s last year with fingerprint scan technology included, CCC claimed that it was able to easily bypass Apple’s security system. Taking a photograph of a fingerprint and then making a wax-model of it allowed them to break into iPhones.

Krissler personally has long rallied against this technology that’s supposed to keep our devices and information safer. It’s not just fingerprint technology–he also has a serious problem with computers and other devices that unlock based on facial recognition, explaining that that kind of technology can be hacked by using a photo of a person. He also explained another probably less probable security concern with our current device mechanisms: “Reading a user’s PIN code from reflections in their pupils while taking selfies.”

The chances that these hacks are actually used in practice don’t seem very likely. I mean, how often do you have very high resolution photographs taken of your fingertips? Furthermore, in order to actually break into a technological device with a copy, you’d need said device.

This is not me saying that we all need to go off the grid and live in a cave to protect our information–I would fare horribly in a cave, as there probably aren’t many caves with good access to Netflix. However, I think the point that Krissler makes–that we rely too much on technology at face value–is a point well taken.

Anneliese Mahoney

Anneliese Mahoney is Managing Editor at Law Street and a Connecticut transplant to Washington D.C. She has a Bachelor’s degree in International Affairs from the George Washington University, and a passion for law, politics, and social issues. Contact Anneliese at amahoney@LawStreetMedia.com.

The post German Hacker: Fingerprint Scans Can be Hacked appeared first on Law Street.