Discussion of Chris Roberts/One World Labs News Stories Related to UA
#62
Join Date: Dec 2012
Location: Michigan
Posts: 328
Trade journals are easily ignored. Employee reports are easily ignored. If you look back at most of the major breaches they are have a history of ignored warnings from inside and outside the company. I would be shocked if his Twitter stunt hasn't shed more light and attention on the topic than any published article would have. So, from an effectiveness standpoint, Twitter was more likely to get something done despite your views. I am not disagreeing with your views but the role of social media in terms of reporting security issues is evolving - mostly due to the lack of action or attention businesses have placed on more traditional methods of disclosure
#63
Join Date: Jul 2014
Location: BOS
Programs: 1MM, UA 1k
Posts: 529
it feels like this thread is moving into the foil-hat zone, when it's mentioned he had no other recourse besides social media because he was being quieted. Really? When does Mulder and Scully get put on the case?
#65
Join Date: Jul 2014
Location: BOS
Programs: 1MM, UA 1k
Posts: 529
#66
Join Date: Jul 2007
Location: San Francisco/Sydney
Programs: UA 1K/MM, Hilton Diamond, Marriott Something, IHG Gold, Hertz PC, Avis PC
Posts: 8,163
Either he's ........ting, or he deserves to never be allowed on/near any form of public transport in the future.
You can probably guess which of the above my money is on...
#68
FlyerTalk Evangelist
Join Date: Jul 1999
Location: Ewa Beach, Hawaii
Posts: 10,909
And he didn't. He tweeted.
Actually, when someone doesn't respond to your vulnerabilities, then yeah twitter is a way to do it. He's tried to talk to the various agencies in the past but they weren't interested in talking to him. Bet they are now.
Meanwhile, they stole his property without a warrant. But hey, don't let rights get in the way of the infosec boogyman.
So, you're all good with your 4th amendment rights being violated? I'll be right over for your computers, then.
It's called Aspergers. Very common in technical fields. If anyone looks "off" to me it's the jack-booted FBI thugs. They aren't to be trusted one iota.
Don't worry. I'm sure we've all learned our lesson. Keep quite and sell those zero-days straight to ISIS.
For a more rational take on the subject:
https://www.eff.org/deeplinks/2015/0...twork-security
Actually, when someone doesn't respond to your vulnerabilities, then yeah twitter is a way to do it. He's tried to talk to the various agencies in the past but they weren't interested in talking to him. Bet they are now.
Meanwhile, they stole his property without a warrant. But hey, don't let rights get in the way of the infosec boogyman.
So, you're all good with your 4th amendment rights being violated? I'll be right over for your computers, then.
It's called Aspergers. Very common in technical fields. If anyone looks "off" to me it's the jack-booted FBI thugs. They aren't to be trusted one iota.
Don't worry. I'm sure we've all learned our lesson. Keep quite and sell those zero-days straight to ISIS.
For a more rational take on the subject:
https://www.eff.org/deeplinks/2015/0...twork-security
Last edited by Baze; Apr 22, 2015 at 11:46 am Reason: Edit to add (unless there really is a fire)
#70
Join Date: Apr 2009
Location: Houston
Programs: UA GS 2.6MM & Lifetime UC, Qantas Platinum, Hilton Lifetime Diamond, Bonvoy Platinum, HawaiianMiles
Posts: 8,711
#71
Join Date: Dec 2012
Location: Michigan
Posts: 328
As a slight aside - working in the IT consulting field it was quite eye opening to see how many vulnerabilities go unfixed for a myriad of reasons of which apathy, cost and convenience seem to be the top 3. A breach is a nebulous concept that is often viewed as a small risk when compared with the very real capital expenditure to fix the issue. Often company security relies heavily on obscurity to effective as opposed to good practices (Passwords stored in plain text in 2015?! Come on already!). But you throw in a bit of bad publicity and the costs suddenly become real enough to be worth throwing money at the issue in a knee jerk reaction
#72
Moderator: United Airlines
Join Date: Jun 2007
Location: SFO
Programs: UA Plat 1.997MM, Hyatt Discoverist, Marriott Plat/LT Gold, Hilton Silver, IHG Plat
Posts: 66,876
Roberts also told CNN he was able to connect to a box under his seat at least a dozen times to view data from the aircraft's engines, fuel and flight-management systems.
I am troubled by the two wrongs make a right line of discussion.
#73
FlyerTalk Evangelist
Join Date: Jan 2006
Posts: 11,439
#74
Join Date: Dec 2012
Location: Michigan
Posts: 328
I am troubled by the two wrongs make a right line of discussion.
#75
Suspended
Join Date: Feb 2015
Location: SFO
Programs: UA 1K MM
Posts: 330
When the guy acts like a jerk to the point that UA feels they need to ban him from their flights it makes it harder, not easier, for them to also acknowledge anything that's valid in what he's saying.