Deutsch English Français Italiano |
<ona0cjlnpdmjv5c2r6nlm1ubb3mi4jqf55@4ax.com> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!weretis.net!feeder8.news.weretis.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: Jeff Liebermann <jeffl@cruzio.com> Newsgroups: rec.bicycles.tech Subject: Jamming Shimano Di2 Date: Fri, 16 Aug 2024 22:06:22 -0700 Lines: 40 Message-ID: <ona0cjlnpdmjv5c2r6nlm1ubb3mi4jqf55@4ax.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: individual.net fwIjbJltGf7IobcyILExyg6WdtiVuwiGoMQ6hpEZwpDT6ZIHpY Cancel-Lock: sha1:4wXCF0ER/ZBc98dmYvlOcyKSJWg= sha256:2ObtZlDLJu8bezUifqsrscUj9RP3m6dyH6nlqJFff9Y= User-Agent: ForteAgent/8.00.32.1272 Bytes: 2684 Welcome to electronic warfare for bicycle racing. "High-end racing bikes are now vulnerable to hacking" <https://www.theverge.com/2024/8/14/24220390/bike-hack-wireless-gear-shifters> "They also found it’s possible to disable gear shifting for one particular bike with a targeted jamming attack, rather than impacting all surrounding ones." "Cybersecurity Flaws Could Derail High-profile Cycling Races" <https://today.ucsd.edu/story/cybersecurity-flaws-could-derail-high-profile-cycling-races> "Attackers can record and retransmit gear-shifting commands, allowing them to control gear-shifting on the bike without the need for authentication via cryptographic keys." "No, you won't be able to hack pro cyclists' electronic gears" <https://road.cc/content/tech-news/no-you-wont-be-able-hack-pro-cyclists-electronic-gears-309913> "Could one of the world's best professional cyclists lose a bike race because of nefarious hacking or jamming of their electronic shifting? That's the question thrust into the spotlight since US-based researchers revealed a radio attack technique that can target and hack into Shimano Di2, causing a cyclist's gears to change, or even be disabled, via a £175 device up to 10 metres away." "MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicycles" <https://www.usenix.org/system/files/woot24-motallebighomi.pdf> "...we uncovered the following critical vulnerabilities: (1) A lack of mechanisms to prevent replay attacks that allows an attacker to capture and retransmit gear shifting commands; (2) Susceptibility to targeted jamming, that allows an attacker to disable shifting on a specific target bike; (3) Information leakage resulting from the use of ANT+ communication, that allows an attacker to inspect telemetry from a target bike." -- Jeff Liebermann jeffl@cruzio.com PO Box 272 http://www.LearnByDestroying.com Ben Lomond CA 95005-0272 Skype: JeffLiebermann AE6KS 831-336-2558