Deutsch English Français Italiano |
<v9q8ov$1tr17$5@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: AMuzi <am@yellowjersey.org> Newsgroups: rec.bicycles.tech Subject: Re: Jamming Shimano Di2 Date: Sat, 17 Aug 2024 08:32:15 -0500 Organization: Yellow Jersey, Ltd. Lines: 46 Message-ID: <v9q8ov$1tr17$5@dont-email.me> References: <ona0cjlnpdmjv5c2r6nlm1ubb3mi4jqf55@4ax.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Date: Sat, 17 Aug 2024 15:32:15 +0200 (CEST) Injection-Info: dont-email.me; posting-host="34e2c7e9af7928a732b379e00e27d287"; logging-data="2026535"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/D7GaewydvbZdeTaZdL11z" User-Agent: Mozilla Thunderbird Cancel-Lock: sha1:Qji/a87TeI9fOREVOLt7idJN26o= Content-Language: en-US In-Reply-To: <ona0cjlnpdmjv5c2r6nlm1ubb3mi4jqf55@4ax.com> Bytes: 3150 On 8/17/2024 12:06 AM, Jeff Liebermann wrote: > Welcome to electronic warfare for bicycle racing. > > "High-end racing bikes are now vulnerable to hacking" > <https://www.theverge.com/2024/8/14/24220390/bike-hack-wireless-gear-shifters> > "They also found it’s possible to disable gear shifting for one > particular bike with a targeted jamming attack, rather than impacting > all surrounding ones." > > "Cybersecurity Flaws Could Derail High-profile Cycling Races" > <https://today.ucsd.edu/story/cybersecurity-flaws-could-derail-high-profile-cycling-races> > "Attackers can record and retransmit gear-shifting commands, allowing > them to control gear-shifting on the bike without the need for > authentication via cryptographic keys." > > "No, you won't be able to hack pro cyclists' electronic gears" > <https://road.cc/content/tech-news/no-you-wont-be-able-hack-pro-cyclists-electronic-gears-309913> > "Could one of the world's best professional cyclists lose a bike race > because of nefarious hacking or jamming of their electronic shifting? > That's the question thrust into the spotlight since US-based > researchers revealed a radio attack technique that can target and hack > into Shimano Di2, causing a cyclist's gears to change, or even be > disabled, via a £175 device up to 10 metres away." > > "MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in > Bicycles" > <https://www.usenix.org/system/files/woot24-motallebighomi.pdf> > "...we uncovered the following critical vulnerabilities: > (1) A lack of mechanisms to prevent replay attacks that allows an > attacker to capture and retransmit gear shifting commands; > (2) Susceptibility to targeted jamming, that allows an attacker to > disable shifting on a specific target bike; > (3) Information leakage resulting from the use of ANT+ communication, > that allows an attacker to inspect telemetry from a target bike." > > Not all that different from smacking a downtube shifter forward when passing a guy on a climb. Some people just have a nasty streak. -- Andrew Muzi am@yellowjersey.org Open every day since 1 April, 1971