Article <v9qj4u$1v8v2$5@dont-email.me>

Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <v9qj4u$1v8v2$5@dont-email.me>

Deutsch English Français Italiano

<v9qj4u$1v8v2$5@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: zen cycle <funkmasterxx@hotmail.com>
Newsgroups: rec.bicycles.tech
Subject: Re: Jamming Shimano Di2
Date: Sat, 17 Aug 2024 12:29:16 -0400
Organization: A noiseless patient Spider
Lines: 45
Message-ID: <v9qj4u$1v8v2$5@dont-email.me>
References: <ona0cjlnpdmjv5c2r6nlm1ubb3mi4jqf55@4ax.com>
 <v9q8ov$1tr17$5@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sat, 17 Aug 2024 18:29:18 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="194a004a06a40209b036dd2d2c621107";
	logging-data="2073570"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX186n3htzltiMfE328T8pRvqPbjjfM5xZ20="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:F72NlDQjQ5gz8xKPTXJdqxqUC74=
Content-Language: en-US
In-Reply-To: <v9q8ov$1tr17$5@dont-email.me>
Bytes: 3419

On 8/17/2024 9:32 AM, AMuzi wrote:
> On 8/17/2024 12:06 AM, Jeff Liebermann wrote:
>> Welcome to electronic warfare for bicycle racing.
>>
>> "High-end racing bikes are now vulnerable to hacking"
>> <https://www.theverge.com/2024/8/14/24220390/bike-hack-wireless-gear-shifters>
>> "They also found it’s possible to disable gear shifting for one
>> particular bike with a targeted jamming attack, rather than impacting
>> all surrounding ones."
>>
>> "Cybersecurity Flaws Could Derail High-profile Cycling Races"
>> <https://today.ucsd.edu/story/cybersecurity-flaws-could-derail-high-profile-cycling-races>
>> "Attackers can record and retransmit gear-shifting commands, allowing
>> them to control gear-shifting on the bike without the need for
>> authentication via cryptographic keys."
>>
>> "No, you won't be able to hack pro cyclists' electronic gears"
>> <https://road.cc/content/tech-news/no-you-wont-be-able-hack-pro-cyclists-electronic-gears-309913>
>> "Could one of the world's best professional cyclists lose a bike race
>> because of nefarious hacking or jamming of their electronic shifting?
>> That's the question thrust into the spotlight since US-based
>> researchers revealed a radio attack technique that can target and hack
>> into Shimano Di2, causing a cyclist's gears to change, or even be
>> disabled, via a £175 device up to 10 metres away."
>>
>> "MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in
>> Bicycles"
>> <https://www.usenix.org/system/files/woot24-motallebighomi.pdf>
>> "...we uncovered the following critical vulnerabilities:
>> (1) A lack of mechanisms to prevent replay attacks that allows an
>> attacker to capture and retransmit gear shifting commands;
>> (2) Susceptibility to targeted jamming, that allows an attacker to
>> disable shifting on a specific target bike;
>> (3) Information leakage resulting from the use of ANT+ communication,
>> that allows an attacker to inspect telemetry from a target bike."
>>
>>
> 
> 
> Not all that different from smacking a downtube shifter forward when 
> passing a guy on a climb. Some people just have a nasty streak.

the big difference is that the old-school method has an obvious 
perpetrator. The cyber version is not only completely anonymous, but it 
can be made to look like defective equipment.