Home Tech Want to win a bike race? Hack your rival’s wireless shifters

Want to win a bike race? Hack your rival’s wireless shifters

0 comments
Want to win a bike race? Hack your rival's wireless shifters

It’s also not entirely clear how exactly the patch will be rolled out to customers. The company writes that “riders can perform a firmware update on the rear derailleur” using Shimano’s E-TUBE Cyclist smartphone app. But it doesn’t mention whether the fix will be applied to the front derailleur. “More information on this process and the steps riders can take to update their Di2 systems will be available shortly,” it concludes.

Although Shimano’s patching plan leaves a week or two gap between the researchers’ public presentation of their bike-hacking technique on Usenix and the broad rollout of a fix to customers, UCSD professor Fernandes maintains that average cyclists are unlikely to be targeted by their technique — at least not right away. “I find it hard to believe that anyone would want to launch such an attack on me during my Saturday group ride,” Fernandes says.

However, the researchers say that professional cyclists should make sure to implement the patch Shimano has already provided in advance. They also point out that other wireless shifting brands may be vulnerable to similar hacking techniques – they targeted Shimano only because it has the largest market share.

In the cutthroat world of competitive cycling, which has been shaken to its foundations in recent decades by doping scandals, the idea that two rivals are making each other’s levers of change is not at all far-fetched. “In our opinion, this is a different kind of doping,” says Fernandes. “It leaves no trace and allows cheating in sport.”

More broadly, they argue that their research into radio-based bike hacking is a warning about the temptation to add wireless electronic features to everything from garage doors to cars to bikes, and the unintended consequences of that long-term trend — namely, that everyone has become vulnerable to forms of replay and jamming attacks of the sort that Shimano is now scrambling to fix.

“It’s a repeating pattern,” said Northeastern’s Ranganathan, who has also developed solutions for repeated attacks on car keyless entry systems. “When manufacturers start incorporating wireless capabilities into their products, it has an impact on real-world control systems, and that can cause real physical damage.”

You may also like