How Shimano fixes vulnerabilities in wireless gear shifters.
Researchers from the University of California, San Diego and Northeastern University have uncovered a potential vulnerability in wireless gearshift tools used by professional cyclists. This flaw could allow hackers to remotely manipulate the bike's movement during a race.
Modern high-end bicycles are increasingly equipped with electronic components. Among them are power meters and wireless fork suspension control systems. Almost all professional athletes now use electronic gearshifts. Such devices respond to digital signals from the steering wheel controls, providing more accurate and reliable switching compared to mechanical systems.
Scientists have demonstrated that with equipment costing just a few hundred dollars, it is possible to hack Shimano systems, which are widely used by the world's leading cycling teams, including at such prestigious competitions as the Olympic Games and the Tour de France.
The developed attack model allows you to simulate signals from a distance of up to 9 meters, causing unexpected gear changes on the target bike. In addition, hackers can block the switches by locking the bike in the wrong gear.
According to Erlens Fernandes, associate professor of Computer Science and Engineering at UCSD, such manipulations can seriously interfere with the rider on the ascent or even cause dangerous instability on extreme sections of the track. "Imagine going uphill in the Tour de France: if someone switches your bike from light gear to heavy gear, you will lose time," explains Fernandez.
To exploit the vulnerability, a hacker must first intercept the target bike's gearshift signals. You can play them back even months later. The experiment required a $ 300 software-defined radio, antennas, and a laptop. According to the researchers, this set of equipment can be reduced so much that it can be hidden on the side of the track, in the car of a cycling team or even in the back pocket of a rider.
It turned out that jamming wireless switches with such a device is much easier than attacks with signal reproduction. According to scientists, you can even read the shift signals from a whole group of cyclists (peloton), and then jam the transmission in all but one person.
Shimano, after learning of the study's results in March, worked closely with scientists to release a fix as soon as possible. A Shimano representative recently stated that the company "has created a new firmware version to improve the security of Di2 wireless communication systems."
The fix has already been provided to professional cycling teams using Shimano components. However, it won't be available to the general public until the end of August. The company does not disclose exact details for security reasons.
The patch deployment process for clients is not completely transparent yet. The company says that "riders can perform a firmware update on the rear derailleur" using the Shimano E-TUBE Cyclist smartphone app. However, there is no mention of whether the patch will apply to the front derailleur.
Professor Fernandez believes it is unlikely that ordinary cyclists will be targeted by such an attack, at least in the near future. However, professional racers should still upgrade.
According to experts, other brands of wireless switches may also be vulnerable to similar hacking methods. They only focused on Shimano because that company has the largest market share.
In the world of professional cycling, which has been rocked by doping scandals in recent decades, hacking competitors switches may well become a reality. "This, in our opinion, is a different kind of doping," says Fernandez. "It just leaves no trace."
In a broader context, the researchers see their work as a warning about the consequences of the widespread adoption of wireless electronic functions in various technologies-from garage doors to cars and bicycles.
Source
Researchers from the University of California, San Diego and Northeastern University have uncovered a potential vulnerability in wireless gearshift tools used by professional cyclists. This flaw could allow hackers to remotely manipulate the bike's movement during a race.
Modern high-end bicycles are increasingly equipped with electronic components. Among them are power meters and wireless fork suspension control systems. Almost all professional athletes now use electronic gearshifts. Such devices respond to digital signals from the steering wheel controls, providing more accurate and reliable switching compared to mechanical systems.
Scientists have demonstrated that with equipment costing just a few hundred dollars, it is possible to hack Shimano systems, which are widely used by the world's leading cycling teams, including at such prestigious competitions as the Olympic Games and the Tour de France.
The developed attack model allows you to simulate signals from a distance of up to 9 meters, causing unexpected gear changes on the target bike. In addition, hackers can block the switches by locking the bike in the wrong gear.
According to Erlens Fernandes, associate professor of Computer Science and Engineering at UCSD, such manipulations can seriously interfere with the rider on the ascent or even cause dangerous instability on extreme sections of the track. "Imagine going uphill in the Tour de France: if someone switches your bike from light gear to heavy gear, you will lose time," explains Fernandez.
To exploit the vulnerability, a hacker must first intercept the target bike's gearshift signals. You can play them back even months later. The experiment required a $ 300 software-defined radio, antennas, and a laptop. According to the researchers, this set of equipment can be reduced so much that it can be hidden on the side of the track, in the car of a cycling team or even in the back pocket of a rider.
It turned out that jamming wireless switches with such a device is much easier than attacks with signal reproduction. According to scientists, you can even read the shift signals from a whole group of cyclists (peloton), and then jam the transmission in all but one person.
Shimano, after learning of the study's results in March, worked closely with scientists to release a fix as soon as possible. A Shimano representative recently stated that the company "has created a new firmware version to improve the security of Di2 wireless communication systems."
The fix has already been provided to professional cycling teams using Shimano components. However, it won't be available to the general public until the end of August. The company does not disclose exact details for security reasons.
The patch deployment process for clients is not completely transparent yet. The company says that "riders can perform a firmware update on the rear derailleur" using the Shimano E-TUBE Cyclist smartphone app. However, there is no mention of whether the patch will apply to the front derailleur.
Professor Fernandez believes it is unlikely that ordinary cyclists will be targeted by such an attack, at least in the near future. However, professional racers should still upgrade.
According to experts, other brands of wireless switches may also be vulnerable to similar hacking methods. They only focused on Shimano because that company has the largest market share.
In the world of professional cycling, which has been rocked by doping scandals in recent decades, hacking competitors switches may well become a reality. "This, in our opinion, is a different kind of doping," says Fernandez. "It just leaves no trace."
In a broader context, the researchers see their work as a warning about the consequences of the widespread adoption of wireless electronic functions in various technologies-from garage doors to cars and bicycles.
Source
