Jamming Shimano Di2

Welcome to electronic warfare for bicycle racing. 

"High-end racing bikes are now vulnerable to hacking"
<https://www.theverge.com/2024/8/14/24220390/bike-hack-wireless-gear-shifters>
"They also found it’s possible to disable gear shifting for one
particular bike with a targeted jamming attack, rather than impacting
all surrounding ones."

"Cybersecurity Flaws Could Derail High-profile Cycling Races"
<https://today.ucsd.edu/story/cybersecurity-flaws-could-derail-high-profile-cycling-races>
"Attackers can record and retransmit gear-shifting commands, allowing
them to control gear-shifting on the bike without the need for
authentication via cryptographic keys."

"No, you won't be able to hack pro cyclists' electronic gears"
<https://road.cc/content/tech-news/no-you-wont-be-able-hack-pro-cyclists-electronic-gears-309913>
"Could one of the world's best professional cyclists lose a bike race
because of nefarious hacking or jamming of their electronic shifting?
That's the question thrust into the spotlight since US-based
researchers revealed a radio attack technique that can target and hack
into Shimano Di2, causing a cyclist's gears to change, or even be
disabled, via a £175 device up to 10 metres away."

"MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in
Bicycles"
<https://www.usenix.org/system/files/woot24-motallebighomi.pdf>
"...we uncovered the following critical vulnerabilities:
(1) A lack of mechanisms to prevent replay attacks that allows an
attacker to capture and retransmit gear shifting commands;
(2) Susceptibility to targeted jamming, that allows an attacker to
disable shifting on a specific target bike;
(3) Information leakage resulting from the use of ANT+ communication,
that allows an attacker to inspect telemetry from a target bike."


--
Jeff Liebermann                 jeffl@cruzio.com
PO Box 272      http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann      AE6KS    831-336-2558