'Boosted in conjunction with the pair are developing firmware fixes'
http://www.theregister.co.[you kay]/2014/12/19/hack_hijacks_boosted_skateboards_kills_hipsters/ Hack hijacks electric skateboards, dumps hipsters in the gutter 19 Dec 2014 Darren Pauli [images http://regmedia.co.[you kay]/2014/12/19/skate.png (broken skateboard) http://regmedia.co.[you kay]/2014/12/19/boosted.jpg Richo Healy, left, and Mike Ryan. (Darren Pauli, The Register) ] Automated attacks crash riders on the fly A hacker duo have shown how to hijack "Boosted" brand electricity-assisted skateboards. The boards feature small motors to help riders go up hills, or down hills much faster. An app controls the motors over Bluetooth. Stripe security engineer Richo Healey and penetration tester and Bluetooth expert Mike Ryan found a way to block the Bluetooth signal used between the controller and skateboard, then force it to pair with a laptop. The result was that Boosted skateboards could be remotely hijacked while in motion, with unpleasant consequences for riders. "At places like traffic lights where you definitely know people are going to stop you could just nab a skater as they go past," Healey said. "The attack would absolutely land within 30 seconds, and possibly ten." The attack can be automated using scripts, allowing attackers to pop hipsters merely by carrying a laptop in a backpack. "The first thing I thought when we started this is launching a bunch of hipsters who are rolling down Market Street" in Melbourne Ryan said. "The simplest way to do this would be to get something that generates a whole lot of noise on the 2.4Ghz spectrum to disconnect the controller." Flaws including failed encryption allowed the pair to write code that could emulate the Boosted controller to connect to the boards. They would not publicly release that code however. The $100 'junk-hacking' work was presented at the Kiwicon conference in Wellington where the pair wrote an automated script to put the skateboard into a 'bucking bull' state which daring delegates attempted to master. Boosted was in conjunction with the pair developing a firmware fix and was grateful of the research when it was first quietly disclosed. Development of the injection attack began in September when the pair began reverse-engineering the protocol. Healey first became aware that a hack was possible when earlier this year when his Boosted skateboard disconnected from its controller due to excessive radio interference in one busy Melbourne intersection, causing him to crash. It was the first bug the pair shook out of the Boosted firmware, with more possible if the pair could obtain a research board to continue hacking including the development of tweaks that may allow the skateboards to accelerate beyond firmware speed caps. "I'm not too keen on wrecking my main mode of transport," Healy said. The pair were philosophical about the risk to life and limb, however. "You could realistically use this as a means to target someone, but you could also just hit them with a car," Ryan said. [© theregister.co.[you kay]] ... http://boostedboards.com/ Boosted skateboards ... http://www.hackbusters.com/news/stories/197010-hack-hijacks-electric-skateboards-dumps-hipsters-in-the-gutter Hack hijacks electric skateboards, dumps hipsters in the gutter 19 Dec 2014 For EVLN posts use: http://evdl.org/evln/ http://www.evdl.org/archive/index.html#nabble+template%2FNamlServlet.jtp%3Fmacro%3Dsearch_page%26node%3D413529%26query%3DEVLN%2Bbrucedp2%26days%3D0%26sort%3Ddate http://www.newsweek.com/batteries-will-save-planet-291528 Batteries That Will Save the Planet ... http://www.slate.com/articles/technology/technology/2011/06/better_batteries_will_save_the_world.html [dated] June 21 2011 Better Batteries Will Save the World http://www.catholic.org/news/green/story.php?id=58022 Ford takes human-hybrid plunge with electric-powered mountain bike http://www.norwichbulletin.com/article/20141209/NEWS/141209541/11669/NEWS 30 EVSE showing up across CT, ~$1.60/charge + EVLN: Y2K Flashback> Newsom touting his EV1 in CBS newsclip {brucedp.150m.com} -- View this message in context: http://electric-vehicle-discussion-list.413529.n4.nabble.com/EVLN-Duo-hack-Electric-boostedboards-com-crash-riders-on-the-fly-tp4673163.html Sent from the Electric Vehicle Discussion List mailing list archive at Nabble.com. _______________________________________________ UNSUBSCRIBE: http://www.evdl.org/help/index.html#usub http://lists.evdl.org/listinfo.cgi/ev-evdl.org For EV drag racing discussion, please use NEDRA (http://groups.yahoo.com/group/NEDRA)
