Barnicoz Tech Barnicoz Tech Author
Title: Watch hackers make Segway riders topple
Author: Barnicoz Tech
Rating 5 of 5 Des:
Regulators have overlooked software security and have focused only on mechanical and electrical specifications, say researchers. ...
Regulators have overlooked software security and have focused only on mechanical and electrical specifications, say researchers.
preview image
A security flaw in Segway scooters could allow hackers to topple riders using just their smartphone.
Hackers could remotely control scooters - also called hoverboards - due to a number of vulnerabilities which researchers have found in several Segway models.
While hoverboards were in the news a few years ago after several models were overcharging and catching fire, now it is the digital insecurity of the devices which could endanger riders.
The software flaws found in scooters could allow attackers to bypass the scooters' safety systems and completely override the riders' manual control.
This could even include shutting off the engine while the device was travelling at a high speed, potentially injuring or even killing the rider.
While regulations in the US require scooters to meet mechanical and electrical specifications to avoid battery fires and mechanical failures, there are no regulations regarding the software which controls the device.
This type of software, known as firmware, is "integral to the safety of the system" according to Thomas Kilbride, a security consultant at IOActive who led the research.
"As my research indicates, this lack of regulation could lead to a number of dangerous situations," he said.
Mr Kilbride's research - which included reverse engineering Segway's firmware and analyising the protocols that the devices used to communicate - found "a number of worrisome security threats."
He found that, because Segway riders in an area were publicly indexed by their smartphone's GPS, scooters in a single area "could be found, tracked, hijacked, and controlled without the rider's knowledge."
IOActive said that it has already disclosed the vulnerabilities to Segway/Ninebot back in January, and that the company has now released a software update addressing the critical issues.

About Author

Advertisement

Post a Comment

 
Top