Great article (originally linked to from DataRescue's board): http://www.ccc.de/hackabike/index.html ("http://www.ccc.de/hackabike/index.html")

Cool.

Not so cool. What good is all that fancy programming if you leave it in plain site.

Well, maybe it was reasonably safe from "most" of the riding public who are "clueless" of such things.

Regards,

Howdy,

I love this shit People who just do it because they can .

What harm was caused ??? NONE.
(except someones feelings got hurt due to lack of security features )
Woodmann

The company now has to fix/replace all the bikes that had been tampered with (and will hopefully upgrade them all with improved tamper-resistance)

The problem is that the hackers now already have the old code, and that stop-bit on the chip only prevents reading, not writing, as far as I understand, and hence the hackers can just flash it with the old code again as soon as the upgraded bikes are released, or am I wrong? This would only leave the bike guys with the two options of either relatively major hardware changes, or "physical intrusion prevention" measures on the boxes themselves.

For "physical intrusion prevention measures" they could just send an armed guard along with each bike.

Regards,

good in deed!
i like it!

Howdy,

Sorry for the late reply.

Those bikes that have been "flashed" will only be available to those who know the "flashed" code. Otherwise the bike acts as normal and no one will know the difference. Those who provided the new "flashed" code put in measures to prevent new hackers from accessing their code.

Woodmann