Reverse Engineering the Nike+ FuelBand's Communications Protocol

Posted by Soulskill on Friday January 30, 2015 @03:23AM from the talking-to-the-wrist dept.

An anonymous reader writes: Security researcher Simone Margaritelli has reverse engineered the Bluetooth low-energy communications protocol for his Nike+ FuelBand SE, a wrist-worn activity tracker. He learned some disturbing facts: "The authentication system is vulnerable, anyone could connect to your device. The protocol supports direct reading and writing of the device memory, up to 65K of contents. The protocol supports commands that are not supposed to be implemented in a production release (bootloader mode, device self test, etc)." His post explains in detail how he managed this, and how Nike put effort into creating an authentication system, but then completely undermined it by using a hard-coded token. Margaritelli even provides a command list for the device, which can do things like grab an event log, upload a bitmap for the screen, and even reset it.

4 of 78 comments (clear)

Min score:

Reason:

Sort:

OMG the Horror! by Anonymous Coward · 2015-01-30 03:30 · Score: 3, Funny

Now we know how many Calories he burned. we are doomed...
1. Re:OMG the Horror! by AchilleTalon · 2015-01-30 04:12 · Score: 4, Funny
  
  Better, you can let him think he hasn't burn enough calories and make him running forever.
  
  --
  Achille Talon
  Hop!
Undermined security w/ hardcoded token? by Anonymous Coward · 2015-01-30 03:32 · Score: 5, Funny

Developer: That's insecure.
Phil Knight: Just do it.
Re:So, what's the practical concern of this? by Anonymous Coward · 2015-01-30 04:57 · Score: 2, Funny

I work in a secure facility, and activity tracking wristbands (among many other things) are forbidden.
What about posting to Slashdot on the clock?