We can list so many reasons why you should never set foot on a hoverboard. Now, we’ve got yet another: Cybersecurity company IOActive has figured out how to hijack the Segway MiniPro self-balancing personal transporter through its Bluetooth connection.
It seems like only yesterday that we were discussing how hoverboards had a tendency to spontaneously combust and wondering who exactly was actually buying these products. But clearly, some of you out there are interested, because Segway has kept cranking them out. The MiniPro, which retails for $600, allows for remote control of the hoverboard-scooter hybrid (seriously, who thought this was a good idea?) through a Bluetooth app. And there’s no way to turn off the Bluetooth if your hoverboard is hacked.
While people can’t cause battery explosions (I guess we should be thankful for the little things), “an attacker could bypass safety systems and remotely take control of the device, including changing settings, pace, direction, or even disabling the motor and bringing it to an abrupt and unexpected stop while a rider is in motion,” says the press release. Hackers could even track and discover the location of the hoverboard user through this exploit.
IOActive did let Segway know about these issues (they discovered them last year; results were partially released today), and they have patched some of the vulnerabilities in the product. Still, this is an increasing problem as devices are becoming more connected. Without proper security (or let’s be honest: even with it), these devices and their users are incredibly vulnerable. At this point, not implementing security for connected devices is shoddy at best and dangerous at worst.