Hackers can get into just about anything these days, and, as it turns out, electric skateboards are no exception.
Researchers Richo Healey and Mike Ryan developed an exploit to electric skateboards, an exploit that they amusingly call FacePlant. The skateboard that they were able to take control of is the Boosted e-skateboard, which costs $1,500.
The hack basically works through the skateboard's Bluetooth controls, which are unencrypted. There are also vulnerabilities in other electric skateboards, such as the Revo and E-Go skateboards, however, exploits for these models have not yet been completed.
Once the hackers get into the skateboard, it is essentially at their mercy, much like the hack of the Jeep from a few weeks ago.
"It's easy to point to this and say, oh it's just a skateboard," said Healey in an interview with Wired. "But for people who are buying these boards and commuting on them every day ... there is risk obviously associated with that ... We explicitly did this research in order to make the devices safer."
Healey and Ryan first thought of the hack when Healey was riding his own electric skateboard through a busy intersection in Mebourne, Australia. This intersection was notorious for its radio noise, simply a product of the big city. While controlling the skateboard through a remote, which connected via Bluetooth, the skateboard suddenly stopped, throwing him into the street. While he wasn't himself hacked, the incident did get him thinking.
The hack hinges on the fact that manufacturers of these boards do not encrypt the connection between the remote and the skateboard. The Boosted board basically uses an app, which is able to control the motors in the skateboard. Because of the lack of encryption, the hacker can simply insert themselves between the remote and skateboard, then is able to send code to the skateboard to stop, quickly change direction, disable the breaks and so on. Of course, this can be very dangerous when a skater is going 20 miles per hour with cars and bikers around.
What makes this even more interesting is the fact that the FCC mandates that Bluetooth devices have to be resistant to interference in order to get certified. None of the skateboards that were tested were resilient to the interference from the researchers. It took between two and 10 seconds for the researchers to take control of the board, after which the exploit has 10 milliseconds before the user's remote will try to reconnect to the skateboard.
Of course, there are ways to avoid getting attacked. For example, the more Bluetooth noise that is in the surrounding area, the less likely a hacker will be able to send accurate signals to the board. Of course, this Bluetooth noise could cause other problems, as Healey himself experienced.
The takeaway here is that it is becoming increasingly important to employ proper security techniques in the manufacturing of electronic devices. While it may not be as threatening as the possibility of car hacks, electric skateboard hacks could still end up causing some serious problems.