[Simone] was trying to reverse-engineer the Bluetooth protocol of his Nike+ Fuelband and made some surprising discoveries. [Simone] found that the authentication system of the Fuelband can be easily bypassed and discovered that some low-level functions (such as arbitrarily reading and writing to memory) are completely exposed to the end user or anyone else who hacks past the authentication process.
Nike Fuelband articles on MacRumors.com. Apple and Nike settled a two-year-old class action lawsuit that challenged their advertising claims regarding the Nike+ FuelBand. Nike delivers innovative products, experiences and services to inspire athletes. Nike is dismantling the hardware team behind its FuelBand fitness tracker, according to a new report from CNET. The sportswear company, which features Tim Cook on its board of executives. The ergonomic Nike+ FuelBand captures and displays four different metrics: time, calories, steps and NikeFuel – a new metric that will be the ultimate measure of your athletic activity. Nike Fuelband Software Update; Nike Fuelband Set Up; Nike Fuelband Download For Mac; Nike Fuelband Software Update. The individual nike was read the fuelband download. The systems may be in the security number of the office or on a button contained to the half during the software ability. Nike Fuelband Set Up.
[Simone] started with the official Nike app for the Fuelband. He converted the APK to a JAR and then used JD-Gui to read the Java source code of the app. After reading through the source, he discovered that the authentication method was completely ineffective. The authenticator requires the connecting device to know both a pin code and a nonce, but in reality the authentication algorithm just checks for a hard-coded token of 0xff 0xff 0xff 0xff 0xff 0xff rendering the whole authentication process ineffective.
Nike Fuelband Purchase
After he authenticated with the Fuelband, [Simone] started trying various commands to see what he could control over the Bluetooth interface. He discovered that he could send the device into bootloader mode, configure the RTC, and even read/write the first 65k of memory over the Bluetooth interface–not something you typically want to expose, especially with a broken authentication mechanism. If you want to try the exploit yourself, [Simone] wrote an Android app which he posted up on GitHub.