![]() ![]() Then, it’s time to probe the chips involved in making the scooter tick.īoth the dashboard chip (“BLE”) and the ECU chip (“MCU”) have an SWD interface exposed, and that’s where hits the jackpot – neither of them enable the usual tinkering-disrupting mechanisms like firmware readback protection or encryption – things typically switched on as part of routine pre-product-release checklist. ![]() Still, he gives us a breakdown of the scooter’s overall architecture, with a trove of information like register maps, UART captures, firmware analysis and hardware pictures. ![]() He’s found that the pairing procedure has had its security greatly improved, with a crypto coprocessor chip added into the equation – the usual OTA way of firmware mods is, indeed, closed off. starts with an introductory post about the recent generation of Xiaomi scooters manufactured by Brightway – specifically, Xiaomi Electric Scooter 3 Lite, 4 (Canada) and 4 Pro. ![]() Today, we see from continue the research of the new Xiaomi scooter realities, where he finds that SWD flashing is way more of a viable avenue that we might’ve expected. Typically, hackers have been uploading firmware using Bluetooth OTA methods, and at some point, we’ve seen the always-popular Xiaomi scooters starting to get locked down. Scooter hacking is wonderful – you get to create a better scooter from a pre-made scooter platform, and sometimes you can do that purely through firmware modifications. ![]()
0 Comments
Leave a Reply. |