Having spent years in the security space using many kinds of wireless tech for tracking and communication, I can say with a good bit of confidence that there is nothing realistic they can do to prevent jamming if the folks doing the jamming are motivated enough.
The most feasible thing they could do is detect jamming and sound the alarm. Most jamming takes the form of noise generation at the frequencies a device operates on so that the 2 devices trying to communicate canāt hear each other over the noise. Mitigation techniques include rapid frequency hopping (trying to avoid the noise) and reducing message length (sneaking a message out between jamming cycles), but none of that is going to stop a well designed jammer. There is also tech that can transmit signals that offset the jamming noise signature (similar to noise cancelling headphones), but weāre getting into military tech and multiple antennas, etc. to make that happen out in a big space.
If we are talking about taking control of someoneās drivetrain (not just jamming it), that is typically called āspoofingā, not jamming. Spoofing is going to be much tougher to implement, but is usually harder to detect and prevent if someone is using an open protocol (sounds like shimano is using a form of ANT?). I thought SRAM did something proprietary with encryption with the original etap, but I think they might have switched to something less proprietary at some point. If either of these companies just used an open communication protocol that exposes everything for replication/spoofing, that would make it pretty easy to create a device to screw with someoneās drivetrain in real time. It would still be really hard to mess with a single bike in a targeted way if there were multiple bikes running the same protocol nearby. So, maybe it would be a good cheat tool for something like a TT with an isolated bike, not so much in a group unless someone was wanting to jam everyone (look for the guy running mechanical shifting who just hit his āradioā button).
I guess with the $'s at stake, itās something worth looking into, but I personally doubt itās going on. Itās one of those things that is technically possible and you can make it look really scary/effective in a controlled demonstration, but applying jamming/spoofing in a real world race situation would be hit or miss at best.
So not only is Shimano years late to wireless, when they finally implement it, they did it so half baked they didnāt even bother with some basic security measures.
When I first heard that wireless shifting was going to be a reality I told Keith Wakeham, āI look forward to being able to shift my opponentās bikes.ā 
And that first method was exactly what I have in mind. Hopefully Shimano will get right on resolving that issue with the same impetus they use to resolve breaking hollowtech cranksets.
I bet this is why we see so many dropped SRAM chains in GT races, even when these groupsets are on a small group of bikes.
If people knew the degree of negligence in taking the threat of jamming/interference/control/hijacking seriously, they would be waling around stunned.
Most cars had no, or very little security for their in-car networks.
I find this about bikes so silly, because from the beginning they had encrypted ways (ANT+) to block hijacks, but as for flooding, there isnāt too much that can be done, except for making the signal so powerful, or using spread spectrum, which Iām sure they are (or should be) using.
There was a hack of trainers a few years ago making it possible to virtually ride a trainer workout. The guy was very good at making it happen too. So good, many of the tools he used were removed from circulation.
People were hijacking cars, shutting them down at will, tracking them to the nearest couple of meters as well. Someone claimed to have hijacked a planeās entertainment system. The security used in a lot of the stuff we depend on is either incredibly weak, or incredibly vulnerable. Heck, the popular Ring door bells and cameras can be flooded, making them more than useless. Many wifi connected cameras have been shown to be able to show what the hacker wants the system to see, rather than what is actually happening. Wireless car door locks have been hacked to the point crooks can buy a box on the internet that will unlock every car within range with one button push.
We do live in a world where some unknown number of the devices we are surrounded with can be hacked and spy on us, or lie to us.
And like in a thread here that said āyou drop yourselfā, most people that get hacked actually āhack themselvesā. Change default passwords, use a password manager, use longer passwords, donāt click on every link in emails you receive, only have some devices turned on when you need them. Shutdown services that a device has available that you donāt need. (Like Bluetooth on an iPhone, but that can get to be a drag with speakers and such) Use firewall appliances, use VPNs, download a security scanner software to see what you might be leaking.
Donāt buy wireless shifting? Someone could flood a race, but why? Someone could hack racer bikes which would be more fun perhaps. But in a world where nothing is sacred, everything is open season, sadly.
(A long time ago, I was sitting in my doctorās office, delayed yet again, and scanned the wifi network. I found a printer, wide open. I sent a document saying that āI see you, and you are mine!!ā. I thought it was my docs, and it was. They freaked, and shutdown the printer. I said that I overheard they were having issues with a printer, and then, after getting the okay, shutdown the IP address for it. It was that easy to take control of their printer, and I didnāt even have to sign in to do it. They could have setup the printer to be way more secure, but I left that up to their IT people. Iāve scanned hotel wifi networks and found all kinds of stuff on users computers, from pictures to legal documents to love letters. Be safe out there)
Oh, DEFCON is going on in Vegas right now. Check out the revelations in the talks there. Even Iām surprised at some of them.
Nothing is safe and problem with cycling is it has some lowlife enemies with real motivation to mess with cyclists. It is a matter of time before there are cheap ass jammers left running on the side of the road. Bigger the event funnier it is.
Back in the day when down tube shifters were the thing, members of the irresponsible youth section of my cycling club used to reach over and change gear for fellow club mates.
Often this was to put a club mate into their smallest sprocket just as a climb was getting tough!
Here is the paper https://www.usenix.org/system/files/woot24-motallebighomi.pdf
In Summary
- Shimano failed basic fundamentals of security. While they do encrypt traffic from the shifter to the derailleur (props for that, they did not role their own encryption), they didnāt implement a way to stop an attacker from replaying a command. You say shift up - attacker says shift up, shift up, shift up. Tagging communications with a timestamp or sequence number to prevent this is basic protocol design - as in your rolling code garage door opener. This vulnerability will make any security professional laugh.
- As with all RF based comms, jamming is a thing.
- ANT+ isnāt secure. No news here. ANT+ is not used for shifting control, but having this info facilitates attacks.
Iāve been saying this since wireless shifting came out. Also spoke to DimensionData many years back about compromise of their data analytics on Tour.
No one will lift a finger until it happens. Then everyone will be shocked. Everyone not in Cyber that is.
This Is The Way.
Wireless was always a solution looking for a problem, itās completely unnecessary for group sets to be wireless. Sure itās easier not to cable when you setup a new bike but thatās a one-time job.
Would be interesting to see someone spoof the connection between a Transmission derailleur & its cassette.
Reported in Wired too. There is a firmware update to fix it.
Seriously. I much prefer to wire my Di2. Itās a lot easier for me to troubleshoot!
One thing that this high tech world we live in is the way these high and āmedium-techā companies fumble this brave new future for us. Yes, someone with a flipper device can record your garage door opener, or even a key fob, and replay that communication and open your garage, or unlock your car. What?!?! Nobody in the hours of meetings and testing ever thought to test or eliminate that potential? WHAT THE F!!
Yeah, the total lack of forethought or awareness of the problems with their ham-handed designs. The shining new products still being sold with slipshod attention to security. Devices with deliberate backdoors that are easily found, hard coded passwords, and purchasers and users that donāt change passwords, or use ridiculously simple ones allowing todayās elementary school children their moment in the sun.
There should be legislation requiring corporations to provide security far more seriously, and yet nothingā¦
Iām not surprised to read this. I wouldnāt be surprised to find out that even more and more dire potential badness is out there. Stay tunedā¦
I tried to limit the scope of my Di2 being an inconvenience on group rides by disabling Bluetooth, but couldnāt use Shimanoās app (Oops, re-enabled it), so I tried disabling ANT+, and had to re-enable it because of some dire need from the Edge to see it (canāt remember exactly what it was, but had to enable it again) so it all relies on the people that made it to keep me/us secure. Iām just glad I donāt have wireless Di2. Yikesā¦ The frequencies they likely use are also flooded with all kinds of devices. Iāll stay where Iām at, thanks. Wondering what my exposure is currently. Can someone delete my rear mech during a ride?
Thing is that wireless is the future, and I donāt mean to start stupid flamewars on this. There is a reason Shimano hasnāt released 12-speed Di2 mountain bike drivetrains, for example.
Thatās a strong reaction. Iāve had an electronic wireless drivetrain for over 3 years, and it has worked flawlessly. Have I tried shifting next to my microwave? Nope. But it just works.
Having multiple devices using the same frequency band is a solved issue with the common protocols. Think about it, you have hundreds of people living in apartment buildings with thousands of Wifi/bluetooth/ant+ devices using the 2.4 GHz band and everything works flawlessly. And when youāre out on the road there arenāt that many devices in range.
Security is probably a concern with the pros, considering people will throw bottles of piss at them, they will probably try to jam their shifting as well. But as someone just riding around, it seems exceptionally paranoid to think your Di2 will face attacks.
Looking back at what a turd E-TUBE Project was back when I used Shimano, this probably shouldnāt be too surprising. The installed for that package wouldnāt even work on 2 out of 3 laptops I tried. I suspect if Shimano ever released the source code for their firmware, people in the know would be legit appalled at whatās under the hood.
The problem here isnāt with wireless. Itās with a company lacking expertise in writing good firmware code. Probably why their power meters donāt work either.